swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: work email qol changes

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-08-09 14:29:22 +02:00
parent ca2d20522c
commit 91334e26a5
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
5 changed files with 1327 additions and 1061 deletions
Download patch file Download diff file Expand all files Collapse all files

253
SwarselSystems.org
View file

@ -10386,7 +10386,6 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
gh
];
services = {
spice-vdagentd.enable = true;
openssh = {
@ -11980,22 +11979,76 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
# this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email = {
maildirBasePath = "Mail";
accounts = {
leon = {
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
programs.thunderbird = {
enable = true;
profiles.default = {
isDefault = true;
withExternalGnupg = true;
settings = {
"mail.identity.default.archive_enabled" = true;
"mail.identity.default.archive_keep_folder_structure" = true;
"mail.identity.default.compose_html" = false;
"mail.identity.default.protectSubject" = true;
"mail.identity.default.reply_on_top" = 1;
"mail.identity.default.sig_on_reply" = false;
"mail.identity.default.sig_bottom" = false;
"gfx.webrender.all" = true;
"gfx.webrender.enabled" = true;
};
};
settings = {
"mail.server.default.allow_utf8_accept" = true;
"mail.server.default.max_articles" = 1000;
"mail.server.default.check_all_folders_for_new" = true;
"mail.show_headers" = 1;
"mail.identity.default.auto_quote" = true;
"mail.identity.default.attachPgpKey" = true;
"mailnews.default_sort_order" = 2;
"mailnews.default_sort_type" = 18;
"mailnews.default_view_flags" = 0;
"mailnews.sort_threads_by_root" = true;
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showUserAgent" = true;
"mail.imap.expunge_after_delete" = true;
"mail.server.default.delete_model" = 2;
"mail.warn_on_delete_from_trash" = false;
"mail.warn_on_shift_delete" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.prompted" = 2;
"app.update.auto" = false;
"privacy.donottrackheader.enabled" = true;
};
};
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/mailto" = [ "thunderbird.desktop" ];
"x-scheme-handler/mid" = [ "thunderbird.desktop" ];
"message/rfc822" = [ "thunderbird.desktop" ];
};
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email =
let
defaultSettings = {
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true; # SSL/TLS
};
thunderbird = {
enable = true;
profiles = [ "default" ];
};
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
mu.enable = true;
msmtp = {
enable = true;
@ -12016,7 +12069,10 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
};
};
};
in
{
maildirBasePath = "Mail";
accounts = {
swarsel = {
address = address4;
userName = address4-user;
@ -12039,59 +12095,39 @@ Normally I use 4 mail accounts - here I set them all up. Three of them are Googl
};
};
nautilus = {
leon = lib.recursiveUpdate
{
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
}
defaultSettings;
nautilus = lib.recursiveUpdate
{
primary = false;
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
}
defaultSettings;
mrswarsel = {
mrswarsel = lib.recursiveUpdate
{
primary = false;
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
}
defaultSettings;
};
};
@ -13614,7 +13650,8 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
config = lib.mkIf config.swarselmodules.optional.work {
config = lib.mkIf config.swarselmodules.optional.work
{
home.packages = with pkgs; [
stable.teams-for-linux
shellcheck
@ -13627,13 +13664,92 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
stable.prometheus.cli
tigervnc
openstackclient
pizauth
];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
in
{
primary = false;
address = mailAddress;
userName = mailAddress;
realName = mailName;
passwordCommand = "pizauth show work";
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "outlook.office365.com";
port = 587;
tls = {
enable = true; # SSL/TLS
useStartTls = true;
};
};
thunderbird = {
enable = true;
profiles = [ "default" ];
settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth
"mail.server.server_${id}.authMethod" = 10; # oauth
# "toolkit.telemetry.enabled" = false;
# "toolkit.telemetry.rejected" = true;
# "toolkit.telemetry.prompted" = 2;
};
};
msmtp = {
enable = false;
extraConfig = {
account = "work";
auth = "xoauth2";
host = "outlook.office365.com";
protocol = "smtp";
port = "587";
tls = "on";
tls_starttls = "on";
from = "${mailAddress}";
user = "${mailAddress}";
passwordeval = "pizauth show work";
};
};
mu.enable = false;
mbsync = {
enable = false;
expunge = "both";
extraConfig = {
account = {
AuthMechs = "XOAUTH2";
};
};
};
};
wayland.windowManager.sway.config = {
output = {
"Applied Creative Technology Transmitter QUATTRO201811" = {
@ -13906,6 +14022,23 @@ The rest of the settings is at [[#h:bbf2ecb6-c8ff-4462-b5d5-d45b28604ddf][work]]
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in
{
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = {
defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];

