From 2bf3acc33a3957d7ea8a810478ec5e84172e1720 Mon Sep 17 00:00:00 2001
From: Matei Adriel <rafaeladriel11@gmail.com>
Date: Fri, 2 Feb 2024 05:28:32 +0100
Subject: [PATCH] Set up intray client with selfhosted server

---
 .sops.yaml                                    |   4 +-
 flake.lock                                    | 110 +++++++++---------
 home/features/cli/productivity/intray.nix     |  11 +-
 .../cli/productivity/{smos => }/secrets.yaml  |   5 +-
 .../cli/productivity/smos/default.nix         |   2 +-
 home/global.nix                               |   3 +
 6 files changed, 74 insertions(+), 61 deletions(-)
 rename home/features/cli/productivity/{smos => }/secrets.yaml (65%)

diff --git a/.sops.yaml b/.sops.yaml
index 8e3bd80..268e1ca 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -11,7 +11,7 @@ creation_rules:
         - *prescientmoon
         - *tethys
         - *lapetus
-  - path_regex: hosts/nixos/common/optional/services/acme/secrets.yaml
+  - path_regex: hosts/nixos/common/optional/services/acme/s?ecrets.yaml
     key_groups:
       - age: 
         - *prescientmoon
@@ -25,7 +25,7 @@ creation_rules:
     key_groups:
       - age:
         - *prescientmoon
-  - path_regex: home/features/cli/productivity/smos/secrets.yaml
+  - path_regex: home/features/cli/productivity/secrets.yaml
     key_groups:
       - age:
         - *prescientmoon
diff --git a/flake.lock b/flake.lock
index 4c3f47d..f8c2a70 100644
--- a/flake.lock
+++ b/flake.lock
@@ -45,11 +45,11 @@
     "autodocodec": {
       "flake": false,
       "locked": {
-        "lastModified": 1700495536,
-        "narHash": "sha256-a71Ea0alRBJyQdb24HseEN3U7zc71PqqXBfWELAO6IA=",
+        "lastModified": 1701673930,
+        "narHash": "sha256-Mv8LNgJrQpHpuxg7jMuYuUoLeWCW+0OvqST4KNJYH9k=",
         "owner": "NorfairKing",
         "repo": "autodocodec",
-        "rev": "e7f4ec8d1d47e77c0f7fe83c8032abae5b082572",
+        "rev": "958a1c51fbf2f166974a60e2d0a5d266483baff5",
         "type": "github"
       },
       "original": {
@@ -367,11 +367,11 @@
     "dekking": {
       "flake": false,
       "locked": {
-        "lastModified": 1697914016,
-        "narHash": "sha256-f7GKRmZQMztuEHLdu3B29j+mldMunzwO03GcEFw+7eY=",
+        "lastModified": 1702048665,
+        "narHash": "sha256-DHGLHBiZMNUaaVDVM979gKh2N5BqOssBIQTWGKfoPls=",
         "owner": "NorfairKing",
         "repo": "dekking",
-        "rev": "930252d59c3bb5c2d51cb02ecc6863d93e623c6a",
+        "rev": "e74091e032254c70740769996564d55ceac51278",
         "type": "github"
       },
       "original": {
@@ -451,11 +451,11 @@
     "fast-myers-diff": {
       "flake": false,
       "locked": {
-        "lastModified": 1696885120,
-        "narHash": "sha256-wqJ0/P3pXOISDhRHpEt11GVYllb+DFt46Mh+k/y1bYw=",
+        "lastModified": 1701674450,
+        "narHash": "sha256-1RP8wXPZGKB/OSdxcjvxAJCqC+trWzrNcD7UGAdpHiA=",
         "owner": "NorfairKing",
         "repo": "fast-myers-diff",
-        "rev": "c106ef803c69ef9440399247ec4ffd59c84f6fc7",
+        "rev": "7fe372e635f293cc76de95773bdc4f0eaae89597",
         "type": "github"
       },
       "original": {
@@ -1332,16 +1332,16 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1700392168,
-        "narHash": "sha256-v5LprEFx3u4+1vmds9K0/i7sHjT0IYGs7u9v54iz/OA=",
+        "lastModified": 1702195709,
+        "narHash": "sha256-+zRjWkm5rKqQ57PuLZ3JF3xi3vPMiOJzItb1m/43Cq4=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "28535c3a34d79071f2ccb68671971ce0c0984d7e",
