changes

2024-10-16 20:24:40 +02:00
parent b7bfb0f62a
commit c681eb3139
110 changed files with 2924 additions and 720 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -3,6 +3,7 @@
 # Also see https://github.com/Mic92/dotfiles/blob/master/nixos/.sops.yaml
 # for a more complex example.
 keys:
+  - &bitwarden age14grjcxaq4h55yfnjxvnqhtswxhj9sfdcvyas4lwvpa8py27pjy2sv3g6v7 # nixos age key
  - &dominik age16veg3fmvpfm7a89a9fc8dvvsxmsthlm70nfxqspr6t8vnf9wkcwsvdq38d
  - &dominik2 age1v6p8dan2t3w9h94fz4flldl32082j3s9x6zqq7u5j66keth9aphsd6pvch
  - &git-server age106n5n3rrrss45eqqzz8pq90la3kqdtnw63uw0sfa2mahk5xpe30sxs5x58
@@ -14,56 +15,80 @@ keys:
  - &testmodules age1zkzpnfeakyvg3fqtyay32sushjx2hqe28y6hs6ss7plemzqjqa5s6s5yu3
  - &ldap-server-arm age1jyeppc8yl2twnv8fwcewutd5gjewnxl59lmhev6ygds9qel8zf8syt7zz4
  - &fw age1wq82xjyj80htz33x7agxddjfumr3wkwh3r24tasagepxw7ka893sau68df
+  - &fw-new age12msc2c6drsaw0yk2hjlaw0q0lyq0emjx5e8rq7qc7ql689k593kqfmhss2
  - &netboot age14uarclad0ty5supc8ep09793xrnwkv8a4h9j0fq8d8lc92n2dadqkf64vw
 creation_rules:
  - path_regex: ^[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
  - path_regex: hosts/nb-01.cloonar.com/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
  - path_regex: hosts/nb-new.cloonar.com/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
  - path_regex: hosts/fw.cloonar.com/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *fw
+  - path_regex: hosts/fw-new/[^/]+\.yaml$
+    key_groups:
+    - age:
+      - *bitwarden
+      - *dominik
+      - *dominik2
+      - *fw-new
  - path_regex: hosts/fw.cloonar.com/modules/web/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *web-02
  - path_regex: hosts/web-01.cloonar.com/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *web-01-server
  - path_regex: hosts/web-arm/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *web-arm
  - path_regex: hosts/mail.cloonar.com/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *ldap-server-arm
      - *ldap-server-test
+  - path_regex: hosts/mail.social-grow.tech/[^/]+\.yaml$
+    key_groups:
+    - age:
+      - *bitwarden
+      - *dominik
+      - *dominik2
+      - *mail.social-grow.tech
  - path_regex: utils/modules/lego/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *git-server
@@ -76,27 +101,32 @@ creation_rules:
      - *testmodules
      - *netboot
      - *fw
+      - *fw-new
  - path_regex: hosts/web-01.cloonar.com/modules/bitwarden/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *web-01-server
  - path_regex: hosts/web-01.cloonar.com/modules/zammad/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *web-01-server
  - path_regex: utils/modules/plausible/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *web-01-server
  - path_regex: utils/modules/promtail/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *git-server
@@ -108,9 +138,11 @@ creation_rules:
      - *testmodules
      - *netboot
      - *fw
+      - *fw-new
  - path_regex: utils/modules/victoriametrics/[^/]+\.yaml$
    key_groups:
    - age:
+      - *bitwarden
      - *dominik
      - *dominik2
      - *git-server
@@ -122,3 +154,4 @@ creation_rules:
      - *testmodules
      - *netboot
      - *fw
+      - *fw-new