From 6b7b76e7bce7fe8425c626bb5a5681da717cdfa1 Mon Sep 17 00:00:00 2001 From: Evie Litherland-Smith Date: Sat, 30 Sep 2023 09:27:43 +0100 Subject: [PATCH] Switch to gnome-keyring for libsecret email password and git credential helper now use gnome-keyring/secret-service --- flake.nix | 2 +- home/accounts/email.nix | 12 +++++++++--- home/git.nix | 1 + home/pass.nix | 2 -- system/desktop.nix | 7 +++---- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/flake.nix b/flake.nix index aec8fad2..50822ae4 100644 --- a/flake.nix +++ b/flake.nix @@ -154,7 +154,7 @@ nameservers = [ "9.9.9.9" ]; }; environment = { - systemPackages = with pkgs; [ git neofetch ]; + systemPackages = with pkgs; [ libsecret git neofetch nitch ]; localBinInPath = true; shellAliases.nou = ''sudo nixos-rebuild switch --flake "${flakeURL}" --refresh''; diff --git a/home/accounts/email.nix b/home/accounts/email.nix index 9bbd4fc8..2857d979 100644 --- a/home/accounts/email.nix +++ b/home/accounts/email.nix @@ -34,8 +34,9 @@ }; address = "e.litherlandsmith@proton.me"; aliases = [ "evie@xenia.me.uk" "evie@litherlandsmith.slmail.me" ]; - passwordCommand = "${pkgs.pass}/bin/pass show Mail/Proton/${hostName}"; userName = address; + passwordCommand = + "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}"; imapnotify = { enable = true; boxes = [ "INBOX" ]; @@ -43,6 +44,7 @@ onNotifyPost = "${pkgs.libnotify}/bin/notify-send 'Proton: New mail arrived'"; extraConfig = { + wait = 30; tls = false; tlsOptions.rejectUnauthorized = false; }; @@ -72,14 +74,16 @@ imap.host = "imap.mail.me.com"; smtp.host = "smtp.mail.me.com"; address = "e.litherlandsmith@icloud.com"; - passwordCommand = "${pkgs.pass}/bin/pass show Mail/iCloud/mbsync"; userName = address; + passwordCommand = + "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}"; imapnotify = { enable = true; boxes = [ "INBOX" ]; onNotify = "${pkgs.isync}/bin/mbsync --pull icloud:INBOX"; onNotifyPost = "${pkgs.libnotify}/bin/notify-send 'Proton: New mail arrived'"; + extraConfig.wait = 30; }; mbsync = { enable = true; @@ -109,14 +113,16 @@ }; address = "evie.litherland-smith@ukaea.uk"; aliases = [ "elitherl@jet.uk" ]; - passwordCommand = "${pkgs.pass}/bin/pass show Mail/Outlook/ukaea"; userName = address; + passwordCommand = + "${pkgs.libsecret}/bin/secret-tool lookup email ${userName}"; imapnotify = { boxes = [ "INBOX" ]; onNotify = "${pkgs.isync}/bin/mbsync --pull ukaea:INBOX"; onNotifyPost = "${pkgs.libnotify}/bin/notify-send 'Proton: New mail arrived'"; extraConfig = { + wait = 30; tls = false; tlsOptions.rejectUnauthorized = false; }; diff --git a/home/git.nix b/home/git.nix index e0bfb721..c0b4d9ee 100644 --- a/home/git.nix +++ b/home/git.nix @@ -19,6 +19,7 @@ extraConfig = { pull.rebase = false; init.defaultBranch = "main"; + credential.helper = "${pkgs.gitFull}/bin/git-credential-libsecret"; }; }; gitui = { diff --git a/home/pass.nix b/home/pass.nix index c84dd780..b969c914 100644 --- a/home/pass.nix +++ b/home/pass.nix @@ -11,8 +11,6 @@ settings.PASSWORD_STORE_DIR = with config.home; "${homeDirectory}/.password-store"; }; - git.extraConfig.credential.helper = - "${pkgs.gitFull}/bin/git-credential-libsecret"; }; services = { gpg-agent = rec { diff --git a/system/desktop.nix b/system/desktop.nix index 8b2af354..3461de47 100644 --- a/system/desktop.nix +++ b/system/desktop.nix @@ -18,10 +18,7 @@ ]; security = { rtkit.enable = true; - pam.services = { - sddm.gnupg.enable = true; - gtklock = { }; - }; + pam.services.gtklock.enableGnomeKeyring = true; }; sound.enable = true; hardware = { @@ -29,6 +26,7 @@ bluetooth.enable = true; }; services = { + gnome.gnome-keyring.enable = true; pipewire = { enable = true; alsa.enable = true; @@ -50,6 +48,7 @@ console.keyMap = "uk"; programs = { ssh.startAgent = true; + seahorse.enable = true; dconf.enable = true; light.enable = true; noisetorch.enable = true;