diff options
author | Ryan Kavanagh <rak@rak.ac> | 2024-09-08 12:18:34 -0400 |
---|---|---|
committer | Ryan Kavanagh <rak@rak.ac> | 2024-09-08 12:18:34 -0400 |
commit | 174a841d7e4ec0fd31c98422bc49ebe45071ff65 (patch) | |
tree | 007cf977bedb2924645009031822378ea02ca828 | |
parent | make default neomutt printer pdf (diff) | |
parent | fix thread sorting neomutt (diff) |
Merge remote-tracking branch 'refs/remotes/origin/master'
-rw-r--r-- | .chezmoiignore | 3 | ||||
-rw-r--r--[-rwxr-xr-x] | bin/executable_mutt_oauth2.py | 13 | ||||
-rw-r--r-- | bin/executable_swaybg-random | 13 | ||||
-rw-r--r-- | dot_config/neomutt/neomuttrc.tmpl | 3 | ||||
-rw-r--r-- | dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service | 1 | ||||
-rw-r--r-- | dot_config/systemd/user/hourly@.timer | 10 | ||||
-rw-r--r-- | dot_config/systemd/user/swaybg-random.service | 12 | ||||
-rw-r--r-- | dot_config/systemd/user/tmpreaper@.service | 38 | ||||
-rw-r--r-- | dot_config/systemd/user/tmpreaper@.timer | 11 | ||||
-rw-r--r-- | dot_emacs | 3 | ||||
-rw-r--r-- | dot_emacs.d/elpa/private_gnupg/private_pubring.kbx | bin | 2413 -> 0 bytes | |||
-rw-r--r-- | dot_zshrc.tmpl | 4 |
12 files changed, 89 insertions, 22 deletions
diff --git a/.chezmoiignore b/.chezmoiignore index f4aa1fa..7c7bb6b 100644 --- a/.chezmoiignore +++ b/.chezmoiignore @@ -64,7 +64,8 @@ afs .mutt/cache .mutt/tmp .opam -.recoll +.recoll/* +!.recoll/recoll.conf .ssh/known_hosts.old .ssh/keys/{{ .chezmoi.hostname }}/id_ed25519 .ssh/keys/{{ .chezmoi.hostname }}/id_rsa diff --git a/bin/executable_mutt_oauth2.py b/bin/executable_mutt_oauth2.py index b32fc11..559811f 100755..100644 --- a/bin/executable_mutt_oauth2.py +++ b/bin/executable_mutt_oauth2.py @@ -39,13 +39,13 @@ import shlex import socket import http.server import subprocess +import readline # The token file must be encrypted because it contains multi-use bearer tokens # whose usage does not require additional verification. Specify whichever # encryption and decryption pipes you prefer. They should read from standard -# input and write to standard output. The example values here invoke GPG, -# although won't work until an appropriate identity appears in the first line. -ENCRYPTION_PIPE = ['gpg', '--encrypt', '--recipient', 'YOUR_GPG_IDENTITY'] +# input and write to standard output. The example values here invoke GPG. +ENCRYPTION_PIPE = ['gpg', '--encrypt', '--default-recipient-self'] DECRYPTION_PIPE = ['gpg', '--decrypt'] registrations = { @@ -93,7 +93,7 @@ ap.add_argument('--decryption-pipe', type=shlex.split, default=DECRYPTION_PIPE, help='decryption command (string), reads from stdin and writes ' 'to stdout, default: "{}"'.format( " ".join(DECRYPTION_PIPE))) -ap.add_argument('--encryption-pipe', type=shlex.split, +ap.add_argument('--encryption-pipe', type=shlex.split, default=ENCRYPTION_PIPE, help='encryption command (string), reads from stdin and writes ' 'to stdout, suggested: "{}"'.format( " ".join(ENCRYPTION_PIPE))) @@ -140,6 +140,8 @@ if args.debug: if not token: if not args.authorize: sys.exit('You must run script with "--authorize" at least once.') + if not ENCRYPTION_PIPE: + sys.exit("You need to provide a suitable --encryption-pipe setting") print('', ) token['registration'] = args.provider or input( 'Available app and endpoint registrations: {regs}\nOAuth2 registration: '.format( @@ -241,7 +243,7 @@ if args.authorize: if 'code' in querydict: authcode = querydict['code'][0] self.do_HEAD() - self.wfile.write(b'<html><head><title>Authorizaton result</title></head>') + self.wfile.write(b'<html><head><title>Authorization result</title></head>') self.wfile.write(b'<body><p>Authorization redirect completed. You may ' b'close this window.</p></body></html>') with http.server.HTTPServer(('127.0.0.1', listen_port), MyHandler) as httpd: @@ -259,6 +261,7 @@ if args.authorize: 'code': authcode, 'client_secret': token['client_secret'], 'code_verifier': verifier}) + print('Exchanging the authorization code for an access token') try: response = urllib.request.urlopen(registration['token_endpoint'], urllib.parse.urlencode(p).encode()) diff --git a/bin/executable_swaybg-random b/bin/executable_swaybg-random index 6184e33..ba4baa1 100644 --- a/bin/executable_swaybg-random +++ b/bin/executable_swaybg-random @@ -1,15 +1,4 @@ #!