+        "rev": "6761b8188b860f374b457eddfdb05c82eef9752f",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-23.05",
+        "ref": "release-23.11",
         "repo": "home-manager",
         "type": "github"
       }
@@ -1485,15 +1485,15 @@
         "yesod-static-remote": "yesod-static-remote"
       },
       "locked": {
-        "lastModified": 1700650769,
-        "narHash": "sha256-uAMKf3hNVNCHJlo89ZQW/Pyk/gCCGSWm9jYT5lFP2I0=",
-        "owner": "NorfairKing",
+        "lastModified": 1706843322,
+        "narHash": "sha256-7//FpXaLEMFBOza/j55+EqJ7Qp1IWE80ZdwgY2whb/s=",
+        "owner": "Mateiadrielrafael",
         "repo": "intray",
-        "rev": "aaba614e7405699aa87d03e0d89319a08780d16d",
+        "rev": "56b1f64555c57202ec6e5a90870158fff6dcdc63",
         "type": "github"
       },
       "original": {
-        "owner": "NorfairKing",
+        "owner": "Mateiadrielrafael",
         "repo": "intray",
         "type": "github"
       }
@@ -1555,11 +1555,11 @@
     "linkcheck": {
       "flake": false,
       "locked": {
-        "lastModified": 1685701263,
-        "narHash": "sha256-h6Pw8X+Bd61S/WMPbMYCQl6R7C2intDDEHedI6DPfS4=",
+        "lastModified": 1701875443,
+        "narHash": "sha256-+M79SDqj833VtQ31G+gYn2kYnnRP1Ju7fglGKbdKOfw=",
         "owner": "NorfairKing",
         "repo": "linkcheck",
-        "rev": "4ce1fd2b63db1401acb6ac87f5696af66837d9df",
+        "rev": "02d6a52177f4ea77dbd62fba04f51b0702797ca5",
         "type": "github"
       },
       "original": {
@@ -1689,11 +1689,11 @@
     "mergeless": {
       "flake": false,
       "locked": {
-        "lastModified": 1696885427,
-        "narHash": "sha256-s7EllBrL5snLincPywcBg1vQvu97Qy0KhBXKS8p2q1s=",
+        "lastModified": 1701875444,
+        "narHash": "sha256-w4jSyaT7EnJO6UpjYMtme3eHEtTTGU1ig0ZhqWt1A0s=",
         "owner": "NorfairKing",
         "repo": "mergeless",
-        "rev": "af70d2eb3055bdba54be960fa14ee5c55a60772e",
+        "rev": "6eaf0f7cbff4b11cc2c56f95366f77ed5c2ec1b7",
         "type": "github"
       },
       "original": {
@@ -1866,16 +1866,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1687466461,
-        "narHash": "sha256-oupXI7g7RPzlpGUfAu1xG4KBK53GrZH8/xeKgKDB4+Q=",
-        "owner": "nixos",
+        "lastModified": 1700204040,
+        "narHash": "sha256-xSVcS5HBYnD3LTer7Y2K8ZQCDCXMa3QUD1MzRjHzuhI=",
+        "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ecb441f22067ba1d6312f4932a7c64efa8d19a7b",
+        "rev": "c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad",
         "type": "github"
       },
       "original": {
-        "owner": "nixos",
-        "ref": "nixos-23.05",
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -2196,16 +2196,16 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1700403855,
-        "narHash": "sha256-Q0Uzjik9kUTN9pd/kp52XJi5kletBhy29ctBlAG+III=",
+        "lastModified": 1702346276,
+        "narHash": "sha256-eAQgwIWApFQ40ipeOjVSoK4TEHVd6nbSd9fApiHIw5A=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "c757e9bd77b16ca2e03c89bf8bc9ecb28e0c06ad",
+        "rev": "cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-23.05",
+        "ref": "nixos-23.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -2338,11 +2338,11 @@
     "openapi-code-generator": {
       "flake": false,
       "locked": {
-        "lastModified": 1687352838,
-        "narHash": "sha256-2P3MZISa6qiwMGrt0Rsc+lPKzFYdvARwUzhvxvj6k3Y=",
+        "lastModified": 1702632142,
