diff --git a/README.org b/README.org index 07bd4bcb..ba035666 100644 --- a/README.org +++ b/README.org @@ -22,38 +22,25 @@ NixOS system), run: #+end_src ** Clone password-store repository #+begin_src bash - git -c credential.helper='' clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR + git clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR #+end_src * Email setup +** Passwords for mbsync +Run src_bash{mbsync-ensure-pass} to check for passwords required by +~mbsync~, and query for missing passwords. + +Static app-specific passwords are stored in ~password-store~, fetch from +there to add to secret service. ** Proton *** Bridge Start Proton Mail Bridge application, if needed configure to store using =SecretService= and log in. Application will auto-start with -plasma session. -*** Password -Get password from ~protonmail-bridge~, save to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/proton - # Insert pass at prompt -#+end_src -** iCloud -*** Password -If not already done, save password to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/icloud - # Insert pass at prompt -#+end_src -This will be synced across devices so only needs doing once +desktop session. + +Use password from Bridge for ~mbsync~. ** Outlook -*** Password -If not already done, save password to ~password-store~: -#+begin_src bash - pass insert mbsync/$(hostname)/outlook - # Insert pass at prompt -#+end_src -This will be synced across devices so only needs doing once -*** Configuration +*** Davmail Run src_bash{davmail-setup} to automate this process. On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically). diff --git a/home/Vanguard.nix b/home/Vanguard.nix index c0661e12..4a2eaa9a 100644 --- a/home/Vanguard.nix +++ b/home/Vanguard.nix @@ -4,6 +4,11 @@ ./games/default.nix ./streaming/default.nix ]; + home.packages = with pkgs; [ + blender + freecad + prusa-slicer + ]; wayland.windowManager.sway.config = { output = { "Microstep MSI G27CQ4 E2 Unknown" = { diff --git a/home/default.nix b/home/default.nix index 9a1527f1..3c807c7e 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,8 +1,4 @@ -{ - config, - lib, - ... -}: { +{...}: { imports = [ # Programs ./desktop/default.nix @@ -10,7 +6,7 @@ ./emacs/default.nix ./browser/default.nix # Services - ./services/email/work.nix # TODO combine again at some point + ./services/email/default.nix ./services/password-store/default.nix # Additional Scripts ./scripts/default.nix diff --git a/home/desktop/default.nix b/home/desktop/default.nix index 67d7068d..04ee4530 100644 --- a/home/desktop/default.nix +++ b/home/desktop/default.nix @@ -6,7 +6,6 @@ }: { imports = [ ./sway/default.nix - ./foot/default.nix ./alacritty/default.nix ./avizo/default.nix ./fuzzel/default.nix @@ -16,34 +15,51 @@ ./waybar/default.nix ./wlogout/default.nix ]; - home.packages = with pkgs; [ - pinentry - ffmpeg - evince - libreoffice-fresh - inkscape - webcord - teams-for-linux - swayimg - swaybg - (writeShellScriptBin "set-background" '' - ${swaybg}/bin/swaybg -m fill -i ${./wallpapers/landscapes/tropic_island_day.jpg} - '') - (writeShellScriptBin "protonmail-setup-bridge" '' - pkill -9 -f protonmail-bridge - ${protonmail-bridge}/bin/protonmail-bridge -c - swaymsg exec "${protonmail-bridge}/bin/protonmail-bridge -n" - '') - (writeShellScriptBin "davmail-setup" '' - systemctl --user restart davmail # Ensure config file is present - systemctl --user stop davmail - ${davmail}/bin/davmail -n ~/.davmail.properties - systemctl --user