kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-16 10:11:08 +01:00
Code Releases Activity

feat(mail): split into fetcher and client machines

Browse Source
This commit is contained in:
Kierán Meinhardt
2021-02-07 16:08:11 +01:00
parent 40472e2ff8
commit 9192fa458b
6 changed files with 271 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
configs/default.nix
View File

@@ -206,7 +206,7 @@ in {
./i3.nix
./keybase.nix
./keyboard.nix
./mail.nix
./mail/client.nix
./mpv.nix
./mime.nix
./nano.nix

265
configs/mail.nix
View File

@@ -1,265 +0,0 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) kieran;
nixpkgs-much = import (pkgs.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "7c2a362b58a1c2ba72d24aa3869da3b1a91d39e1";
sha256 = "0gl4xndyahasa9dv5mi3x9w8s457wl2xh9lcldizcn1irjvkrzs4";
}) {
overlays = [
(import <stockholm/krebs/5pkgs/haskell>)
];
};
much-pkg = nixpkgs-much.haskellPackages.callCabal2nix "much" <niveum/submodules/much> {};
much = nixpkgs-much.haskell.lib.dontHaddock much-pkg;
tagRules = [
{
query = "to:miaengiadina-pwa@noreply.github.com AND subject:\"PR run failed\"";
tags = [ "-new" "+deleted" ];
}
{
query = lib.concatStringsSep " OR " [
"from:noreply-local-guides@google.com"
"from:google-maps-noreply@google.com"
"subject:fd-noti"
"from:nebenan.de"
"to:miaengiadina-pwa@noreply.github.com"
];
tags = [ "-new" ];
}
{
query = "tag:new";
tags = [ "-new" "+inbox" ];
}
];
# turns out we have to escape $ because, if the password contains a $, it will get interpolated as a variable by the msmtp `passwordeval` which does: `bash -c "COMMAND; echo"`
pass_ = file: "echo ${lib.escape ["$"] (lib.escapeShellArg (lib.strings.fileContents file))}";
generateTaggingScript = filters:
let
template = { tags, query, message ? "tagging ${query} -> ${lib.concatStringsSep " " tags}", ... }: ''
echo '${message}'
${pkgs.notmuch}/bin/notmuch tag ${lib.concatStringsSep " " tags} -- "${query}"
'';
in lib.concatStringsSep "\n" (map template filters);
enableDefaults = lib.recursiveUpdate {
mbsync = {
enable = true;
create = "both";
expunge = "both";
};
msmtp.enable = true;
notmuch.enable = true;
};
mail-sync = pkgs.writers.writeDashBin "mail-sync" ''
${pkgs.isync}/bin/mbsync --all
${pkgs.notmuch}/bin/notmuch new
'';
in {
environment.variables.NOTMUCH_CONFIG = config.home-manager.users.me.home.sessionVariables.NOTMUCH_CONFIG;
systemd.services.mail-sync = {
enable = true;
wants = [ "network-online.target" ];
startAt = "*:0/15";
serviceConfig.User = "kfm";
serviceConfig.Type = "oneshot";
environment.NOTMUCH_CONFIG = config.home-manager.users.me.home.sessionVariables.NOTMUCH_CONFIG;
script = ''
export PATH=${lib.makeBinPath [ pkgs.muchsync pkgs.notmuch mail-sync ]}
mail-sync
muchsync
'';
};
environment.systemPackages = [
pkgs.neomutt
pkgs.notmuch-addrlookup
mail-sync
pkgs.muchsync
(pkgs.writers.writeDashBin "mua" ''
if [ $# -eq 0 ]; then
${much}/bin/much-kmein
else
${much}/bin/much-kmein -q "$*"
fi
'')
(pkgs.writers.writeDashBin "mail-clean" ''
${pkgs.notmuch}/bin/notmuch search --output files --format=text0 tag:deleted | ${pkgs.findutils}/bin/xargs -r0 rm
