keys:
  # Add key signature below
  - &admin_antoine C8CEBB1753433CCCD2AF0638BD721F0A3BAE578C

  # Update this signature with phobos'
  # Run the following line to get the fingerprint and the public key of Phobos
  # ```
  # ssh root@phobos "cat /etc/ssh/ssh_host_rsa_key" | nix-shell -p ssh-to-pgp --run "ssh-to-pgp -o phobos.asc"
  # ```
  # You have to import the key afterward using `gpg --import phobos.asc`
  - &srv_phobos 9cb1fda8a56fa7ab852f666fc3592125321adf42 # replace this fingerprint with the new one `gpg --list-keys`
creation_rules:
  - path: secrets/phobos.yaml
    key_groups:
    - pgp:
      - *admin_antoine
      - *srv_phobos