From 5bf6e1ef8c786bf3d36922bd0cec0c1cf2847221 Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@theribbles.org>
Date: Fri, 18 Jul 2025 16:42:50 +0000
Subject: [PATCH] Add corp age key to sops, rename pazuzu's key

dev_ prefix is for developer machines
---
 .sops.yaml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 7452033..9a51df4 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,13 +1,20 @@
 keys:
-  - &pazuzu_local age15y4k929zaj9fdg3vd40pa40tgvrgv9mn22xfummn5zxfmkcw5d0st6prjx
+  - &dev_pazuzu age15y4k929zaj9fdg3vd40pa40tgvrgv9mn22xfummn5zxfmkcw5d0st6prjx
+  - &server_corp age1kgwk20cc6t68kqj5nhem6swvx6k4e7zjx2xdwy382360h8tdyqrq0nn3gf
   - &server_test_corp age1lzzlx60f9ra4evdkn4l9px735mz7uxml5467ptzc4hg3t86gn9mq3ddsxy
 creation_rules:
   - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
     key_groups:
     - age:
-      - *pazuzu_local
+      - *dev_pazuzu
+      - *server_corp
       - *server_test_corp
+  - path_regex: host/corp/secrets/[^/]+\.(yaml|json|env|ini)$
+    key_groups:
+    - age:
+      - *dev_pazuzu
+      - *server_corp
   - path_regex: host/pazuzu/secrets/[^/]+\.(yaml|json|env|ini)$
     key_groups:
     - age:
-      - *pazuzu_local
+      - *dev_pazuzu