6
hosts/nixos/pyramid/secrets/pii.nix.enc
View file

@ -1,5 +1,5 @@
{
"data": "ENC[AES256_GCM,data:SEQIHMS8xUj6vsC1+1zTRG+h5BbqL0miA77UEh0UbiFOP7RgqhUlZgq+LmO7BRiIf4RHO13BZ5PXdKiZ96lgGcaquVnaEEQqv2NvkstXpwm3eLjUTJryMxfVupeir5g/FNXHETzhN425KD93EyMr4g7INJW4N4mHXmDnHJOJgS8rlKnSLG64cpgrlef8GAsGfp+i3ky2dig4jNQG8Ijdc46qtiyH9bs7k0d/YuNNmcZSaSIukNyyIMVTqlt6MV+9iUQ4Lj5h0pxgDLfjM1TNQAHRkWW4eozt7SO17U9td1DxvBF9TUdj3xbFCVo4c1OGw4hrjahvUAF8u1TEXBhhJfLqApDUBddRMxybk8Dy98jOHcb6Qwu3qUcgRt9XgkOktwgovS/B2WWAIWMTIZhyKm5ENriaTZWSp6n7hzkw1C1wXyCaP6YT0A4SSPPJt/DuTcBZ5BOFM10237NNgZA0Q7B5J5C57W88bhtzZ2aJZexyQYqQPrr5c38RwR00OAVGJeCgcq70JqeA5EpTuud20rBE0/dHHEPeVUBkrq8pjBHh4SYeMOh8g85CnlF31cxAcnrVJbO14hQQ8sQd4ZmkRNcY3EL981ruDy6Okd3K5AifmF/E9IEZwbvCSLY8EYANA+NV97ZsL4zJOWC6tnA1QHFDoqCR/POsupvGQetYpembrUY0WoB5XkfAvMicQCeLJe2H7S6pOVMDOIIZLx57vcO855LlIJiCpMw2ytqbBXRZolM2WXEBZDEL6BnrEydUnoiUCxqsUrdvQE3HTzktXKQww9jc6HLfBV1MvfScWq2fisGDlkrC2rI5VcWamm8Xbke4uTVcdbKlDpgbpC8NaWmmgNhFe50VNf7M/L5etnvuWWbY68epLZo7dsaaWVE584pdVFT+2K2GwWmGnMHKW+KKA6O9hFfdPUOsJj+eJiF9JX7OwLPAJILTjesWfHXivILBwjDyY5CBCHg91fsrPF37222O/HPPukveY/u6WBOt+co3Ch9mq9usdD7fhieo59IZ7aOJb7dxHSa99nBD8NZbwn6nJkgn3hpLfP9q/2TWcF/zSD1oGY7f1GVbEKEHj2hHv+OHMhFzgRhi5NtvGOO4l0aa1QE1eyRJgHLeqS5aL119Fh1+PSSN9/+v1q6l2JjYuQAV1BqzVdG2GS64J4PBxVqmZ3M9Qv2ZvH0Zwjs64M3MDUMNa5+HZAkPpThvrUWSCEFivIfiOi4Bt/h+HmyQb04LB5QuNFSiRpuF+fQcA+MmMQ==,iv:PL7Z5mKqbNbPfptREw9xFTiOQ1qiVkyxLPvDSoPvbbY=,tag:OPlhVLtN5IDdL/nkkj8+CQ==,type:str]",
"data": "ENC[AES256_GCM,data:kkwEMOzab5JK9G+rSfYygcAI6Y+b1tXkUFPdxN8e2Rnz2Uv4bDfITu8bmKqJ1q5kmHxQjQukioZkdQkabqBR8cx/CG3dRJfPAjEwMz4v8UYGSNSf8blJvdb4YKSizeOEALCuawBIm5hmvwuskXlol6UfkK66h9UnP94wwdh0KKemWinANxbIUX+cl6kK4X1eZrWRGr5Ts2HmjcowIbA+SmA8yVAwqoP6L1DuavilLGPfWhBI4Kj7ZTI3LRlvu4DZZ+DCAea3FgrrjbTWiWZfFW0YX2fDgNQkIxpp3N203zDu23HebZcmCrVBkfvFS7awBr5iVnwfsqOJR0LH92lIlUb8YoFShlJU/Day80i9uyYDCTHc4l2NBvjIH8NlpiYaA2A+rCW3VkVX3WzCGxBfi/kIqoNE3RdLJAYrIimsYaHSmk4o6jslR3xIRyQzDcNtWa92kINdCwBuJXc0UYe/HnR8tFlmOrlixMlVINTy45PRNYJoy7cuoJPd+aNIPQ2V31TB/CjUSZhEptVJSnQnKDui1xuV7vqcyPv06xftJGZRk/LL2cl3+HDLflkZYE7NVlLaOWMBOkX99W/WokF3NGBWuVeUp9bLCwpuEmzFafpCjKhGrQSDGkw17jmYWCULN9v3q6OvyylwqVuDDQZNSxGZFsSPr7qOxeENwTDQvRwpydthPRMMHh/wf3t5pyV/jW79SBuxIWvn4JbO8TBsd9TmVgXMgpd97+Zg3CnTqZApVVRzM8NzF25fMYHJv12YvkEmyOm0otFU84COhgNkpBRTJhyJdjKWVOTJFJyQviwy6BTBF6jqHyS+YP7BEZO2UID/9ODKVrSACCatSQlNtLQRrXOiE9h3g43uAJc/TyJ+A0IceUJ3BM+6PEJiqDWUfO5ucP3pLDdb4IDOAi/YeV9HQdyCdEVRf6a0CHmPcnkb+X+fxxcmZQCvuzQjOZQZw8UUwfhdJms6jTWqaN9leb3z4u8RPxOM1T+Qsu5dL5ouady7xVSO4c1Fw+EiiL9yOh42DTa4OyBlcTJiz5iigqmkaiQOwdwn+FlOYNraOd24h8+x7dDVQBbHjnV7xF7I1rmpOfA/lUbfovLU5SrIxLPT64J25ucudJWBTCDiYADUwhv+QmfJJsdt11+NWPkS3ymFbbWPtpZvhCaawrNKb3s/ohOEi8JIAyY9dtfRGuRoTsCcsJ4xjeSLehX4TgR0cl31Jmm+0kO2uuP7veDrqyUg1Swqsq4+BKfimprh/QzwSoB9lOdEPu0bdQza9sk+D5+H2ooXsVXA2YJscBZ/Kv+YYW57LlfwEvfpJDx5XiQtAYYlUeN8SPx72i9QzYugm339gj+eB8gtbX3W8Sl+D9Vs0P+GZ4G7K03JvzEExtA=,iv:Go3U5S9ZxtPawFoVjknH8j8WDg2TJLIU6mp5DQDj9BE=,tag:0QPJYyQsuZ4hz8xZZ2V4xw==,type:str]",
"sops": {
"age": [
{
@ -11,8 +11,8 @@
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA0Z2tONmQxTUhZUW12Z2Jm\nUnoxSnpYcnZDNGNzSko1ckl2RDh3NG1VS2dFCmIwUXhmSk1OUk02S0JPVDR5UWJ4\na0gwWlg0V005ZWxYa29PZ0laS2VqM0kKLS0tIHN5SU9pQ090eHljeXJGWm5hRFQ4\nZ001Nzkyb29RYkNUMDNDNlo4YnVQeTQK34bNIBgxId2+DHKQNVV3Iro3KGkE03Sp\niB1+dADT6nRvGvoyPqnLq/NYfw7eQ6XqYt55zkdCta8v6L1UNUkw8g==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-07-13T23:20:32Z",
"mac": "ENC[AES256_GCM,data:ibG9NVwVLf4UgdxnHbAToq5n12v4PPgPmnTn8PYg0LZfU2x6GaxRtNvWoFxDa9bEWMRzrlC5oV+hXsTxzJdYliafNTOxWjtOI/ME/HgEE8cU17HuJViWkR+CL+kzCelgFjCD3XajbTRzdTBtcI9icsUvnaManjlSvsgWmqNP36Y=,iv:uCy8Mv5HM611Qd4cvvEiDovnv1uuLZVSN7p7SV10zRA=,tag:fRjfyRkIIh5L97WVyNyxSQ==,type:str]",
"lastmodified": "2025-08-07T12:21:20Z",
"mac": "ENC[AES256_GCM,data:JxNvTsW6D7IbaczGsdgfTJcACm5VLrOw6Ep+RU9PoXn2LJZeJ9U8KIlnNdODtxMpiIpZ+ZPeJgQk+EXlUVd5n2dJQEr6vqfs4o85givDWE29Pki12Zb7jMhiW8/z9GYQ/TcskkWUfA0Brz9fKVKXLARvQdL1/9Rlw+F1VwWWBOo=,iv:V31hoIpUgq6X47D0B+MtBMsdD0oDpPkh2kvQWRJtS3w=,tag:dsW9SUIdGipX5rKyLAvCvQ==,type:str]",
"pgp": [
{
"created_at": "2025-06-14T22:31:01Z",

