about summary refs log tree commit diff
path: root/home/profiles/communication/default.nix
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2023-03-09 20:48:14 +0900
committersefidel <contact@sefidel.net>2023-03-09 20:48:14 +0900
commit5cd528f7e109bb1bca84efc2a1ec44f067516aeb (patch)
tree6bfa15f8c9072a797ba964136ea55d5a788833fb /home/profiles/communication/default.nix
parentfed1f04b1ee97aa44855bce2f15c42563d5775cc (diff)
downloadnixrc-5cd528f7e109bb1bca84efc2a1ec44f067516aeb.tar.gz
nixrc-5cd528f7e109bb1bca84efc2a1ec44f067516aeb.zip
feat(home/communication): use sops for email secret
Diffstat (limited to 'home/profiles/communication/default.nix')
-rw-r--r--home/profiles/communication/default.nix14
1 files changed, 7 insertions, 7 deletions
diff --git a/home/profiles/communication/default.nix b/home/profiles/communication/default.nix
index 03f1f3c..1e65cc3 100644
--- a/home/profiles/communication/default.nix
+++ b/home/profiles/communication/default.nix
@@ -13,6 +13,8 @@ let
       action = lib.last x';
     });
   mbsyncCmd = if pkgs.stdenv.isLinux then "${config.programs.mbsync.package}/bin/mbsync" else "";
+  # https://github.com/Mic92/sops-nix/issues/284
+  fixSopsPrefix = x: y: builtins.replaceStrings ["%r"] ["/run/user/${toString x}"] y;
 in
 {
   imports = [ ../../modules/programs/nixpkgs ];
@@ -23,8 +25,10 @@ in
   };
 
   config = lib.mkIf cfg.enable (lib.mkMerge [
+    # TODO: is this needed?
     (lib.mkIf pkgs.stdenv.isLinux {
-      # TODO: is this needed?
+      sops.secrets.sef-email-password = { };
+
       accounts.email = {
         maildirBasePath = "${config.home.homeDirectory}/mail";
 
@@ -71,7 +75,7 @@ in
           primary = true;
           realName = "***REMOVED***";
           userName = poorObfuscation "sefidel.com" "contact";
-          passwordCommand = "${pkgs.passage}/bin/passage show email/sef";
+          passwordCommand = "${pkgs.coreutils}/bin/cat ${fixSopsPrefix 1000 config.sops.secrets.sef-email-password.path}";
         };
       };
 
@@ -265,13 +269,9 @@ in
         Service = {
           Type = "oneshot";
           ExecStart = "${mbsyncCmd} -Va";
+          After = [ "sops-nix.service" ];
           RemainAfterExit = true;
           TimeoutStartSec = "5min";
-          Environment = "PATH=${lib.makeBinPath [
-            # passage dependencies
-            pkgs.util-linux
-            pkgs.coreutils
-          ]}";
         };
         Install.WantedBy = [ "default.target" ];
       };