5 files changed, 47 insertions, 5 deletions

diff --git a/flake.lock b/flake.lock
index 97d2059..3fb2155 100644
--- a/flake.lock
+++ b/flake.lock
@@ -168,6 +168,26 @@
         "type": "github"
       }
     },
+    "homeage": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1669234151,
+        "narHash": "sha256-TwT87E3m2TZLgwYJESlype14HxUOrRGojPM5C2akrMg=",
+        "owner": "jordanisaacs",
+        "repo": "homeage",
+        "rev": "02bfe4ca06962d222e522fff0240c93946b20278",
+        "type": "github"
+      },
+      "original": {
+        "owner": "jordanisaacs",
+        "repo": "homeage",
+        "type": "github"
+      }
+    },
     "naersk": {
       "inputs": {
         "nixpkgs": "nixpkgs_2"
@@ -282,6 +302,7 @@
         "emacs-overlay": "emacs-overlay",
         "futils": "futils",
         "home-manager": "home-manager",
+        "homeage": "homeage",
         "naersk": "naersk",
         "nixpkgs": "nixpkgs_3",
         "nur": "nur",
diff --git a/flake.nix b/flake.nix
index d82a782..f08ceb7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -33,6 +33,11 @@
       };
     };
 
+    homeage = {
+      url = "github:jordanisaacs/homeage";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     rust = {
       url = "github:oxalica/rust-overlay";
       inputs.nixpkgs.follows = "nixpkgs";
diff --git a/home/mail/accounts/default.nix b/home/mail/accounts/default.nix
index 5ebba2c..de735b5 100644
--- a/home/mail/accounts/default.nix
+++ b/home/mail/accounts/default.nix
@@ -1,8 +1,14 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, self, ... }:
 let cfg = config.my.home.mail;
 in
 {
   config = lib.mkIf cfg.enable {
+    # to replace the secret go to
+    # https://app.fastmail.com/settings/security/devicekeys
+    homeage.file."fastmail-imap" = {
+      source = "${self}/home/secrets/fastmail/imap.age";
+    };
+
     accounts.email = {
       accounts = {
         Fastmail = rec {
@@ -11,7 +17,7 @@ in
           userName = address;
           realName = "Franck Cuny";
           aliases = [ "franck.cuny@gmail.com" ];
-          passwordCommand = "pass email/imap.fastmail.com";
+          passwordCommand = "${pkgs.coreutils}/bin/cat '${config.homeage.mount}/fastmail-imap'";
           imap.host = "imap.fastmail.com";
           smtp.host = "smtp.fastmail.com";
           mbsync = {
@@ -66,9 +72,6 @@ in
       Unit = { Description = "mbsync synchronization"; };
       Service = {
         Type = "oneshot";
-        Environment = [
-          "PASSWORD_STORE_DIR=${config.programs.password-store.settings.PASSWORD_STORE_DIR}"
-        ];
         ExecStartPre = [
           "${pkgs.notmuch}/bin/notmuch tag '-inbox' 'tag:inbox AND tag:archive'"
           "${pkgs.afew}/bin/afew -m -v --notmuch-config=${config.xdg.configHome}/notmuch/default/config"
diff --git a/home/secrets/fastmail/imap.age b/home/secrets/fastmail/imap.age
new file mode 100644
index 0000000..07dfdd1
--- /dev/null
+++ b/home/secrets/fastmail/imap.age
@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> X25519 f/Opj/dLP20YsybwZwwfCBRcb4wWVSMv4P9tuVQUNDA
+9xBaFHWpO15X2nt1urk5f59K5x7oRHxIi5q7B8UvM+Q
+--- huYSJRJfQnxoHH5APR9tm+NS/xtyw56bRImLdcwiY3Q
+�x��k���>��w�:l�������R�+i[�����oV�ZL?�
\ No newline at end of file
diff --git a/nix/mkHomeManagerConfiguration.nix b/nix/mkHomeManagerConfiguration.nix
index cdd25bd..fc98c7c 100644
--- a/nix/mkHomeManagerConfiguration.nix
+++ b/nix/mkHomeManagerConfiguration.nix
@@ -18,9 +18,17 @@ inputs.home-manager.lib.homeManagerConfiguration {
         homeDirectory = "/home/${username}";
         stateVersion = stateVersion;
       };
+      homeage = {
+        identityPaths = [ "~/.age/key.txt" ];
+        installationType = "activation";
+        mount = "/home/${username}/.secrets";
+      };
+      imports = [ inputs.homeage.homeManagerModules.homeage ];
     }
   ];
 
+  extraSpecialArgs = { inherit inputs self; };
+
   pkgs = import inputs.nixpkgs {
     inherit system;
     config.allowUnfree = true;