Fix protonmail-bridge

systemd service now runs a podman container for protonmail-bridge so it's isolated and works properly
2023-10-01 11:40:47 +01:00 · 2023-10-01 11:40:47 +01:00 · 406d922c8b
parent 55a6c3c281
commit 406d922c8b
1 changed files with 38 additions and 12 deletions
--- a/home/accounts/email.nix
+++ b/home/accounts/email.nix
@ -28,7 +28,7 @@
        tls.enable = false;
      in rec {
        inherit realName;
-        primary = lib.mkDefault false; # TEMP until fixed
+        primary = lib.mkDefault true;
        maildir.path = "Proton";
        imap = {
          inherit host tls;
@ -44,7 +44,7 @@
        passwordCommand =
          "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}";
        imapnotify = {
-          enable = false; # TEMP until fixed
+          enable = true;
          boxes = [ "INBOX" ];
          onNotify = "${pkgs.isync}/bin/mbsync --pull proton:INBOX";
          onNotifyPost =
@ -56,7 +56,7 @@
          };
        };
        mbsync = {
-          enable = false; # TEMP until fixed
+          enable = true;
          create = "both";
          expunge = "both";
          remove = "both";
@ -65,17 +65,17 @@
          extraConfig.account.AuthMechs = "LOGIN";
        };
        msmtp = {
-          enable = false; # TEMP until fixed
+          enable = true;
          extraConfig = {
            tls = "off";
            auth = "login";
          };
        };
-        mu.enable = false; # TEMP until fixed
+        mu.enable = true;
      };
      icloud = rec {
        inherit realName;
-        primary = lib.mkDefault true; # TEMP until proton is fixed
+        primary = lib.mkDefault false; # TEMP until proton is fixed
        maildir.path = "iCloud";
        imap.host = "imap.mail.me.com";
        smtp.host = "smtp.mail.me.com";
@ -153,14 +153,40 @@
    protonmail-bridge =
      lib.mkIf config.accounts.email.accounts.proton.mbsync.enable {
        Unit = {
-          Description = "Protonmail Bridge";
-          After = [ "network.target" ];
+          Description = "Podman container-protonmail-bridge.service";
+          Documentation = [ "man:podman-generate-systemd(1)" ];
+          Wants = [ "network-online.target" ];
+          After = [ "network-online.target" ];
+          RequiresMountsFor = "%t/containers";
        };
-        Service = {
+        Service = let name = "protonmail-bridge";
+        in {
+          Environment = "PODMAN_SYSTEMD_UNIT=%n";
          Restart = "always";
-          # Environment = "PATH=${pkgs.libsecret}/bin";
-          ExecStart =
-            "${pkgs.protonmail-bridge}/bin/protonmail-bridge --noninteractive --log-level info";
+          TimeoutStopSec = 70;
+          ExecStart = ''
+            ${pkgs.podman}/bin/podman run \
+              --cidfile=%t/%n.ctr-id \
+              --cgroups=no-conmon \
+              --rm \
+              --sdnotify=conmon \
+              --replace \
+              -d \
+              --name=protonmail-bridge \
+              -v protonmail:/root \
+              -p 127.0.0.1:1025:25/tcp \
+              -p 127.0.0.1:1143:143/tcp shenxn/protonmail-bridge'';
+          ExecStop = ''
+            ${pkgs.podman}/bin/podman stop \
+              --ignore -t 10 \
+              --cidfile=%t/%n.ctr-id'';
+          ExecStopPost = ''
+            ${pkgs.podman}/bin/podman rm \
+              -f \
+              --ignore -t 10 \
+              --cidfile=%t/%n.ctr-id'';
+          Type = "notify";
+          NotifyAccess = "all";
        };
        Install.WantedBy = [
          "graphical-session.target"