diff --git a/flake.lock b/flake.lock index b2608c8..50f0301 100644 --- a/flake.lock +++ b/flake.lock @@ -62,11 +62,11 @@ "secrets": { "flake": false, "locked": { - "lastModified": 1640976355, - "narHash": "sha256-OWreLkiCSvvGx5RotyIAzZWgrPEiRGQXipIYIUByzEI=", + "lastModified": 1642323992, + "narHash": "sha256-neExsJomuWP9/lv1VcXCAYOQ0L7qPAnx8q0YbFA2zpQ=", "ref": "main", - "rev": "16bbe8a0157d5aa669b2572cda7186a2f108e676", - "revCount": 27, + "rev": "c6b452df2d10b24e21b746b09f1ff5b1fd9ee850", + "revCount": 28, "type": "git", "url": "ssh://gitea@git.ingolf-wagner.de/palo/nixos-secrets.git" }, diff --git a/nixos/configs/pepe/mail-fetcher.nix b/nixos/configs/pepe/mail-fetcher.nix index 3391764..8fe5012 100644 --- a/nixos/configs/pepe/mail-fetcher.nix +++ b/nixos/configs/pepe/mail-fetcher.nix @@ -44,6 +44,10 @@ let "from:vstbuzz.com" ]; filters = [ + { + query = "from:hosting.de"; + tags = [ "+billing" ]; + } { query = "from:hv-geelen.de"; tags = [ "+wohnung" ]; @@ -428,8 +432,7 @@ in hashedPassword = "!"; name = "mailfetcher"; home = "/home/mailfetcher"; - openssh.authorizedKeys.keyFiles = - config.users.users.root.openssh.authorizedKeys.keyFiles; + openssh.authorizedKeys.keyFiles = config.users.users.root.openssh.authorizedKeys.keyFiles; group = "mailfetcher"; }; @@ -437,6 +440,10 @@ in name = "mailfetcher"; }; + sops.secrets.mail_ingolf_wagner_de = { + owner = config.users.users.mailUser.name; + group = config.users.users.mailUser.group; + }; sops.secrets.mail_terranix = { owner = config.users.users.mailUser.name; group = config.users.users.mailUser.group; @@ -561,13 +568,41 @@ in tls.enable = true; port = 993; }; - mbsync = { + # make sure the upstream mail is deleted + getmail = { enable = true; - create = "both"; + delete = true; + readAll = false; + mailboxes = [ "ALL" ]; }; notmuch.enable = true; }; + # new + ingolf-wagner-de-new = { + primary = false; + address = "contact@ingolf-wagner.de"; + aliases = [ ]; + realName = "Ingolf Wagner"; + userName = "contact@ingolf-wagner.de"; + passwordCommand = + "cat ${toString config.sops.secrets.mail_ingolf_wagner_de.path}"; + imap = { + host = "mail.privateemail.com"; + tls.enable = true; + port = 993; + }; + # make sure the upstream mail is deleted + getmail = { + enable = true; + delete = true; + readAll = false; + mailboxes = [ "ALL" ]; + }; + notmuch.enable = true; + }; + + # deprecated ingolf-wagner-de = { primary = false; address = "contact@ingolf-wagner.de"; @@ -635,14 +670,14 @@ in echo "run getmail" ${pkgs.getmail}/bin/getmail \ --quiet \ - --rcfile getmailingolf-wagner-de + --rcfile getmailingolf-wagner-de \ + --rcfile getmailingolf-wagner-de-new \ + --rcfile getmailterranix_org echo "run notmuch" ${pkgs.notmuch}/bin/notmuch new ${notmuchTaggingNew} ${threadTag "muted"} - ${threadTag "mute"} - ${threadTag "ignore"} ''; }; systemd.timers.fetchmail = { diff --git a/nixos/configs/sterni/syncthing.nix b/nixos/configs/sterni/syncthing.nix index 0e8582d..9e8e658 100644 --- a/nixos/configs/sterni/syncthing.nix +++ b/nixos/configs/sterni/syncthing.nix @@ -9,67 +9,65 @@ user = "palo"; dataDir = "/home/palo/.syncthing"; configDir = "/home/palo/.syncthing"; - declarative = { - cert = toString config.sops.secrets.syncthing_cert.path; - key = toString config.sops.secrets.syncthing_key.path; - overrideFolders = true; - folders = { - - # on encrypted drive - # ------------------ - private = { - enable = true; - path = "/home/palo/private"; - }; - desktop = { - enable = true; - path = "/home/palo/desktop"; - }; - finance = { - enable = true; - path = "/home/palo/finance"; - }; - fotos = { - enable = true; - path = "/home/palo/fotos"; - }; - samples = { - enable = true; - path = "/home/palo/samples"; - }; - zettlr = { - enable = true; - path = "/home/palo/zettlr"; - }; - programs = { - enable = true; - path = "/home/palo/programs"; - }; - - # no need to be encrypted - # ----------------------- - books = { - enable = true; - path = "/home/palo/books"; - }; - music-library = { - enable = true; - path = "/home/palo/music-library"; - }; - music-projects = { - enable = true; - path = "/home/palo/music-projects"; - }; - smartphone-folder = { - enable = true; - path = "/home/palo/smartphone-folder"; - }; - processing = { - enable = true; - path = "/home/palo/sketchbook"; - }; + cert = toString config.sops.secrets.syncthing_cert.path; + key = toString config.sops.secrets.syncthing_key.path; + overrideFolders = true; + folders = { + # on encrypted drive + # ------------------ + private = { + enable = true; + path = "/home/palo/private"; }; + desktop = { + enable = true; + path = "/home/palo/desktop"; + }; + finance = { + enable = true; + path = "/home/palo/finance"; + }; + fotos = { + enable = true; + path = "/home/palo/fotos"; + }; + samples = { + enable = true; + path = "/home/palo/samples"; + }; + zettlr = { + enable = true; + path = "/home/palo/zettlr"; + }; + programs = { + enable = true; + path = "/home/palo/programs"; + }; + + # no need to be encrypted + # ----------------------- + books = { + enable = true; + path = "/home/palo/books"; + }; + music-library = { + enable = true; + path = "/home/palo/music-library"; + }; + music-projects = { + enable = true; + path = "/home/palo/music-projects"; + }; + smartphone-folder = { + enable = true; + path = "/home/palo/smartphone-folder"; + }; + processing = { + enable = true; + path = "/home/palo/sketchbook"; + }; + }; }; diff --git a/nixos/system/all/sshd-known-hosts-public.nix b/nixos/system/all/sshd-known-hosts-public.nix index 0e03080..f719419 100644 --- a/nixos/system/all/sshd-known-hosts-public.nix +++ b/nixos/system/all/sshd-known-hosts-public.nix @@ -85,7 +85,11 @@ with lib; publicKey = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHZuvHooyHa69rU+SfOghM6yfc7bce5cMi9sh5JkoLPi+m8QEkX3oiG9rRpAhp0GYnB74M4l1+0XlxmG7/HVmq0="; }; - + "cracksucht.de" = { + hostNames = [ "cracksucht.de" ]; + publicKey = + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVqpWzX+C7veO/1MDSdh5ukFhpI4cfXevbl6DVb9gVt1wdYB0JsiMiWfl13MZJy9iEP/KfwRLYmu8i36tDR9uJfHQyLK8G7q2DhrleIPgM3dFCdDU1QtulE8hEq/ZsqzMn/QIHYIipIqzNfmC/xnpX2gIo09T7EY+n863ALlj+GqxMb4nr2XDLY+Lllo2yMzylJIz9q8U5hOmzrlCnBpf2MPMwanHXnZXj2CmO80VyBHnAMJ/h72AN1qzDaHFlhxh0Li/POc1bpDjiVjiUPgimHZWpi3VObxWLLn2zf+RH2lx0yXMccSEnkWvHp+Ll5apIUUS+vTlDo3niWpEfGZLl root@debian"; + }; }; } diff --git a/nixos/system/desktop/mail-stuff.nix b/nixos/system/desktop/mail-stuff.nix index 437a508..52e40ce 100644 --- a/nixos/system/desktop/mail-stuff.nix +++ b/nixos/system/desktop/mail-stuff.nix @@ -5,6 +5,7 @@ let in { + # Maildir <-> Server communication # -------------------------------- # mbsync: MailDir <-> IMAP @@ -20,48 +21,45 @@ in # neomutt home-manager.users.mainUser.accounts.email.accounts = { - palo_van_dalo-gmx = { - primary = false; - address = "palo_van_dalo@gmx.de"; - aliases = [ ]; - realName = "Ingolf Wagner"; - userName = "palo_van_dalo@gmx.de"; - passwordCommand = passcmd "mail/gmx/palo_van_dalo@gmx.de"; - smtp = { - host = "smtp.gmx.net"; - port = 465; - }; - notmuch.enable = true; - msmtp = { enable = true; }; - }; - ingolf-wagner-gmx = { - primary = false; - address = "ingolf.wagner@gmx.de"; - aliases = [ ]; - realName = "Ingolf Wagner"; - userName = "ingolf.wagner@gmx.de"; - passwordCommand = passcmd "mail/gmx/ingolf.wagner@gmx.de"; - smtp = { - host = "smtp.gmx.net"; - port = 465; - }; - notmuch.enable = true; - msmtp = { enable = true; }; - }; - pali_palo = { - primary = false; - address = "pali_palo@web.de"; - aliases = [ ]; - realName = "Ingolf Wagner"; - userName = "pali_palo@web.de"; - passwordCommand = passcmd "mail/web.de/pali_palo@web.de"; - smtp = { - host = "smtp.web.de"; - port = 465; - }; - notmuch.enable = true; - msmtp = { enable = true; }; - }; + #palo_van_dalo-gmx = { + # address = "palo_van_dalo@gmx.de"; + # aliases = [ ]; + # realName = "Ingolf Wagner"; + # userName = "palo_van_dalo@gmx.de"; + # passwordCommand = passcmd "mail/gmx/palo_van_dalo@gmx.de"; + # smtp = { + # host = "smtp.gmx.net"; + # port = 465; + # }; + # notmuch.enable = true; + # msmtp = { enable = true; }; + #}; + #ingolf-wagner-gmx = { + # address = "ingolf.wagner@gmx.de"; + # aliases = [ ]; + # realName = "Ingolf Wagner"; + # userName = "ingolf.wagner@gmx.de"; + # passwordCommand = passcmd "mail/gmx/ingolf.wagner@gmx.de"; + # smtp = { + # host = "smtp.gmx.net"; + # port = 465; + # }; + # notmuch.enable = true; + # msmtp = { enable = true; }; + #}; + #pali_palo = { + # address = "pali_palo@web.de"; + # aliases = [ ]; + # realName = "Ingolf Wagner"; + # userName = "pali_palo@web.de"; + # passwordCommand = passcmd "mail/web.de/pali_palo@web.de"; + # smtp = { + # host = "smtp.web.de"; + # port = 465; + # }; + # notmuch.enable = true; + # msmtp = { enable = true; }; + #}; gmail = { # for google accounts you have to allow 'less secure apps' in accounts.google.com primary = true; @@ -77,7 +75,6 @@ in notmuch.enable = true; msmtp = { enable = true; - # msmtp --serverinfo --tls --tls-certcheck=off -a gmail }; gpg = { encryptByDefault = true; @@ -86,7 +83,6 @@ in }; }; terranix_org = { - primary = false; address = "palo@terranix.org"; aliases = [ ]; realName = "Ingolf Wagner"; @@ -99,33 +95,28 @@ in notmuch.enable = true; msmtp = { enable = true; - # msmtp --serverinfo --tls --tls-certcheck=off -a gmail }; }; ingolf-wagner = { - primary = false; address = "contact@ingolf-wagner.de"; aliases = [ ]; realName = "Ingolf Wagner"; userName = "contact@ingolf-wagner.de"; - passwordCommand = passcmd "mail/siteground/contact@ingolf-wagner.de"; + passwordCommand = passcmd "mail/namecheap/contact@ingolf-wagner.de"; notmuch.enable = true; - smtp = { - host = "securees5.sgcpanel.com"; - port = 587; - tls.useStartTls = true; - }; - msmtp = { - enable = true; - # msmtp --serverinfo --tls --tls-certcheck=off -a ingolf-wagner - tls.fingerprint = - "16:94:47:E0:00:86:BB:F7:56:D3:81:F1:89:7B:CD:67:65:0B:EE:0B:A9:26:96:5E:0B:1F:56:AB:FD:DE:96:C5"; - }; gpg = { encryptByDefault = true; signByDefault = true; key = "42AC51C9482D0834CF488AF1389EC2D64AC71EAC"; }; + smtp = { + host = "mail.privateemail.com"; + port = 465; + }; + msmtp = { + enable = true; + # msmtp --serverinfo --tls --tls-certcheck=off -a ingolf-wagner + }; }; }; @@ -392,6 +383,19 @@ in ${notmuch} search --output=files --exclude=false tag:deleted | while read line; do rm -v "$line" ; done ${notmuch} new ''; + plot_maildir = + let + years = [ 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 ]; + file = "~/Maildir/usage.csv"; + append_year = year: '' + echo -n "${toString year}," >> ${file} + ${pkgs.notmuch}/bin/notmuch count -- date:${toString year} >> ${file} + ''; + in + pkgs.writers.writeBashBin "mail-create-statistics" '' + rm ${file} + ${lib.concatStringsSep "\n" (map append_year years)} + ''; in [ @@ -404,6 +408,7 @@ in pkgs.neomutt mutt mailDelete + plot_maildir ]; }