153
modules/home/common/mail.nix
View file

@ -33,22 +33,76 @@ in
# this is needed so that mbsync can use the passwords from sops
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ];
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email = {
maildirBasePath = "Mail";
accounts = {
leon = {
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
programs.thunderbird = {
enable = true;
profiles.default = {
isDefault = true;
withExternalGnupg = true;
settings = {
"mail.identity.default.archive_enabled" = true;
"mail.identity.default.archive_keep_folder_structure" = true;
"mail.identity.default.compose_html" = false;
"mail.identity.default.protectSubject" = true;
"mail.identity.default.reply_on_top" = 1;
"mail.identity.default.sig_on_reply" = false;
"mail.identity.default.sig_bottom" = false;
"gfx.webrender.all" = true;
"gfx.webrender.enabled" = true;
};
};
settings = {
"mail.server.default.allow_utf8_accept" = true;
"mail.server.default.max_articles" = 1000;
"mail.server.default.check_all_folders_for_new" = true;
"mail.show_headers" = 1;
"mail.identity.default.auto_quote" = true;
"mail.identity.default.attachPgpKey" = true;
"mailnews.default_sort_order" = 2;
"mailnews.default_sort_type" = 18;
"mailnews.default_view_flags" = 0;
"mailnews.sort_threads_by_root" = true;
"mailnews.headers.showMessageId" = true;
"mailnews.headers.showOrganization" = true;
"mailnews.headers.showReferences" = true;
"mailnews.headers.showUserAgent" = true;
"mail.imap.expunge_after_delete" = true;
"mail.server.default.delete_model" = 2;
"mail.warn_on_delete_from_trash" = false;
"mail.warn_on_shift_delete" = false;
"toolkit.telemetry.enabled" = false;
"toolkit.telemetry.rejected" = true;
"toolkit.telemetry.prompted" = 2;
"app.update.auto" = false;
"privacy.donottrackheader.enabled" = true;
};
};
xdg.mimeApps.defaultApplications = {
"x-scheme-handler/mailto" = [ "thunderbird.desktop" ];
"x-scheme-handler/mid" = [ "thunderbird.desktop" ];
"message/rfc822" = [ "thunderbird.desktop" ];
};
accounts = lib.mkIf (config.swarselsystems.isNixos && !config.swarselsystems.isPublic) {
email =
let
defaultSettings = {
imap = {
host = "imap.gmail.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "smtp.gmail.com";
port = 465;
tls.enable = true; # SSL/TLS
};
thunderbird = {
enable = true;
profiles = [ "default" ];
};
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
mu.enable = true;
msmtp = {
enable = true;
@ -69,7 +123,10 @@ in
};
};
};
in
{
maildirBasePath = "Mail";
accounts = {
swarsel = {
address = address4;
userName = address4-user;
@ -92,59 +149,39 @@ in
};
};
nautilus = {
leon = lib.recursiveUpdate
{
primary = true;
address = address1;
userName = address1;
realName = fullName;
passwordCommand = "cat ${nixosConfig.sops.secrets.address1-token.path}";
gpg = {
key = "0x76FD3810215AE097";
signByDefault = true;
};
}
defaultSettings;
nautilus = lib.recursiveUpdate
{
primary = false;
address = address2;
userName = address2;
realName = address2-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address2-token.path}";
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
}
defaultSettings;
mrswarsel = {
mrswarsel = lib.recursiveUpdate
{
primary = false;
address = address3;
userName = address3;
realName = address3-name;
passwordCommand = "cat ${nixosConfig.sops.secrets.address3-token.path}";
imap.host = "imap.gmail.com";
smtp.host = "smtp.gmail.com";
msmtp.enable = true;
mu.enable = true;
mbsync = {
enable = true;
create = "maildir";
expunge = "both";
patterns = [ "*" "![Gmail]*" "[Gmail]/Sent Mail" "[Gmail]/Starred" "[Gmail]/All Mail" ];
extraConfig = {
channel = {
Sync = "All";
};
account = {
Timeout = 120;
PipelineDepth = 1;
};
};
};
};
}
defaultSettings;
};
};