${pkgs.notmuch}/bin/notmuch new
'')
];
home-manager.users.me = {
services.muchsync.remotes =
let
muchsyncConfig = host: {
name = host;
value = {
frequency = "*:0/10";
remote.host = host;
remote.checkForModifiedFiles = false;
local.checkForModifiedFiles = false;
# don't run `notmuch new` locally nor remotely because muchsync is only regularly run after `mail-sync`
remote.importNew = false;
local.importNew = false;
};
};
in lib.listToAttrs (map muchsyncConfig [
"wilde"
"manakish"
]);
programs.msmtp.enable = true;
programs.mbsync.enable = true;
programs.notmuch = {
enable = true;
new.tags = [ "new" ];
search.excludeTags = [ "deleted" "spam" ];
hooks.postNew = generateTaggingScript tagRules;
extraConfig.muchsync.and_tags = "inbox;unread";
};
accounts.email.maildirBasePath = "${config.users.users.me.home}/mail";
accounts.email.accounts = {
fysi = enableDefaults {
primary = false;
smtp = {
host = "smtp.fastmail.com";
port = 465;
tls.enable = true;
};
imap = {
host = "imap.fastmail.com";
port = 993;
tls.enable = true;
};
userName = "kieran@fysi.tech";
address = "kieran@fysi.tech";
realName = kieran.name;
passwordCommand = pass_ <secrets/mail/fastmail>;
};
cock = enableDefaults {
primary = false;
smtp = {
host = "mail.cock.li";
port = 587;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mail.cock.li";
port = 993;
tls.enable = true;
};
userName = "2210@cock.li";
address = "2210@cock.li";
realName = "2210";
passwordCommand = pass_ <secrets/mail/cock>;
};
kieran-gmail = enableDefaults {
primary = false;
flavor = "gmail.com";
address = "kieran.meinhardt@gmail.com";
realName = kieran.name;
userName = "kieran.meinhardt";
passwordCommand = pass_ <secrets/mail/gmail/kieran.meinhardt>;
folders = {
drafts = "[Gmail]/Entw&APw-rfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
amroplay = enableDefaults {
primary = false;
flavor = "gmail.com";
address = "amroplay@gmail.com";
realName = kieran.name;
userName = "amroplay";
passwordCommand = pass_ <secrets/mail/gmail/amroplay>;
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
posteo = enableDefaults {
primary = true;
smtp = {
host = "posteo.de";
port = 587;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "posteo.de";
port = 993;
tls.enable = true;
};
address = "kieran.meinhardt@posteo.net";
realName = kieran.name;
userName = "kieran.meinhardt@posteo.net";
passwordCommand = pass_ <secrets/mail/posteo>;
};
hu-berlin = enableDefaults {
primary = false;
address = "meinhark@hu-berlin.de";
realName = kieran.name;
userName = "meinhark";
passwordCommand = pass_ <secrets/eduroam/password>;
smtp = {
host = "mailhost.cms.hu-berlin.de";
port = 25;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mailbox.cms.hu-berlin.de";
port = 993;
tls.enable = true;
};
};
hu-berlin-work = enableDefaults {
primary = false;
address = "meinhaki@hu-berlin.de";
realName = kieran.name;
userName = "meinhaki";
passwordCommand = pass_ <secrets/mail/meinhaki>;
smtp = {
host = "mailhost.cms.hu-berlin.de";
port = 25;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mailbox.cms.hu-berlin.de";
port = 993;
tls.enable = true;
};
};
};
};
}

