These are my dotfiles managed with chezmoi.io for Linux and MacOS (and partially the other shit OS which desperately tries to convert itself into a *nix OS) and NixOS configurations for Desktop and VM.
Program | Name |
---|---|
Linux Distribution | NixOS |
Window Manager | sway |
Bar | waybar |
Wallpaper Setter | sway |
Program Launcher & Menus | rofi |
Clipboard | copyq with special password ignore command |
Screenshot | grimshot |
Colorpicking | hyprpick and gcolor3 |
Nightshifting | gammastep |
Notification | swaync |
Calendar and Meeting Status | vdirsyncer and khal |
Browser | Chrome |
Editor | Nvim with Astrovim |
Normal Font | NotoSans Nerd Font |
Editor/Terminal Font | JetBrainsMono Nerd Font |
Shell | zsh |
Terminal Emulator | wezterm kitty |
See the documentation to learn how to install NixOS on to your system or in a VM.
To install configuration files we use chezmoi
:
chezmoi init https://github.com/gabyx/chezmoi.git
chezmoi diff
and to apply use
-
For non encrypted files use (which is truly non-interactively, no passphrase prompt)
just apply-configs-exclude-encrypted
-
For encrypted files use (which might prompt for the passphrase):
just apply-configs
To deploy the configs you need the minimal stuff installed:
findutils
delta
git
git-lfs
age
just
Chezmoi is configured to use age
as encryption tool with a secret private-key
file config/dot_config/chezmoi/key.age
which was generated with:
age-keygen > key
age-keygen | tee | age -e --armor > key.age && rm key
where the printed private key P
acts as the passphrase to decrypt key.age
.
This file key.age
is encrypted and contains the private key for all age
encryption in this repository. The file is encoded in human-readable PEM format
(--armor
).
The file key.age
is decrypted when chezmoi apply
is run in a
before hook such that all
encrypted files can be decrypted in one go. The decrypted key is then again
deleted in a after hook](config/run_after_delete-decrypted-private-key.sh).
The "passphrase" P
can be stored into the login keyring to make
just apply-configs
pass non-interactively:
secret-tool store --label='Chezmoi Key-File Passphrase' chezmoi keyfile-private-key
Inspect the store with seahorse
.
I am using gnome-online-accounts
because they work flawlessly for a various of
different providers (google
, Exchange
). The mail/calendar client evolution
is really good and has a very nice user-experience also with PGP etc. It is
honestly better than thunderbird
and integrates better into the system and
also from a security perspective (does not contain a browser etc.).
Automated setup of these online accounts apparently works but is still a bit brittle. It is crucial to follow the below steps.
Setting up the accounts happens with the two folders:
~/.config/goa-1.0
~/.config/evolution/sources
Skip to step 3 on a fresh system.
-
Check that there are no online accounts already setup:
XDG_CURRENT_DESKTOP=GNOME gnome-control-center
Check tab
Online Accounts
. -
Make sure you do not have anything in your login keyring with a name starting with
GOA
. Checkseahorse
. Should be automatically true if no online accounts are setup. -
Kill all
evolution
processes:evolution --force-shutdown
. -
Delete all evolution settings and state:
Stop also the services for
evolution
:systemctl --user stop evolution-addressbook-factory.service systemctl --user stop evolution-calendar-factory.service systemctl --user stop evolution-source-registry.service systemctl --user daemon-reload
rm -rf ~/.config/evolution rm -rf ~/.local/share/evolution
-
Apply the two folders
~/.config/goa-1.0
and~/.config/evolution/sources
with (uncomment the ignore in.chezmoiignore
).just cm apply find ~/.config/evolution/sources -type f -name "*.source" | \ xargs -I {} sed -i -E "s@NeedsInitialSetup=false@NeedsInitialSetup=true@" {}
-
Restart the
dbus
service, as it controls thegoa-daemon
. Since we are usingdbus-broker
which exposes alldbus
services assystemd
services we can restart it together with theevolution
services which might still be running.systemctl --user restart dbus-broker
This should log you out and then login again.
Only resetting with
systemctl --user restart dbus-:[email protected]
or just login out did not work. -
Stop any evolution already running after login.
evolution --force-shutdown systemctl --user stop evolution-addressbook-factory.service systemctl --user stop evolution-calendar-factory.service systemctl --user stop evolution-source-registry.service
-
Now provide credentials to the online accounts in
gnome-control-center
:XDG_CURRENT_DESKTOP=GNOME gnome-control-center
-
Check
mail.nix
for adjustments in thedconf
settings GUID strings. -
Start
evolution
and you should see now all accounts be connected and working. Ifevolution
starts up without having picked up the accounts, you probably need anotherdbus
restart above or logout or completerestart
.
-
When I log out and in again, evolution gets sometimes really stuck in authentication and what helps is to do
systemctl --user restart dbus-broker
-
When
vdirsyncer sync
fails you can get the offending calendar entries by doing:curl -u "$user:$password" http://localhost:1080/users/[email protected]/calendar/<file-path>
or delete it with
curl -u "$user:$password" -X DELETE http://localhost:1080/users/[email protected]/calendar/<file-path>
which resolves duplicate items issues.