diff --git a/modules/misc/news.nix b/modules/misc/news.nix index 3dbb01723..1b6fd3299 100644 --- a/modules/misc/news.nix +++ b/modules/misc/news.nix @@ -1861,6 +1861,35 @@ in { Some plugins require this to be set to 'false' to function correctly. ''; } + + { + time = "2024-12-08T17:22:13+00:00"; + condition = let + usingMbsync = any (a: a.mbsync.enable) + (attrValues config.accounts.email.accounts); + in usingMbsync; + message = '' + isync/mbsync 1.5.0 has changed several things. + + isync gained support for using $XDG_CONFIG_HOME, and now places + its config file in '$XDG_CONFIG_HOME/isyncrc'. + + isync changed the configuration options SSLType and SSLVersion to + TLSType and TLSVersion respectively. + + All instances of + 'accounts.email.accounts..mbsync.extraConfig.account' + that use 'SSLType' or 'SSLVersion' should be replaced with 'TLSType' + or 'TLSVersion', respectively. + + TLSType options are unchanged. + + TLSVersions has a new syntax, requiring a change to the Nix syntax. + Old Syntax: SSLVersions = [ "TLSv1.3" "TLSv1.2" ]; + New Syntax: TLSVersions = [ "+1.3" "+1.2" "-1.1" ]; + NOTE: The minus symbol means to NOT use that particular TLS version. + ''; + } ]; }; } diff --git a/modules/programs/mbsync-accounts.nix b/modules/programs/mbsync-accounts.nix index abe5a8ca8..8dc03b122 100644 --- a/modules/programs/mbsync-accounts.nix +++ b/modules/programs/mbsync-accounts.nix @@ -225,6 +225,8 @@ in { default = { }; example = literalExpression '' { + TLSType = "IMAP"; + TLSVersions = [ "+1.3" "+1.2" "-1.1" ]; PipelineDepth = 10; Timeout = 60; }; diff --git a/modules/programs/mbsync.nix b/modules/programs/mbsync.nix index 3437602e9..00371b7f1 100644 --- a/modules/programs/mbsync.nix +++ b/modules/programs/mbsync.nix @@ -30,7 +30,7 @@ let genTlsConfig = tls: { - SSLType = if !tls.enable then + TLSType = if !tls.enable then "None" else if tls.useStartTls then "STARTTLS" @@ -267,7 +267,7 @@ in { programs.notmuch.new.ignore = [ ".uidvalidity" ".mbsyncstate" ]; - home.file.".mbsyncrc".text = let + xdg.configFile."isyncrc".text = let accountsConfig = map genAccountConfig mbsyncAccounts; # Only generate this kind of Group configuration if there are ANY accounts # that do NOT have a per-account groups/channels option(s) specified. diff --git a/tests/modules/programs/mbsync/mbsync-expected.conf b/tests/modules/programs/mbsync/mbsync-expected.conf index 171109782..89074957e 100644 --- a/tests/modules/programs/mbsync/mbsync-expected.conf +++ b/tests/modules/programs/mbsync/mbsync-expected.conf @@ -4,7 +4,7 @@ IMAPAccount hm-account CertificateFile /etc/ssl/certs/ca-certificates.crt Host imap.example.org PassCmd "password-command 2" -SSLType IMAPS +TLSType IMAPS User home.manager.jr IMAPStore hm-account-remote @@ -56,8 +56,8 @@ IMAPAccount hm@example.com CertificateFile /etc/ssl/certs/ca-certificates.crt Host imap.example.com PassCmd password-command -SSLType IMAPS -SSLVersions TLSv1.3 TLSv1.2 +TLSType IMAPS +TLSVersions +1.3 +1.2 -1.1 User home.manager IMAPStore hm@example.com-remote diff --git a/tests/modules/programs/mbsync/mbsync.nix b/tests/modules/programs/mbsync/mbsync.nix index ffc1635e2..3880a313a 100644 --- a/tests/modules/programs/mbsync/mbsync.nix +++ b/tests/modules/programs/mbsync/mbsync.nix @@ -21,7 +21,7 @@ with lib; accounts.email.accounts = { "hm@example.com".mbsync = { enable = true; - extraConfig.account.SSLVersions = [ "TLSv1.3" "TLSv1.2" ]; + extraConfig.account.TLSVersions = [ "+1.3" "+1.2" "-1.1" ]; groups.inboxes = { channels = { inbox1 = { @@ -79,8 +79,8 @@ with lib; test.stubs.isync = { }; nmt.script = '' - assertFileExists home-files/.mbsyncrc - assertFileContent home-files/.mbsyncrc ${./mbsync-expected.conf} + assertFileExists home-files/.config/isyncrc + assertFileContent home-files/.config/isyncrc ${./mbsync-expected.conf} ''; }; }