/bin/sh # Usage: swaybg-random directory -DIR=$1 -PIDFILE=$XDG_RUNTIME_DIR/swaybg.pid - -if test -z "$DIR"; then - echo "Usage: swaybg-random dir" - exit 1 -fi - -swaybg -i $(find $DIR/. -type f | shuf -n1) -m fill -o \* & -NEWPID=$! -pkill -F $PIDFILE -echo $NEWPID > $PIDFILE +exec swaybg -i "$(find ~/bg/. -type f | shuf -n1)" -m fill diff --git a/dot_config/neomutt/neomuttrc.tmpl b/dot_config/neomutt/neomuttrc.tmpl index 56d9541..636651b 100644 --- a/dot_config/neomutt/neomuttrc.tmpl +++ b/dot_config/neomutt/neomuttrc.tmpl @@ -56,7 +56,8 @@ macro index .n "<tag-pattern>~N|~O<enter><tag-prefix-cond><tag-prefix><clear-fla my_hdr OpenPGP: id=4E469519ED677734268FBD958F7BF8FC4A11C97A\; url=https://rak.ac/contact/4E469519ED677734268FBD958F7BF8FC4A11C97A.asc\; preference=sign set use_threads=threads -set sort_aux=last-date-received +set sort=last-date-received +set sort_aux=date-received set move=no set mark_old=no ignore * # ignore all headers except for ... diff --git a/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service new file mode 100644 index 0000000..2ebb1f9 --- /dev/null +++ b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service @@ -0,0 +1 @@ +/home/rak/.config/systemd/user/swaybg-random.service diff --git a/dot_config/systemd/user/hourly@.timer b/dot_config/systemd/user/hourly@.timer new file mode 100644 index 0000000..0b3a0db --- /dev/null +++ b/dot_config/systemd/user/hourly@.timer @@ -0,0 +1,10 @@ +[Unit] +Description=Hourly Timer for %i service + +[Timer] +OnCalendar=*-*-* *:00:00 +Persistent=true +Unit=%i.service + +[Install] +WantedBy=default.target diff --git a/dot_config/systemd/user/swaybg-random.service b/dot_config/systemd/user/swaybg-random.service new file mode 100644 index 0000000..37cd49d --- /dev/null +++ b/dot_config/systemd/user/swaybg-random.service @@ -0,0 +1,12 @@ +[Unit] +Description=randomize background + +[Service] +Type=exec +Restart=always +RuntimeMaxSec=1h + +ExecStart=/home/rak/bin/swaybg-random + +[Install] +WantedBy=default.target diff --git a/dot_config/systemd/user/tmpreaper@.service b/dot_config/systemd/user/tmpreaper@.service new file mode 100644 index 0000000..200dd69 --- /dev/null +++ b/dot_config/systemd/user/tmpreaper@.service @@ -0,0 +1,38 @@ +[Unit] +Description=tmpreaper cleanup + +[Service] +Type=oneshot +LockPersonality=true +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +ProtectControlGroups=yes +ProtectHostname=yes +RestrictAddressFamilies= +RestrictNamespaces=yes +RestrictRealtime=yes +RestrictSUIDSGID=yes +SystemCallArchitectures=native +SystemCallFilter=@system-service +SystemCallErrorNumber=EPERM +# To restrict write access further, change "ProtectSystem" to "strict" and uncomment +# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository +# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This +# leaves most of the filesystem read-only to borgmatic. +ProtectSystem=strict +ReadWritePaths=%I + +# Lower CPU and I/O priority. +Nice=19 +CPUSchedulingPolicy=batch +IOSchedulingClass=best-effort +IOSchedulingPriority=7 +IOWeight=100 + +Restart=no +LogRateLimitIntervalSec=0 + +# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and +# dbus-user-session to be installed. +#ExecStartPre=sleep 1m +ExecStart=/usr/sbin/tmpreaper --test --mtime-dir 60d %I diff --git a/dot_config/systemd/user/tmpreaper@.timer b/dot_config/systemd/user/tmpreaper@.timer new file mode 100644 index 0000000..a1968c7 --- /dev/null +++ b/dot_config/systemd/user/tmpreaper@.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Run tmpreaper daily + +[Timer] +OnCalendar=daily +RandomizedDelaySec=1h +AccuracySec=3h +Persistent=true + +[Install] +WantedBy=timers.target @@ -1068,6 +1068,9 @@ If not, issue a warning." :config (add-to-list 'vc-handled-backends 'git)) +(use-package wc-mode + :ensure t) + (use-package windmove :config (windmove-default-keybindings) diff --git a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx b/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx Binary files differdeleted file mode 100644 index e5f5b58..0000000 --- a/dot_emacs.d/elpa/private_gnupg/private_pubring.kbx +++ /dev/null diff --git a/dot_zshrc.tmpl b/dot_zshrc.tmpl index ed06714..c672966 100644 --- a/dot_zshrc.tmpl +++ b/dot_zshrc.tmpl @@ -587,9 +587,7 @@ NO_verbose \ # GPG / SSH AGENT if command -v keychain > /dev/null && test -d ~/.ssh/keys/{{ .chezmoi.hostname }}; then - ls ~/.ssh/keys/{{ .chezmoi.hostname }}/id_* | \ - grep -E -v '\.pub$' | \ - xargs keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }} + keychain {{ if (eq .chezmoi.os "linux") -}} --systemd {{- end }} ~/.ssh/keys/{{ .chezmoi.hostname }}/id_*[^p][^u][^b] [ -z "$HOSTNAME" ] && HOSTNAME=`uname -n` [ -f $HOME/.keychain/$HOSTNAME-sh ] && . $HOME/.keychain/$HOSTNAME-sh |