From 723ce403b206d170841d7daf215ecd7ddb42c729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leon=20Schwarz=C3=A4ugl?= Date: Tue, 21 Oct 2025 20:37:51 +0200 Subject: [PATCH] feat[work]: use s/mime certificates for mail --- SwarselSystems.org | 1213 ++++++++++++----------- files/emacs/init.el | 22 + hosts/nixos/pyramid/secrets/pii.nix.enc | 6 +- modules/home/common/env.nix | 2 +- modules/home/optional/work.nix | 8 +- secrets/repo/pii.nix.enc | 6 +- 6 files changed, 658 insertions(+), 599 deletions(-) diff --git a/SwarselSystems.org b/SwarselSystems.org index bfe56d3..2d99cea 100644 --- a/SwarselSystems.org +++ b/SwarselSystems.org @@ -11715,7 +11715,7 @@ Sets environment variables. Here I am only setting the EDITOR variable, most var SWARSEL_CAL3 = source3; SWARSEL_CAL3NAME = source3-name; SWARSEL_FULLNAME = fullName; - SWARSEL_MAIL_ALL = allMailAddresses; + SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses; GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path; OPENROUTER_API_KEY = openrouterApi; }; @@ -15218,633 +15218,637 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]] #+begin_src nix-ts :tangle modules/home/optional/work.nix :noweb yes { self, config, pkgs, lib, vars, nixosConfig ? config, ... }: - let - inherit (config.swarselsystems) homeDir; - in + let + inherit (config.swarselsystems) homeDir; + inherit (nixosConfig.repo.secrets.local.mail) allMailAddresses; + inherit (nixosConfig.repo.secrets.local.work) mailAddress; + in + { + options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; + config = lib.mkIf config.swarselmodules.optional.work { - options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; - config = lib.mkIf config.swarselmodules.optional.work + home.packages = with pkgs; [ + stable.teams-for-linux + shellcheck + dig + docker + postman + # rclone + libguestfs-with-appliance + stable.prometheus.cli + tigervnc + # openstackclient + + vscode + ]; + + systemd.user.sessionVariables = { + DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; + } // lib.optionalAttrs (!config.swarselsystems.isPublic) { + SWARSEL_MAIL_ALL = lib.mkForce allMailAddresses; + SWARSEL_MAIL_WORK = lib.mkForce mailAddress; + }; + + accounts.email.accounts.work = + let + inherit (nixosConfig.repo.secrets.local.work) mailName; + in { - home.packages = with pkgs; [ - stable.teams-for-linux - shellcheck - dig - docker - postman - # rclone - libguestfs-with-appliance - stable.prometheus.cli - tigervnc - # openstackclient + primary = false; + address = mailAddress; + userName = mailAddress; + realName = mailName; + passwordCommand = "pizauth show work"; + imap = { + host = "outlook.office365.com"; + port = 993; + tls.enable = true; # SSL/TLS + }; + smtp = { + host = "outlook.office365.com"; + port = 587; + tls = { + enable = true; # SSL/TLS + useStartTls = true; + }; + }; + thunderbird = { + enable = true; + profiles = [ "default" ]; + settings = id: { + "mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth + "mail.server.server_${id}.authMethod" = 10; # oauth + # "toolkit.telemetry.enabled" = false; + # "toolkit.telemetry.rejected" = true; + # "toolkit.telemetry.prompted" = 2; + }; + }; + msmtp = { + enable = true; + extraConfig = { + auth = "xoauth2"; + host = "outlook.office365.com"; + protocol = "smtp"; + port = "587"; + tls = "on"; + tls_starttls = "on"; + from = "${mailAddress}"; + user = "${mailAddress}"; + passwordeval = "pizauth show work"; + }; + }; + mu.enable = true; + mbsync = { + enable = true; + expunge = "both"; + patterns = [ "INBOX" ]; + extraConfig = { + account = { + AuthMechs = "XOAUTH2"; + }; + }; + }; + }; - vscode + # wayland.windowManager.sway.config = { + # output = { + # "Applied Creative Technology Transmitter QUATTRO201811" = { + # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; + # }; + # "Hewlett Packard HP Z24i CN44250RDT" = { + # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; + # }; + # "HP Inc. HP 732pk CNC4080YL5" = { + # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; + # }; + # }; + # }; + + stylix = { + targets.firefox.profileNames = + let + inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; + in + [ + "${user1}" + "${user2}" + "${user3}" + "work" ]; + }; - - systemd.user.sessionVariables = { - DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; + programs = + let + inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail clouds; + in + { + openstackclient = { + enable = true; + inherit clouds; }; + awscli = { + enable = true; + package = pkgs.stable24_05.awscli2; + # settings = { + # "default" = { }; + # "profile s3-imagebuilder-prod" = { }; + # }; + # credentials = { + # "s3-imagebuilder-prod" = { + # aws_access_key_id = "5OYXY4879EJG9I91K1B6"; + # credential_process = "${pkgs.pass}/bin/pass show work/awscli/s3-imagebuilder-prod/secret-key"; + # }; + # }; + }; + git.userEmail = lib.mkForce gitMail; - accounts.email.accounts.work = - let - inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName; - in - { - primary = false; - address = mailAddress; - userName = mailAddress; - realName = mailName; - passwordCommand = "pizauth show work"; - imap = { - host = "outlook.office365.com"; - port = 993; - tls.enable = true; # SSL/TLS - }; - smtp = { - host = "outlook.office365.com"; - port = 587; - tls = { - enable = true; # SSL/TLS - useStartTls = true; - }; - }; - thunderbird = { - enable = true; - profiles = [ "default" ]; - settings = id: { - "mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth - "mail.server.server_${id}.authMethod" = 10; # oauth - # "toolkit.telemetry.enabled" = false; - # "toolkit.telemetry.rejected" = true; - # "toolkit.telemetry.prompted" = 2; - }; - }; - msmtp = { - enable = true; - extraConfig = { - auth = "xoauth2"; - host = "outlook.office365.com"; - protocol = "smtp"; - port = "587"; - tls = "on"; - tls_starttls = "on"; - from = "${mailAddress}"; - user = "${mailAddress}"; - passwordeval = "pizauth show work"; - }; - }; - mu.enable = true; - mbsync = { - enable = true; - expunge = "both"; - patterns = [ "INBOX" ]; - extraConfig = { - account = { - AuthMechs = "XOAUTH2"; - }; - }; - }; + zsh = { + shellAliases = { + dssh = "ssh -l ${user1Long}"; + cssh = "ssh -l ${user2Long}"; + wssh = "ssh -l ${user3Long}"; + }; + cdpath = [ + "~/Documents/Work" + ]; + dirHashes = { + d = "$HOME/.dotfiles"; + w = "$HOME/Documents/Work"; + s = "$HOME/.dotfiles/secrets"; + pr = "$HOME/Documents/Private"; + ac = path1; }; - # wayland.windowManager.sway.config = { - # output = { - # "Applied Creative Technology Transmitter QUATTRO201811" = { - # bg = "${self}/files/wallpaper/navidrome.png ${config.stylix.imageScalingMode}"; - # }; - # "Hewlett Packard HP Z24i CN44250RDT" = { - # bg = "${self}/files/wallpaper/op6wp.png ${config.stylix.imageScalingMode}"; - # }; - # "HP Inc. HP 732pk CNC4080YL5" = { - # bg = "${self}/files/wallpaper/botanicswp.png ${config.stylix.imageScalingMode}"; - # }; - # }; - # }; + sessionVariables = { + VSPHERE_USER = "$(cat ${nixosConfig.sops.secrets.vcuser.path})"; + VSPHERE_PW = "$(cat ${nixosConfig.sops.secrets.vcpw.path})"; + GOVC_USERNAME = "$(cat ${nixosConfig.sops.secrets.govcuser.path})"; + GOVC_PASSWORD = "$(cat ${nixosConfig.sops.secrets.govcpw.path})"; + GOVC_URL = "$(cat ${nixosConfig.sops.secrets.govcurl.path})"; + GOVC_DATACENTER = "$(cat ${nixosConfig.sops.secrets.govcdc.path})"; + GOVC_DATASTORE = "$(cat ${nixosConfig.sops.secrets.govcds.path})"; + GOVC_HOST = "$(cat ${nixosConfig.sops.secrets.govchost.path})"; + GOVC_RESOURCE_POOL = "$(cat ${nixosConfig.sops.secrets.govcpool.path})"; + GOVC_NETWORK = "$(cat ${nixosConfig.sops.secrets.govcnetwork.path})"; + }; + }; - stylix = { - targets.firefox.profileNames = + ssh = { + matchBlocks = { + "${loc1}" = { + hostname = "${loc1}.${domain2}"; + user = user4; + }; + "${loc1}.stg" = { + hostname = "${loc1}.${lifecycle1}.${domain2}"; + user = user4; + }; + "${loc1}.staging" = { + hostname = "${loc1}.${lifecycle1}.${domain2}"; + user = user4; + }; + "${loc1}.dev" = { + hostname = "${loc1}.${lifecycle2}.${domain2}"; + user = user4; + }; + "${loc2}" = { + hostname = "${loc2}.${domain1}"; + user = user1Long; + }; + "${loc2}.stg" = { + hostname = "${loc2}.${lifecycle1}.${domain2}"; + user = user1Long; + }; + "${loc2}.staging" = { + hostname = "${loc2}.${lifecycle1}.${domain2}"; + user = user1Long; + }; + "*.${domain1}" = { + user = user1Long; + }; + }; + }; + + firefox = { + profiles = let - inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; + isDefault = false; in - [ - "${user1}" - "${user2}" - "${user3}" - "work" - ]; + { + "${user1}" = lib.recursiveUpdate + { + inherit isDefault; + id = 1; + settings = { + "browser.startup.homepage" = "${site1}|${site2}"; + }; + } + vars.firefox; + "${user2}" = lib.recursiveUpdate + { + inherit isDefault; + id = 2; + settings = { + "browser.startup.homepage" = "${site3}"; + }; + } + vars.firefox; + "${user3}" = lib.recursiveUpdate + { + inherit isDefault; + id = 3; + } + vars.firefox; + work = lib.recursiveUpdate + { + inherit isDefault; + id = 4; + settings = { + "browser.startup.homepage" = "${site4}|${site5}|${site6}|${site7}"; + }; + } + vars.firefox; + }; }; - programs = - let - inherit (nixosConfig.repo.secrets.local.work) user1 user1Long user2 user2Long user3 user3Long user4 path1 loc1 loc2 site1 site2 site3 site4 site5 site6 site7 lifecycle1 lifecycle2 domain1 domain2 gitMail clouds; - in + chromium = { + enable = true; + package = pkgs.chromium; + + extensions = [ + # 1password + "gejiddohjgogedgjnonbofjigllpkmbf" + # dark reader + "eimadpbcbfnmbkopoojfekhnkhdbieeh" + # ublock origin + "cjpalhdlnbpafiamejdnhcphjbkeiagm" + # i still dont care about cookies + "edibdbjcniadpccecjdfdjjppcpchdlm" + # browserpass + "naepdomgkenhinolocfifgehidddafch" + ]; + }; + }; + + services = { + kanshi = { + settings = [ { - openstackclient = { - enable = true; - inherit clouds; - }; - awscli = { - enable = true; - package = pkgs.stable24_05.awscli2; - # settings = { - # "default" = { }; - # "profile s3-imagebuilder-prod" = { }; - # }; - # credentials = { - # "s3-imagebuilder-prod" = { - # aws_access_key_id = "5OYXY4879EJG9I91K1B6"; - # credential_process = "${pkgs.pass}/bin/pass show work/awscli/s3-imagebuilder-prod/secret-key"; - # }; - # }; + # seminary room + output = { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; }; - git.userEmail = lib.mkForce gitMail; - - zsh = { - shellAliases = { - dssh = "ssh -l ${user1Long}"; - cssh = "ssh -l ${user2Long}"; - wssh = "ssh -l ${user3Long}"; - }; - cdpath = [ - "~/Documents/Work" + } + { + # work main screen + output = { + criteria = "HP Inc. HP 732pk CNC4080YL5"; + scale = 1.0; + mode = "3840x2160"; + }; + } + { + # work side screen + output = { + criteria = "Hewlett Packard HP Z24i CN44250RDT"; + scale = 1.0; + mode = "1920x1200"; + transform = "270"; + }; + } + { + profile = { + name = "lidopen"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" ]; - dirHashes = { - d = "$HOME/.dotfiles"; - w = "$HOME/Documents/Work"; - s = "$HOME/.dotfiles/secrets"; - pr = "$HOME/Documents/Private"; - ac = path1; - }; - - sessionVariables = { - VSPHERE_USER = "$(cat ${nixosConfig.sops.secrets.vcuser.path})"; - VSPHERE_PW = "$(cat ${nixosConfig.sops.secrets.vcpw.path})"; - GOVC_USERNAME = "$(cat ${nixosConfig.sops.secrets.govcuser.path})"; - GOVC_PASSWORD = "$(cat ${nixosConfig.sops.secrets.govcpw.path})"; - GOVC_URL = "$(cat ${nixosConfig.sops.secrets.govcurl.path})"; - GOVC_DATACENTER = "$(cat ${nixosConfig.sops.secrets.govcdc.path})"; - GOVC_DATASTORE = "$(cat ${nixosConfig.sops.secrets.govcds.path})"; - GOVC_HOST = "$(cat ${nixosConfig.sops.secrets.govchost.path})"; - GOVC_RESOURCE_POOL = "$(cat ${nixosConfig.sops.secrets.govcpool.path})"; - GOVC_NETWORK = "$(cat ${nixosConfig.sops.secrets.govcnetwork.path})"; - }; - }; - - ssh = { - matchBlocks = { - "${loc1}" = { - hostname = "${loc1}.${domain2}"; - user = user4; - }; - "${loc1}.stg" = { - hostname = "${loc1}.${lifecycle1}.${domain2}"; - user = user4; - }; - "${loc1}.staging" = { - hostname = "${loc1}.${lifecycle1}.${domain2}"; - user = user4; - }; - "${loc1}.dev" = { - hostname = "${loc1}.${lifecycle2}.${domain2}"; - user = user4; - }; - "${loc2}" = { - hostname = "${loc2}.${domain1}"; - user = user1Long; - }; - "${loc2}.stg" = { - hostname = "${loc2}.${lifecycle1}.${domain2}"; - user = user1Long; - }; - "${loc2}.staging" = { - hostname = "${loc2}.${lifecycle1}.