+        "narHash": "sha256-WA2SDidIOwWICL9ycH4ZrvWSE+2mkg3B1FsJApfkROU=",
         "owner": "Haskell-OpenAPI-Code-Generator",
         "repo": "Haskell-OpenAPI-Client-Code-Generator",
-        "rev": "aca57e0134f6322ecfaed226b2b4698f60f5a7f6",
+        "rev": "35f6ea94d0b49ead5cbb88b56027dd8e18c1aaa7",
         "type": "github"
       },
       "original": {
@@ -2406,11 +2406,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1700064067,
-        "narHash": "sha256-1ZWNDzhu8UlVCK7+DUN9dVQfiHX1bv6OQP9VxstY/gs=",
+        "lastModified": 1702456155,
+        "narHash": "sha256-I2XhXGAecdGlqi6hPWYT83AQtMgL+aa3ulA85RAEgOk=",
         "owner": "cachix",
         "repo": "pre-commit-hooks.nix",
-        "rev": "e558068cba67b23b4fbc5537173dbb43748a17e8",
+        "rev": "007a45d064c1c32d04e1b8a0de5ef00984c419bc",
         "type": "github"
       },
       "original": {
@@ -2620,11 +2620,11 @@
     "safe-coloured-text": {
       "flake": false,
       "locked": {
-        "lastModified": 1696884906,
-        "narHash": "sha256-7CanCNOCB5gFwqhEPFIoOojoM1iVJZKF5YRy7unUDuo=",
+        "lastModified": 1701941869,
+        "narHash": "sha256-BOsn+Q92scoIy0XPqAIjZ5iio2WE5mx0DThCdL1ajUs=",
         "owner": "NorfairKing",
         "repo": "safe-coloured-text",
-        "rev": "50abcbfa2a2ed15c6186fa2381fe818bd93a730b",
+        "rev": "b8f83cfb47ed6ada2da2d55979cf2b7dd3867b2f",
         "type": "github"
       },
       "original": {
@@ -2700,11 +2700,11 @@
     "seocheck": {
       "flake": false,
       "locked": {
-        "lastModified": 1685701315,
-        "narHash": "sha256-H3i9ng2kO+FYtVoEG07CBS8gLB+qvLnyazwFpCSu5oE=",
+        "lastModified": 1701875442,
+        "narHash": "sha256-DbMNVgSmt2weeJ9Th6vN+vuyiaaJJwzV8QqoDV2qHro=",
         "owner": "NorfairKing",
         "repo": "seocheck",
-        "rev": "6226a03a68c0504cd36870a0859a0f88e058e9d7",
+        "rev": "ae488b173bdd3962b7429ae4fed7c9bc11250a4d",
         "type": "github"
       },
       "original": {
@@ -2906,11 +2906,11 @@
     "sydtest": {
       "flake": false,
       "locked": {
-        "lastModified": 1696883645,
-        "narHash": "sha256-Yr5piSv96hgKC7z7aHqo8kMKJPyL8ZG2lbDb7oFUZxw=",
+        "lastModified": 1701869719,
+        "narHash": "sha256-+qrn2utn8W754ifrm5phT3DtAtK78vjlNObFWRHRxHg=",
         "owner": "NorfairKing",
         "repo": "sydtest",
-        "rev": "6313c1b211d14c1215cdf97b9933675cf9c2adb9",
+        "rev": "d22ec20ca32854f880295cb373f84e874be916bb",
         "type": "github"
       },
       "original": {
@@ -3261,11 +3261,11 @@
     "validity": {
       "flake": false,
       "locked": {
-        "lastModified": 1696884006,
-        "narHash": "sha256-w2dKXZrNxXm/hsYkef5ZLTDxm3IsIzdj3i2qc1GC+A8=",
+        "lastModified": 1701673254,
+        "narHash": "sha256-TsSkc2kqAoJ/S6HaK4t4S9r7nDvcHEPiNzMjlPnkb4Y=",
         "owner": "NorfairKing",
         "repo": "validity",
-        "rev": "34e17fe6d92765209f1db8127aee13c74285805d",
+        "rev": "57c4897ccfeb3de60489e0328113798f059ef140",
         "type": "github"
       },
       "original": {
@@ -3418,11 +3418,11 @@
     "yesod-autoreload": {
       "flake": false,
       "locked": {
-        "lastModified": 1691567166,
-        "narHash": "sha256-+7sDs7yoxA4FY6qKzNVEIV+mIkp96IjwLZT5z5yLSH0=",
+        "lastModified": 1701870511,
+        "narHash": "sha256-Bk4w5HDdN3CyIIxrKDsNe0uB79aWn/gqb8O80XxB3o0=",
         "owner": "NorfairKing",
         "repo": "yesod-autoreload",
-        "rev": "dfd89eaa65f77c1f1a5a38810d9513b3649971e4",
