From 96099eeb10855cfae6dd76460dbc4202af23bb3e Mon Sep 17 00:00:00 2001
From: Bernd Worsch <bernd.worsch@gmail.com>
Date: Sat, 13 Sep 2025 21:34:04 +0200
Subject: [PATCH] chores: configure sops with age masterkey

---
 .sops.yaml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 375a531..1df20ba 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,7 +1,8 @@
 # SOPS encryption policy: encrypt files matching *.sops.yaml
+
 creation_rules:
-  - path_regex: '.*\.sops\.ya?ml$'
-    encrypted_regex: '^(data|secrets|ops)$|(_secret|_password|_key)$'
-    # Replace with your age public key string (from keys/age.pub)
-    age:
-      - 'age1replace_with_your_public_key_here'
+  - path_regex: secrets/.*$
+    key_groups:
+      - age:
+          - age1aq8twfd78wvpra0had8cezcnj96tj4q0068edrz5jez8d6xwmflqdepsh4 
+