${domain2}"; - user = user1Long; - }; - "*.${domain1}" = { - user = user1Long; - }; - }; - }; - - firefox = { - profiles = - let - isDefault = false; - in + outputs = [ { - "${user1}" = lib.recursiveUpdate - { - inherit isDefault; - id = 1; - settings = { - "browser.startup.homepage" = "${site1}|${site2}"; - }; - } - vars.firefox; - "${user2}" = lib.recursiveUpdate - { - inherit isDefault; - id = 2; - settings = { - "browser.startup.homepage" = "${site3}"; - }; - } - vars.firefox; - "${user3}" = lib.recursiveUpdate - { - inherit isDefault; - id = 3; - } - vars.firefox; - work = lib.recursiveUpdate - { - inherit isDefault; - id = 4; - settings = { - "browser.startup.homepage" = "${site4}|${site5}|${site6}|${site7}"; - }; - } - vars.firefox; - }; - }; - - chromium = { - enable = true; - package = pkgs.chromium; - - extensions = [ - # 1password - "gejiddohjgogedgjnonbofjigllpkmbf" - # dark reader - "eimadpbcbfnmbkopoojfekhnkhdbieeh" - # ublock origin - "cjpalhdlnbpafiamejdnhcphjbkeiagm" - # i still dont care about cookies - "edibdbjcniadpccecjdfdjjppcpchdlm" - # browserpass - "naepdomgkenhinolocfifgehidddafch" + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.5; + position = "1462,0"; + } + { + criteria = "HP Inc. HP 732pk CNC4080YL5"; + scale = 1.4; + mode = "3840x2160"; + position = "-1280,0"; + } + { + criteria = "Hewlett Packard HP Z24i CN44250RDT"; + scale = 1.0; + mode = "1920x1200"; + transform = "90"; + position = "-2480,0"; + } ]; }; - }; - - services = { - kanshi = { - settings = [ + } + { + profile = + let + monitor = "Applied Creative Technology Transmitter QUATTRO201811"; + in { - # seminary room - output = { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - }; - } - { - # work main screen - output = { + name = "lidopen"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "enable"; + scale = 1.7; + position = "2560,0"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; + }; + } + { + profile = { + name = "lidclosed"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" + "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + } + { criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.0; + scale = 1.4; mode = "3840x2160"; - }; - } - { - # work side screen - output = { + position = "-1280,0"; + } + { criteria = "Hewlett Packard HP Z24i CN44250RDT"; scale = 1.0; mode = "1920x1200"; transform = "270"; - }; - } - { - profile = { - name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.5; - position = "1462,0"; - } - { - criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.4; - mode = "3840x2160"; - position = "-1280,0"; - } - { - criteria = "Hewlett Packard HP Z24i CN44250RDT"; - scale = 1.0; - mode = "1920x1200"; - transform = "90"; - position = "-2480,0"; - } - ]; - }; - } - { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in - { - name = "lidopen"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${config.swarselsystems.sharescreen}' --image ${config.swarselsystems.wallpaper} --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.kanshare}/bin/kanshare ${config.swarselsystems.sharescreen} '${monitor}'" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "enable"; - scale = 1.7; - position = "2560,0"; - } - { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; - }; - } - { - profile = { - name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output 'HP Inc. HP 732pk CNC4080YL5' --image ${self}/files/wallpaper/botanicswp.png --mode ${config.stylix.imageScalingMode}" - "${pkgs.swaybg}/bin/swaybg --output 'Hewlett Packard HP Z24i CN44250RDT' --image ${self}/files/wallpaper/op6wp.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - } - { - criteria = "HP Inc. HP 732pk CNC4080YL5"; - scale = 1.4; - mode = "3840x2160"; - position = "-1280,0"; - } - { - criteria = "Hewlett Packard HP Z24i CN44250RDT"; - scale = 1.0; - mode = "1920x1200"; - transform = "270"; - position = "-2480,0"; - } - ]; - }; - } - { - profile = - let - monitor = "Applied Creative Technology Transmitter QUATTRO201811"; - in - { - name = "lidclosed"; - exec = [ - "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" - ]; - outputs = [ - { - criteria = config.swarselsystems.sharescreen; - status = "disable"; - } - { - criteria = "Applied Creative Technology Transmitter QUATTRO201811"; - scale = 1.0; - mode = "1280x720"; - position = "10000,10000"; - } - ]; - }; - } - ]; - }; - }; - - systemd.user.services = { - pizauth.Service = { - ExecStartPost = [ - "${pkgs.toybox}/bin/sleep 1" - "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" - ]; - }; - - teams-applet = { - Unit = { - Description = "teams applet"; - Requires = [ "tray.target" ]; - After = [ - "graphical-session.target" - "tray.target" + position = "-2480,0"; + } ]; - PartOf = [ "graphical-session.target" ]; }; - - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - - Service = { - ExecStart = "${pkgs.stable.teams-for-linux}/bin/teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; - }; - }; - - onepassword-applet = { - Unit = { - Description = "1password applet"; - Requires = [ "tray.target" ]; - After = [ - "graphical-session.target" - "tray.target" - ]; - PartOf = [ "graphical-session.target" ]; - }; - - Install = { - WantedBy = [ "graphical-session.target" ]; - }; - - Service = { - ExecStart = "${pkgs._1password-gui}/bin/1password"; - }; - }; - - }; - - swarselservices.pizauth = { - enable = true; - extraConfig = '' - auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; - error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; - token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; - ''; - accounts = { - work = { - authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; - tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token"; - clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584"; - clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82"; - scopes = [ - "https://outlook.office365.com/IMAP.AccessAsUser.All" - "https://outlook.office365.com/SMTP.Send" - "offline_access" - ]; - loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}"; - }; - }; - - }; - - xdg = - let - inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; - in + } { - mimeApps = { - defaultApplications = { - "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; - }; - }; - desktopEntries = + profile = let - terminal = false; - categories = [ "Application" ]; - icon = "firefox"; + monitor = "Applied Creative Technology Transmitter QUATTRO201811"; in { - firefox_work = { - name = "Firefox (work)"; - genericName = "Firefox work"; - exec = "firefox -p work"; - inherit terminal categories icon; - }; - "firefox_${user1}" = { - name = "Firefox (${user1})"; - genericName = "Firefox ${user1}"; - exec = "firefox -p ${user1}"; - inherit terminal categories icon; - }; - - "firefox_${user2}" = { - name = "Firefox (${user2})"; - genericName = "Firefox ${user2}"; - exec = "firefox -p ${user2}"; - inherit terminal categories icon; - }; - - "firefox_${user3}" = { - name = "Firefox (${user3})"; - genericName = "Firefox ${user3}"; - exec = "firefox -p ${user3}"; - inherit terminal categories icon; - }; - - + name = "lidclosed"; + exec = [ + "${pkgs.swaybg}/bin/swaybg --output '${monitor}' --image ${self}/files/wallpaper/navidrome.png --mode ${config.stylix.imageScalingMode}" + ]; + outputs = [ + { + criteria = config.swarselsystems.sharescreen; + status = "disable"; + } + { + criteria = "Applied Creative Technology Transmitter QUATTRO201811"; + scale = 1.0; + mode = "1280x720"; + position = "10000,10000"; + } + ]; }; - }; - swarselsystems = { - startup = [ - # { command = "nextcloud --background"; } - # { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; } - # { command = "element-desktop --hidden --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } - # { command = "anki"; } - # { command = "obsidian"; } - # { command = "nm-applet"; } - # { command = "feishin"; } - # { command = "teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; } - # { command = "1password"; } - ]; - monitors = { - work_back_middle = rec { - name = "LG Electronics LG Ultra HD 0x000305A6"; - mode = "2560x1440"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-10"; - output = name; - }; - work_front_left = rec { - name = "LG Electronics LG Ultra HD 0x0007AB45"; - mode = "3840x2160"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-7"; - output = name; - }; - work_back_right = rec { - name = "HP Inc. HP Z32 CN41212T55"; - mode = "3840x2160"; - scale = "1"; - position = "5120,0"; - workspace = "1:一"; - # output = "DP-3"; - output = name; - }; - work_middle_middle_main = rec { - name = "HP Inc. HP 732pk CNC4080YL5"; - mode = "3840x2160"; - scale = "1"; - position = "-1280,0"; - workspace = "11:M"; - # output = "DP-8"; - output = name; - }; - work_middle_middle_side = rec { - name = "Hewlett Packard HP Z24i CN44250RDT"; - mode = "1920x1200"; - transform = "270"; - scale = "1"; - position = "-2480,0"; - workspace = "12:S"; - # output = "DP-9"; - output = name; - }; - work_seminary = rec { - name = "Applied Creative Technology Transmitter QUATTRO201811"; - mode = "1280x720"; - scale = "1"; - position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse - workspace = "14:T"; - # output = "DP-4"; - output = name; - }; - }; - inputs = { - "1133:45081:MX_Master_2S_Keyboard" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; - }; - # "2362:628:PIXA3854:00_093A:0274_Touchpad" = { - # dwt = "enabled"; - # tap = "enabled"; - # natural_scroll = "enabled"; - # middle_emulation = "enabled"; - # drag_lock = "disabled"; - # }; - "1133:50504:Logitech_USB_Receiver" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; - }; - "1133:45944:MX_KEYS_S" = { - xkb_layout = "us"; - xkb_variant = "altgr-intl"; - }; - }; + } + ]; + }; + }; + systemd.user.services = { + pizauth.Service = { + ExecStartPost = [ + "${pkgs.toybox}/bin/sleep 1" + "//bin/sh -c '${lib.getExe pkgs.pizauth} restore < ${homeDir}/.pizauth.state'" + ]; + }; + + teams-applet = { + Unit = { + Description = "teams applet"; + Requires = [ "tray.target" ]; + After = [ + "graphical-session.target" + "tray.target" + ]; + PartOf = [ "graphical-session.target" ]; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + + Service = { + ExecStart = "${pkgs.stable.teams-for-linux}/bin/teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; }; }; - } + onepassword-applet = { + Unit = { + Description = "1password applet"; + Requires = [ "tray.target" ]; + After = [ + "graphical-session.target" + "tray.target" + ]; + PartOf = [ "graphical-session.target" ]; + }; + + Install = { + WantedBy = [ "graphical-session.target" ]; + }; + + Service = { + ExecStart = "${pkgs._1password-gui}/bin/1password"; + }; + }; + + }; + + swarselservices.pizauth = { + enable = true; + extraConfig = '' + auth_notify_cmd = "if [[ \"$(notify-send -A \"Open $PIZAUTH_ACCOUNT\" -t 30000 'pizauth authorisation')\" == \"0\" ]]; then open \"$PIZAUTH_URL\"; fi"; + error_notify_cmd = "notify-send -t 90000 \"pizauth error for $PIZAUTH_ACCOUNT\" \"$PIZAUTH_MSG\""; + token_event_cmd = "pizauth dump > ${homeDir}/.pizauth.state"; + ''; + accounts = { + work = { + authUri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize"; + tokenUri = "https://login.microsoftonline.com/common/oauth2/v2.0/token"; + clientId = "08162f7c-0fd2-4200-a84a-f25a4db0b584"; + clientSecret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82"; + scopes = [ + "https://outlook.office365.com/IMAP.AccessAsUser.All" + "https://outlook.office365.com/SMTP.Send" + "offline_access" + ]; + loginHint = "${nixosConfig.repo.secrets.local.work.mailAddress}"; + }; + }; + + }; + + xdg = + let + inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3; + in + { + mimeApps = { + defaultApplications = { + "x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ]; + }; + }; + desktopEntries = + let + terminal = false; + categories = [ "Application" ]; + icon = "firefox"; + in + { + firefox_work = { + name = "Firefox (work)"; + genericName = "Firefox work"; + exec = "firefox -p work"; + inherit terminal categories icon; + }; + "firefox_${user1}" = { + name = "Firefox (${user1})"; + genericName = "Firefox ${user1}"; + exec = "firefox -p ${user1}"; + inherit terminal categories icon; + }; + + "firefox_${user2}" = { + name = "Firefox (${user2})"; + genericName = "Firefox ${user2}"; + exec = "firefox -p ${user2}"; + inherit terminal categories icon; + }; + + "firefox_${user3}" = { + name = "Firefox (${user3})"; + genericName = "Firefox ${user3}"; + exec = "firefox -p ${user3}"; + inherit terminal categories icon; + }; + + + }; + }; + swarselsystems = { + startup = [ + # { command = "nextcloud --background"; } + # { command = "vesktop --start-minimized --enable-speech-dispatcher --ozone-platform-hint=auto --enable-features=WaylandWindowDecorations --enable-wayland-ime"; } + # { command = "element-desktop --hidden --enable-features=UseOzonePlatform --ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; } + # { command = "anki"; } + # { command = "obsidian"; } + # { command = "nm-applet"; } + # { command = "feishin"; } + # { command = "teams-for-linux --disableGpu=true --minimized=true --trayIconEnabled=true"; } + # { command = "1password"; } + ]; + monitors = { + work_back_middle = rec { + name = "LG Electronics LG Ultra HD 0x000305A6"; + mode = "2560x1440"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-10"; + output = name; + }; + work_front_left = rec { + name = "LG Electronics LG Ultra HD 0x0007AB45"; + mode = "3840x2160"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-7"; + output = name; + }; + work_back_right = rec { + name = "HP Inc. HP Z32 CN41212T55"; + mode = "3840x2160"; + scale = "1"; + position = "5120,0"; + workspace = "1:一"; + # output = "DP-3"; + output = name; + }; + work_middle_middle_main = rec { + name = "HP Inc. HP 732pk CNC4080YL5"; + mode = "3840x2160"; + scale = "1"; + position = "-1280,0"; + workspace = "11:M"; + # output = "DP-8"; + output = name; + }; + work_middle_middle_side = rec { + name = "Hewlett Packard HP Z24i CN44250RDT"; + mode = "1920x1200"; + transform = "270"; + scale = "1"; + position = "-2480,0"; + workspace = "12:S"; + # output = "DP-9"; + output = name; + }; + work_seminary = rec { + name = "Applied Creative Technology Transmitter QUATTRO201811"; + mode = "1280x720"; + scale = "1"; + position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse + workspace = "14:T"; + # output = "DP-4"; + output = name; + }; + }; + inputs = { + "1133:45081:MX_Master_2S_Keyboard" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + # "2362:628:PIXA3854:00_093A:0274_Touchpad" = { + # dwt = "enabled"; + # tap = "enabled"; + # natural_scroll = "enabled"; + # middle_emulation = "enabled"; + # drag_lock = "disabled"; + # }; + "1133:50504:Logitech_USB_Receiver" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + "1133:45944:MX_KEYS_S" = { + xkb_layout = "us"; + xkb_variant = "altgr-intl"; + }; + }; + + }; + }; + + } #+end_src @@ -21838,6 +21842,35 @@ This adds the simple utility of sending desktop notifications whenever a new mai (mu4e t) #+end_src +**** Work: Signing Mails (S/MIME, smime) + +Used to automatically sign messages sent from my work email address using S/MIME certificate. + +#+begin_src emacs-lisp + (let ((work (getenv "SWARSEL_MAIL_WORK"))) + (when (and work (not (string-empty-p work))) + + (setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem") + (setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path)) + (setq mml-secure-prefer-scheme 'smime) + (setq mml-secure-smime-sign-with-sender t) + (add-hook 'mu4e-compose-mode-hook + (lambda () + (when (and (boundp 'user-mail-address) + (stringp user-mail-address) + (string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK"))) + (mml-secure-message-sign-smime)))) + + (setq smime-keys + `((,(getenv "SWARSEL_MAIL_WORK") + ,swarsel-smime-cert-path + ("~/Certificates/harica-root.pem" + "~/Certificates/harica-intermediate.pem" + )))) + )) + +#+end_src + *** Calendar :PROPERTIES: :CUSTOM_ID: h:c760f04e-622f-4b3e-8916-53ca8cce6edc diff --git a/files/emacs/init.el b/files/emacs/init.el index 935c1ee..e8d147e 100644 --- a/files/emacs/init.el +++ b/files/emacs/init.el @@ -1605,6 +1605,28 @@ create a new one." (mu4e t) +(let ((work (getenv "SWARSEL_MAIL_WORK"))) + (when (and work (not (string-empty-p work))) + + (setq swarsel-smime-cert-path "~/.Certificates/$SWARSEL_MAIL_WORK.pem") + (setq swarsel-smime-cert-path (substitute-env-vars swarsel-smime-cert-path)) + (setq mml-secure-prefer-scheme 'smime) + (setq mml-secure-smime-sign-with-sender t) + (add-hook 'mu4e-compose-mode-hook + (lambda () + (when (and (boundp 'user-mail-address) + (stringp user-mail-address) + (string-equal user-mail-address (getenv "SWARSEL_MAIL_WORK"))) + (mml-secure-message-sign-smime)))) + + (setq smime-keys + `((,(getenv "SWARSEL_MAIL_WORK") + ,swarsel-smime-cert-path + ("~/Certificates/harica-root.pem" + "~/Certificates/harica-intermediate.pem" + )))) + )) + (use-package org-caldav :init ;; set org-caldav-sync-initalization diff --git a/hosts/nixos/pyramid/secrets/pii.nix.enc b/hosts/nixos/pyramid/secrets/pii.nix.enc index 1cd9d41..f95ff57 100644 --- a/hosts/nixos/pyramid/secrets/pii.nix.enc +++ b/hosts/nixos/pyramid/secrets/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:TAwmpSF2fhM/gHIL2qUs4lvaLwzbg3UR2ges9x3uioLMYCn4o0fFnf+NbqM3CBERqrBTh6f4TpWTD1SJ9934ZhvwR09xhjc1wVM6JcE9yWfAifm8zwxK85SAn8c3Ap1WRsuDKT7RdoyDwh5IDkl2bgkznlFNVIrIMaUSjj1XITacNwFuIBKoPBJjX9jHjYg0PT07RSQ2VWh9xGLbp9/RKDu+csVaNSdPqRRPYwPbwpcML34ABWvlwDre1dCwJjhq/hdBdAL9/fasvHSdYOinDytH67d8jrEOPGZGKUTOERf2GUGsgqMYuPmkVSG+3JRhZvOZZEVuCexvyErVvHoxXzMCfv/DzaqB9KgKZmL1Wfak/KLCeXs4jfPUS0+dEi0sxNc+R77opPbVqTEBO64mgniWbtvk0N3GHrBJj1BDR/9v/gs72QMcatQnSuWMAZ1DnRfsHVBYxvuAdZ+vEKhQ61lkdh7bV7FKkG9xQwO/W0b2dfAdpfTe3n2tRhzznEwhGDyujfTTguOpQrd/0whuI8Ete0eTGNFj5zrUcBOHR+HE+CuQlathFUEMAjxx+/oy7gk6pm9olDBSl6ptzJjGDF/suV0NUT5mcm6zVSUxGMMCjuH3MlKI0VTcdm69WpgDYj07seFvBfRs/pAEj5mMVbEY9VE8BRNiM5fQumQzwr5BlAEyWgy6VZ74wt4F/Y/3iPHv3n516ZwmBYVJ7xxqYqo3+lpenVurYCy9v0rw0KndojcE852oil90GX6R6ZhMQmM0JbUl4n75oI6ug5zHyzHUluuTNIZ1rNZzPamt32EOIeXkSTs+jAfyjku0eENt8aX14BZBsCh7JG+f7YNyIs711wK7rzMw3JBvk1vXveOFPjK4vBimIG3uBkiAiQ4GFk01ISTbpMvdmLmdtPeZdjp29OiMqWlG4GLm/4XfmHMvsLpnkCTKEKn75RD4eOuvp1P1oaopkPt1oQqMVJtUmFjA4NZlyRSn+KkLTO0lAjsfl03HsTC6RnQcnBNlEMBD0I2VFhH4qIKHrmwgMy5LCeWWQ0/QYPgtfV/xbO2AlvRwX4I5VYjlAZ00TZ3147qXF2KAweINOEHGavegFabx9Bh3MwM8JP2l1BPlO7eE5iXkwmvIPT2yr+dzNyd3A/uV4tnX/h3z7eErpmv189EZY6iKq6011d1En8l3x3PJMrtU0qwCXbwG0RBERbh1rH++gfED0A2LFnVDUAmiVTWTv26ik3kG9YRQbAL1LC9Bfx0jhktRy8uQRu9COMJX6oobC64/FThV1phuPfsEm468r5sJ/8sTkVHYQPf57ePE4uP5axvNB9D0nZwRhlh5duSaaOY64Sg3PdxT6h39V6GR42q9lCTJ7MFxm8YLzaeh3cf0Tl2aoZC4T6WQCbcNZ4SzncUBwDmJvbBjHqHM63nHuvlK5XPAgyWCtAoLpvQAKWeDPupCxLNyHB6uDbzAS3sY/XVD5qDAJffZBxNqwJHdPiO3gDn8aBZe51AamOmdqxK2ujl1XlBSLFmFkRSwssGoQQrLfQp1o0O0pCSfRy0cSStCp8uwzSubGF2Z1ebYViBpl8HwFmAA+i31nWhplEsFivdBqSlO+R5slKCZcZRVQynFsvLe2Rrp2uXaQzs27GeKUKE5jl0Yzmia8V7EKacTxZhs0/uEkhTRiMIjLzGPjFDHCPQr5APYzXrzauJeVbf9w7pkDlXeyDfu3pG+Nk3ljL+blyCA/sPFMFpwEUm5WdoVAb5sE2d8WcCDmJG9jWRrRs32i3lrfEphORYku8qd+jdBiqqnOGqAySv01Ip+0zkhstXuze6WoH7k32DMHgxKEfPLHqqGKJxAVfCluKhybJlWnaZ2BMW2Ctz5yZHNyXnkqv9FONArLJPgnNpecaEPiZXDWLbOsBXuqjhuNvuB6llX5GOCoc36ynZGjoI/PgG2V7SU2DDQf5ibM7qQnLye/bKi8YiZKvzDcMzbkujM5+PZDhuXbilYjMybR5ct03QOHnv2xg7Tc2Uf0uCCc9GqaFGiKL/q7tTR2AqYJ0moypVVLRVhMBJolQtO1eUrUoZjtbM9gFRF8+BHbDbNP/zVO2Gk0hNIBl/VCG0eusqmSPk5dfesF2xhoTTdwTBjoxTGWzEezoBj+ufL1zK49n44+uLwTF1isS0PSsTlGHQmvZC4sDQCtr0bjzWag6CHAe3cYa6zizC0SHbrrkZhuxJId3yk0pVzpRMYZ5HRGMrTw0W9Y5oQt10GeCtmhM03H80J+Q7M8/TtqF2dWf249aNI93RGQLiVMUj06k5hLwHk2/BlFdeOgzzQxzrVx03Y+qWNUMPVVJViyQp42tCinAaLYw2eCbtrj4/Ze0v8u/gZYMdgq1KegyNEPIQqlM9MGbCcwIXgEWGl9hvIngmQ+ZuoiJtjGhvRHtqUzql4x2IsfxOxcUVwXxoM6yISZrOdmiLgpd/mp/NBPEomba6E5AjQFlzy/b5Vk0/HT6EgYdJNXBthVWqB+X0/4IzQ79o9Kwd1VjOAkBvXy/siWuSU03demYuKnZTsCBV7h2bWyge19rCYyUryN9WaB+fcnVHmFvU999SUudE+6QXZC/0ZIU1SV2K9K5Cqovw7zSCTM2w+0QZp+0LCbPDS/tDOKpd2z0uHg5UWy11gH/i4P9Lt7ygRAjRQ0gZ9K3N41Z2RfH9UTTUsnKMXR5+Z6ebZhi6IST6VlOa1ahJj7CRXOSBxNeK6vWtHfSmO56wJN7FcoItsehpcwDyMYVIYYEe53eZTuho3UKqd/q9QEBlgwFpiBmUy6CEX4jryiC6LDiUEFL63YIq2qNy4JLhSjG7JwaAzjCXdDv3Au3tiWV+sDXNV88MG0AEAM/zQ83bHMhv/xcyvp/TA2YOuYBfvlVYuxXASbFzl,iv:Fu+GmDArq6JSpODMPTJ7boKT/N33l57UbHqdTwpYuxA=,tag:gi/VuS3QTzeOiUsZBfm7BQ==,type:str]", + "data": "ENC[AES256_GCM,data:Avje6G0sf17iETA622PNdboM3FlYSFtdiPtEuCKpytuUS/2ATu1g9rTeLuSwKHzMfuweF1l+GWkME4D3PQZ2hzgtyByISnuHTFB0kO/QmnmpoNpEkGXgUKpogEaFWiTyFkg+Ceo8IFzSA+AW22DcNnU6ygZlnuK92XH3qJ9F/xyF8yd3eFXx9skA68GdpyoOxnw648ZKeL0/mWLcZVSxDpt7o2bnnL/lU8qp4HErRkgbIh8aUCfaZjRJMXOMfZj4rNSZ58ZCSTl1akuDRYQfqk8WdprrveDXVPtFe3Ol1LY2yqZtTTjE/L94fmQtkLE4U36uJfQBtnUAjqXJQqCpZRrJcQgqPyW29CWwIxK/2hccYIikv6033j2kUKQbXWMcniBsnFfmBvLLKBHdylNX2AstKjtkJ48dZskL833QvYwxNxePEk0heJ463goWHtDLWNFAMW5vrI/BYg8NM6PDYvZWG6yswUZFlUmzKoQxzbxKgnsXj4yDH+pNu8B8uWzKaEYDQjeKdOPEhagNVroeT+T6r0hp/sEJUTh8ekIwpmmNssF7DalKumEcuQy0K3Lvt7fUhB5Z+dFMz3eqhQuXtwQl9p0mpf13F8qVtbuB4Ye0N8HmGFp+TF5sVXy1RsgP80uVawaqKVyhiRoT+ZDMUno4MwkmPAmkYhemkH9UIsooiRdFOb9W4zzQbpC79htnGXGVWgDQMNYVun/TX0RMNnmFls/HoPQz5Ft6sKQp6cQ8bNxsWMJKTRR/Y8g32OomcGMegPDM+oeutvTFkUhhZdgFHd98brOZjrEeQVwyh6fOLqHaSIZB8XFjh/rDytPbX85/HQSH+k9zWgL4kpHoZeLPUK0alY2RMFlYuNd/a8yhgdlQZGGSfVP92JrdmOcTxgOd11zy6/eTWBWVZVE279CJvAYkKDTFN/MyoAC0gTl2mR9vW44BbDAHywOy8AJjzoDMWacg7DBFSqxW9ZGJbFs3udqYk5IDhrdOz941jE+WsP978K8uTn2F7d/Qz6lhmberdyIuPC0H18+2Gzv1L/LWtc6/kqqPOB9RYrlaayAfymqNV/3FdhFSxfx4Pm4SD5MIaZ99FS7+AwP3B5kmnCZToLZlFsgPL9DUwqwgx69gQxUlb362ih5swaCY0nOL63oa6c25/UvO9rYkDh52FhGl1N9gzvbzbYC0Mp7QuwzF1XWUFbhE+f9aJ6bAXHyS10GMfa76eLnnoPSslYZ4rZfLMjHOGjbTMY7wTLl50wKg4VbThWtpkxwbITGd5VZH1/iO6e7F8K0gMwHNMYSm/doNaRcN1HWi7eD6YtQVWlWlewx0C9BzW6TsOy3e9MtQBULFDkPEIbzoT/29dS1o7YKyomdBG867xbqKV31DkqBpq9G0Fv6kHCeu5MmfzeqhueA11+XFQvvNl2KsLW5LvlP7GPOl0VjlEBY61SGjXibMGcLOAEgsxyzzZhLP97pl1dTb2yokBkDTy9n9pgpWJ5NmZi68XMVew8Nx4vz0Dj6jZruPgO3vBtpUytx6vjp/hwKcUQq09PxY8QN5l3gfmZJvAiDMuZh6ZzaJvVhkK/afzt2YN1rozd+Ibo4k3831X+RkfKLFoiA6E0g9SEgm6HAl/gfRIKR740yH0uVVbpCNIRpfBuAQMAvoLczcgYjsMaZ5hqHh0nOC+hsHmEIP47KrPzyA8U3+TjQEbAN1aHAGkzVDVJ4E8iwPkPAP0B+b6mtSNfscdyG5iX2zlqcivvA51s8zouhxEZ4KZ9TiVtg6dlngP7fu1SjM2DYzG2Sshg8L+WyzFFjDgWPe5RO8btzWEFuNTpFgvaRYQWONa7JWgnigP4ZE7Tc+shN8BXGhjJnGM4Z1+PNPRWvB/d1Fqe1KbgTyVFHizD8DnNWmfgghFLOwenKbZXe8wAAGmfIaCHE7IMrTSeuqhfKpGGnrnlE9Hd3y/8ojYtOFPQ16ohTPxBVwN/gt8RCmBdP+i4Y11He0vdX3HaF3W9yGkIPDLY/aJ33NvK9lmCvXBYANSLirBJmY/xEgdxIbG9TDRnZPoUQ0b8WBZS8RFg7wuxNucNrMAHp+8n3Ww0D9+zqo1rropr7FRc1xYjRrxSvx+g0xhb46qe7In+mSaJy1seITD6T+LdnOz3SK6bXpZ1I1sg7B0XXCLyMe2cs3KrqmUwDYowm6rbyM65X2CVgl/ULXg0rjPBaKqqYpFeQDAYdBgLiLiA99tWhI3hf6WEYb9aio6gIgkDtKMe242TnauUBkCDHxqgC/Lhp4fG4+TCjRTNopO3nmEYoYH67+VQONyU4YRn7lmWReT5pFrkczBIogeihgCwL+zNzA/f4wvGdADNLH9uxuGIpR5a1/HwWa6cKxCQ375kl013By6dHre50zal18KHMz/ou8dDQOsWDMbjE01aDJEHHSVPZiySjXiNWD+mvy8SE8hMRVyP/9PyB91wXwhRAU1UJifFSCuKAlqkwOCkqrMJ+EDhoIrGhx+XfM84/wu/RIowKTtF4Zz7CmpjN8cSgm+Ht4akg7XaBiAGsZMal3TY33SzY7MHZ1Tsv2AeYHPtssyXBdVd8GRZAw7phoPqXpV1hSvLwS7fY2F3+Ie8U3E55p4U7HrYGo9SHqF90rSB/tUhQdah7ptcpywBWlCWqA9L+q7I5kljSLFSf/2Hl1B33M80rCCdnOSiyjawF+0n9Pysw4C/z0aHQIBTDYYTZ9a6RIEjHDFlX7GKX8CKw6XvTvsIgs2kDklcUNTgXI5MRMtkyIrh081V2gNj65B0+yWxlK2VvyKLv2AuFCH2m401Dazusp89yA624wMFRF/DQmiC7MPvWFMzhLbsQu3dRW+JKDv88t18OymQeQlbP+lNdff4Cd4fVoTqt6xCoDLrIcmX/rw9QZnmJF/dW2wmMVQIONdfBx6O+CHsaaLScHdJg0/RIfjA8bkObPh+p1ULvJ9ddLQA5J7Cd2omwhZqXpPbAiveykCEWRMOCD0mama5RHJOyNnqQGYUmPvpq+QwaR4+6DeGy319uyNiLcmKKMIx+hSq2qQhK+ler1DS5VLJC0g5rWcovE7bUs7sNKETvMfO8gr1Crve2wTWA6DCrNZSSkWXwzwJOsVmVx66e/hmh17k/DCqDG55z11QR6X7C0EryzAj1JPJ6wG9KamgsZOCqJL1h2piNdbTnnBPfE5btg2OIw1453OYgWI2f833p6BZR4irditSs67fNt4ZFGad7pq5ETlpFU1FQUZFuEm7iFrw==,iv:7YztaPs7GSC4AdIF36G3qb8lQAhUwkaD613z8LcUW7A=,tag:ULku+TZreQNt5/6ZyLtWog==,type:str]", "sops": { "age": [ { @@ -11,8 +11,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-10-11T08:44:45Z", - "mac": "ENC[AES256_GCM,data:pNbRA83NQcfWwTjgowEaFlfZVbZntWb1alGKdaX3IqjBlZEmYfJGKaxkbiL1uoMFNmrc5HtQUQLz0QVUpQ87ggH/HEUtdVcHnT65hxWjX3NWg3G2C9cbPqe3SiLv+UWPUsN70gu/xAJUuaiM9tsQoHkpNdefT3t382/uxF+Cb3M=,iv:1njSCqZFoCX46IhiowRqUteG8VJ5EEHDxricjMd4l58=,tag:9WBBXfUUW+7wmXy3zksMKQ==,type:str]", + "lastmodified": "2025-10-21T17:51:36Z", + "mac": "ENC[AES256_GCM,data:nogwxr8xZVIPv1vnZyBZuGu5WHO7ygxfeoF+Nrmdqin4YrZ8nK3f8oVNAsEBfNvUyr2mkRAbAT3tgcP+u/w+RJgH9ERHWljnw5xy8iGLkTF36B83+lCL7cp3wIzllOQyRUYEHegnQWA79WoWWHD3u4sZmlinByJRUMscRV9uTww=,iv:rZd+3+WlcOVtqgJGhoBkJGm/HF/01wuopeFlEwvcupI=,tag:P7fIdk4ithHyOAfqui6xNw==,type:str]", "pgp": [ { "created_at": "2025-06-14T22:31:01Z", diff --git a/modules/home/common/env.nix b/modules/home/common/env.nix index 240b677..f2f463d 100644 --- a/modules/home/common/env.nix +++ b/modules/home/common/env.nix @@ -28,7 +28,7 @@ in SWARSEL_CAL3 = source3; SWARSEL_CAL3NAME = source3-name; SWARSEL_FULLNAME = fullName; - SWARSEL_MAIL_ALL = allMailAddresses; + SWARSEL_MAIL_ALL = lib.mkDefault allMailAddresses; GITHUB_NOTIFICATION_TOKEN_PATH = nixosConfig.sops.secrets.github-notifications-token.path; OPENROUTER_API_KEY = openrouterApi; }; diff --git a/modules/home/optional/work.nix b/modules/home/optional/work.nix index 28c66b7..72df0b1 100644 --- a/modules/home/optional/work.nix +++ b/modules/home/optional/work.nix @@ -1,6 +1,8 @@ { self, config, pkgs, lib, vars, nixosConfig ? config, ... }: let inherit (config.swarselsystems) homeDir; + inherit (nixosConfig.repo.secrets.local.mail) allMailAddresses; + inherit (nixosConfig.repo.secrets.local.work) mailAddress; in { options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings"; @@ -21,14 +23,16 @@ in vscode ]; - systemd.user.sessionVariables = { DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work"; + } // lib.optionalAttrs (!config.swarselsystems.isPublic) { + SWARSEL_MAIL_ALL = lib.mkForce allMailAddresses; + SWARSEL_MAIL_WORK = lib.mkForce mailAddress; }; accounts.email.accounts.work = let - inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName; + inherit (nixosConfig.repo.secrets.local.work) mailName; in { primary = false; diff --git a/secrets/repo/pii.nix.enc b/secrets/repo/pii.nix.enc index 89f4f54..85d15f6 100644 --- a/secrets/repo/pii.nix.enc +++ b/secrets/repo/pii.nix.enc @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:4J1fELKd55+B/WTnmKrP/uRFFsSQWrbtDIaFqMkdqqjGuGlni0QXll/qVRGNhRw5rHRWThZf5Gb2Pll92YVfb5j9Jq2m+Yz2dZvQNpaTB3be8RD9OzExc1mjqMGuy6Oa0J2XuRXh4hy3oAXDgQxRkICLssRwB2aC3wHlXCyxr3jDIlWEZMM1wvTJ9zIiClamOaS+oABdjR/W151QSa7VcVIMyXfyk19xCxAvlD8kjB1Pyhvn1hgfRY7Sv/R67Wo7IrlfHaH0dK6xng+5EkxZOJtcsQy0jPQRXUCLOHWYr6UVXI7f9OPfRzr8WEL0mz0Qvv/ML6OadycXJnW/rOsxV0domBa93dNO4V3smydlizgTCekswyw7CU9q1MrOSc2SQquez2pBJK6nQUrVurOP98RN/GXn7fEQg1c1CEKkCqlax8CKqGFMlET9ek/LqQD9N2fv3Vu7IdqZSORpSP4Ti0UeuXibybURHCblV1lETxqDqMhdwrBR6knsI+/5EO6BzV2p1Lh2HkE8gacoekqHg3+mTIEmsn2/Gb+7r1ja1vj8P4h0V+CKse4sq19ae2azxPzBMon4RvCcMKskUIojZVYgi5RfZkKYdQGPWKIRXmekwmceDKO21L1SDOxkmxa/fqtVJWiNLU4/6zzu83K2nKoc4kMtIm9hA3DZf3jk4KfZ2EcAuqcrzAPTAQiPDG/StP1SWbjbj8xG8yGpCHNLUgxlxq01oi5KgbpfZ9d0Ap5PwDxiMsX2N/8kikldhN3610rdI+K8fxYrYDfQZ4ZJtM46JpeL4zZvxU2gTc1vfN4xfhzXFT442GWg652TFsCDpq9EqyG7R+/8V5LwRTW59JsyBy91ZptEypq/v8QM4bP1w9Wigkl3v/8zq/RtReiwPfcxNXpSkMYFAs0iLq6M/Zlb7VLr3iA4qogiMAY6C8KbP23PHvWTpP2lUHNR5AptL11DqfG5wj+7NPyj4WCpX+3nrzLYku0iJnpMcOLTwzNenOTlSAC6toRsKqnFHwubIRykTN9ARyGW+qjiew37x6tRb7yovFJZfeQMJQCtdAtQHiANiV5n9n7IBCaesZuhMPqusXhEhzapjpo7WV1ONyAsDvWS6Y/Fiakm371QWHtN81YU+1vNXhYcFiXGeIUK8Pxrs0pD3Ega+G19/kisfngYoXK50gSrCKJ7UVK0pShYRsknPkDFsDGiLT1Mf8ZyQFyKNtr4FQJY+GtpfKPsjdt+XMjGh3ewx4cL0vxuDU33flgsR0dBWLTwUtZIs3fgt0oU03sXVUuCHAg+hIiuNyh+O36eiTVo0vOBJ+KiP7Vb/ng3+cGU1ZYyXpfE+xFV/vRwEE4SvNX67BGrhk2Avw5shOiU9QncLBpP6RnLTlEIQXw+J6ez/FfUQh9F06jLZ0j/PWG1QIpT75KEmbW7GrTKqsD70XW0Lx1jd09SieyYnUgTSGQmdHB+BbtNJfJKRk55PGfRE+3IkrC/i82racawunjJnuLn/6Q05+dlVhrfBdxMLB1RA0biSFIJuwEQfDEGjBcQA2qg4IvOrsmOa15dVcs8waxQmj/7ABUeODV9Fj4xuNrPS44q+BLAZU+4oRejMORImvPuh3f/dMoH2n18aqSkXYLk+fGEXKrvfzVt7M85z/Jx4YgqTn9YkzOZbveR3UUFfhIdOUKBgeeh15ts/BfQGRB8VUsDfIXygcS5BOAHys09JigJ3yZWtaHzI8kMZwIvBpFltciQ4eLPpEF2NSAuPU7hVAwnwI5Vkl9N14eWJFLHL6xwhD68H9zS1Z3wt234bDeHhKTzQ9tyPioYGj8mG5TJZcufVB+sg6HDLAjAIsi2EratJfDRyEr+E7QF+kyHv+KPslF5rH8W3fdo+wh1ULMduIB4EtD3MqOhCliXNN71P3ESQAQSjEHFqAW+mZ3BjWw1JY2rH0FbT2/gJJU4ZHBAycMqC/9zOtG+M6WrivSaYK61k7Y9poN1TJRWV/C6kmfvhRZylalmbjqUx3xYO+oB9+yiEp1PI8QEVDeSg8i0zeDvmII6ijg1p/tq3oAPfXOWyzcxrWFy/mHW4O4NgtYsDYoPu6+reYgAVqgsREg4wHDZetbn4JGbc4/qqQt8RSUlTLXJ3jEZYwovLg89x0CigXrAKvWjEgFkq8T52wFcHB4GBgzjTLD0Y2PL4RK+c1Zc8ARkRbHel0EER4Zj4fEM0kVwuvIhtCxDM13L2HYAO2Dbk0i2VnjjiKgmVnwQuBPv0hlOV97Vw5Jq+Sx8AyOImVmBULhDxCVIZ891PewLhmb9xioM7TewRGV5cDdqDtF+nwtik8zF4YUTTzxjAS08v9B2G9ZBmsA7RkA+hfhIY5QMiQNndqQex/WzNZaOnbMf91gKRsfKMixFevtMCyqXIMK5hfqrbxaUSPe5pISMdnBbIpmVBjwMJGAfzSTCxeEfMtrLsufYeS5NxeamZQtAmaHDP4KhFpyQ7ZIhtvyMXpHA+6tTHCDpmdv/NvuRcVAHNUrgHkYjtBLZdK7MxX61yYt0+3N25gPQ7edXqb3xWxpyV7XPGlm71Q1R8G7+YfUK9BcqKDCD9OFf+dPLiNbtOBj4MNh38op1X9TBmzzrbQr41LWQCJOI6lL0L2FF5NJiWE/Kk0a4rX7b0c0OeXubIidaGXMeP/ZDCNgxTe+BuEDTAAtlusbayEE/8VPtVyzempR4rMlNi50YR3Z8XfkRdw/W0PTQR/uDkNf3Ox4qzyAiLogDbD/xxZzlHWHiJOrbMbpQvQvBzJIUih/OFDP5fQZCvt06KHXANmlS2Yb8Vu7az0v2JCpjlKb4P9/8NoPtwm06adGfBzpP42zgJBmysxFCWO9ndxromt+JqhijL/lIndn7GWjX6w+Dunchs7Hz+l7pakzw2qKhmYAy15hKPfRkkxu2w9hxjx2LrpW/QQQhrKUTiTpoSwmqefGqZqDPtnajzL3Udhm0Azmj8ub7CAD5k2KVLadu/IDXfUZGzoyZgQvpLUGSmNOCn2Zp8VJOXed5RfTIeDbelpD7tOYglL0Cx0b3PpYhmLh2Xn1zx3em65Kp5RCr6UZxmTbhew38DibnNDtXISSd2ZKnwh+ZRAnfCEfsr3pYRdg9YXbHglxI9oUMz1gsSzSUESk32SfwxCskUYiGpom1Tpfe3MO9FDWkA3dy0fmeFU4FKHX+jNhfMw6si76j4/RHdm1A/DSG0QKvuL3LBJXJvWAxCD13idL4L3IXAKu4iJIgORrhcIa50lXn0C8H/iSFymeWMzMfMIhvKOuUVyRjhGlMNT/xAWuC2nqIqrqpik8pFUGU/JQQBt9bTzpnoE7UF/IXsnp6iAzQVwXaeGHzEOk9i3WOR3iCXVM/OIWYGUiA86Fy0rWt0IxDAEantmxSkZELdOyYVHFhkZHsQ5uLuvvohDshSN7MDF1njoMZRq+PCsf0UflTCbSvIWhu5z4YzX6J+9xYfIt3apNW2zWWUc292VruofKSOb71LzuIOqqW8OdcSKhGW/MsUC1LSQZpNg6mE4iidoiKyZQKgliA6ox2ubrzbD+xXx7Hpn3Mlk26/b/84zsAEnsNDZY5FQwFTbM1yKDJ7MRpNnksgZ+b5bkwI3Xc1qhBzLd5hRPoSqeD5nd2O/us5YC+dcHdzZjnPg97E5Lha/+b2fz7H7+N49BN7ArjWW2vEIuO4oJNqCY2wAUm039pJikh4V0aSQw0hMZjDZOzajxaSwRw4TXXPqzcjxWNXQLJTRz1/IfZnsKbRSmTqYpb8SXwSu7H6vV8+LD08HtVyf1lCCwtv0B0yR9U9a1cyGoeg0AZfWrGbalorYS3NEwYpabwDWX292K0TtQMsJypFJvudAPp43T5VK1WKx9pU9KXsZzz3CI1bQPFByMSMtbfcxODVhncN8egC3JiBiMR47TxGG9cGykWtEVj9/jzGTuREKqmAwlwZCL3hog4dgFaXYpd0grCtDw7PABk6Xi7NcXeJ3fCtWZukyTrFxyIxZsadfXK+VwuUEpbARLYU24qYW4cus8ySomaiLw5k5wrBjhYdt3Q3GiLi/jJQKrMCl8RzS+PuBubExDHoqAslh0Q0Cnjy/610ZOPVpomqMKRhLrvaWa5Hh5pGlx9bBfFTb5jCC3Qr+87z++hj5Ta+FcfIRAW/ze0ivTjuuGHnOEc1rx4Um12F7rCF6PNkceReJGMLyZa/wAk8f2nFrjpBcnfqrTDeg1B8pOTxYy1IiCoeMuqt7h9YWu1U45ljoCcM2Pbv7i1n9Qkt6Q+ZphV931RJQ/turPfQkYjkUspvRDVVPQvsSMTzXkssA224mLkBUwwQ0cVU7/pM4GlbzlGuSOg2A6vka6CG4lPg25iHzkK8dxzDIEm09iSGFnioDFg0fA9WPoYFYHekY+cpNjHvQERuGHBPJb2ZnHPyYpvtzOcTpLKJm8gL+M6J/bxkPkLQLXfa3kJg+mBs9ciYG1YLiMmKs4zDk7bw2XSOXo0+O/4Sv4npwJLbMXly0aY85ERY3woYpknbk5BeNnh8mxIIllZUXr16GsFYg5HdBu4kbY9RSCG6SPYZw8vVUmFDwXg8uaWFFgMg48ShhNQ8bPBeYwkqwaitPr+VnKDw/j+p6cMfOs8HsJSUrEB/OGFTG2jz103pFp3ZqqJeC/fEXACZMuhgXT1WL/pZQ6cBZ0ZccRU4XNIyPu/ia2NmcVgZFtVHzlufFeYQSjYgzjRzvsIb5DicckvH/zKrpXhcx4ytHBWOQinYbKYpbbjv5SSPNXV6IcLwaZajK6FWMFZtKILZhbIhGSDb0HIXYmU/EjuxiO4qhduZXSMecAdk5cH3Rp6aqACg2/4xUxcuH+L+bT6bJdiFFLOZLKy5qU=,iv:Y6SA957nt4h9t7KP2btXKIVhWZXBjW+6BrZ6ylYidT0=,tag:eRzQgj1EU6eGAZjzgL4mhw==,type:str]", + "data": "ENC[AES256_GCM,data:FMhv0WezQAH1OX7F2WlgdAEn54aAZtCXyFNP+8CboukwlL1+VzzcsjQK7/KJqXiHfIFHfn7N0P/y8tk2P+A2Ucbl1NYxj5IgfL7ohAACDhAVkofCM5CD4KcE1DoL4Ja56K6qkjlAi/t7NRv6tUYIr+NZqr2g70F0RQbgF1dkdpxW1JUNmreF5CnXDYtqz6+iMpekNXkj+wt/Zc9lQ/zW1fP4IH0C64SG+lFucpseOwP3YhvjFpzyT/11+uiStc6l2r+luNT8eJsaCYmcSqK5+1lJglIph1k4H+Xy1ccRHHeesy9+ySaGBP3h5uY9+JOdYe5fO9SYZt0cKO4Oic32Yq+uZ0Ldu0hPzDN4MMHsBP6lYidSXqs/kVgxEbPJ7T0RnQmFCVDhWE346HquZBfrGuxBOu2ifkxAFVHJyGaItOk2wlxcPDbU0P+t584CXlVIdGRS/mvW4xxXBCVlEi+QM8a4JcM7y1RJZV6S6R1DGC1nXgdscpcRGIfp6BcKPmSB2vZO8rx2qOMdUPS0FEOEVnHsvnwczGZHJuq6WjxvLNnzBH4gZtc30OKimlxXhQA6qyjupH7P65ayiFt9vvT/fFnYZr9aABc2xbSmqyJZS1wfvl5JMQWnUayigxfzYMdxuMC9+8SCykqXmy7hDlJeBBobSxdQUVhHAprY/sn+FOBzK5ZYb0wsavXI9w9sUSdQiU4XIxDb/FXJgs89FZ8p+uWQ1vFglF6XYR299LScIN7CsvLyGdk1idr08WCc92+9DSnSv9onM1UGD6IkSjMB3SoexuGa6Kj5yi5qyAOtvmMl8NwJn8Xh+gEE+FSUi+GAhh+aLvNbiIVPPmNXgI2+slUn6bzGDLk3NQMMeQ+JrX/SdT7q9Awxe9jtdsej4CGINrrTYKHsaPocVQkK6wpiQh8XbvxKoOV3UU3x9ouEVUjHrN06UbXWFXQSjEz5QXdtjpyTqxi6AaoL8M/yFTL4uB2ahPZ8bC17ZVq9eXwUtHIyKwClbTHTzlkJzr7lR7I1zWLtZIKy0pr8Si5DEkIuT7YCo5w5Pa3Z9DCkdAAL2t7TNTdrQo3H/iid7YKupfCeQxYYf836toX1Ff7jTCLtTEbfk3fOcbpu4uD0geWx4vI6V5lolJJ950ETnx+pq8EFVEk5D6VSfGo+Hl9c2xZ9UraYo9I0HzSSe12FSEVF/anKMVhBZGxdIxqCQQuu/FSNhkaFpmYpcEgodmFGQbAY0OworSg9ZnFWVMgQ33T/cna9Ene4AZ93DJaNrlzT8Jk0QIqCQjIIiZwUqPxABk0epNMLMZzZBJ/8nwN28YU5/pp4c+53RYPjMD4NlC/P+JXMxF+bidSOSYHb4Ucs1vIRljDSWumb46ZXoV+4sCBSdG0LjNVLkyx9P2vYhcw5G1KduSrUMY9VVOePcVQGYfsWjyi0nLyWadu9UUASafUwkOo2JoEjIdKWqg3zQRYIMr0GYp0Kf1EGVTPRPOApnbyLezDQsSnSZzakcJ1qDSFyLjlBMwoE5Rmndp+TS5kUEQaNeJQb56tTbDLWxlpgCoDgtfL5q+gjuVsjwkvUA9o9usBF+hndDl/fzs/ajR9q8V+hBS4j1AQROFRQhQv7vYdGA+Q3z18nTBheY2MgzpGBUwOEFuJJ+ndPANtVC7EIMz/rwKg7g777cwYLHyiJG1Rtj+45w1DmktS7sIyD0/RUt7ApF/v6PeMY+lVjXCKUfgNDaeiHQzKQpCF4+O4CThKa7Tg0keKI4fuJMoFEqZcfEr1TVEFg8AKcBzqdHMyUeUDyLIf2Sp7GJQXTbNA7TlCI5iABJ9McCK01RMqf/1Ew6NJfNDp1yjMd3NpozvAvMXIunmjUjKHzraW+gw/+z4XCq9ifALcKes3Y1R/tQmVfymnMGGoB3bErSIRIDA47IeR5OnrNVwrTM+l2Ew6jFBoWXH6pfaPj6SkdNgOEPp1mHlHf/x9YDBp2ZmtLAG3vlf4bXk0PQhNIb4bm71WyqqFiYwrI82o0Q+UocSxo/lNnLuvO3OxL1P9tp7OPi8kiB7G/D65qvE653xgXmo1OLk+RBJjhqSxBrPJTNbEcPhp36xjg4QtE9alC0XvzKaGUR9GawD6ZEmgE5payDSRXMPD1ZHx8dxr4wdJmxYFpwXFH8UheiKk2dhoGLkMoIempdsmteyaBh+qbeomXaq0+ihHAHkCtzQOc83cr5OS1tmcU1LbsHQ6ZMfBtpig/yWUdpGzFFTPPVKKx2+bWOkOW44IfkLsnAVjo0fvofnL6wuFBKVVF0bfQmlWBheR/VeVrwEjbxTfVOqRmBsliBSxzr5A5FsK5LGfzsyll/8IegLuE+412Kj3EZLVx3c+xq15oAh66/5JaiZ2C69azvb3gPr5NryLFqW0a5gxw1o3SiOA/L5mgzhqvFpf2+dfXLebahVpAYCpP+XLbYTuDiIbCJouUxBMWZgsmaIcwrGKecixLa0LtESsfLSi7F7jk37OlrOaR1gW0PHhYDfmXq0fqHPulthCWEbm76xSCbuLc9L5FI4Kc648WkxXXR8388mv4xIFAURcorse7DObygZSOx+BW8zynUs7NexXnT9OGa9vTB0OTWadOGXNSIL3LNCmoGNtxjfMCfl+CgAWFQxC2OkajkLxu2g0Ff9eEBNUQGrs8EzMB4wKPDHvtnNrezq0NMFsA7NDyl24taCXZ9jNtk6wsq2mWPW+BjvmlwK5Q8VgMXGLhxDXn4322s5NXDZc2GrafflDgAz8cdMWD1kwj7I+V1YRR4BjXikON3ZeDc3IkvW/ZPbIklr1IfAz5dZ6/pxo1TOHbfkxeS1/xW4+QnCBNznoxMH8QpPnm35Ch++Hl5raSegQ1iDGcGaTu7cG3f3E9sAI8J/x9xzps0kybF1B9ngyvLP+Y+sQ6plqaiWhrAtOtSvQIuZwIqJ6CLTVvGGN0CJVxWz/GU2cxL4ierNmSmni9MroSWz6U+M5K9P2rAQdskIwv0pcZ/esk0C/IHRZEs4DbaFBTVJoPk/8eMKBhxXmomAOm7SFRTp6LMD7OrD/ext2S4cWXbcnXY7WX4+R2GT4yCIo0au3/CLX6znK0o4ml8dH6FzClJCiWL9pc3tFbCh5iCiIGaCXFZmAM3NStD8XLKvqatFxgmK9I2jSN98eSSMU8MexiRtTttzza/7Nqj3/3nCM1Qw4sIEC+a8TWjHJeE/6tJ9JyAHEYZuhE9P3AbECwa7nIQB5NbKF/IDrHUN+fw7mKEPMgbMBQ1ITWg8Glmb2trzms2WlxIm071j+9jYEs/F/n9/mzX6/iyCRegmXUhN9rcPr34GQiw4uLrWKnRhHMQNwOMPVOG6MgPm9+eYBExY7Avl/Evscidd6uewc/+z1soTNIh0qjWS5R5ubgET+Y1G6B68dVrqLE9rA9Z3yIfcp8q/mal+qlkiSv9Vx8285CcM1H2nmXN40zGO3Ad9kVwsgzoHknIW9woUNly9GZeeSx6m5GCqAR7RFsNh6G0xYE7gtWoNs5xhGOyY7Dp+6XhYUPJQJF/kJkKmfFr/0nzXDjCqC2Fdc+OO5ao2nMod3uXFFUZBZzms0+RM0fcTwDLdaEkTw2q63ik4yRcBL7k5uMb7YTeZTitKFmaqPfq9DNgs+hItzDDAUBiJxbww40Z7O1kByg5J2PHU0Z0QJR5pXdMIwakLsKBIWZ7vVWGTmiPM46uRQSrdmjLUVCpanXk4OnRp2JA/Enhe76eASIN0rmHNLAPgzY5H8uhdAnlZ83RZ9qacOgQbjQ9s+rvUl+LpbxnZOolWcVnGUHZj/u11AVIz4VS6AB4g2rFpxSpt0welvuvngshOW+qpzIiw1k0oXsX4WkvxG4s7dwlfAUuYpJCU92EtSkF3z8qBSG35J6k156nXul/zIrxsYv8iuj7Oc5YwceqPhWNaysdRfueEgarfTdJiLisKqeWB8JTEFLDQCHDrbT8krWbbxe1e948grStUpx86BhQIB9bY3lleGgb8J3NNbU1qIltoVwxegECm2CyoA5NHJG5pLaaYBRlWlQC/VZMoo385DQL3k/Vsrn31qdNc50aPisQnqrKbqCdIcdG26VnXkJC9gyhHefzXwu+VkvJJ4eGBmRZF+eB7enzyjHaqjLXJJuk2drsDzWnuAGGA8Ys1KN/mJY4tF741Ba8rZmr/4BcPPRzR47PDOtBQsaI7RsdX+DoVsdgX6P8b3iVIuEm3DHjZlaeQDqFqrp/Q9gHEAjUmpa+zAk1wZ1XU5fw8YiKj3xP+/9pQ5QHqU+IkeZK7306b7rywI7PJf32QOfaSFPBiPI1NhQsBRoVbR5VKNiwK9nKA6fhxiWjvHqcCI8+MoxWhXbq2TwSfQLg91+NwzAUaH61xR1dQw55UAAUS0HfoZTSKqyyIffTNvF6ulRJITMtr6h1q0N8cVdZln0zTBT2k8uMvt5z5RFc58XpRhm8FXXx9LYtlMSdshVhYYyqepMOnhn/4UU25aqQ6swVmsyoJgFYM9ABXbMlFIGVivGEptHDEA5EFhfb6uPUHFmMKkT4rV4Uy8h0h2P8vEitCRZLW/VM3t14/2CN7IT5EQqmKyei+CdKHXiqJlb+Oi7bAATLiroIRoRdF9Ydp1nDRgU6XMxfv+60o2Cxkal2lSmM9YsCByLXY0Zefen0TNca/wndhuRkSJ/GVu2+E6OZtx9zfC0I/GDV4g8TfK3GLGINXBwifOrTcPTyaRgGmAO7OmhNES1pgEvebbeTJipVvq6PCGzVMARsQMF10eHvZQpgMjSq0mSSyccW4BF7PVF4013hgZuT3ZzHHN8zPUyRPifqyLYc3grL0ZOrY6zM+HWM0WvtE3T0u7psdxdxkqHWIxaCnbn3w8H/pqjBb5f6xWjC0auzM6lPtJ6zZ28TBuwSm2ovcOpeGVUx0iYMGLrRty6Iu02,iv:0rzvTEH041voxTfHnSlAfQx7SyBvcY6fUQxbmfqyGmA=,tag:CmyhGqlyXqI5o2H3T+otpw==,type:str]", "sops": { "age": [ { @@ -27,8 +27,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtU240VjVRZmJ5TGsrclJF\nRXRLbTRCZURtR0Z3d2E2eDNNeGRDODlXVEY4CllTeVFYbDJQWlRSS1RFLzAxSnlM\nZi9NU1c3cWo3YWRLcUJ2U2ZFWFBBVEEKLS0tIGtmZU9qSWdBT3RDeStaaFFDSWtk\ndkUzZXJwZUl4LzVxYXdidmxXRnNnclUKyAMZqCKSY/RQvTR4bbjLaPnGKwdBcHXc\nvtiVSrLdIdzMa6id/J07TJH5UesUmcp0wjU41MDa4aMBLy+cXhuBHA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2025-10-11T07:31:31Z", - "mac": "ENC[AES256_GCM,data:PnHpvceDR85hyKkOTcSaqY4Lg/2mqFvxCSShBxi4DSaTSJkSJwcJ+pWgSdZFu9+P2k/fQv49U/2uTiLZuvPZaIsZKFWG2ngQU9WgxDkte8/DlSHW2yjW2KdJrs4Gv45GcEMzGJRUC8XzY1r5x40VvqyYZX0F30qiOpYGtLJiGKk=,iv:QwhVQaGMj+2m8DDfXeX0iaOlOgwe4I9fhBEQ6t5WF9Y=,tag:cm+1ccwoDfLjbe8UcaTa+Q==,type:str]", + "lastmodified": "2025-10-21T17:52:25Z", + "mac": "ENC[AES256_GCM,data:SNsmzPknGzx9H7baoKo8gKSac/86sW5em3MKyhYFUxfRhZEtkUwkzz6KwDgZ4YCBzUlLrToiLUICA6KPnkXDHhKBh+8dyyVlB8ISU3gDbozjwRNA78oatLlA4h5sa5RADLha9j7Fr9euy4rcrCmk6jpL26RmsiFZhzaAxhkal4s=,iv:hmRyoG9tW5Wl9AKxWDW4Hv9Qvb5zlM4Ktrk0Q8jsVxg=,tag:ofsjndQpjLmnCMvz1NTsCA==,type:str]", "pgp": [ { "created_at": "2025-06-13T20:13:06Z",