Evie Litherland-Smith
94c6d717b0
Add gnome-keyring as libsecret backend, swap git-credential-helper and mbsync to using libsecret/secret-tool. Add helper script to check for and request mbsync passwords if missing. Add GNOME Seahorse for viewing passwords graphically. Remove email/work.nix and merge back into default.nix Don't auto start protonmail-bridge, use the GUI instead so it doesn't need to unlock all my keychains immediately Move 3D modelling software to Vanguard only, instead of all personal devices. Move waybar back to top of screen and adjust all corner radii to 5px from 10px Re-enable swayfx blur_ignore_transparent now that it's added to nixpkgs, re-enable shadows
63 lines
2 KiB
Org Mode
63 lines
2 KiB
Org Mode
#+title: README
|
|
#+author: Evie Litherland-Smith
|
|
#+email: evie@xenia.me.uk
|
|
My personal NixOS + home-manager configuration files.
|
|
|
|
To set up without cloning the repository (assuming an already running
|
|
NixOS system), run:
|
|
#+begin_src bash
|
|
sudo nixos-rebuild switch --flake "git+https://git.xenia.me.uk/pixelifytica/nixos.git?ref=main"\#$(hostname)
|
|
#+end_src
|
|
|
|
* Password store setup
|
|
** Transfer GPG key(s)
|
|
#+begin_src bash
|
|
# Export keys on existing machine
|
|
gpg -a --export > publickeys.asc
|
|
gpg -a --export-secret-keys > privatekeys.asc
|
|
# Import key on new machine
|
|
gpg --import privatekeys.asc; gpg --import publickeys.asc
|
|
# Edit (for each key) to set trust
|
|
gpg --edit-key evie@xenia.me.uk
|
|
#+end_src
|
|
** Clone password-store repository
|
|
#+begin_src bash
|
|
git clone https://git.xenia.me.uk/pixelifytica/pass $PASSWORD_STORE_DIR
|
|
#+end_src
|
|
|
|
* Email setup
|
|
** Passwords for mbsync
|
|
Run src_bash{mbsync-ensure-pass} to check for passwords required by
|
|
~mbsync~, and query for missing passwords.
|
|
|
|
Static app-specific passwords are stored in ~password-store~, fetch from
|
|
there to add to secret service.
|
|
** Proton
|
|
*** Bridge
|
|
Start Proton Mail Bridge application, if needed configure to store
|
|
using =SecretService= and log in. Application will auto-start with
|
|
desktop session.
|
|
|
|
Use password from Bridge for ~mbsync~.
|
|
** Outlook
|
|
*** Davmail
|
|
Run src_bash{davmail-setup} to automate this process.
|
|
|
|
On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically).
|
|
#+begin_src bash
|
|
# Restart service to ensure ~/.davmail.properties exists
|
|
systemctl --user restart davmail.service
|
|
# Run to use manual authentication
|
|
systemctl --user stop davmail.service && davmail -notray ~/.davmail.properties
|
|
# Restart again so that service picks up available ports
|
|
systemctl --user restart davmail.service
|
|
#+end_src
|
|
|
|
* Flathub setup
|
|
#+begin_src bash
|
|
flatpak remote-add --if-not-exists flathub https://dl.flathub.org/repo/flathub.flatpakrepo
|
|
#+end_src
|
|
|
|
* Further reading:
|
|
- https://nixos.org/
|