142
configs/mail/accounts.nix Normal file
View File

@@ -0,0 +1,142 @@
{ lib, ... }:
let
inherit (import <niveum/lib>) kieran;
enableDefaults = lib.recursiveUpdate {
mbsync = {
enable = true;
create = "both";
expunge = "both";
};
msmtp.enable = true;
notmuch.enable = true;
};
# turns out we have to escape $ because, if the password contains a $, it will get interpolated as a variable by the msmtp `passwordeval` which does: `bash -c "COMMAND; echo"`
pass_ = file: "echo ${lib.escape ["$"] (lib.escapeShellArg (lib.strings.fileContents file))}";
in
{
fysi = enableDefaults {
primary = false;
smtp = {
host = "smtp.fastmail.com";
port = 465;
tls.enable = true;
};
imap = {
host = "imap.fastmail.com";
port = 993;
tls.enable = true;
};
userName = "kieran@fysi.tech";
address = "kieran@fysi.tech";
realName = kieran.name;
passwordCommand = pass_ <secrets/mail/fastmail>;
};
cock = enableDefaults {
primary = false;
smtp = {
host = "mail.cock.li";
port = 587;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mail.cock.li";
port = 993;
tls.enable = true;
};
userName = "2210@cock.li";
address = "2210@cock.li";
realName = "2210";
passwordCommand = pass_ <secrets/mail/cock>;
};
kieran-gmail = enableDefaults {
primary = false;
flavor = "gmail.com";
address = "kieran.meinhardt@gmail.com";
realName = kieran.name;
userName = "kieran.meinhardt";
passwordCommand = pass_ <secrets/mail/gmail/kieran.meinhardt>;
folders = {
drafts = "[Gmail]/Entw&APw-rfe";
sent = "[Gmail]/Gesendet";
trash = "[Gmail]/Papierkorb";
};
};
amroplay = enableDefaults {
primary = false;
flavor = "gmail.com";
address = "amroplay@gmail.com";
realName = kieran.name;
userName = "amroplay";
passwordCommand = pass_ <secrets/mail/gmail/amroplay>;
folders = {
drafts = "[Gmail]/Drafts";
sent = "[Gmail]/Sent Mail";
trash = "[Gmail]/Bin";
};
};
posteo = enableDefaults {
primary = true;
smtp = {
host = "posteo.de";
port = 587;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "posteo.de";
port = 993;
tls.enable = true;
};
address = "kieran.meinhardt@posteo.net";
realName = kieran.name;
userName = "kieran.meinhardt@posteo.net";
passwordCommand = pass_ <secrets/mail/posteo>;
};
hu-berlin = enableDefaults {
primary = false;
address = "meinhark@hu-berlin.de";
realName = kieran.name;
userName = "meinhark";
passwordCommand = pass_ <secrets/eduroam/password>;
smtp = {
host = "mailhost.cms.hu-berlin.de";
port = 25;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mailbox.cms.hu-berlin.de";
port = 993;
tls.enable = true;
};
};
hu-berlin-work = enableDefaults {
primary = false;
address = "meinhaki@hu-berlin.de";
realName = kieran.name;
userName = "meinhaki";
passwordCommand = pass_ <secrets/mail/meinhaki>;
smtp = {
host = "mailhost.cms.hu-berlin.de";
port = 25;
tls = {
enable = true;
useStartTls = true;
};
};
imap = {
host = "mailbox.cms.hu-berlin.de";
port = 993;
tls.enable = true;
};
};
}