restart davmail - '') - ]; + home = { + pointerCursor = let + name = + if config.scheme.variant == "light" + then "volantes_cursors" + else "volantes_light_cursors"; + in { + inherit name; + package = pkgs.volantes-cursors; + size = 32; + gtk.enable = true; + x11 = { + enable = true; + defaultCursor = name; + }; + }; + packages = with pkgs; [ + pinentry-gnome3 + gnome.seahorse + ffmpeg + evince + libreoffice-fresh + inkscape + webcord + teams-for-linux + grim + slurp + swayimg + swaybg + (writeShellScriptBin "protonmail-setup-bridge" '' + pkill -9 -f protonmail-bridge + ${protonmail-bridge}/bin/protonmail-bridge -c + swaymsg exec "${protonmail-bridge}/bin/protonmail-bridge -n" + '') + (writeShellScriptBin "davmail-setup" '' + systemctl --user restart davmail # Ensure config file is present + systemctl --user stop davmail + ${davmail}/bin/davmail -n ~/.davmail.properties + systemctl --user restart davmail + '') + ]; + }; services = { avizo.enable = true; - gpg-agent.pinentryPackage = pkgs.pinentry-gtk2; + gpg-agent.pinentryPackage = pkgs.pinentry-gnome3; syncthing.enable = true; kdeconnect = { enable = true; @@ -66,14 +82,6 @@ then "Papirus-Light" else "Papirus-Dark"; }; - cursorTheme = { - package = pkgs.volantes-cursors; - name = - if config.scheme.variant == "light" - then "volantes_cursors" - else "volantes_light_cursors"; - size = 32; - }; theme = { package = pkgs.gnome.gnome-themes-extra; name = diff --git a/home/desktop/fuzzel/default.nix b/home/desktop/fuzzel/default.nix index ebbd5975..0279039c 100644 --- a/home/desktop/fuzzel/default.nix +++ b/home/desktop/fuzzel/default.nix @@ -39,7 +39,7 @@ }; border = { width = 1; - radius = 10; + radius = 5; }; }; }; diff --git a/home/desktop/mako/default.nix b/home/desktop/mako/default.nix index 1161bb88..264ab892 100644 --- a/home/desktop/mako/default.nix +++ b/home/desktop/mako/default.nix @@ -19,7 +19,7 @@ progressColor = "over ${sc.red}ff"; backgroundColor = "${sc.base00}cc"; borderColor = "${sc.${accentColourName}}ff"; - borderRadius = 10; + borderRadius = 5; borderSize = 1; defaultTimeout = 0; }; diff --git a/home/desktop/mimeapps.nix b/home/desktop/mimeapps.nix index 5f1aa6c9..213ba5e2 100644 --- a/home/desktop/mimeapps.nix +++ b/home/desktop/mimeapps.nix @@ -72,6 +72,6 @@ in { "x-scheme-handler/ms-powerpoint" = ["impress.desktop"]; "x-scheme-handler/ms-excel" = ["calc.desktop"]; "x-scheme-handler/msteams" = ["teams-for-linux.desktop"] ++ browser; - "x-scheme-handler/zoomus" = ["Zoom.desktop"] ++ browser; - "x-scheme-handler/zoommtg" = ["Zoom.desktop"] ++ browser; + "x-scheme-handler/zoomus" = browser; + "x-scheme-handler/zoommtg" = browser; } diff --git a/home/desktop/rofi/default.nix b/home/desktop/rofi/default.nix index fc1174fd..429fbb08 100644 --- a/home/desktop/rofi/default.nix +++ b/home/desktop/rofi/default.nix @@ -57,7 +57,7 @@ width = mkLiteral "75%"; border = mkLiteral "1px"; border-color = border; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; background-color = bg; }; @@ -70,7 +70,7 @@ background-color = bg2; padding = mkLiteral "6px"; text-color = blue; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; margin = mkLiteral "20px 0px 0px 20px"; }; @@ -103,7 +103,7 @@ "element selected" = { background-color = bg2; text-color = blue; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; }; mode-switcher = { @@ -113,7 +113,7 @@ button = { padding = mkLiteral "10px"; text-color = fg2; - border-radius = mkLiteral "10px"; + border-radius = mkLiteral "5px"; vertical-align = mkLiteral "0.5"; horizontal-align = mkLiteral "0.5"; }; diff --git a/home/desktop/sway/default.nix b/home/desktop/sway/default.nix index 535a0404..aafbeb41 100644 --- a/home/desktop/sway/default.nix +++ b/home/desktop/sway/default.nix @@ -5,7 +5,12 @@ fonts, accentColourName, ... -}: { +}: let + set-background = pkgs.writeShellScriptBin "set-background" '' + ${pkgs.swaybg}/bin/swaybg -m fill -i ${./wallpapers/landscapes/tropic_island_day.jpg} + ''; +in { + home.packages = [set-background]; programs.waybar.systemd.target = "sway-session.target"; services.kanshi.systemdTarget = "sway-session.target"; wayland.windowManager.sway = { @@ -81,8 +86,7 @@ }; startup = [ {command = "${pkgs.libsForQt5.polkit-kde-agent}/libexec/polkit-kde-authentication-agent-1";} - {command = "${pkgs.protonmail-bridge}/bin/protonmail-bridge -n";} - {command = "set-background";} + {command = "${set-background}/bin/set-background";} ]; window = { border = 1; @@ -159,23 +163,22 @@ extraConfig = '' bindgesture swipe:right workspace prev bindgesture swipe:left workspace next - corner_radius 10 + corner_radius 5 blur enable blur_xray disable blur_passes 3 blur_radius 5 - corner_radius 10 - shadows disable - shadow_blur_radius 0 - layer_effects "system-menu" blur enable; shadows disable - layer_effects "gtk-layer-shell" blur enable; shadows disable - layer_effects "notifications" blur enable; shadows disable - layer_effects "launcher" blur enable; shadows disable - layer_effects "logout_dialog" blur enable; shadows disable - layer_effects "waybar" blur enable; shadows disable - layer_effects "avizo" blur enable; shadows disable - layer_effects "swaync-notification-window" blur enable; shadows disable - layer_effects "swaync-control-center" blur enable; shadows disable + shadows enable + shadow_blur_radius 5 + layer_effects "system-menu" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "gtk-layer-shell" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "notifications" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "launcher" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "logout_dialog" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "waybar" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "avizo" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "swaync-notification-window" blur enable; blur_ignore_transparent enable; shadows enable + layer_effects "swaync-control-center" blur enable; blur_ignore_transparent enable; shadows enable titlebar_separator enable ''; }; diff --git a/home/desktop/swaync/default.nix b/home/desktop/swaync/default.nix index 102a9836..42f78b1c 100644 --- a/home/desktop/swaync/default.nix +++ b/home/desktop/swaync/default.nix @@ -20,7 +20,7 @@ } .floating-notifications.background .notification-row .notification-background { - border-radius: 10px; + border-radius: 5px; border: 1px solid ${sc.${accentColourName}}; margin: 18px; background-color: ${alpha-background}; @@ -33,7 +33,7 @@ .notification-background .notification { padding: 7px; - border-radius: 10px; + border-radius: 5px; } .floating-notifications.background @@ -87,7 +87,7 @@ > *:last-child > * .notification-action { - border-radius: 10px; + border-radius: 5px; background-color: ${sc.base01}; color: ${sc.base05}; margin: 7px; @@ -121,7 +121,7 @@ .close-button { margin: 7px; padding: 2px; - border-radius: 10px; + border-radius: 5px; background-color: ${sc.red}; color: ${sc.base00}; } @@ -143,7 +143,7 @@ } .control-center { - border-radius: 10px; + border-radius: 5px; border: 1px solid ${sc.