99
modules/home/optional/work.nix
View file

@ -4,7 +4,8 @@ let
in
{
options.swarselmodules.optional.work = lib.mkEnableOption "optional work settings";
config = lib.mkIf config.swarselmodules.optional.work {
config = lib.mkIf config.swarselmodules.optional.work
{
home.packages = with pkgs; [
stable.teams-for-linux
shellcheck
@ -17,13 +18,92 @@ in
stable.prometheus.cli
tigervnc
openstackclient
pizauth
];
systemd.user.services.pizauth = {
Unit = {
Description = "Pizauth OAuth2 token manager";
};
Service = {
Type = "simple";
ExecStart = "${pkgs.pizauth}/bin/pizauth server -vvvv -d";
ExecReload = "${pkgs.pizauth}/bin/pizauth reload";
ExecStop = "${pkgs.pizauth}/bin/pizauth shutdown";
};
Install = {
WantedBy = [ "default.target" ];
};
};
home.sessionVariables = {
DOCUMENT_DIR_PRIV = lib.mkForce "${homeDir}/Documents/Private";
DOCUMENT_DIR_WORK = lib.mkForce "${homeDir}/Documents/Work";
};
accounts.email.accounts.work =
let
inherit (nixosConfig.repo.secrets.local.work) mailAddress mailName;
in
{
primary = false;
address = mailAddress;
userName = mailAddress;
realName = mailName;
passwordCommand = "pizauth show work";
imap = {
host = "outlook.office365.com";
port = 993;
tls.enable = true; # SSL/TLS
};
smtp = {
host = "outlook.office365.com";
port = 587;
tls = {
enable = true; # SSL/TLS
useStartTls = true;
};
};
thunderbird = {
enable = true;
profiles = [ "default" ];
settings = id: {
"mail.smtpserver.smtp_${id}.authMethod" = 10; # oauth
"mail.server.server_${id}.authMethod" = 10; # oauth
# "toolkit.telemetry.enabled" = false;
# "toolkit.telemetry.rejected" = true;
# "toolkit.telemetry.prompted" = 2;
};
};
msmtp = {
enable = false;
extraConfig = {
account = "work";
auth = "xoauth2";
host = "outlook.office365.com";
protocol = "smtp";
port = "587";
tls = "on";
tls_starttls = "on";
from = "${mailAddress}";
user = "${mailAddress}";
passwordeval = "pizauth show work";
};
};
mu.enable = false;
mbsync = {
enable = false;
expunge = "both";
extraConfig = {
account = {
AuthMechs = "XOAUTH2";
};
};
};
};
wayland.windowManager.sway.config = {
output = {
"Applied Creative Technology Transmitter QUATTRO201811" = {
@ -296,6 +376,23 @@ in
inherit (nixosConfig.repo.secrets.local.work) user1 user2 user3;
in
{
configFile."pizauth.conf".text = ''
account "work" {
auth_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/authorize";
token_uri = "https://login.microsoftonline.com/common/oauth2/v2.0/token";
client_id = "08162f7c-0fd2-4200-a84a-f25a4db0b584";
client_secret = "TxRBilcHdC6WGBee]fs?QR:SJ8nI[g82";
scopes = [
"https://outlook.office365.com/IMAP.AccessAsUser.All",
"https://outlook.office365.com/SMTP.Send",
"offline_access"
];
// You don't have to specify login_hint, but it does make
// authentication a little easier.
login_hint = "${nixosConfig.repo.secrets.local.work.mailAddress}";
}
'';
mimeApps = {
defaultApplications = {
"x-scheme-handler/msteams" = [ "teams-for-linux.desktop" ];

1
modules/nixos/optional/work.nix
View file

@ -213,7 +213,6 @@ in
gh
];
services = {
spice-vdagentd.enable = true;
openssh = {