From 53489fe173b490b4642ecd38d45cae69f637b3f8 Mon Sep 17 00:00:00 2001 From: Matt Jallen Date: Thu, 26 Mar 2026 20:26:31 -0500 Subject: [PATCH] hmm --- .../matt@macbook-pro-nixos/default.nix | 13 +++++++ modules/home/accounts/default.nix | 37 +++++++++++++++++++ .../home/programs/password-store/default.nix | 4 +- modules/home/programs/thunderbird/default.nix | 24 ++++++++++++ .../services/protonmail-bridge/default.nix | 18 +++++++++ modules/home/sops/default.nix | 6 +-- modules/nixos/desktop/plasma/default.nix | 10 ++--- secrets/mac-secrets.yaml | 7 ++-- secrets/secrets.yaml | 7 ++-- 9 files changed, 108 insertions(+), 18 deletions(-) create mode 100644 modules/home/accounts/default.nix create mode 100644 modules/home/programs/thunderbird/default.nix create mode 100644 modules/home/services/protonmail-bridge/default.nix diff --git a/homes/aarch64-linux/matt@macbook-pro-nixos/default.nix b/homes/aarch64-linux/matt@macbook-pro-nixos/default.nix index 9d05802..cc05950 100755 --- a/homes/aarch64-linux/matt@macbook-pro-nixos/default.nix +++ b/homes/aarch64-linux/matt@macbook-pro-nixos/default.nix @@ -84,6 +84,7 @@ in nwg-drawer = disabled; nwg-panel = disabled; opencode = enabled; + thunderbird = enabled; waybar = { enable = false; @@ -122,6 +123,18 @@ in wlogout = disabled; wofi = disabled; }; + + services = { + protonmail = enabled; + }; + }; + + sops = { + secrets = { + "protonmail-password" = { + sopsFile = (lib.snowfall.fs.get-file "secrets/mac-secrets.yaml"); + }; + }; }; home.packages = diff --git a/modules/home/accounts/default.nix b/modules/home/accounts/default.nix new file mode 100644 index 0000000..8e8abf1 --- /dev/null +++ b/modules/home/accounts/default.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: +{ + accounts = { + email.accounts = { + gmail = { + primary = true; + realName = "Matt Jallen"; + address = "matt.l.jallen@gmail.com"; + userName = "matt.l.jallen@gmail.com"; + passwordCommand = "${pkgs.uutils-coreutils-noprefix}/bin/cat ${config.sops.secrets."gmail-smtp-password".path}"; + flavor = "gmail.com"; + smtp = { + tls = { + enable = false; + useStartTls = true; + }; + host = "smtp.gmail.com"; + port = lib.mkForce 465; + }; + }; + protonmail = { + realName = "Matt Jallen"; + address = "jalle008@protonmail.com"; + userName = "jalle008@protonmail.com"; + passwordCommand = "${pkgs.uutils-coreutils-noprefix}/bin/cat ${config.sops.secrets."protonmail-password".path}"; + smtp = { + tls = { + enable = false; + useStartTls = true; + }; + host = "127.0.0.1"; + port = lib.mkForce 1025; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/modules/home/programs/password-store/default.nix b/modules/home/programs/password-store/default.nix index 1f082ee..c920b11 100644 --- a/modules/home/programs/password-store/default.nix +++ b/modules/home/programs/password-store/default.nix @@ -5,8 +5,6 @@ # To silence this warning and keep legacy behavior, set: # programs.password-store.settings = { PASSWORD_STORE_DIR = "$XDG_DATA_HOME/password-store"; }; programs.password-store = { - settings = { - PASSWORD_STORE_DIR = "$XDG_DATA_HOME/password-store"; - }; + settings = { }; }; } diff --git a/modules/home/programs/thunderbird/default.nix b/modules/home/programs/thunderbird/default.nix new file mode 100644 index 0000000..2a2f8af --- /dev/null +++ b/modules/home/programs/thunderbird/default.