parent
93d18a00d9
commit
606c9d9d1b
@ -0,0 +1,2 @@ |
|||||||
|
result |
||||||
|
ext/* |
@ -0,0 +1,8 @@ |
|||||||
|
{ config, pkgs, ... }: |
||||||
|
|
||||||
|
{ |
||||||
|
home.packages = with pkgs; |
||||||
|
[ |
||||||
|
msmtp neomutt notmuch thunderbird |
||||||
|
]; |
||||||
|
} |
@ -0,0 +1,35 @@ |
|||||||
|
{ pkgs, config, ... } @ args: |
||||||
|
|
||||||
|
let cfg = config.libkookie.workstation.mail; |
||||||
|
in |
||||||
|
{ |
||||||
|
# Might want to run mbsync manually |
||||||
|
environment.systemPackages = with pkgs; [ isync ]; |
||||||
|
|
||||||
|
# Setup user to fetch mail |
||||||
|
users.users.mail-user = { |
||||||
|
createHome = true; |
||||||
|
inherit (cfg.access) group; |
||||||
|
home = "/var/lib/mail"; |
||||||
|
}; |
||||||
|
|
||||||
|
systemd.services.isync = (import ./isync.nix) args; |
||||||
|
|
||||||
|
systemd.timers.isync = { |
||||||
|
timerConfig.Unit = "isync.service"; |
||||||
|
timerConfig.OnCalendar = "*:0/5"; |
||||||
|
timerConfig.Persistent = "true"; |
||||||
|
after = [ "network-online.target" ]; |
||||||
|
wantedBy = [ "timers.target" ]; |
||||||
|
}; |
||||||
|
|
||||||
|
# FIXME: this doesn't work and has never worked |
||||||
|
# This sudoers rule allows anyone in the wheel group to run this |
||||||
|
# particular command without a password. Make sure that 'startISync' |
||||||
|
# is present in a path (environment.systemPackages above)! |
||||||
|
# security.sudo.extraRules = [ |
||||||
|
# { commands = [ { command = "${startISync}/bin/start-isync"; |
||||||
|
# options = [ "NOPASSWD" ]; } ]; |
||||||
|
# groups = [ "wheel" ]; } |
||||||
|
# ]; |
||||||
|
} |
@ -0,0 +1,32 @@ |
|||||||
|
{ config, pkgs, ... }: |
||||||
|
|
||||||
|
let cfg = config.libkookie.workstation.mail; |
||||||
|
in |
||||||
|
with pkgs; |
||||||
|
{ |
||||||
|
serviceConfig.Type = "oneshot"; |
||||||
|
|
||||||
|
script = let |
||||||
|
cfgPath = (cfg.configPath + "/mbsyncrc.nix"); |
||||||
|
mbsyncBody = (import cfgPath cfg.mailArchive); |
||||||
|
mbsyncrc = (writeText "mbsyncrc" mbsyncBody); |
||||||
|
in |
||||||
|
'' |
||||||
|
${sudo}/bin/sudo -u mail-user ${isync}/bin/mbsync -a -V -c ${mbsyncrc} |
||||||
|
''; |
||||||
|
|
||||||
|
# This script loops through the mail archive and changes file |
||||||
|
# permissions and ownership to allow the main user to access them. |
||||||
|
# It then also runs `notmuch new` to update applications. |
||||||
|
# |
||||||
|
# Yes this script could use a single `find` invocation, but |
||||||
|
# personally I've found that to be unclear, and this script running |
||||||
|
# in the background means that speed is not of much concearn. |
||||||
|
postStart = '' |
||||||
|
${findutils}/bin/find ${cfg.mailArchive} ! -name .mbsyncstate* | xargs chgrp ${cfg.access.group} |
||||||
|
${findutils}/bin/find ${cfg.mailArchive} -type f | xargs chmod 660 |
||||||
|
${findutils}/bin/find ${cfg.mailArchive} -type d | xargs chmod 770 |
||||||
|
|
||||||
|
${sudo}/bin/sudo -u ${cfg.access.user} ${notmuch}/bin/notmuch new |
||||||
|
''; |
||||||
|
} |
@ -0,0 +1,41 @@ |
|||||||
|
{ config, lib, pkgs, home-manager, ... } @ args: |
||||||
|
|
||||||
|
let cfg = config.libkookie.workstation.mail; |
||||||
|
in |
||||||
|
with lib; |
||||||
|
{ |
||||||
|
options.libkookie.workstation.mail = { |
||||||
|
enable = mkEnableOption "libkookie mail system handling"; |
||||||
|
|
||||||
|
configPath = mkOption { |
||||||
|
type = types.path; |
||||||
|
description = '' |
||||||
|
Set of configuration to configure sieve rules, and mail settings |
||||||
|
|
||||||
|
These are not contained in this repository to avoid having to |
||||||
|
make them public. |
||||||
|
''; |
||||||
|
}; |
||||||
|
|
||||||
|
authPath = mkOption { |
||||||
|
type = types.str; |
||||||
|
default = "/var/lib/mail/"; |
||||||
|
description = '' |
||||||
|
Path to the authentication secret. This is not an actual path, |
||||||
|
to avoid it being copied to the nix store for any user to read. |
||||||
|
''; |
||||||
|
}; |
||||||
|
|
||||||
|
mailArchive = mkOption { |
||||||
|
type = types.str; |
||||||
|
description = "Path to the mail archive to sync into"; |
||||||
|
}; |
||||||
|
|
||||||
|
access = mkOption { |
||||||
|
type = types.attrs; |
||||||
|
description = "User and group to give the mail user for permissions"; |
||||||
|
}; |
||||||
|
}; |
||||||
|
|
||||||
|
config = mkIf cfg.enable (import ./core args); |
||||||
|
} |
Loading…
Reference in new issue