aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRyan Kavanagh <rak@rak.ac>2024-09-08 12:18:34 -0400
committerRyan Kavanagh <rak@rak.ac>2024-09-08 12:18:34 -0400
commit174a841d7e4ec0fd31c98422bc49ebe45071ff65 (patch)
tree007cf977bedb2924645009031822378ea02ca828
parentmake default neomutt printer pdf (diff)
parentfix thread sorting neomutt (diff)
Merge remote-tracking branch 'refs/remotes/origin/master'
-rw-r--r--.chezmoiignore3
-rw-r--r--[-rwxr-xr-x]bin/executable_mutt_oauth2.py13
-rw-r--r--bin/executable_swaybg-random13
-rw-r--r--dot_config/neomutt/neomuttrc.tmpl3
-rw-r--r--dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service1
-rw-r--r--dot_config/systemd/user/hourly@.timer10
-rw-r--r--dot_config/systemd/user/swaybg-random.service12
-rw-r--r--dot_config/systemd/user/tmpreaper@.service38
-rw-r--r--dot_config/systemd/user/tmpreaper@.timer11
-rw-r--r--dot_emacs3
-rw-r--r--dot_emacs.d/elpa/private_gnupg/private_pubring.kbxbin2413 -> 0 bytes
-rw-r--r--dot_zshrc.tmpl4
12 files changed, 89 insertions, 22 deletions
diff --git a/.chezmoiignore b/.chezmoiignore
index f4aa1fa..7c7bb6b 100644
--- a/.chezmoiignore
+++ b/.chezmoiignore
@@ -64,7 +64,8 @@ afs
.mutt/cache
.mutt/tmp
.opam
-.recoll
+.recoll/*
+!.recoll/recoll.conf
.ssh/known_hosts.old
.ssh/keys/{{ .chezmoi.hostname }}/id_ed25519
.ssh/keys/{{ .chezmoi.hostname }}/id_rsa
diff --git a/bin/executable_mutt_oauth2.py b/bin/executable_mutt_oauth2.py
index b32fc11..559811f 100755..100644
--- a/bin/executable_mutt_oauth2.py
+++ b/bin/executable_mutt_oauth2.py
@@ -39,13 +39,13 @@ import shlex
import socket
import http.server
import subprocess
+import readline
# The token file must be encrypted because it contains multi-use bearer tokens
# whose usage does not require additional verification. Specify whichever
# encryption and decryption pipes you prefer. They should read from standard
-# input and write to standard output. The example values here invoke GPG,
-# although won't work until an appropriate identity appears in the first line.
-ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'YOUR_GPG_IDENTITY']
+# input and write to standard output. The example values here invoke GPG.
+ENCRYPTION_PIPE = ['gpg', '--encrypt', '--default-recipient-self']
DECRYPTION_PIPE = ['gpg', '--decrypt']
registrations = {
@@ -93,7 +93,7 @@ ap.add_argument('--decryption-pipe', type=shlex.split, default=DECRYPTION_PIPE,
help='decryption command (string), reads from stdin and writes '
'to stdout, default: "{}"'.format(
" ".join(DECRYPTION_PIPE)))
-ap.add_argument('--encryption-pipe', type=shlex.split,
+ap.add_argument('--encryption-pipe', type=shlex.split, default=ENCRYPTION_PIPE,
help='encryption command (string), reads from stdin and writes '
'to stdout, suggested: "{}"'.format(
" ".join(ENCRYPTION_PIPE)))
@@ -140,6 +140,8 @@ if args.debug:
if not token:
if not args.authorize:
sys.exit('You must run script with "--authorize" at least once.')
+ if not ENCRYPTION_PIPE:
+ sys.exit("You need to provide a suitable --encryption-pipe setting")
print('', )
token['registration'] = args.provider or input(
'Available app and endpoint registrations: {regs}\nOAuth2 registration: '.format(
@@ -241,7 +243,7 @@ if args.authorize:
if 'code' in querydict:
authcode = querydict['code'][0]
self.do_HEAD()
- self.wfile.write(b'<html><head><title>Authorizaton result</title></head>')
+ self.wfile.write(b'<html><head><title>Authorization result</title></head>')
self.wfile.write(b'<body><p>Authorization redirect completed. You may '
b'close this window.</p></body></html>')
with http.server.HTTPServer(('127.0.0.1', listen_port), MyHandler) as httpd:
@@ -259,6 +261,7 @@ if args.authorize:
'code': authcode,
'client_secret': token['client_secret'],
'code_verifier': verifier})
+ print('Exchanging the authorization code for an access token')
try:
response = urllib.request.urlopen(registration['token_endpoint'],
urllib.parse.urlencode(p).encode())
diff --git a/bin/executable_swaybg-random b/bin/executable_swaybg-random
index 6184e33..ba4baa1 100644
--- a/bin/executable_swaybg-random
+++ b/bin/executable_swaybg-random
@@ -1,15 +1,4 @@
#!/bin/sh
# Usage: swaybg-random directory
-DIR=$1
-PIDFILE=$XDG_RUNTIME_DIR/swaybg.pid
-
-if test -z "$DIR"; then
- echo "Usage: swaybg-random dir"
- exit 1
-fi
-
-swaybg -i $(find $DIR/. -type f | shuf -n1) -m fill -o \* &
-NEWPID=$!