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, namespace, ... }: +let + cfg = config.${namespace}.programs.thunderbird; +in +{ + options.${namespace}.programs.thunderbird = { + enable = lib.mkEnableOption "thunderbird"; + }; + + config = lib.mkIf cfg.enable { + programs.thunderbird = { + enable = true; + profiles = { + mjallen = { + isDefault = true; + accountsOrder = [ + "gmail" + "protonmail" + ]; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/modules/home/services/protonmail-bridge/default.nix b/modules/home/services/protonmail-bridge/default.nix new file mode 100644 index 0000000..3ecc4c5 --- /dev/null +++ b/modules/home/services/protonmail-bridge/default.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, namespace, ... }: +let + cfg = config.${namespace}.services.protonmail; +in +{ + options.${namespace}.services.protonmail = { + enable = lib.mkEnableOption "protonmail bridge"; + }; + + config = lib.mkIf cfg.enable { + services.protonmail-bridge = { + enable = true; + extraPackages = with pkgs; [ pass ]; + }; + + home.packages = with pkgs; [ protonmail-bridge-gui ]; + }; +} \ No newline at end of file diff --git a/modules/home/sops/default.nix b/modules/home/sops/default.nix index 42b3f75..08736b0 100644 --- a/modules/home/sops/default.nix +++ b/modules/home/sops/default.nix @@ -15,9 +15,9 @@ in age.keyFile = "/home/${config.home.username}/.config/sops/age/keys.txt"; defaultSopsFile = "/etc/nixos/secrets/secrets.yaml"; validateSopsFiles = false; - # secrets = { - # "github-token" = { }; - # }; + secrets = { + "gmail-smtp-password" = { }; + }; # templates = { # ".env".content = '' # GITHUB_TOKEN = "${config.sops.placeholder.github-token}" diff --git a/modules/nixos/desktop/plasma/default.nix b/modules/nixos/desktop/plasma/default.nix index 6409f38..15c8ed5 100644 --- a/modules/nixos/desktop/plasma/default.nix +++ b/modules/nixos/desktop/plasma/default.nix @@ -23,12 +23,6 @@ in "nasa" ]) "bing" "Source for the wallpaper (bing or nasa)"; }; - - xdg.portal.extraPortals = [ ]; - - environment.systemPackages = with pkgs; [ - kdePackages.kdeplasma-addons - ]; }; config = lib.mkIf cfg.enable ( @@ -44,6 +38,10 @@ in }; xdg.portal.extraPortals = [ ]; + + environment.systemPackages = with pkgs; [ + kdePackages.kdeplasma-addons + ]; } # Wallpaper management: wire the shared wallpaper module in when requested. diff --git a/secrets/mac-secrets.yaml b/secrets/mac-secrets.yaml index 2621002..8a8ba2d 100644 --- a/secrets/mac-secrets.yaml +++ b/secrets/mac-secrets.yaml @@ -7,6 +7,7 @@ macbook-pro-nixos: macbook-pro-nixos-cert: ENC[AES256_GCM,data:Y5/NkBKhilxU1zbA9/tP2uPMqdLquVboEADROJ4HvHqN3EDY1BqfdqBapW/Ka4kH/m005qWEMsZTwM+/WPDRz2wujWZ/55NrOEK/wXwNEAA9rlXwIS9BWuSGInRSb8Z1jfH8EIBuCoKlckAhEpgu31wC2M5I6xG+Jq6kmI+nlhNhHVyAeizzYUrY5PlNUZBP/COWpFs9ukvgvZxAtYWNCr6tlNumEQP2D4rVo5llqxFobGwAXLqvm2rVb8akZlg+UTlp7lZQfZGpOGTZRf3MEcmjXUEsT/aL4f6LtiVTKwEB76bvtYF5SxIx+SAgaUkqsaxJeTGc8c8ZNtw9TqynMdBHSfB0fIxXf6cCHZaztHe5eWUhSnxW0VvLd60btdA7jUHGcvx8LkOpsR0e+WMcXjrw9zO4mEs+JOQ1OQL1,iv:T85Qz/1H6ojbq0ZlqfBpeyznNigoCA8czMMqLBIUwjI=,tag:jEznUzK9V+QMfho/f+3TIQ==,type:str] macbook-pro-nixos-key: ENC[AES256_GCM,data:zemLrMzg+IuIIA3dbIONVzKzBJFjdR6LMIPKGSnP23O/ZhoiflRPI1xZX3dKBcws51XtVhxKdfv/9UIiJwo2YRkW3xd2twJSld91ccN9xpwlnTciL4SS1lw4Tvrls4jmvpEZ6H0I2vwSOUyRrtx2/9cFGiJ/UfmnkxfbPtaBdA==,iv:5RMzQN3Pra2XnS+XZ/NKyOm+EvKY0d/76tQbczTjEAg=,tag:qyZviaLehXBZpjJ2VxXYDg==,type:str] ca-cert: ENC[AES256_GCM,data:lHROT0PA2cMxrNr9DOYF87oJwyclpiWmuHSKLqBojtLFBUovJH1uQQPIRKEuJ2+3PiAg+4Oca9RRuDfmdik7NJcjNW6WCOdIhkxiHtZsQnP5jR+oY5xvQ100nrxa4ucwK6M8da3P0o/5AiniFulxlqRC3x4o+Ntxh8pqEGbN5AgCKgqds3qqv9LdVtIIQD5BB9IBlKwMEixHGoYreIoMxDEbjCuqc3/uwigE/xzxs1LqfmbBu1sSX3tnLpZvmt3BpZ6e/nhJahVzA8ni2GNcorNb6UXX9wXpuI1rkNC/7q5bXtZqBqe0ewR/qf/Mc306sZp/omvI/1/MWnwq2Q==,iv:kIohsCxkydUC0gaK5DAERdVR+wlNpMlTZzAZf2G6tGk=,tag:Tko/c8L6iy5zEqL+/qRPUw==,type:str] +protonmail-password: ENC[AES256_GCM,data:VP4qBeCZoMSdDdYWnOduYwjSKmJmaQ==,iv:JMZV+CjSnI5OaeYrp+1A1li1J39Qq+ErM/Y3QuuYQYg=,tag:fmii/gkeFMq6BD4LrdQJvQ==,type:str] sops: shamir_threshold: 1 age: @@ -154,8 +155,8 @@ sops: SlVQcGorK3l3UU1WbTlLV3RvUVoyQlEKdR12pS1USSx70fvyNRLcHRD1IUOK+OkD J9XppV46eyGY5GLTDO7y7tmTu1Bw94inB0QA3PEw+6TZ0PEUTAqZVw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-23T21:06:15Z" - mac: ENC[AES256_GCM,data:02pvRfBy1zjwj62YNtmYqeXwQic6zOQqAIeYASszItFQUeFKDZvM+gONNzKgONCS0Zp2V3CuRY5xofsaPLpk8pef6ZoUxQJGhYCIN410R59aJia6KBVnCMHeky5knWGNqTcErGym90GVQMwvQTLpbcTZLtlESAXpZzdk5ESDv9U=,iv:6COWTXKpxzBb/3h3ueln9Dgr0Zc+ElZg0HIn+57WveA=,tag:7hNizplCE2LJGpvTSmzmRQ==,type:str] + lastmodified: "2026-03-27T00:47:39Z" + mac: ENC[AES256_GCM,data:WX5SXKlbqa+ToVOfc6H/8+9ZZyEJLtsjLBzmAtmW7yf3FCTfdsA4/Bks2jdoekcBHECDoeTzbA1OR8T+6yP+SiUWbgQe5mr+99XG0kTuqE5Zz3vHNdaypj87jg27I/f5j9pgGuWZxlJESxYvqun61J3ZAvE6k0flUXDG0UGwV9s=,iv:HE+LBlqY9ATTDpcJDtXXhTr4jFuiGrsId2KcGFfVFdM=,tag:hcYnmJpgL2AWMXG9LsNvdA==,type:str] pgp: - created_at: "2026-02-06T15:34:34Z" enc: |- @@ -178,4 +179,4 @@ sops: -----END PGP MESSAGE----- fp: CBCB9B18A6B8930B0B6ABFD1CCB8CBEB30633684 unencrypted_suffix: _unencrypted - version: 3.11.0 + version: 3.12.2 diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 64fac48..caee3a2 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -3,6 +3,7 @@ wifi: ENC[AES256_GCM,data:Rs+4Km4DogO7XatA,iv:JUv9HkNWsv/l4Fli5sFeUeYuWG1Yju95G5 matt_password: ENC[AES256_GCM,data:/8utn5xMoWIxXitfg2kFZCQwbqqn6rH7Pt5KYeTyGintjg5jF8T9eqdqrBGlqMdKh/YjUTwZZg4/PkNG9/gqk86pjaUtg+8C6w==,iv:BDbThvyXmzB9eKfuK0V2eR8p20g7rOOTOA3AYNCM6TI=,tag:KvIKOLFW9NMmQy97QWRfQA==,type:str] admin_password: