generated from onedr0p/cluster-template
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.sops.yaml
33 lines (31 loc) · 897 Bytes
/
.sops.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
---
keys:
- &user_sob age123w8qnhf7cdmgwmgmy8kvqhr6cd92kx4882y82cze23us376dgyqzf245n
creation_rules:
- # IMPORTANT: This rule MUST be above the other
path_regex: talos/talsecret(\.sops)?\.ya?ml
input_type: yaml
encrypted_regex: ^(token|crt|key|id|secret|secretboxencryptionsecret|bootstraptoken|ca)$
key_groups:
- age:
- *user_sob
- path_regex: talos/clusterconfig/.+\.sops\.ya?ml
encrypted_regex: ^(token|crt|key|id|secret|secretboxEncryptionSecret|ca|TS_AUTHKEY=)$
key_groups:
- age:
- *user_sob
- path_regex: talos/.+\.sops\.ya?ml
input_type: yaml
key_groups:
- age:
- *user_sob
- path_regex: kubernetes/.+\.secret(\.sops)?\.ya?ml
input_type: yaml
encrypted_regex: ^(data|stringData)$
# mac_only_encrypted: true
key_groups:
- age:
- *user_sob
stores:
yaml:
indent: 2