add sops and secrets

2026-05-08 15:58:20 +03:00 · 2026-05-08 15:58:20 +03:00 · 4fd52921d6
commit 4fd52921d6
parent b44795bd59
2 changed files with 23 additions and 3 deletions
--- a/.sops.yaml
+++ b/.sops.yaml
@ -0,0 +1,7 @@
+keys:
+  - &server age1haj8v88kjna6ttkdufjpyjcf478kyvclnpdc8jwh97ewhqcc9eqsgrku4v
+creation_rules:
+  - path_regex: secrets/.*\.yaml$
+    key_groups:
+      - age:
+          - *server
--- a/secrets/tide.yaml
+++ b/secrets/tide.yaml
@ -1,3 +1,16 @@
-# PLACEHOLDER - replace with sops-encrypted content before deploy.
-# See secrets/README.md and secrets/tide.yaml.example.
-tide-env: ""
+tide-env: ENC[AES256_GCM,data:F9pGLKJZWKf3YrH0uqEBtp+PMjjAeZV3jIr1zJln3m7JzW2NwcE7HoXhAmdJt41mh+qv0uK69dDJsOFfeqIOA6JRSUj8jB6lFoFBnPnee62V6HoLo+6KfVJ7ixK7sNO+GC+TJ4gVaUFuJPNlVCNJZUkoSEWl9fQA0TqzDh0fVqAyZAbiDGha4EeRSGkmQ4Ad/5uwITiWaLxmh5X1D3NQonK78OngGM2N1Uc=,iv:TcOVWdUZ7/osM2lhSuCPFZC4N5EFkGysBIL2ih9y/0Y=,tag:0R9Hue8jARMoHIfBb6lb6Q==,type:str]
+sops:
+    age:
+        - recipient: age1haj8v88kjna6ttkdufjpyjcf478kyvclnpdc8jwh97ewhqcc9eqsgrku4v
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnQ2RzU0NBUTBhQTBERnBm
+            RFRPdWlKRWtWMW8zaktGVyt5L3VPTENMakhVCjFsdStSbHFzdmFYcWxuU294VW5Q
+            MWVQMzlJdmdqTW93Q1MwaVRFaVIvY2sKLS0tIHJxUk96VjRLeWpIanBlNktESDhI
+            dS9VREordndFSVhnbXFCdUVFN0Z3aG8KN4h2ptJxttY/02FcmRqZa+ujom0LIS11
+            cS+qkrk7FnrTbSCNETtjc/FApLTxphptd93zCPJkQtulmo2d9soJlA==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2026-05-08T12:15:46Z"
+    mac: ENC[AES256_GCM,data:nVcs2SaIYI8KGbWdAIr7PR7DoYQWaZohTkRqyRvdn6viI195UiL1Hecbujc/G6ODz0KFB60Mikbr0UlrnLm5ZMOTKxZClZcLbncqxMt6o6HoXrcthrSLnhz5vjSE+88rDKGZdSZp7tqlL7Ltx4r6wMNz+SGd2P73ZzWC9z900/g=,iv:R9dCH2NCT5KjsUS9Br88gliH7LdP+AOM75xT0YXauds=,tag:Ra9vmUHGZeH9ubCK6mBLDg==,type:str]
+    unencrypted_suffix: _unencrypted
+    version: 3.11.0