Commit 784f09e4efd7

@@ -7,10 +7,25 @@ options.subscribe = true
 ----------
 -- Accounts
 ----------
+
+-- Read password from agenix secret file
+function read_password(filepath)
+	local file = io.open(filepath, "r")
+	if not file then
+		error("Could not open password file: " .. filepath)
+	end
+	local password = file:read("*all"):match("^%s*(.-)%s*$")  -- Trim whitespace
+	file:close()
+	return password
+end
+
+local password_file = "/run/agenix/icloud-vdemeester-password"
+local icloud_password = read_password(password_file)
+
 account = IMAP {
 	server = 'imap.mail.me.com',
 	username = 'vdemeester@icloud.com',
-	-- Password will be provided via command line (-p flag)
+	password = icloud_password,
 	ssl = 'tls1.2',
 }
 

@@ -13,11 +13,11 @@
 
     Service = {
       Type = "oneshot";
-      # Use agenix secret for password
+      # Password is read from agenix secret file in Lua config
       # Verbose mode enabled for testing new filters
-      ExecStart = "${pkgs.imapfilter}/bin/imapfilter -v -c ${./imapfilter-config.lua} -p /run/agenix/icloud-vdemeester-password";
+      ExecStart = "${pkgs.imapfilter}/bin/imapfilter -v -c ${./imapfilter-config.lua}";
       # Standard mode (use after testing is complete)
-      # ExecStart = "${pkgs.imapfilter}/bin/imapfilter -c ${./imapfilter-config.lua} -p /run/agenix/icloud-vdemeester-password";
+      # ExecStart = "${pkgs.imapfilter}/bin/imapfilter -c ${./imapfilter-config.lua}";
     };
   };