Merge remote-tracking branch 'refs/remotes/origin/master'

author: Ryan Kavanagh <rak@rak.ac> 2024-09-08 12:18:34 -0400
committer: Ryan Kavanagh <rak@rak.ac> 2024-09-08 12:18:34 -0400
commit: 174a841d7e4ec0fd31c98422bc49ebe45071ff65 (patch)
tree: 007cf977bedb2924645009031822378ea02ca828
parent: make default neomutt printer pdf (diff)
parent: fix thread sorting neomutt (diff)
12 files changed, 89 insertions, 22 deletions
diff --git a/.chezmoiignore b/.chezmoiignore
index f4aa1fa..7c7bb6b 100644
--- a/.chezmoiignore
+++ b/.chezmoiignore
@@ -64,7 +64,8 @@ afs
 .mutt/cache
 .mutt/tmp
 .opam
-.recoll
+.recoll/*
+!.recoll/recoll.conf
 .ssh/known_hosts.old
 .ssh/keys/{{ .chezmoi.hostname }}/id_ed25519
 .ssh/keys/{{ .chezmoi.hostname }}/id_rsa
diff --git a/bin/executable_mutt_oauth2.py b/bin/executable_mutt_oauth2.py
index b32fc11..559811f 100755..100644
--- a/bin/executable_mutt_oauth2.py
+++ b/bin/executable_mutt_oauth2.py
@@ -39,13 +39,13 @@ import shlex
 import socket
 import http.server
 import subprocess
+import readline
 
 # The token file must be encrypted because it contains multi-use bearer tokens
 # whose usage does not require additional verification. Specify whichever
 # encryption and decryption pipes you prefer. They should read from standard
-# input and write to standard output. The example values here invoke GPG,
-# although won't work until an appropriate identity appears in the first line.
-ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'YOUR_GPG_IDENTITY']
+# input and write to standard output. The example values here invoke GPG.
+ENCRYPTION_PIPE = ['gpg', '--encrypt', '--default-recipient-self']
 DECRYPTION_PIPE = ['gpg', '--decrypt']
 
 registrations = {
@@ -93,7 +93,7 @@ ap.add_argument('--decryption-pipe', type=shlex.split, default=DECRYPTION_PIPE,
                 help='decryption command (string), reads from stdin and writes '
                 'to stdout, default: "{}"'.format(
                     " ".join(DECRYPTION_PIPE)))
-ap.add_argument('--encryption-pipe', type=shlex.split,
+ap.add_argument('--encryption-pipe', type=shlex.split, default=ENCRYPTION_PIPE,
                 help='encryption command (string), reads from stdin and writes '
                 'to stdout, suggested: "{}"'.format(
                     " ".join(ENCRYPTION_PIPE)))
@@ -140,6 +140,8 @@ if args.debug:
 if not token:
     if not args.authorize:
         sys.exit('You must run script with "--authorize" at least once.')
+    if not ENCRYPTION_PIPE:
+        sys.exit("You need to provide a suitable --encryption-pipe setting")
     print('', )
     token['registration'] = args.provider or input(
         'Available app and endpoint registrations: {regs}\nOAuth2 registration: '.format(
@@ -241,7 +243,7 @@ if args.authorize:
                     if 'code' in querydict:
                         authcode = querydict['code'][0]
                     self.do_HEAD()
-                    self.wfile.write(b'<html><head><title>Authorizaton result</title></head>')
+                    self.wfile.write(b'<html><head><title>Authorization result</title></head>')
                     self.wfile.write(b'<body><p>Authorization redirect completed. You may '
                                      b'close this window.</p></body></html>')
             with http.server.HTTPServer(('127.0.0.1', listen_port), MyHandler) as httpd:
@@ -259,6 +261,7 @@ if args.authorize:
                   'code': authcode,
                   'client_secret': token['client_secret'],
                   'code_verifier': verifier})
+        print('Exchanging the authorization code for an access token')
         try:
             response = urllib.request.urlopen(registration['token_endpoint'],
                                               urllib.parse.urlencode(p).encode())
diff --git a/bin/executable_swaybg-random b/bin/executable_swaybg-random
index 6184e33..ba4baa1 100644
--- a/bin/executable_swaybg-random
+++ b/bin/executable_swaybg-random
@@ -1,15 +1,4 @@
 #!/bin/sh
 # Usage: swaybg-random directory
 
