Switch mbsync from using secret-tool to password-store
This commit is contained in:
parent
dfaa360dfe
commit
145e3f044a
33
README.org
33
README.org
|
@ -1,8 +1,6 @@
|
|||
#+TITLE: README
|
||||
#+AUTHOR: Evie Litherland-Smith
|
||||
#+EMAIL: evie@xenia.me.uk
|
||||
|
||||
[[file:./home/emacs/config.org][Emacs (babel) config]]
|
||||
#+title: README
|
||||
#+author: Evie Litherland-Smith
|
||||
#+email: evie@xenia.me.uk
|
||||
|
||||
* Password store setup
|
||||
** Transfer GPG key(s)
|
||||
|
@ -34,35 +32,34 @@ systemd unit handles running container on boot after this.
|
|||
**** uidvalidity issue
|
||||
Remove uid lines from .mbsyncrc (in each mail directory) and delete .uidvalidity, re-run mbsync to fix
|
||||
*** Password
|
||||
Get password from protonmail-bridge, register with gnome-keyring:
|
||||
Get password from protonmail-bridge, save to password-store:
|
||||
#+begin_src bash
|
||||
secret-tool store --label="Proton mail mbsync" email e.litherlandsmith@proton.me
|
||||
pass insert mbsync/$(hostname)/proton
|
||||
# Insert pass at prompt
|
||||
#+end_src
|
||||
** iCloud
|
||||
*** Password
|
||||
Register app-password with gnome-keyring:
|
||||
If not already done, save password to password-store:
|
||||
#+begin_src bash
|
||||
secret-tool store --label="iCloud mail mbsync" email e.litherlandsmith@icloud.com
|
||||
pass insert mbsync/$(hostname)/icloud
|
||||
# Insert pass at prompt
|
||||
#+end_src
|
||||
This will be synced across devices so only needs doing once
|
||||
** Outlook
|
||||
*** Password
|
||||
Register app-password with gnome-keyring:
|
||||
If not already done, save password to password-store:
|
||||
#+begin_src bash
|
||||
secret-tool store --label="Outlook mail mbsync" email evie.litherland-smith@ukaea.uk
|
||||
pass insert mbsync/$(hostname)/outlook
|
||||
# Insert pass at prompt
|
||||
#+end_src
|
||||
This will be synced across devices so only needs doing once
|
||||
*** Configuration
|
||||
On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically).
|
||||
#+begin_src bash
|
||||
# Restart service to ensure ~/.davmail.properties exists
|
||||
systemctl --user restart davmail.service
|
||||
# Run to use manual authentication
|
||||
pkill -f davmail && davmail -notray ~/.davmail.properties
|
||||
systemctl --user stop davmail.service && davmail -notray ~/.davmail.properties
|
||||
# Restart again so that service picks up available ports
|
||||
systemctl --user restart davmail.service
|
||||
#+end_src
|
||||
* Vdirsyncer
|
||||
** Password
|
||||
Register app-password with gnome-keyring;
|
||||
#+begin_src bash
|
||||
secret-tool store --label="NextCloud" url cloud.xenia.me.uk
|
||||
#+end_src
|
||||
|
|
|
@ -180,6 +180,7 @@
|
|||
};
|
||||
};
|
||||
home-manager = {
|
||||
extraSpecialArgs = { inherit hostName; };
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
users = {
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, pkgs, ... }: {
|
||||
{ config, lib, pkgs, hostName, ... }: {
|
||||
home.packages = with pkgs; [ davmail ];
|
||||
accounts.email = {
|
||||
maildirBasePath = "Mail";
|
||||
|
@ -24,7 +24,7 @@
|
|||
aliases = [ "evie@xenia.me.uk" "evie@litherlandsmith.slmail.me" ];
|
||||
userName = address;
|
||||
passwordCommand =
|
||||
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
|
||||
"${pkgs.pass}/bin/pass show mbsync/${hostName}/proton | head -n1";
|
||||
mbsync = {
|
||||
enable = lib.mkDefault accountEnabled;
|
||||
create = "both";
|
||||
|
@ -53,7 +53,7 @@
|
|||
address = "e.litherlandsmith@icloud.com";
|
||||
userName = address;
|
||||
passwordCommand =
|
||||
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
|
||||
"${pkgs.pass}/bin/pass show mbsync/${hostName}/icloud | head -n1";
|
||||
mbsync = {
|
||||
enable = lib.mkDefault accountEnabled;
|
||||
create = "both";
|
||||
|
@ -85,7 +85,7 @@
|
|||
aliases = [ "elitherl@jet.uk" ];
|
||||
userName = address;
|
||||
passwordCommand =
|
||||
"${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
|
||||
"${pkgs.pass}/bin/pass show mbsync/${hostName}/outlook | head -n1";
|
||||
mbsync = {
|
||||
enable = lib.mkDefault accountEnabled;
|
||||
create = "both";
|
||||
|
|
Loading…
Reference in a new issue