Add mail setup guide, remove calendar configs
Documents the full Outlook.com OAuth2 mail setup (rbw, Azure app registration, GPG, mutt-oauth2, mbsync, msmtp, neomutt) for reinstall reference. Removes vdirsyncer/khal configs and calsync alias. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
98
MAIL_SETUP.md
Normal file
98
MAIL_SETUP.md
Normal file
@@ -0,0 +1,98 @@
|
||||
# Mail Setup
|
||||
|
||||
Neomutt + mbsync + msmtp with OAuth2 for Outlook.com personal accounts.
|
||||
Config files are in the dotfiles repo — this covers the manual steps needed on a fresh install.
|
||||
|
||||
## Packages
|
||||
|
||||
```bash
|
||||
sudo dnf install rbw isync msmtp neomutt
|
||||
```
|
||||
|
||||
## 1. rbw (Bitwarden CLI)
|
||||
|
||||
```bash
|
||||
rbw config set email robharbaugh@outlook.com
|
||||
rbw config set base_url https://vault.bitwarden.com
|
||||
rbw login
|
||||
```
|
||||
|
||||
## 2. Azure OAuth2 App Registration
|
||||
|
||||
Do this once. The client ID and secret live in Bitwarden.
|
||||
|
||||
1. Go to portal.azure.com — sign in with robharbaugh@outlook.com as a personal account
|
||||
2. Search **App registrations** → **New registration**
|
||||
3. Name: anything (e.g. `neomutt`)
|
||||
4. Supported account types: **Accounts in any organizational directory and personal Microsoft accounts**
|
||||
5. Redirect URI: **Web** → `http://localhost/`
|
||||
6. Click **Register**, copy the **Application (client) ID** → save to rbw as `outlook-oauth-client-id`
|
||||
7. **Certificates & secrets** → **New client secret** → copy the **Value** → save to rbw as `outlook-oauth-client-secret`
|
||||
8. **API permissions** → **Add a permission** → **APIs my organization uses** → **Office 365 Exchange Online**
|
||||
9. **Delegated permissions** → add: `IMAP.AccessAsUser.All`, `SMTP.Send`, `offline_access`
|
||||
|
||||
## 3. GPG Key
|
||||
|
||||
Check for an existing key first:
|
||||
|
||||
```bash
|
||||
gpg --list-secret-keys
|
||||
```
|
||||
|
||||
If none, generate one:
|
||||
|
||||
```bash
|
||||
gpg --full-generate-key
|
||||
```
|
||||
|
||||
Choose RSA 4096, no expiry, use robharbaugh@outlook.com as the email.
|
||||
Note the short key ID (e.g. `A40B4F53`) — update the keychain line in `.zshrc` with it:
|
||||
|
||||
```zsh
|
||||
eval "$(keychain --eval --quiet --gpg <key-id> github git)"
|
||||
```
|
||||
|
||||
## 4. OAuth2 Token
|
||||
|
||||
```bash
|
||||
mkdir -p ~/.config/neomutt
|
||||
export GPG_TTY=$(tty)
|
||||
python3 /usr/share/neomutt/oauth2/mutt_oauth2.py \
|
||||
~/.config/neomutt/outlook.tokens \
|
||||
--authorize \
|
||||
--provider microsoft \
|
||||
--authflow localhostauthcode \
|
||||
--encryption-pipe "gpg --encrypt --recipient robharbaugh@outlook.com" \
|
||||
--decryption-pipe "gpg --decrypt" \
|
||||
--client-id "$(rbw get outlook-oauth-client-id)" \
|
||||
--client-secret "$(rbw get outlook-oauth-client-secret)"
|
||||
```
|
||||
|
||||
Enter `robharbaugh@outlook.com` when prompted for email and GPG recipient.
|
||||
This opens a browser for the one-time Microsoft login. Tokens are saved to
|
||||
`~/.config/neomutt/outlook.tokens` (encrypted, not in git).
|
||||
|
||||
## 5. Stow configs
|
||||
|
||||
```bash
|
||||
cd ~/.dotfiles
|
||||
stow laptop
|
||||
```
|
||||
|
||||
This symlinks mbsync, msmtp, neomutt, and all other configs into place.
|
||||
|
||||
## 6. Initial mail sync
|
||||
|
||||
```bash
|
||||
mkdir -p ~/mail/outlook ~/.local/share/msmtp
|
||||
mbsync
|
||||
```
|
||||
|
||||
The first sync will take a while depending on mailbox size.
|
||||
|
||||
## Token file
|
||||
|
||||
`~/.config/neomutt/outlook.tokens` is managed by mutt-oauth2 and is not in git.
|
||||
It is GPG-encrypted with your key. If it is lost, re-run step 4.
|
||||
Tokens refresh automatically — you should never need to re-authorize unless
|
||||
you revoke the app in Azure.
|
||||
Reference in New Issue
Block a user