#+title: README
#+author: Evie Litherland-Smith
#+email: evie@xenia.me.uk
Nix home-manager configuration files.

Can be used on any Linux-based system if the package manager [[https://nixos.org/][nix]] is
installed, but works best with [[https://git.xenia.me.uk/pixelifytica/nixos.git][a NixOS system]].

* Password store setup
** Transfer GPG key(s)
#+begin_src bash
  # Export keys on existing machine
  gpg -a --export > publickeys.asc
  gpg -a --export-secret-keys > privatekeys.asc
  # Import key on new machine
  gpg --import privatekeys.asc
  gpg --import publickeys.asc
  # Edit (for each key) to set trust
  gpg --edit-key evie@xenia.me.uk
#+end_src
** Clone password-store repository
#+begin_src bash
  git -c credential.helper='' clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR
#+end_src
* Email setup
** Proton
*** Bridge
Run src_bash{protonmail-setup-bridge} to automate this process.

Run bridge in CLI mode to login, wait for initial sync and get app password
#+begin_src bash
  nix run nixpkgs#protonmail-bridge -- -c
  # Follow prompts to login and get password
#+end_src

Restart using ~swaymsg~:
#+begin_src bash
  nix shell nixpkgs#protonmail-bridge -c swaymsg exec "protonmail-bridge -n"
#+end_src

**** uidvalidity issue
+Remove uid lines from .mbsyncrc (in each mail directory) and delete .uidvalidity, re-run mbsync to fix+
Above might be duplicating mail, faster to just delete local maildirs and let them re-sync.

*** Password
Get password from ~protonmail-bridge~, save to ~password-store~:
#+begin_src bash
  pass insert mbsync/$(hostname)/proton
  # Insert pass at prompt
#+end_src
** iCloud
*** Password
If not already done, save password to ~password-store~:
#+begin_src bash
  pass insert mbsync/$(hostname)/icloud
  # Insert pass at prompt
#+end_src
This will be synced across devices so only needs doing once
** Outlook
*** Password
If not already done, save password to ~password-store~:
#+begin_src bash
  pass insert mbsync/$(hostname)/outlook
  # Insert pass at prompt
#+end_src
This will be synced across devices so only needs doing once
*** Configuration
Run src_bash{davmail-setup} to automate this process.

On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically).
#+begin_src bash
  # Restart service to ensure ~/.davmail.properties exists
  systemctl --user restart davmail.service
  # Run to use manual authentication
  systemctl --user stop davmail.service && davmail -notray ~/.davmail.properties
  # Restart again so that service picks up available ports
  systemctl --user restart davmail.service
#+end_src