+        "rev": "f6455e7ccb58c8e13c4698869812e73e015f94fc",
         "type": "github"
       },
       "original": {
diff --git a/home/features/cli/productivity/intray.nix b/home/features/cli/productivity/intray.nix
index dc4ff39..7cb875c 100644
--- a/home/features/cli/productivity/intray.nix
+++ b/home/features/cli/productivity/intray.nix
@@ -1,7 +1,16 @@
-{
+{ config, ... }: {
+  sops.secrets.intray_password.sopsFile = ./secrets.yaml;
+
   programs.intray = {
     enable = true;
     data-dir = "/persist/state/home/adrielus/intray";
     cache-dir = "/persist/local/cache/home/adrielus/intray";
+    config.sync = "AlwaysSync";
+    sync = {
+      enable = true;
+      username = "prescientmoon";
+      password-file = config.sops.secrets.intray_password.path;
+      url = "https://api.intray.moonythm.dev";
+    };
   };
 }
diff --git a/home/features/cli/productivity/smos/secrets.yaml b/home/features/cli/productivity/secrets.yaml
similarity index 65%
rename from home/features/cli/productivity/smos/secrets.yaml
rename to home/features/cli/productivity/secrets.yaml
index ce4d25e..e5ec582 100644
--- a/home/features/cli/productivity/smos/secrets.yaml
+++ b/home/features/cli/productivity/secrets.yaml
@@ -1,4 +1,5 @@
 smos_github_token: ENC[AES256_GCM,data:kqy5mQf96DoPN1iEt2akJWFfD3IJWdSkvZa0MeAyF0WJ/+V5P5C4iQ==,iv:QwmIdV/vzGTLE89XJVi3prgfmXqRa/OYcp9CA7KJDYc=,tag:+S1EZBcxoOQO2ADjDx9STQ==,type:str]
+intray_password: ENC[AES256_GCM,data:lTCLWSZIk93LhzHJ/ymc,iv:NcmCK3raatp25cKY6GrlL9hiuJp4HGzVNk/eWqDoobo=,tag:v1dirckcNXJjATvMikfNYw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -14,8 +15,8 @@ sops:
             Y2E3bmM1TkZoOEN0anJqYUNSQUN5ZDAKtobUBBKbfaUeiPtKN4/oTNaxY3C2joCK
             8h4FlRLXd+CGnAyjN2p4FliWzLgmOg4HFNmZSmYLpIh4E9yqadNSSg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-01-31T18:33:00Z"
-    mac: ENC[AES256_GCM,data:HMJ9K1Ox0GPFgi7yG+Kb7ogHCQHXhj0hZEWGs0gLFHw0qqXBAUpAZfqVDd5DvNQSK7m4lRoxZC+wyc2ni0o95QGoDM1wA83npalvTEZyRI+9N0TAsrO03JHq+1uSawwLEhmHjvcVsX8W3d5hJzY+/Tq21D14SBKMqXxgHwHsH2E=,iv:dEyBbXDHboP/x0Bqo7p3YHh8gJWWfmTNLAZhUYeqkfc=,tag:WduTOOkgox6GRtLkm2Zkdw==,type:str]
+    lastmodified: "2024-02-02T03:44:59Z"
+    mac: ENC[AES256_GCM,data:iE5vx//Kxf1sZKRAuypRiimfoHvZsyDoKZsqQQtS9XeJHLj8ruMR7sqReNJ8G/0GPWhCBKepo+lEAoBkdlbaCPflERbC15AhIKtg/4qTd5sdOzyS7ZhFRDrca3KPu1xYasZVq0Q9aZp8+pFEDBkhVxY57LI6aIYYCXeixLK6+eg=,iv:ifUq5+J1t9N0sT+eK67ajku+fylsPlpNSZMu5z/BbSA=,tag:Yguv1koZljV9GHXT1nZmHQ==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1
diff --git a/home/features/cli/productivity/smos/default.nix b/home/features/cli/productivity/smos/default.nix
index bd7228b..1a7fdfa 100644
--- a/home/features/cli/productivity/smos/default.nix
+++ b/home/features/cli/productivity/smos/default.nix
@@ -21,7 +21,7 @@ in
   ];
 
   sops.secrets.smos_github_token = {
-    sopsFile = ./secrets.yaml;
+    sopsFile = ../secrets.yaml;
     path = "${config.xdg.dataHome}/smos/.github_token";
   };
   # }}}
diff --git a/home/global.nix b/home/global.nix
index b143591..a84a6ea 100644
--- a/home/global.nix
+++ b/home/global.nix
@@ -61,6 +61,9 @@ in
   # Tell sops-nix to use ssh keys for decrypting secrets
   sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ];
 
+  # By default the paths given by sops contain annoying %r sections
+  sops.defaultSymlinkPath = "${config.home.homeDirectory}/.nix-sops";
+
   # Allow root to read persistent files from this user.
   home.persistence."/persist/home/adrielus".allowOther = true;