Compare commits

..

2 Commits

Author SHA1 Message Date
4e1c5e8115 things 2024-01-20 11:25:54 -06:00
6fcc8c450f add a mail sync thing for gmail 2024-01-20 11:00:03 -06:00
10 changed files with 142 additions and 6 deletions

View File

@ -16,9 +16,9 @@ installation
`sudo nixos-rebuild --flake .#your-flake-name-here switch` `sudo nixos-rebuild --flake .#your-flake-name-here switch`
if you're trying to install `virtbox`, then use the `--impure` flag: if you're trying to install `netbox`, then use the `--impure` flag:
`sudo nixos-rebuild --flake .#virtbox switch --impure` `sudo nixos-rebuild --flake .#netbox switch --impure`
for alternate installations on non-NixOS hosts, a Makefile will be made available for alternate installations on non-NixOS hosts, a Makefile will be made available
@ -28,6 +28,8 @@ things to do
- integrate `disko` and `sops-nix` into the setup - integrate `disko` and `sops-nix` into the setup
- switch from gitea to cgit - switch from gitea to cgit
- establish backup infrastructure for `netbox` - establish backup infrastructure for `netbox`
- move gmail-mail-bridge into mail-sync repo
* (perhaps figure out how to produce a flake for it)
license license
------- -------

View File

@ -113,6 +113,7 @@ in {
[ [
./hardware-configuration.nix ./hardware-configuration.nix
../../modules/bootstrap.nix ../../modules/bootstrap.nix
../../builds/gmail_mail_bridge.nix
]; ];
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
@ -136,6 +137,8 @@ in {
neovim neovim
]; ];
services.gmail_mail_bridge.enable = true;
system.copySystemConfiguration = true; system.copySystemConfiguration = true;
system.stateVersion = "23.05"; # don't change this, lol system.stateVersion = "23.05"; # don't change this, lol
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
@ -412,7 +415,16 @@ in {
services.nginx.virtualHosts."mail.beepboop.systems" = { services.nginx.virtualHosts."mail.beepboop.systems" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
globalRedirect = "cube.beepboop.systems"; locations."/bridge-submit" = {
extraConfig = ''
proxy_pass http://localhost:8041;
'';
};
locations."/" = {
extraConfig = ''
return 301 https://cube.beepboop.systems;
'';
};
}; };
networking.firewall = { networking.firewall = {

View File

@ -0,0 +1,19 @@
{ lib, pkgs, config, ... }:
let
cfg = config.services.gmail_mail_bridge;
appEnv = pkgs.python3.withPackages (p: with p; [ waitress (callPackage ./gmail_mail_bridge/default.nix {}) ]);
in {
options.services.gmail_mail_bridge = {
enable = lib.mkEnableOption "Enable the gmail_mail_bridge";
};
config = lib.mkIf cfg.enable {
systemd.services.gmail_mail_bridge = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${appEnv}/bin/waitress-serve --port=8041 gmail_mail_bridge:app";
StandardOutput = "journal";
};
};
};
}

1
builds/gmail_mail_bridge/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
__pycache_/

View File

@ -0,0 +1,10 @@
synchronize email from gmail accounts whose OAuth access is heavily restricted
background
----------
my school district disabled external OAuth access to email, which is not cool. this script gets around this and creates a bridge so you can recieve emails from your school email.
do note that this is heavily unpolished and most definately insecure. there are some hardcoded credentials (which you can change, it just takes a little technical know-how)
have fun!

View File

@ -0,0 +1,20 @@
{ pkgs, pythonPackages ? (import <nixpkgs> {}).python3Packages }:
pythonPackages.buildPythonPackage {
name = "gmail_mail_bridge";
src = ./gmail_mail_bridge;
propagatedBuildInputs = [ pythonPackages.flask pkgs.system-sendmail ];
installPhase = ''
runHook preInstall
mkdir -p $out/${pythonPackages.python.sitePackages}
cp -r . $out/${pythonPackages.python.sitePackages}/gmail_mail_bridge
runHook postInstall
'';
shellHook = "export FLASK_APP=gmail_mail_bridge";
format = "other";
}

View File

@ -0,0 +1,37 @@
from flask import Flask
from flask import request
from flask import redirect
from flask import abort
import logging
import smtplib
import email
from subprocess import Popen, PIPE, STDOUT
pre_shared_secret = "amongus sussy imposter"
to = "ryan@beepboop.systems"
app = Flask(__name__)
def handle_post(request):
msg = email.message_from_string(request.form["payload"])
del msg["To"]
msg["To"] = to
if not msg["From"]:
msg["From"] = "unknown-sender@mail.beepboop.systems"
s = smtplib.SMTP('localhost')
s.send_message(msg)
s.quit()
@app.route("/bridge-submit", methods = ["GET", "POST"])
def testing():
if request.method == 'POST':
data = request.form
if data['auth'] == pre_shared_secret:
handle_post(request)
else:
return 'you didn\'t use post'
return "default answer"

View File

@ -0,0 +1,12 @@
{ pkgs ? import (fetchTarball "https://github.com/NixOS/nixpkgs/tarball/nixos-23.11") {} }:
pkgs.mkShell {
packages = [
(pkgs.python3.withPackages (ps: [
ps.flask
]))
pkgs.curl
pkgs.jq
];
}

View File

@ -0,0 +1,23 @@
// google-side synchronization
// add a minute-wise trigger for mail synchronization
// go to the sidebar, select triggers, add a new one, configure it
// to run syncMail every minute
function syncMail() {
var threads = GmailApp.search("label:need_processing");
var label = GmailApp.getUserLabelByName("need_processing");
for (var thread of threads) {
for (var message of GmailApp.getMessagesForThread(thread)) {
var formData = {
auth: 'amongus sussy imposter',
payload: message.getRawContent(),
};
var options = {
'method' : 'POST',
'payload' : formData
};
var resp = UrlFetchApp.fetch('https://mail.beepboop.systems/bridge-submit', options);
}
thread.removeLabel(label);
}
}

6
flake.lock generated
View File

@ -209,12 +209,12 @@
}, },
"locked": { "locked": {
"lastModified": 1, "lastModified": 1,
"narHash": "sha256-5xUIhLgUWLJ08JmAOugcD2ut0pNNDzoBOJmcoHA5yAg=", "narHash": "sha256-iemuV19UU8TriqixcvwdRUTa8lIrxc3Krwt4bHpUUWE=",
"path": "/nix/store/dz347nzxk63b999sm3cb7k450f90xzlq-source/builds", "path": "/nix/store/vsn2v6zr402x5cf1w340ifbp2xb07jcg-source/builds",
"type": "path" "type": "path"
}, },
"original": { "original": {
"path": "/nix/store/dz347nzxk63b999sm3cb7k450f90xzlq-source/builds", "path": "/nix/store/vsn2v6zr402x5cf1w340ifbp2xb07jcg-source/builds",
"type": "path" "type": "path"
} }
}, },