ENC[AES256_GCM,data:aGyn1Tm+2ld3BqXN3U1RQkew13Ln0Y3+xYiIUjErmq8Y/AkR65bhEHpVKx6lT2AZNG7bTPM0QTGd5vloD4QdrtAMv5eye6GFHg==,iv:EYLqDoqK/4tzdg+YTywpeCg0kullQEyD6mKTJMTXYB4=,tag:GJnZqZj2Lnx4YoQ+ApUBBw==,type:str] github-token: ENC[AES256_GCM,data:FAuwS/j5kd/NvOVdwa+ROWgMZCjyOjDbIMoU11KkaUOVhnztZyLGCA==,iv:+EvAvf7cUpljLHaxVkBRloZsAYcKjceJHinUU47PCRI=,tag:p0irO6vnt5nr4sZIq9B8gA==,type:str] +gmail-smtp-password: ENC[AES256_GCM,data:zksDTEkRhkXA74ujBBWvGwm5sQ==,iv:uhJ6gxmaqmjAkhsJqmBy6FJPpCSAFDMlhxl1ynZAgoQ=,tag:Qrp5jPkfoC28xwARlWzT2g==,type:str] disk-key: ENC[AES256_GCM,data:cJdjG1gWYT4V0idae0nZl0j9FoEQuMW5PhQer2s8t4piv2mE8XM64W92MJyhi2aNtZ3cJ9h5PSW49zLeUWXIPGJNAvwRyWVc0O+T96jlZqtFlYBYLVh4tXdpXmxvq7IhB+sR2rY7qpcJEtCyUR8Mc7uzPZLQhuicwOjYuThhMdq73v3Re4taiL358U4DsLGhaQaGVoZ/RVRqT40F0ByxZto+JbwFGJBjQJlBhxE0b5pge93hQJcyY0LiI0Ctkv43gR5pnkHpXlM5TqZvzJLQVkG+N9IaRg0fPBnTyR8IaTi6ZAqBTY9byMPbfRsMgwY/FdGCkBguLNBt8a8P4TzzKo8CwcBcSOcCMKh+tzBwIAOxFb3H6lgLiKutA5wxgOrJ1tADvPxjEOjPx3zXVZA1jzsqtH4p6s5XDKJVhSoT08gI6DN7ILhBG9v8+NDeBj8ENFkMxDnbFrEyBt2j1fwq5s2/SmioN407KVi8Jd7SqQBEcp2WHFkrc95nJTyDer0J34jVUPVtVaqmLAPlzKWr9VZyrDJbl4stwz/pjstxtDfx4urxNYn6fhs3vigU6JFrE3sVN4MMosgvDxyqiMM44Qc6V6XO1GDJxKUo9kP8CGNvLpsMZSY9ZSjQaxMUNqXfySCry3AsOZolo6XUtbEk3YGGVAiJoiUE9aogdh++zRVYi+s2pzwf8BYGK2OB+C8ojSTRtcjsTCacWlV4cCnkpC5hpQ7KBycg8hYEm3bTjMuKcqsSTl8TUgwk4gq2cq2ZqvTWE7AHcgLGiFcT4/vm05rdS8j+nq5XprBUAwcvhR+wHtgU/HcJr939hp/45ZVI5a2DtcbhFOnrX+W/TZsUHdw+pxzau4JUfMI5COc3ntD0IOwP8c/dH+DOYeI6KToV8judUnIyMKnJrXBRpGoLa9kmbslUpw2oZSnQo1jBB1rQqLiQmbjA3nybAunmgrnaMtZcZZBX,iv:Y2rQMzIP4iA4YTRReMhIaG6aKTnlQjBl/eVdxg9gipM=,tag:m9KlqWLIxQ5065DBB8u0rw==,type:str] protonvpn: username: ENC[AES256_GCM,data:8jTLeHnmKzWIk7G2Q9m1kQ==,iv:FYuHAN3s/0DL/N3uQMeMCOW+SRmN9Mhx7ygMcWqBjMc=,tag:NXPYwxuSJxMm5rAE0mAgJg==,type:str] @@ -167,8 +168,8 @@ sops: WkVDSy9QZEVUSVhOOGRuenlHemMvdFUKeW9NARHwoqUDh53y3U3YNOJWBadHXc/S moz8UPSyq7mavU80Xn5ccvFUfOoC6fPttFQ42F04pj9XTdRF64vvRw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-18T00:11:35Z" - mac: ENC[AES256_GCM,data:tTtzX1HYFn2jGp5SoeMWgj4E4Qs3CIP25/PdJEATZwt8adA8FKSrBk+VEjMbxLscEGs/c2DuV6dENBRPbhVvnUISmGRMQadT4VQ/i+iyu56dOFthvWsR2hkUhtKrTfEsx/0ZO5L6084qWr3PIjiFEcThfcesMc4Q0GNB/T3/ShM=,iv:E+mY8UUAvbEgceRbMUbUfdYjcVsI6LdETuQJllOGJuc=,tag:NuCyq26pqEi0Iveqa4qxoA==,type:str] + lastmodified: "2026-03-27T00:26:37Z" + mac: ENC[AES256_GCM,data:ZybGxm3W2H0B5dO6lp0kWr3ebWbrBg4QzQ82q2GMBJg2YD3zFFaRZEz4MgaNAcp5AYEBwCYDfDoHEhFIZYU262ZmpXY7bk6tlg3x6xE+4FhgYNoz7mm9SLaLmyBRS3yKbtDbYOpvF1kBigyc417nVCeyvkolgkmG+otrGn1ciQA=,iv:BmAp5Fo9ioRPmT05ZA3ZxPeUkLLF7Yi+of1c8aGwEmI=,tag:HGsrrz1QMog5dw9wQKFc+w==,type:str] pgp: - created_at: "2026-03-24T14:06:52Z" enc: |- @@ -191,4 +192,4 @@ sops: -----END PGP MESSAGE----- fp: CBCB9B18A6B8930B0B6ABFD1CCB8CBEB30633684 unencrypted_suffix: _unencrypted - version: 3.12.1 + version: 3.12.2