From 5cd528f7e109bb1bca84efc2a1ec44f067516aeb Mon Sep 17 00:00:00 2001 From: sefidel Date: Thu, 9 Mar 2023 20:48:14 +0900 Subject: feat(home/communication): use sops for email secret --- home/profiles/communication/default.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'home/profiles/communication') diff --git a/home/profiles/communication/default.nix b/home/profiles/communication/default.nix index 03f1f3c..1e65cc3 100644 --- a/home/profiles/communication/default.nix +++ b/home/profiles/communication/default.nix @@ -13,6 +13,8 @@ let action = lib.last x'; }); mbsyncCmd = if pkgs.stdenv.isLinux then "${config.programs.mbsync.package}/bin/mbsync" else ""; + # https://github.com/Mic92/sops-nix/issues/284 + fixSopsPrefix = x: y: builtins.replaceStrings ["%r"] ["/run/user/${toString x}"] y; in { imports = [ ../../modules/programs/nixpkgs ]; @@ -23,8 +25,10 @@ in }; config = lib.mkIf cfg.enable (lib.mkMerge [ + # TODO: is this needed? (lib.mkIf pkgs.stdenv.isLinux { - # TODO: is this needed? + sops.secrets.sef-email-password = { }; + accounts.email = { maildirBasePath = "${config.home.homeDirectory}/mail"; @@ -71,7 +75,7 @@ in primary = true; realName = "***REMOVED***"; userName = poorObfuscation "sefidel.com" "contact"; - passwordCommand = "${pkgs.passage}/bin/passage show email/sef"; + passwordCommand = "${pkgs.coreutils}/bin/cat ${fixSopsPrefix 1000 config.sops.secrets.sef-email-password.path}"; }; }; @@ -265,13 +269,9 @@ in Service = { Type = "oneshot"; ExecStart = "${mbsyncCmd} -Va"; + After = [ "sops-nix.service" ]; RemainAfterExit = true; TimeoutStartSec = "5min"; - Environment = "PATH=${lib.makeBinPath [ - # passage dependencies - pkgs.util-linux - pkgs.coreutils - ]}"; }; Install.WantedBy = [ "default.target" ]; }; -- cgit 1.4.1