From 422cc04b0934bd3b1932aaa25f66e5aba48b799b Mon Sep 17 00:00:00 2001
From: Timo Wilken
Date: Sat, 22 Apr 2023 23:21:43 +0200
Subject: Reinstate vdirsyncer cronjobs

With a long-enough TTL on the passwords in gpg-agent, this should work without
popping up a password prompt every half hour.
---
 tw/home/files/gpg-agent.conf |  5 +++++
 tw/home/lap.scm              | 14 ++++++++------
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/tw/home/files/gpg-agent.conf b/tw/home/files/gpg-agent.conf
index 6f476443..80553267 100644
--- a/tw/home/files/gpg-agent.conf
+++ b/tw/home/files/gpg-agent.conf
@@ -1,4 +1,9 @@
 pinentry-program pinentry-rofi
+# Keep passphrase cached for longer, so that mcron jobs (e.g. restic,
+# vdirsyncer) can access the password store. Vdirsyncer should run every half
+# hour to extend the default-cache-ttl.
+default-cache-ttl 2100  # 35 min
+max-cache-ttl 43200     # 12 h
 # Needed if spawning lots of parallel gpg --decrypt processes.
 # https://dev.gnupg.org/T3530
 auto-expand-secmem
diff --git a/tw/home/lap.scm b/tw/home/lap.scm
index 962e378f..264e566b 100644
--- a/tw/home/lap.scm
+++ b/tw/home/lap.scm
@@ -12,6 +12,7 @@
   #:use-module (gnu home services)
   #:use-module (gnu home services desktop)
   #:use-module (gnu home services guix)
+  #:use-module (gnu home services mcron)
   #:use-module (gnu home services pm)
   #:use-module (gnu home services shepherd)
   #:use-module (gnu packages android)
@@ -56,12 +57,13 @@
        ("newsboat/config.catppuccin" ,catppuccin-newsboat)
        ("vdirsyncer/config" ,(local-file "files/vdirsyncer.conf"))))
 
-   ;; These cron jobs are annoying because they pop up a password prompt every time they run.
-   ;; (simple-service 'pim-cronjobs home-mcron-service-type
-   ;;   (list #~(job "15 */4 * * *"   ; every four hours at HH:15
-   ;;                (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " metasync"))
-   ;;         #~(job "0,30 * * * *"   ; every half hour
-   ;;                (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " sync"))))
+   ;; To avoid popping up a password prompt every time these run, gpg-agent
+   ;; needs a long-enough default-cache-ttl.
+   (simple-service 'pim-cronjobs home-mcron-service-type
+     (list #~(job "15 */4 * * *"   ; every four hours at HH:15
+                  (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " metasync"))
+           #~(job "0,30 * * * *"   ; every half hour
+                  (string-append #$(file-append vdirsyncer "/bin/vdirsyncer") " sync"))))
 
    (simple-service 'mail-files home-files-service-type
      `(;; The file from git main is newer than the one bundled with the
-- 
cgit v1.2.3