Evie Litherland-Smith
ecc9fae75a
Motivated by the xz backdoor bug, switch NixOS system to track 23.11 instead of unstable, and will bump version numbers as they come along rather than do rolling release. Reverted a couple of changes that were introduced in recent nixpkgs versions, only major one was switching back to swaylock as hyprlock isn't in nixpkgs 23.11 Remove stylix and replace with lower-level base16.nix, partly because stylix was doing something strange pulling in extra flakes (and breaking on 23.11), partly because I was most of the way there anyway. Remove last references to stylix in config, mostly just changing stylix.colors to scheme (from base16) and defining fonts in specialArgs to be used in the same way as before. |
||
|---|---|---|
| home | ||
| hosts | ||
| schemes | ||
| services | ||
| specialisations | ||
| system | ||
| wallpapers | ||
| .gitignore | ||
| .stylua.toml | ||
| flake.lock | ||
| flake.nix | ||
| picrew.png | ||
| README.org | ||
README
Password store setup
Transfer GPG key(s)
# Export key on existing machine
gpg --export-secret-keys > key.gpg
# Import key on new machine
gpg --import key.gpg
# Edit (for each key) to set trust
gpg --edit-key ...Clone password-store repository
git clone https://git.xenia.me.uk/xenia/pass $PASSWORD_STORE_DIREmail setup
Proton
Bridge
Run bridge in CLI mode to login, wait for initial sync and get app password
nix run nixpkgs#protonmail-bridge -- -c
# Follow prompts to login and get password
Restart using hyprctl:
nix shell nixpkgs#protonmail-bridge -c hyprctl dispatch exec "protonmail-bridge -n"
Script protonmail-setup-bridge (provided with NixOS config) handles all of this
uidvalidity issue
Remove uid lines from .mbsyncrc (in each mail directory) and delete .uidvalidity, re-run mbsync to fix
Above might be duplicating mail, faster to just delete local maildirs and let them re-sync.
Password
Get password from protonmail-bridge, save to password-store:
pass insert mbsync/$(hostname)/proton
# Insert pass at promptiCloud
Password
If not already done, save password to password-store:
pass insert mbsync/$(hostname)/icloud
# Insert pass at promptThis will be synced across devices so only needs doing once
Outlook
Password
If not already done, save password to password-store:
pass insert mbsync/$(hostname)/outlook
# Insert pass at promptThis will be synced across devices so only needs doing once
Configuration
On first run (or if token expires), stop systemd service and run manually to complete manual auth. Token will stay valid for a little while (no idea how long specifically).
# Restart service to ensure ~/.davmail.properties exists
systemctl --user restart davmail.service
# Run to use manual authentication
systemctl --user stop davmail.service && davmail -notray ~/.davmail.properties
# Restart again so that service picks up available ports
systemctl --user restart davmail.service