${accentColourName}}; margin: 18px; background-color: ${alpha-background}; @@ -174,7 +174,7 @@ } .control-center .notification-row .notification-background { - border-radius: 10px; + border-radius: 5px; background-color: ${sc.base01}; color: ${sc.base05}; margin-top: 14px; diff --git a/home/desktop/waybar/default.nix b/home/desktop/waybar/default.nix index 907a39c6..b0035bba 100644 --- a/home/desktop/waybar/default.nix +++ b/home/desktop/waybar/default.nix @@ -15,7 +15,7 @@ settings.main = { name = "main"; layer = "top"; - position = "bottom"; + position = "top"; # Layout "modules-left" = [ "sway/workspaces" @@ -64,7 +64,6 @@ "rewrite" = { "(.*) - GNU Emacs at (.*)" = " $1 [$2]"; "(alacritty.*)" = " $1"; - "(foot.*)" = " $1"; "(.*) - mpv" = "󰦟 $1"; "swayimg: (.*)" = "󰋩 $1"; "(btm)" = " Resource Usage [$1]"; @@ -260,16 +259,16 @@ window > box { color: ${sc.base05}; background: alpha(${sc.base00}, ${alpha}); - margin: 0px 5px 5px; + margin: 5px 5px 0px; padding: 0px; border-top: 1px solid ${sc.base04}; - border-radius: 10px; + border-radius: 5px; } tooltip { background: ${sc.base00}; border: 1px solid ${sc.${accentColourName}}; - border-radius: 10px; + border-radius: 5px; box-shadow: none; } diff --git a/home/personal.nix b/home/personal.nix index fcf7666d..64629674 100644 --- a/home/personal.nix +++ b/home/personal.nix @@ -1,10 +1 @@ -{pkgs, ...}: { - home.packages = with pkgs; - with kdePackages; [ - blender - freecad - prusa-slicer - ktorrent - noson - ]; -} +{...}: {} diff --git a/home/scripts/shell/rsync-local-config.sh b/home/scripts/shell/rsync-local-config.sh index d7184e70..021a906b 100755 --- a/home/scripts/shell/rsync-local-config.sh +++ b/home/scripts/shell/rsync-local-config.sh @@ -1,6 +1,6 @@ HOSTS=("$@") # Config files -for TARGET in bat bottom git starship.toml; do +for TARGET in bat starship.toml; do SOURCE="$HOME/.config/$TARGET" echo "--- $SOURCE ---" TMP_TARGET=/tmp/rsync-local-config diff --git a/home/services/email/default.nix b/home/services/email/default.nix index 7bb80c47..da40c664 100644 --- a/home/services/email/default.nix +++ b/home/services/email/default.nix @@ -1,19 +1,30 @@ { + config, pkgs, - hostname, ... }: { - home.packages = with pkgs; [protonmail-bridge-gui]; + home.packages = with pkgs; [ + protonmail-bridge-gui + (writeShellScriptBin "mbsync-ensure-pass" + (builtins.readFile ./mbsync-ensure-pass.sh)) + (writeShellScriptBin "davmail-setup" '' + systemctl --user restart davmail # Ensure config file is present + systemctl --user stop davmail + ${davmail}/bin/davmail -n ~/.davmail.properties + systemctl --user restart davmail + '') + ]; accounts.email = { maildirBasePath = "Mail"; accounts = let realName = "Evie Litherland-Smith"; in { proton = let + address = "e.litherlandsmith@proton.me"; host = "127.0.0.1"; tls.enable = false; - in rec { - inherit realName; + in { + inherit realName address; primary = true; maildir.path = "Proton"; imap = { @@ -24,10 +35,9 @@ inherit host tls; port = 1025; }; - address = "e.litherlandsmith@proton.me"; aliases = ["evie@xenia.me.uk" "evie@litherlandsmith.slmail.me"]; userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/proton | head -n1"; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; mu.enable = true; msmtp = { enable = true; @@ -46,15 +56,16 @@ extraConfig.account.AuthMechs = "LOGIN"; }; }; - icloud = rec { - inherit realName; + icloud = let + address = "e.litherlandsmith@icloud.com"; + in { + inherit