56
configs/mail/client.nix Normal file
View File

@@ -0,0 +1,56 @@
{ config, pkgs, lib, ... }:
let
much =
let
nixpkgs-much = import (pkgs.fetchFromGitHub {
owner = "NixOS";
repo = "nixpkgs";
rev = "7c2a362b58a1c2ba72d24aa3869da3b1a91d39e1";
sha256 = "0gl4xndyahasa9dv5mi3x9w8s457wl2xh9lcldizcn1irjvkrzs4";
}) {
overlays = [
(import <stockholm/krebs/5pkgs/haskell>)
];
};
much-pkg = nixpkgs-much.haskellPackages.callCabal2nix "much" <niveum/submodules/much> {};
in nixpkgs-much.haskell.lib.dontHaddock much-pkg;
in {
environment.variables.NOTMUCH_CONFIG = config.home-manager.users.me.home.sessionVariables.NOTMUCH_CONFIG;
environment.systemPackages = [
pkgs.notmuch-addrlookup
pkgs.muchsync
(pkgs.writers.writeDashBin "mua" ''
if [ $# -eq 0 ]; then
${much}/bin/much-kmein
else
${much}/bin/much-kmein -q "$*"
fi
'')
(pkgs.writers.writeDashBin "mail-clean" ''
${pkgs.notmuch}/bin/notmuch search --output files --format=text0 tag:deleted | ${pkgs.findutils}/bin/xargs -r0 rm
${pkgs.notmuch}/bin/notmuch new
'')
];
home-manager.users.me = {
services.muchsync.remotes.zaatar = {
frequency = "*:0/10";
remote.host = "email@zaatar";
remote.importNew = false;
};
programs.notmuch = {
enable = true;
search.excludeTags = [ "deleted" "spam" ];
# extraConfig.muchsync.and_tags = "inbox;unread";
};
programs.msmtp.enable = true;
accounts.email.accounts = import ./accounts.nix { inherit lib; };
};
}

68
configs/mail/fetcher.nix Normal file
View File

@@ -0,0 +1,68 @@
{ config, pkgs, lib, ... }:
let
inherit (import <niveum/lib>) kieran;
tagRules = [
{
query = "to:miaengiadina-pwa@noreply.github.com AND subject:\"PR run failed\"";
tags = [ "-new" "+deleted" ];
}
{
query = lib.concatStringsSep " OR " [
"from:noreply-local-guides@google.com"
"from:google-maps-noreply@google.com"
"subject:fd-noti"
"from:nebenan.de"
"to:miaengiadina-pwa@noreply.github.com"
];
tags = [ "-new" ];
}
{
query = "tag:new";
tags = [ "-new" "+inbox" ];
}
];
generateTaggingScript = filters:
let
template = { tags, query, message ? "tagging ${query} -> ${lib.concatStringsSep " " tags}", ... }: ''
echo '${message}'
${pkgs.notmuch}/bin/notmuch tag ${lib.concatStringsSep " " tags} -- "${query}"
'';
in lib.concatStringsSep "\n" (map template filters);
in
{
users.users.email = {
isNormalUser = true;
description = "fetching mails since 2021";
openssh.authorizedKeys.keys = kieran.sshKeys pkgs;
packages = [ pkgs.muchsync ];
};
environment.variables.NOTMUCH_CONFIG = config.home-manager.users.email.home.sessionVariables.NOTMUCH_CONFIG;
systemd.services.mail-sync = {
enable = true;
wants = [ "network-online.target" ];
startAt = "*:0/15";
serviceConfig.User = config.users.users.email.name;
serviceConfig.Type = "oneshot";
environment.NOTMUCH_CONFIG = config.home-manager.users.email.home.sessionVariables.NOTMUCH_CONFIG;
script = ''
${pkgs.isync}/bin/mbsync --all
${pkgs.notmuch}/bin/notmuch new
'';
};
home-manager.users.email = {
programs.mbsync.enable = true;
accounts.email.accounts = import ./accounts.nix { inherit lib; };
programs.notmuch = {
enable = true;
new.tags = [ "new" ];
hooks.postNew = generateTaggingScript tagRules;
};
};
}

5
systems/zaatar/configuration.nix
View File

@@ -2,6 +2,7 @@
{
imports = [
./hardware-configuration.nix
<home-manager/nixos>
<niveum/configs/wifi.nix>
<niveum/configs/keyboard.nix>
<niveum/modules/retiolum.nix>
@@ -10,6 +11,7 @@
<niveum/configs/sshd.nix>
<niveum/configs/version.nix>
<niveum/configs/spotifyd.nix>
<niveum/configs/mail/fetcher.nix>
{
sound.enable = true;
}
@@ -55,7 +57,8 @@
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
];
};
}{
}
{
environment.systemPackages = [ pkgs.tmux ];
systemd.services.turntables = {
description = "music controller session";