-DIR=$1
-PIDFILE=$XDG_RUNTIME_DIR/swaybg.pid
-
-if test -z "$DIR"; then
-    echo "Usage: swaybg-random dir"
-    exit 1
-fi
-
-swaybg -i $(find $DIR/. -type f | shuf -n1) -m fill -o \* &
-NEWPID=$!
-pkill -F $PIDFILE
-echo $NEWPID > $PIDFILE
+exec swaybg -i "$(find ~/bg/. -type f | shuf -n1)" -m fill
diff --git a/dot_config/neomutt/neomuttrc.tmpl b/dot_config/neomutt/neomuttrc.tmpl
index 56d9541..636651b 100644
--- a/dot_config/neomutt/neomuttrc.tmpl
+++ b/dot_config/neomutt/neomuttrc.tmpl
@@ -56,7 +56,8 @@ macro index .n "<tag-pattern>~N|~O<enter><tag-prefix-cond><tag-prefix><clear-fla
 my_hdr OpenPGP: id=4E469519ED677734268FBD958F7BF8FC4A11C97A\; url=https://rak.ac/contact/4E469519ED677734268FBD958F7BF8FC4A11C97A.asc\; preference=sign
 
 set use_threads=threads
-set sort_aux=last-date-received
+set sort=last-date-received
+set sort_aux=date-received
 set move=no
 set mark_old=no
 ignore * # ignore all headers except for ...
diff --git a/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
new file mode 100644
index 0000000..2ebb1f9
--- /dev/null
+++ b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
@@ -0,0 +1 @@
+/home/rak/.config/systemd/user/swaybg-random.service
diff --git a/dot_config/systemd/user/hourly@.timer b/dot_config/systemd/user/hourly@.timer
new file mode 100644
index 0000000..0b3a0db
--- /dev/null
+++ b/dot_config/systemd/user/hourly@.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Hourly Timer for %i service
+
+[Timer]
+OnCalendar=*-*-* *:00:00
+Persistent=true
+Unit=%i.service
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/swaybg-random.service b/dot_config/systemd/user/swaybg-random.service
new file mode 100644
index 0000000..37cd49d
--- /dev/null
+++ b/dot_config/systemd/user/swaybg-random.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=randomize background
+
+[Service]
+Type=exec
+Restart=always
+RuntimeMaxSec=1h
+
+ExecStart=/home/rak/bin/swaybg-random
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/tmpreaper@.service b/dot_config/systemd/user/tmpreaper@.service
new file mode 100644
index 0000000..200dd69
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.service
@@ -0,0 +1,38 @@
+[Unit]
+Description=tmpreaper cleanup
+
+[Service]
+Type=oneshot
+LockPersonality=true
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+ProtectControlGroups=yes
+ProtectHostname=yes
+RestrictAddressFamilies=
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
+# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
+# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
+# leaves most of the filesystem read-only to borgmatic.
+ProtectSystem=strict
+ReadWritePaths=%I
+
+# Lower CPU and I/O priority.
+Nice=19
+CPUSchedulingPolicy=batch
+IOSchedulingClass=best-effort
+IOSchedulingPriority=7
+IOWeight=100
+
+Restart=no
+LogRateLimitIntervalSec=0
+
+# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
+# dbus-user-session to be installed.
+#ExecStartPre=sleep 1m
+ExecStart=/usr/sbin/tmpreaper --test --mtime-dir 60d %I
diff --git a/dot_config/systemd/user/tmpreaper@.timer b/dot_config/systemd/user/tmpreaper@.timer
new file mode 100644
index 0000000..a1968c7
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run tmpreaper daily
+
+[Timer]
+OnCalendar=daily
+RandomizedDelaySec=1h
+AccuracySec=3h
+Persistent=true
+
+[Install]
+WantedBy=timers.target
diff --git a/dot_emacs b/dot_emacs
index 08ff547..1bb56dc 100644
--- a/dot_emacs
+++ b/dot_emacs
@@ -1068,6 +1068,9 @@ If not, issue a warning."
   :config
   (add-to-list 'vc-handled-backends 'git))
 
+(use-package wc-mode
+  :ensure t)
+
 (use-package windmove
   :config
   (windmove-default-keybindings)
diff --git a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx b/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx
deleted file mode 100644
index e5f5b58..0000000
--- a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx
+++ /dev/null
diff --git a/dot_zshrc.tmpl b/dot_zshrc.tmpl
index ed06714..c672966 100644
--- a/dot_zshrc.tmpl
+++ b/dot_zshrc.tmpl
@@ -587,9 +587,7 @@ NO_verbose		\
 # GPG / SSH AGENT
 
 if command -v keychain > /dev/null && test -d ~/.ssh/keys/{{ .chezmoi.hostname }}; then
-    ls ~/.ssh/keys/{{ .chezmoi.hostname }}/id_* | \
-        grep -E -v '\.pub$' | \
-        xargs keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }}
+    keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }} ~/.ssh/keys/{{ .chezmoi.hostname }}/id_*[^p][^u][^b]
     [ -z "$HOSTNAME" ] && HOSTNAME=`uname -n`
     [ -f $HOME/.keychain/$HOSTNAME-sh ] &&
            . $HOME/.keychain/$HOSTNAME-sh
author	Ryan Kavanagh <rak@rak.ac>	2024-09-08 12:18:34 -0400
committer	Ryan Kavanagh <rak@rak.ac>	2024-09-08 12:18:34 -0400
commit	174a841d7e4ec0fd31c98422bc49ebe45071ff65 (patch)
tree	007cf977bedb2924645009031822378ea02ca828
parent	make default neomutt printer pdf (diff)
parent	fix thread sorting neomutt (diff)