realName address; primary = false; maildir.path = "iCloud"; imap.host = "imap.mail.me.com"; smtp.host = "smtp.mail.me.com"; - address = "e.litherlandsmith@icloud.com"; userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/icloud | head -n1"; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; mu.enable = true; msmtp.enable = true; mbsync = { @@ -66,6 +77,50 @@ subFolders = "Verbatim"; }; }; + outlook = let + address = "evie.litherland-smith@ukaea.uk"; + host = "127.0.0.1"; + tls.enable = false; + in { + inherit realName address; + primary = false; + maildir.path = "Outlook"; + imap = { + inherit host tls; + port = 1144; + }; + smtp = { + inherit host tls; + port = 1026; + }; + aliases = ["elitherl@jet.uk"]; + userName = address; + passwordCommand = "${pkgs.libsecret}/bin/secret-tool lookup email ${address}"; + mu.enable = true; + msmtp = { + enable = true; + extraConfig = { + tls = "off"; + auth = "login"; + }; + }; + mbsync = { + enable = true; + create = "both"; + expunge = "both"; + remove = "both"; + patterns = [ + "*" + "!Conversation History" + "!Snoozed" + "!Social Activity Notifications" + "!Sync Issues*" + "!Unsent Messages" + ]; + subFolders = "Verbatim"; + extraConfig.account.AuthMechs = "LOGIN"; + }; + }; }; }; programs = { @@ -76,7 +131,24 @@ groups.inboxes = { proton = ["INBOX"]; icloud = ["INBOX"]; + outlook = ["INBOX"]; }; }; }; + systemd.user.services.davmail = { + Unit = { + Description = "Davmail server"; + Wants = ["network-online.target"]; + After = ["network-online.target"]; + }; + Service = { + Environment = ["PATH=/run/current-system/sw/bin/:$PATH"]; + Restart = "always"; + ExecStartPre = with config.home; '' + /bin/sh -c "if [ ! -f ${homeDirectory}/.davmail.properties ]; then cp ${./davmail.properties} ${homeDirectory}/.davmail.properties; fi; chmod 644 ${homeDirectory}/.davmail.properties" + ''; + ExecStart = "${pkgs.davmail}/bin/davmail -notray ${config.home.homeDirectory}/.davmail.properties"; + }; + Install.WantedBy = ["default.target"]; + }; } diff --git a/home/services/email/mbsync-ensure-pass.sh b/home/services/email/mbsync-ensure-pass.sh new file mode 100644 index 00000000..71ac03f5 --- /dev/null +++ b/home/services/email/mbsync-ensure-pass.sh @@ -0,0 +1,15 @@ +EMAIL_ADDRESSES=( + e.litherlandsmith@proton.me + e.litherlandsmith@icloud.com + evie.litherland-smith@ukaea.uk +) +LABELS=("Proton" "iCloud" "Outlook") + +for i in "${!EMAIL_ADDRESSES[@]}"; do + ADDRESS="${EMAIL_ADDRESSES[$i]}" + LABEL="${LABELS[$i]}" + secret-tool lookup email "$ADDRESS" >/dev/null || ( + echo "Setup $LABEL" + secret-tool store --label="$LABEL mail mbsync" email "$ADDRESS" + ) +done diff --git a/home/services/email/work.nix b/home/services/email/work.nix deleted file mode 100644 index f7b0d307..00000000 --- a/home/services/email/work.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ - config, - pkgs, - hostname, - ... -}: { - imports = [./default.nix]; - home.packages = with pkgs; [ - (writeShellScriptBin "davmail-setup" '' - systemctl --user restart davmail # Ensure config file is present - systemctl --user stop davmail - ${davmail}/bin/davmail -n ~/.davmail.properties - systemctl --user restart davmail - '') - ]; - accounts.email.accounts.outlook = let - host = "127.0.0.1"; - tls.enable = false; - in rec { - inherit (config.accounts.email.accounts.proton) realName; - primary = false; - maildir.path = "Outlook"; - imap = { - inherit host tls; - port = 1144; - }; - smtp = { - inherit host tls; - port = 1026; - }; - address = "evie.litherland-smith@ukaea.uk"; - aliases = ["elitherl@jet.uk"]; - userName = address; - passwordCommand = "${pkgs.pass}/bin/pass show mbsync/${hostname}/outlook | head -n1"; - mu.enable = true; - msmtp = { - enable = true; - extraConfig = { - tls = "off"; - auth = "login"; - }; - }; - mbsync = { - enable = true; - create = "both"; - expunge = "both"; - remove = "both"; - patterns = [ - "*" - "!Conversation History" - "!Snoozed" - "!Social Activity Notifications" - "!Sync Issues*" - "!Unsent Messages" - ]; - subFolders = "Verbatim"; - extraConfig.account.AuthMechs = "LOGIN"; - }; - }; - programs.mbsync.groups.inboxes.outlook = ["INBOX"]; - systemd.user.services.davmail = { - Unit = { - Description = "Davmail server"; - Wants = ["network-online.target"]; - After = ["network-online.target"]; - }; - Service = { - Environment = ["PATH=/run/current-system/sw/bin/:$PATH"]; - Restart = "always"; - ExecStartPre = with config.home; '' - /bin/sh -c "if [ ! -f ${homeDirectory}/.davmail.properties ]; then cp ${./davmail.properties} ${homeDirectory}/.davmail.properties; fi; chmod 644 ${homeDirectory}/.davmail.properties" - ''; - ExecStart = "${pkgs.davmail}/bin/davmail -notray ${config.home.homeDirectory}/.davmail.properties"; - }; - Install.WantedBy = ["default.target"]; - }; -} diff --git a/home/services/password-store/default.nix b/home/services/password-store/default.nix index 0c340257..0eec40d8 100644 --- a/home/services/password-store/default.nix +++ b/home/services/password-store/default.nix @@ -18,9 +18,6 @@ PASSWORD_STORE_ENABLE_EXTENSIONS = "true"; }; }; - git.extraConfig.credential = { - helper = "${pkgs.pass-git-helper}/bin/pass-git-helper"; - }; }; services = { gpg-agent = rec { diff --git a/home/shell/git.nix b/home/shell/git.nix index 60f3b223..9a44ce07 100644 --- a/home/shell/git.nix +++ b/home/shell/git.nix @@ -1,10 +1,14 @@ { config, lib, + pkgs, ... }: { services.git-sync.enable = false; # Can't find pass for some reason... - programs.git = { + programs.git = let + package = pkgs.gitFull; + in { + inherit package; enable = true; userName = "Evie Litherland-Smith"; userEmail = lib.mkDefault "evie@xenia.me.uk"; @@ -30,6 +34,7 @@ pull.rebase = false; init.defaultBranch = "main"; merge.conflictstyle = "diff3"; + credential.helper = "${package}/bin/git-credential-libsecret"; diff = { colorMoved = "default"; gpg.textconv = "gpg --no-tty --decrypt"; diff --git a/system/desktop.nix b/system/desktop.nix index e7ee77a1..75f7d468 100644 --- a/system/desktop.nix +++ b/system/desktop.nix @@ -1,4 +1,5 @@ { + config, lib, pkgs, ... @@ -11,6 +12,7 @@ sessionVariables = { NIXOS_OZONE_WL = "1"; GRIM_DEFAULT_DIR = "$HOME/Pictures/Grim"; + QT_QPA_PLATFORM = lib.mkIf config.programs.sway.enable "wayland"; }; systemPackages = with pkgs; [ xdg-utils @@ -31,7 +33,17 @@ }; security = { polkit.enable = true; - pam.services.swaylock = {}; + pam = { + services.swaylock = {}; + loginLimits = [ + { + domain = "@users"; + item = "rtprio"; + type = "-"; + value = 1; + } + ]; + }; }; programs = { dconf.enable = true; @@ -41,7 +53,10 @@ file-roller.enable = true; thunar = { enable = true; - plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman]; + plugins = with pkgs.xfce; [ + thunar-archive-plugin + thunar-volman + ]; }; sway = { enable = true; @@ -59,8 +74,8 @@ gtk.iconCache.enable = true; qt = { enable = true; - platformTheme = "gnome"; style = "adwaita"; + platformTheme = "gnome"; }; services = { dbus.packages = with pkgs; [gcr];