let # set ssh public keys here for your system and user machines = { dumpyourvms = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILDATEWAgDZFfYs1ZPh33Kg4sqQ9tWMVKyk8XqFu3Koe host@dumpyourvms"; ryzensun = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH/l7MfEmt510BMeNjuXNPmZ0brcQidvrrpcea+qJMjX root@ryzensun"; fae = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINP3xI8c8+SI5QPTHqR0YIwKvG8x2MJGC/arBu4BkCP0 root@fae"; }; users = { teutat3s = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHcU6KPy4b1MQXd6EJhcYwbJu7E+0IrBZF/IP6T7gbMf teutat3s@dumpyourvms"; teutat3s-5-nfc = "age1yubikey1qdxpc9qenrkhqxnu2p6sgyfxhnxcvz99jcaq36uqcztuzsy92q596shqxkf"; }; allKeys = [ machines.dumpyourvms machines.ryzensun users.teutat3s users.teutat3s-5-nfc ]; in { "example-secret.age".publicKeys = allKeys; "environment-secrets.age".publicKeys = allKeys; "github-api-token.age".publicKeys = allKeys; "fwknoprc.age".publicKeys = allKeys; "cat-testenv.ovpn.age".publicKeys = allKeys; "mnx-bonanza-pf1.ovpn.age".publicKeys = allKeys; "mnx-bonanza-pf1.p12.age".publicKeys = allKeys; "docker-ci-runner-secrets.age".publicKeys = allKeys; "test-secret.age".publicKeys = [ users.teutat3s-5-nfc ]; "hosting-de-acme-secrets.age".publicKeys = [ machines.fae users.teutat3s users.teutat3s-5-nfc ]; "fae-rclone.conf.age".publicKeys = [ machines.fae users.teutat3s users.teutat3s-5-nfc ]; "restic-password.age".publicKeys = [ machines.fae users.teutat3s users.teutat3s-5-nfc ]; }