Switch mbsync from using secret-tool to password-store

This commit is contained in:
Evie Litherland-Smith 2024-01-12 08:32:48 +00:00
parent dfaa360dfe
commit 145e3f044a
3 changed files with 20 additions and 22 deletions

View file

@ -1,8 +1,6 @@
#+TITLE: README
#+AUTHOR: Evie Litherland-Smith
#+EMAIL: evie@xenia.me.uk
[[file:./home/emacs/config.org][Emacs (babel) config]]
#+title: README
#+author: Evie Litherland-Smith
#+email: evie@xenia.me.uk
* Password store setup
** Transfer GPG key(s)
@ -34,35 +32,34 @@ systemd unit handles running container on boot after this.
**** uidvalidity issue
Remove uid lines from .mbsyncrc (in each mail directory) and delete .uidvalidity, re-run mbsync to fix
*** Password
Get password from protonmail-bridge, register with gnome-keyring:
Get password from protonmail-bridge, save to password-store:
#+begin_src bash
secret-tool store --label="Proton mail mbsync" email e.litherlandsmith@proton.me
pass insert mbsync/$(hostname)/proton
# Insert pass at prompt
#+end_src
** iCloud
*** Password
Register app-password with gnome-keyring:
If not already done, save password to password-store:
#+begin_src bash
secret-tool store --label="iCloud mail mbsync" email e.litherlandsmith@icloud.com
pass insert mbsync/$(hostname)/icloud
# Insert pass at prompt
#+end_src
This will be synced across devices so only needs doing once
** Outlook
*** Password
Register app-password with gnome-keyring:
If not already done, save password to password-store:
#+begin_src bash
secret-tool store --label="Outlook mail mbsync" email evie.litherland-smith@ukaea.uk
pass insert mbsync/$(hostname)/outlook
# Insert pass at prompt
#+end_src
This will be synced across devices so only needs doing once
*** Configuration
On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically).
#+begin_src bash
# Restart service to ensure ~/.davmail.properties exists
systemctl --user restart davmail.service
# Run to use manual authentication
pkill -f davmail && davmail -notray ~/.davmail.properties
systemctl --user stop davmail.service && davmail -notray ~/.davmail.properties
# Restart again so that service picks up available ports
systemctl --user restart davmail.service
#+end_src
* Vdirsyncer
** Password
Register app-password with gnome-keyring;
#+begin_src bash
secret-tool store --label="NextCloud" url cloud.xenia.me.uk
#+end_src

View file

@ -180,6 +180,7 @@
};
};
home-manager = {
extraSpecialArgs = { inherit hostName; };
useGlobalPkgs = true;
useUserPackages = true;
users = {

View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: {
{ config, lib, pkgs, hostName, ... }: {
home.packages = with pkgs; [ davmail ];
accounts.email = {
maildirBasePath = "Mail";
@ -24,7 +24,7 @@
aliases = [ "evie@xenia.me.uk" "evie@litherlandsmith.slmail.me" ];
userName = address;
passwordCommand =
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
"${pkgs.pass}/bin/pass show mbsync/${hostName}/proton | head -n1";
mbsync = {
enable = lib.mkDefault accountEnabled;
create = "both";
@ -53,7 +53,7 @@
address = "e.litherlandsmith@icloud.com";
userName = address;
passwordCommand =
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
"${pkgs.pass}/bin/pass show mbsync/${hostName}/icloud | head -n1";
mbsync = {
enable = lib.mkDefault accountEnabled;
create = "both";
@ -85,7 +85,7 @@
aliases = [ "elitherl@jet.uk" ];
userName = address;
passwordCommand =
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
"${pkgs.pass}/bin/pass show mbsync/${hostName}/outlook | head -n1";
mbsync = {
enable = lib.mkDefault accountEnabled;
create = "both";