From b2e70c0210c484108d595ffec32bdb5af1e11865 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Sat, 1 Jul 2023 00:28:59 +0000
Subject: [PATCH] programs: ship msmtp sendmail implementation

---
 hosts/common/programs/assorted.nix    |  1 +
 hosts/common/programs/default.nix     |  1 +
 hosts/common/programs/msmtp.nix       | 25 ++++++++++++++
 secrets/common/msmtp_password.txt.bin | 48 +++++++++++++++++++++++++++
 4 files changed, 75 insertions(+)
 create mode 100644 hosts/common/programs/msmtp.nix
 create mode 100644 secrets/common/msmtp_password.txt.bin

diff --git a/hosts/common/programs/assorted.nix b/hosts/common/programs/assorted.nix
index f73c8697..19c6d2d3 100644
--- a/hosts/common/programs/assorted.nix
+++ b/hosts/common/programs/assorted.nix
@@ -85,6 +85,7 @@ let
   tuiPkgs = {
     inherit (pkgs)
       aerc  # email client
+      msmtp  # sendmail
       offlineimap  # email mailox sync
       sfeed  # RSS fetcher
       visidata  # TUI spreadsheet viewer/editor
diff --git a/hosts/common/programs/default.nix b/hosts/common/programs/default.nix
index 96b29f78..c4f6ef80 100644
--- a/hosts/common/programs/default.nix
+++ b/hosts/common/programs/default.nix
@@ -17,6 +17,7 @@
     ./libreoffice.nix
     ./mepo.nix
     ./mpv.nix
+    ./msmtp.nix
     ./neovim.nix
     ./newsflash.nix
     ./nix-index.nix
diff --git a/hosts/common/programs/msmtp.nix b/hosts/common/programs/msmtp.nix
new file mode 100644
index 00000000..b515d736
--- /dev/null
+++ b/hosts/common/programs/msmtp.nix
@@ -0,0 +1,25 @@
+# docs: <https://nixos.wiki/wiki/Msmtp>
+# validate with e.g.
+# - `echo -e "Content-Type: text/plain\r\nSubject: Test\r\n\r\nHello World" | sendmail test@uninsane.org`
+{ config, lib, ... }:
+
+{
+  sane.programs.msmtp = {
+    secrets.".config/msmtp/password.txt" = ../../../secrets/common/msmtp_password.txt.bin;
+  };
+
+  programs.msmtp = lib.mkIf config.sane.programs.msmtp.enabled {
+    enable = true;
+    accounts = {
+      default = {
+        auth = true;
+        tls = true;
+        tls_starttls = false;  # needed else sendmail hangs
+        from = "Colin <colin@uninsane.org>";
+        host = "mx.uninsane.org";
+        user = "colin";
+        passwordeval = "cat ~/.config/msmtp/password.txt";
+      };
+    };
+  };
+}
diff --git a/secrets/common/msmtp_password.txt.bin b/secrets/common/msmtp_password.txt.bin
new file mode 100644
index 00000000..22e22bf8
--- /dev/null
+++ b/secrets/common/msmtp_password.txt.bin
@@ -0,0 +1,48 @@
+{
+	"data": "ENC[AES256_GCM,data:YyO7oLY57w2k0wkyLH88VHuBew==,iv:Q6rNypn3vmuYy/g9DQ0oY9WYU7j5j3XHNp5v1whOaSE=,tag:hSlLQBuH2EpzujMS/HPAJw==,type:str]",
+	"sops": {
+		"kms": null,
+		"gcp_kms": null,
+		"azure_kv": null,
+		"hc_vault": null,
+		"age": [
+			{
+				"recipient": "age1tnl4jfgacwkargzeqnhzernw29xx8mkv73xh6ufdyde6q7859slsnzf24x",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGcEdPbGJ6RWFZYUVKRUtZ\ncDFYQUxEYWhIYUtxQ1FFZmtrbWdSTU5GM3g4ClFXdE1GQTZiM0ttZTlMVlQ3bVpt\nY2w4blVpRFppclp5WFlSWnNzRm5JT1EKLS0tIFFvZUdqUHE4VGVOR0RxR3BUQnJo\nVngrVlVtTHhCd1NML3ZpeC9XdHU4c3MKDXdy69z+LjN4qpVyoGDdCxFJBrJpNYY5\nr7eD0LXGxQ7Z5/YemPzc2FJQ+IUkxnwB1z7o0hYGQIrvX0TvpjlHig==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1j2pqnl8j0krdzk6npe93s4nnqrzwx978qrc0u570gzlamqpnje9sc8le2g",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRUEZCdmdmZHJmUjhUTUV1\nZnFBQzl2M29MY2tKcnRyeGhNYUZlSEEyT0ZnCjRuMGgzZWtYQWZaZGpYWlJHMHVo\nNi9WU1grK01lVGZkdGZENU5XOTBCbWMKLS0tIFN5SkNhbXZTZDEwbE84T1Z6M0RS\nQmhlbHQwN2ZzSXR5Q1ZsbHBvOUdiZ2cKSTLrKPM0TELStaqGZ7PvTyQeotREzYll\nbVNpxfpHadfOYTu0Qn2d/H8haY58hYia6tzKrMFRrnxl8r5fnk4jeg==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1z8fauff34cdecr6sjkre260luzxcca05kpcwvhx988d306tpcejsp63znu",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjMjV5WjI2YmYzdWNtU1Fw\ndVNlUFZQYmVmallCNFYvOWxxdHVZRjgzWWxRCmovenJqL2JpRHMxYkZXS2RBcUtL\nWmRndFZuaW5WMFlGSWgrVFZuaDJid0UKLS0tIDVpaGZhVmFSYVkrQzlSeGFxQkFQ\nMklCNDlndkFTb2l1aU5Pa0FEZ2UveHMKQnm7zJxPNvCw92Jog76nDaDQYUQpSXZ+\nmbIf0daqIu4yQhKlen/I6p4hWvr8a4mvmVqIkwL13MNRS4hzKb3NLg==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1zsrsvd7j6l62fjxpfd2qnhqlk8wk4p8r0dtxpe4sdgnh2474095qdu7xj9",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBYTEZONjRZa0FvWVcxSkMy\nYjZKaFpxcnBYbFI3SFVzc2Y0cWVEZGlCVHpVCi9tZGFnazVOeHZEZVdnSmUvL2FE\nQnJJbS9KNmtwNElvcWE1WGVQcG1Rd1kKLS0tIFpzQXp2ODBiaWtCbnVtTEZyYlRD\nSU5KTWdJdW5oNUpLQmVIZXM5bGxMK0kKNMTR3OpNL0POPmS9SbMAPFzW33uaz5EJ\nnOTnSlaSe/50bBPiHY9P5UAmNSr6prA86FV4sneGDz9C8yxFGaA0fw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1vnw7lnfpdpjn62l3u5nyv5xt2c965k96p98kc43mcnyzpetrts9q54mc9v",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtS3JDY2NpeFpJNi9HZHF5\nVkViTkJvdUsyTmVEMUN2UVFBQ0dybUFLY1UwCnl1L1RTdGlkYlhSTEQ3N0xYQzBj\nV3lTRGFyVzgwWDhJTXMweVhsWm1nQUUKLS0tIEErL1k5QmpkektkNm1ocjJ0Mlg5\nakpySVdjQ1c4Y05PUi9uYTR5V3p1bU0KCM7XHKnwS356DuKE/P0uOXO4Yu6Eyi58\nDtmgsaojXMnD9+dIP0Y1+2BY6L/uXizEakdfLTaGJcELq2sZX9Qmdw==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1w7mectcjku6x3sd8plm8wkn2qfrhv9n6zhzlf329e2r2uycgke8qkf9dyn",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiK24zS0h0Q1FEZDBKM2t3\nUHdlWXpaYzNQQzQrN0NPUXVVdWo5dmY4dVZrCktNRXNvVDZpejIxT2FvZmlHWlRU\nWmRZb1N1VFJ0ampRRVhuZGJIQU9pL0UKLS0tIEFXZk1zLzh1NFFKQnF5RzVSM2J1\ndlRXYnFUTFVDS1pybjRzNWkyaUlyQmcKysTv+9YJ7E+KBBtzlAlilZlkGg94nWGE\nE773pduaDN12ojMfc+JPdOU5oTISZk4/QvBL+kmAQI8AlmSap9Ix4w==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1tzlyex2z6t88tg9h82943e39shxhmqeyr7ywhlwpdjmyqsndv3qq27x0rf",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhciswMkkrRDVBZmdSeml4\nTkhHeUh6UkVUb2tielkydmh5U0NmaGVWUEFVCndra0ZLeHYwaS9lMHladzVybWNX\nL1hsYlFPTzJCMElJZ2hWVGcyYTdCZkkKLS0tIHI0b3lyaldqNS9WT3BZUjVKMmZu\nZzBmakRFeHFxT0RMWCtONVIwV0VpT28KizkDpls5SVyypJY7aUF4v1DGdVLTMLLM\n2efp7mQB5YYvjKzXCiG+hYRWSbIS/5sHtE40ofmcCPijj7jY3wegUA==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age18vq5ktwgeaysucvw9t67drqmg5zd5c5k3le34yqxckkfj7wqdqgsd4ejmt",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHNHlhMkpscUJzdk5JMXVI\naGpjdEYxV3BvdFd5bjJLaUNQVndRWERkOXk4CnU5NW9aS0NNVEM4b2xvemtEc05V\nT3h4UjNOZ3F3ZW9VclQvOTNtcER0dU0KLS0tIGN5WisxWHBNQk9sYWlDbUp2eE8z\nR2RweVR4ZEo2ek45N0UwQWM1eVBFdUkK4e2noR5Xn8evKxh7GbAi7szT8uXBfn8K\nqgWlCWkUusUanRqJkmdi0y3zJxjtgs5bMU8JSF14hTwWveoIc/Ec+A==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2023-06-30T23:57:28Z",
+		"mac": "ENC[AES256_GCM,data:ScjOtgbxqhHLf7egk6Dpd46VioYMzOSA5/bPM2JckuSJodxAhE4HIlZuTP5kxOX1Bx2sNSIsgL0NMoXNxVkfHlMWq4PnzhZg9t0tPqXs2+zxIgKaQdXrRmEstlaFEgoEr7nEMcrzILyKefKIBqPisruilPrRiso5n/yf/LKUV+U=,iv:S+Fjf+h+t0VD07LLQdsl6k1VDx7FjvWby4WseeqF2AQ=,tag:6n76tJKS9bciSZy5a2CM+g==,type:str]",
+		"pgp": null,
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.7.3"
+	}
+}
\ No newline at end of file