about summary refs log tree commit diff
path: root/home
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2023-02-21 16:10:58 +0900
committersefidel <contact@sefidel.net>2023-02-21 16:10:58 +0900
commit4f3edea6903f3e9ca46176c06305147e71e12125 (patch)
tree0d1379aa40174499fb08320663f7221aa143f2f4 /home
parenta92c4a2c9021b24f3959b57d25fb4a814991d120 (diff)
downloadnixrc-4f3edea6903f3e9ca46176c06305147e71e12125.tar.gz
nixrc-4f3edea6903f3e9ca46176c06305147e71e12125.zip
feat: use passage for IMAP authentication
Diffstat (limited to 'home')
-rw-r--r--home/profiles/communication/default.nix6
-rw-r--r--home/secrets/secrets.yaml30
2 files changed, 2 insertions, 34 deletions
diff --git a/home/profiles/communication/default.nix b/home/profiles/communication/default.nix
index 86028e8..643b511 100644
--- a/home/profiles/communication/default.nix
+++ b/home/profiles/communication/default.nix
@@ -24,9 +24,6 @@ in
 
   config = lib.mkIf cfg.enable (lib.mkMerge [
     (lib.mkIf pkgs.stdenv.isLinux { # TODO: is this needed?
-
-      sops.secrets.sef-imap-password = { };
-
       accounts.email = {
         maildirBasePath = "${config.home.homeDirectory}/mail";
 
@@ -76,7 +73,7 @@ in
           primary = true;
           realName = "***REMOVED***";
           userName = poorObfuscation "sefidel.com" "contact";
-          passwordCommand = "${pkgs.coreutils}/bin/cat ${builtins.replaceStrings ["%r"] ["$XDG_RUNTIME_DIR"] config.sops.secrets.sef-imap-password.path}";
+          passwordCommand = "${pkgs.passage}/bin/passage show email/sef";
         };
       };
 
@@ -271,6 +268,7 @@ in
           Type = "oneshot";
           ExecStart = "${mbsyncCmd} --all";
           RemainAfterExit = true;
+          TimeoutStartSec = "5min";
         };
         Install.WantedBy = [ "default.target" ];
       };
diff --git a/home/secrets/secrets.yaml b/home/secrets/secrets.yaml
deleted file mode 100644
index 1bbc448..0000000
--- a/home/secrets/secrets.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-sef-imap-password: ENC[AES256_GCM,data:vg8Kw8xH4PzKrxyCIZCeHRB2wejTE6SmpKtfNh8y,iv:wmsmo24SqiC6JmqELWbmKcaGEwyv8Nt4vvBzBECRhBY=,tag:FuJPRwsIyCe7O0YhuIx6iw==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age:
-        - recipient: age1jt8xg0lvzj5q4f7fn7nw670qsszm3kv3caa654eh62azra4x44zss4fad8
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBMQS9RVGpISUl0R3FSdDBJ
-            M2F3bkxoeHdEajhrWmZ1Ry9pKzZxazBhWWhJCitaWjgzS2YwaDgxbWdKdi85R0lW
-            NGwyYkVCQWZPK085U0o3eDd1YzgwSTgKLS0tIDZ4dTFOMDd1RHBHckMyVWo3NEtD
-            SzIyM3htUk5xTFFvajFPcDYvWkk4RjgKylMbCjn/2a2Lm5cVmN+g90AYh+kI0f41
-            1b6ciAFu8wxrdCC16KBu2iDoelZGSb8079vg3cd43Dt7iU52YOlFcA==
-            -----END AGE ENCRYPTED FILE-----
-        - recipient: age1k585l9d34j77htwmzk79ms0wcfyltz5d3v87pnjkvrzru85vke4q2q0qjd
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOVTJjejBJQjRRYXRNRXAr
-            dytJaEptVlhaQnRrTTRSVURSZE9LeThqSmpNCnlnYjluQklrTStCMnhxelFRRjls
-            YmZZNGNEQ3o0aFVhVy9yMlNrbkFBSFUKLS0tIDZNdm13OEo0dUEwNHk2ejZNbllR
-            ZElsRFZxR2tTYThlaEhzaUwyeUd3Uk0KIFLcgMUd76GHPC6+s2FRO1zvw9HrhMTX
-            PRKy++u+asJD+4g+BmxBn8rDhw8gdjLNLH3Yao4jNbDdASfuiapCqA==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-02-20T07:25:27Z"
-    mac: ENC[AES256_GCM,data:bS0br931UnBDAXHIpscyYpL0P7uigh32A3fZYuSU0VMTt135/bI/Fcx2+h2QjIxvyv7ZunThFZcFd8db5DqidZ0qUBrcQ9mhJXdyI/MHNLsL4Pqa3AYDSXn3aUyVA9NpoBm9kd6ckO3rE4wRs21yjjpUWKaE/WwP0G6dlBUi85o=,iv:tiWNbFZQ6SyIF+mfnd+sg32SL13l2pYytjO5i5wQsGY=,tag:7fpU+z41/ge3JIoTLFN5zQ==,type:str]
-    pgp: []
-    unencrypted_suffix: _unencrypted
-    version: 3.7.3