Combine different pass scripts into single ensure-pass.sh

Use password-store where possible to populate secret store without
user interaction (currently only Proton still needs manual input)

Add spotify to secret store ready for spotifyd
This commit is contained in:
Evie Litherland-Smith 2024-10-16 07:52:52 +01:00
parent fca50d0d55
commit 987cfbacae
6 changed files with 56 additions and 35 deletions

View file

@ -1,8 +1,5 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = [
(pkgs.writeShellScriptBin "vdirsyncer-ensure-pass" (builtins.readFile ./vdirsyncer-ensure-pass.sh))
];
programs = { programs = {
vdirsyncer.enable = true; vdirsyncer.enable = true;
khal = { khal = {
@ -34,17 +31,23 @@
type = "filesystem"; type = "filesystem";
fileExt = ".ics"; fileExt = ".ics";
}; };
remote = { remote =
url = "https://${url}"; let
type = "caldav"; userName = "pixelifytica";
userName = "pixelifytica"; in
passwordCommand = [ {
"${pkgs.libsecret}/bin/secret-tool" inherit userName;
"lookup" url = "https://${url}";
"url" type = "caldav";
"${url}" passwordCommand = [
]; "${pkgs.libsecret}/bin/secret-tool"
}; "lookup"
"url"
"${url}"
"user"
"${userName}"
];
};
vdirsyncer = { vdirsyncer = {
inherit (config.programs.vdirsyncer) enable; inherit (config.programs.vdirsyncer) enable;
auth = "basic"; auth = "basic";

View file

@ -1,5 +0,0 @@
URL="dav.xenia.me.uk"
secret-tool lookup url "$URL" >/dev/null || (
echo "Setup calendar password"
secret-tool store --label="Personal calendar vdirsyncer" url "$URL"
)

View file

@ -1,7 +1,6 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = [ home.packages = [
(pkgs.writeShellScriptBin "mbsync-ensure-pass" (builtins.readFile ./mbsync-ensure-pass.sh))
(pkgs.writeShellScriptBin "davmail-setup" '' (pkgs.writeShellScriptBin "davmail-setup" ''
systemctl --user restart davmail # Ensure config file is present systemctl --user restart davmail # Ensure config file is present
systemctl --user stop davmail systemctl --user stop davmail

View file

@ -1,15 +0,0 @@
EMAIL_ADDRESSES=(
e.litherlandsmith@proton.me
e.litherlandsmith@icloud.com
evie.litherland-smith@ukaea.uk
)
LABELS=("Proton" "iCloud" "Outlook")
for i in "${!EMAIL_ADDRESSES[@]}"; do
ADDRESS="${EMAIL_ADDRESSES[$i]}"
LABEL="${LABELS[$i]}"
secret-tool lookup email "$ADDRESS" >/dev/null || (
echo "Setup $LABEL"
secret-tool store --label="$LABEL mail mbsync" email "$ADDRESS"
)
done

View file

@ -1,6 +1,7 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home.packages = [ home.packages = [
(pkgs.writeShellScriptBin "ensure-pass" (builtins.readFile ./shell/ensure-pass.sh))
(pkgs.writeShellScriptBin "esync" (builtins.readFile ./shell/esync.sh)) (pkgs.writeShellScriptBin "esync" (builtins.readFile ./shell/esync.sh))
(pkgs.writeShellScriptBin "clean-config" (builtins.readFile ./shell/clean-config.sh)) (pkgs.writeShellScriptBin "clean-config" (builtins.readFile ./shell/clean-config.sh))
(pkgs.writeShellScriptBin "rsync-local-config" (builtins.readFile ./shell/rsync-local-config.sh)) (pkgs.writeShellScriptBin "rsync-local-config" (builtins.readFile ./shell/rsync-local-config.sh))

View file

@ -0,0 +1,38 @@
# Email
ADDRESS="e.litherlandsmith@proton.me"
secret-tool lookup email "$ADDRESS" >/dev/null || (
echo "Insert pass from protonmail-bridge"
secret-tool store --label="Proton Mail mbsync" email "$ADDRESS"
)
ADDRESS="e.litherlandsmith@icloud.com"
secret-tool lookup email "$ADDRESS" >/dev/null || (
pass show identity/apple.com/mbsync |
head -n1 |
secret-tool store --label="iCloud mbsync" email "$ADDRESS"
)
ADDRESS="evie.litherland-smith@ukaea.uk"
secret-tool lookup email "$ADDRESS" >/dev/null || (
pass show work/microsoftonline.com |
head -n1 |
secret-tool store --label="Outlook mbsync" email "$ADDRESS"
)
# Calendar
URL="dav.xenia.me.uk"
USER="pixelifytica"
secret-tool lookup url "$URL" user "$USER" >/dev/null || (
pass show "server/xenia.me.uk/$URL" |
head -n1 |
secret-tool store --label="Personal calendar vdirsyncer" url "$URL" user "$USER"
)
# Spotify
URL="spotify.com"
USER="pixelifytica"
secret-tool lookup url "$URL" user "$USER" >/dev/null || (
pass show media/spotify.com |
head -n1 |
secret-tool store --label="Spotify" url "$URL" user "$USER"
)