-pkill -F $PIDFILE
-echo $NEWPID > $PIDFILE
+exec swaybg -i "$(find ~/bg/. -type f | shuf -n1)" -m fill
diff --git a/dot_config/neomutt/neomuttrc.tmpl b/dot_config/neomutt/neomuttrc.tmpl
index 56d9541..636651b 100644
--- a/dot_config/neomutt/neomuttrc.tmpl
+++ b/dot_config/neomutt/neomuttrc.tmpl
@@ -56,7 +56,8 @@ macro index .n "<tag-pattern>~N|~O<enter><tag-prefix-cond><tag-prefix><clear-fla
my_hdr OpenPGP: id=4E469519ED677734268FBD958F7BF8FC4A11C97A\; url=https://rak.ac/contact/4E469519ED677734268FBD958F7BF8FC4A11C97A.asc\; preference=sign
set use_threads=threads
-set sort_aux=last-date-received
+set sort=last-date-received
+set sort_aux=date-received
set move=no
set mark_old=no
ignore * # ignore all headers except for ...
diff --git a/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
new file mode 100644
index 0000000..2ebb1f9
--- /dev/null
+++ b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
@@ -0,0 +1 @@
+/home/rak/.config/systemd/user/swaybg-random.service
diff --git a/dot_config/systemd/user/hourly@.timer b/dot_config/systemd/user/hourly@.timer
new file mode 100644
index 0000000..0b3a0db
--- /dev/null
+++ b/dot_config/systemd/user/hourly@.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Hourly Timer for %i service
+
+[Timer]
+OnCalendar=*-*-* *:00:00
+Persistent=true
+Unit=%i.service
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/swaybg-random.service b/dot_config/systemd/user/swaybg-random.service
new file mode 100644
index 0000000..37cd49d
--- /dev/null
+++ b/dot_config/systemd/user/swaybg-random.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=randomize background
+
+[Service]
+Type=exec
+Restart=always
+RuntimeMaxSec=1h
+
+ExecStart=/home/rak/bin/swaybg-random
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/tmpreaper@.service b/dot_config/systemd/user/tmpreaper@.service
new file mode 100644
index 0000000..200dd69
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.service
@@ -0,0 +1,38 @@
+[Unit]
+Description=tmpreaper cleanup
+
+[Service]
+Type=oneshot
+LockPersonality=true
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+ProtectControlGroups=yes
+ProtectHostname=yes
+RestrictAddressFamilies=
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
+# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
+# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
+# leaves most of the filesystem read-only to borgmatic.
+ProtectSystem=strict
+ReadWritePaths=%I
+
+# Lower CPU and I/O priority.
+Nice=19
+CPUSchedulingPolicy=batch
+IOSchedulingClass=best-effort
+IOSchedulingPriority=7
+IOWeight=100
+
+Restart=no
+LogRateLimitIntervalSec=0
+
+# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
+# dbus-user-session to be installed.
+#ExecStartPre=sleep 1m
+ExecStart=/usr/sbin/tmpreaper --test --mtime-dir 60d %I
diff --git a/dot_config/systemd/user/tmpreaper@.timer b/dot_config/systemd/user/tmpreaper@.timer
new file mode 100644
index 0000000..a1968c7
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run tmpreaper daily
+
+[Timer]
+OnCalendar=daily
+RandomizedDelaySec=1h
+AccuracySec=3h
+Persistent=true
+
+[Install]
+WantedBy=timers.target
diff --git a/dot_emacs b/dot_emacs
index 08ff547..1bb56dc 100644
--- a/dot_emacs
+++ b/dot_emacs
@@ -1068,6 +1068,9 @@ If not, issue a warning."
:config
(add-to-list 'vc-handled-backends 'git))
+(use-package wc-mode
+ :ensure t)
+
(use-package windmove
:config
(windmove-default-keybindings)
diff --git a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx b/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx
deleted file mode 100644
index e5f5b58..0000000
--- a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx
+++ /dev/null
Binary files differ
diff --git a/dot_zshrc.tmpl b/dot_zshrc.tmpl
index ed06714..c672966 100644
--- a/dot_zshrc.tmpl
+++ b/dot_zshrc.tmpl
@@ -587,9 +587,7 @@ NO_verbose \
# GPG / SSH AGENT
if command -v keychain > /dev/null && test -d ~/.ssh/keys/{{ .chezmoi.hostname }}; then
- ls ~/.ssh/keys/{{ .chezmoi.hostname }}/id_* | \
- grep -E -v '\.pub$' | \
- xargs keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }}
+ keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }} ~/.ssh/keys/{{ .chezmoi.hostname }}/id_*[^p][^u][^b]
[ -z "$HOSTNAME" ] && HOSTNAME=`uname -n`
[ -f $HOME/.keychain/$HOSTNAME-sh ] &&
. $HOME/.keychain/$HOSTNAME-sh