noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-07-06 16:40:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

move encrypted secrets near relevant files

Browse Source
This commit is contained in:
Noah Masur
2025-03-09 17:09:33 +00:00
parent f59ac536a2
commit 37d1d7724a
60 changed files with 27 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
platforms/home-manager/modules/nmasur/presets/services/mbsync/mailpass.age Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IHNzaC1lZDI1NTE5IE1nSGFPdyBuM3E3
UnNtNUlmTGtIdm9zZGlha1B5ZVkrQjBuTStKTmlPcmFCNVM0eGlzCk1tWGJOdWtm
TVBRMFNNRkN4TVBtVWJyUk9wZlJ2eXpHSWtLK21rc3JIYkEKLT4gc3NoLWVkMjU1
MTkgWXlTVU1RIDB3c1dHdnNTSEhva2FsT2pNL3JUVXVmTGRrVzIwWk1UdFFVaGxH
MWVad2MKaUJyaUdDek45eHFEdWFsMks1VjlsTlRhWEdmNEFaUmdjNXpocS9vVWVa
NAotPiBzc2gtZWQyNTUxOSBuanZYNUEgRFZ1bVVCeVZTWEFqNFk5bmVBSmk0Sis2
TDNuZVFhTWRBSXFrWmJlQ3ZrZwpMWTlSL3hkZGNNQjFXRTFTTmJzMlBaVHJhekpD
aGdCaDJtNkxEbWgzSXdVCi0+IHNzaC1lZDI1NTE5IENxSU9VQSBXZGIxaEFvZXpx
Vm5CZHAwRFZFWnZIZ1h4eVh4RmNoRzh3OHN0dFhOV2xVClNXaDJxbFhlbHJmeThM
TjgyTlEwaThwZ3NhOWNQYXV4WFZHMGR0cGxGV1EKLT4gc3NoLWVkMjU1MTkgejFP
Y1p3IDFyK0xxREdzWk8zWkNYQUUzUUw4RmE0Vm5WQjljdmxTeTh2VktUc1NuMVkK
YTRUK0hlTVltcFVXWDlDVklKRVMrRjdYUWQ4ME9YcXJBcWY1RUU0MS9pRQotLS0g
ZzNjRmVHSTByTS8vNTlRbDdYR2tFNHF6RCtiajNLY2o3eDZpdFFoRkdibwqeS82J
r4vWQBK8WvTxQb1sQdIU9/0NNX/JqbAxWiaUnzk6ilzf0leovTZkJF0JchWyW1ya
HiVoD5lVamGzGA6jRw==
-----END AGE ENCRYPTED FILE-----

126
platforms/home-manager/modules/nmasur/presets/services/mbsync/mbsync.nix Normal file
View File

@ -0,0 +1,126 @@
{
config,
pkgs,
lib,
...
}:
let
inherit (config.nmasur.settings) fullName hostnames;
cfg = config.nmasur.presets.services.mbsync;
in
{
options.nmasur.presets.services.mbsync = {
enable = lib.mkEnableOption "Mail service.";
user = lib.mkOption {
type = lib.types.str;
description = "User name for the email address.";
};
server = lib.mkOption {
type = lib.types.str;
description = "Server name for the email address.";
};
imapHost = lib.mkOption {
type = lib.types.str;
description = "Server host for IMAP (reading mail).";
default = hostnames.imap;
};
smtpHost = lib.mkOption {
type = lib.types.str;
description = "Server host for SMTP (sending mail).";
default = hostnames.smtp;
};
};
config = lib.mkIf cfg.enable {
programs.mbsync = {
enable = true;
};
# Automatically check for mail and keep files synced locally
services.mbsync = lib.mkIf pkgs.stdenv.isLinux {
enable = true;
frequency = "*:0/5";
postExec = "${lib.getExe pkgs.notmuch} new";
};
# Used to watch for new mail and trigger sync
services.imapnotify.enable = pkgs.stdenv.isLinux;
# Allows sending email from CLI/sendmail
programs.msmtp.enable = true;
accounts.email = {
# Where email files are stored
maildirBasePath = "${config.home.homeDirectory}/mail";
accounts = {
home =
let
address = "${cfg.user}@${cfg.server}";
in
{
userName = address;
realName = fullName;
primary = true;
inherit address;
aliases = map (user: "${user}@${cfg.server}") [
"me"
"hey"
"admin"
];
# Options for contact completion
alot = { };
imap = {
host = cfg.imapHost;
port = 993;
tls.enable = true;
};
# Watch for mail and run notifications or sync
imapnotify = {
enable = true;
boxes = [ "Inbox" ];
onNotify = "${pkgs.isync}/bin/mbsync -a";
onNotifyPost = lib.mkIf config.services.dunst.enable "${lib.getExe pkgs.libnotify} 'New mail arrived'";
};
# Name of the directory in maildir for this account
maildir = {
path = "main";
};
# Bi-directional syncing options for local files
mbsync = {
enable = true;
create = "both";
expunge = "both";
remove = "both";
patterns = [ "*" ];
extraConfig.channel = {
CopyArrivalDate = "yes"; # Sync time of original message
};
};
# Enable indexing
notmuch.enable = true;
# Used to login and send and receive emails
passwordCommand = "${lib.getExe pkgs.age} --decrypt --identity ~/.ssh/id_ed25519 ${pkgs.writeText "mailpass.age" (builtins.readFile ./mailpass.age)}";
smtp = {
host = cfg.smtpHost;
port = 465;
tls.enable = true;
};
};
};
};
};
}