aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/systemd-units
Commit message (Collapse)AuthorAgeFilesLines
* feat(waybar+sway): bluetooth module + unify wifi/bt toggle pathsLibravatar sommerfeld2026-05-131-0/+4
| | | | | | | | | | | | | | | - systemd-units/system/bt.txt: new file pairing the meta/bt.txt group; enables bluetooth.service via 'just unit-apply' - waybar: add the built-in bluetooth module; on-click runs the same bt-toggle.sh that XF86Bluetooth has always invoked. Status colors: blue when adapter is up, green when a device is connected, gray off - sway: XF86WLAN now runs wifi-toggle.sh (iwd D-Bus) instead of 'rfkill toggle wifi'. The latter required rfkill group membership (user is in wheel only), and aligning on the busctl path means the keybind and the waybar click drive the same code XF86RFKill (panic-disable all radios) keeps using 'rfkill toggle all' — that scope is genuinely rfkill-shaped.
* feat(sway): autostart Signal via user systemd unitLibravatar sommerfeld2026-05-131-0/+1
| | | | | | | Sway does not honour XDG $HOME/.config/autostart/, so the in-app 'start at login' toggle is a no-op. Use a user unit wired into sway-session.target with --start-in-tray, matching the existing waybar/swayidle/cliphist/etc. pattern.
* feat(nix): hybrid setup with flakes + direnv for per-project dev shellsLibravatar sommerfeld2026-05-131-0/+3
| | | | | | | | | | | | | | | | | | Install Nix (multi-user daemon) on Arch and wire up direnv so any project can declare its toolchain in a flake.nix and get a hermetic dev shell on cd. No NixOS, no home-manager, no migration off paru/chezmoi — just one new package manager scoped to project dev shells. - meta/nix.txt: nix from extra repo - meta/dev.txt: direnv (general-purpose, not nix-specific) - systemd-units/system/nix.txt: nix-daemon.socket (socket-activated) - etc/nix/nix.conf: enable flakes + nix-command, trusted-users=@wheel, auto-optimise-store, keep-outputs/derivations so direnv envs survive GC - dot_config/direnv/direnvrc: load nix-direnv 3.1.1 via source_url with pinned sha256 (not packaged for Arch; refusing -git AUR) - dot_config/nix/templates/{flake.nix,dev/}: flake template usable via 'nix flake init -t ~/.config/nix/templates' - dot_config/zsh/dot_zshrc: 'eval "$(direnv hook zsh)"'
* feat(net): nftables laptop firewallLibravatar sommerfeld2026-05-131-0/+1
| | | | | | | | | | | | | Default-deny inbound, allow outbound. Scoped to 'inet filter' with 'destroy table' on reload so podman/netavark tables are preserved. - meta/base.txt: add nftables - systemd-units/system/base.txt: enable nftables.service - etc/nftables.conf: laptop ruleset (loopback, ct state, ICMP/ICMPv6 essentials, DHCPv6 client, default-drop input/forward, accept output) - etc/sysctl.d/99-sysctl.conf: rp_filter=2, no redirects, no source-route, log_martians - README.md: firewall section with reload caveat
* feat(units): seed user unit lists from managed drop-insLibravatar sommerfeld2026-05-133-0/+19
| | | | | | | | | | | | | Curate the user units whose definitions or overrides we manage under dot_config/systemd/user/: - graphical.txt: cliphist-{image,text}, display-watcher, swayidle, waybar — all WantedBy=sway-session.target. - mail.txt: protonmail-bridge.service — managed via a drop-in override. Also extend user/.ignore with the socket-activated pipewire/wireplumber stack and a handful of distro defaults so 'just unit-status' stays quiet on a clean system.
* refactor(units): split systemd-units into system/ and user/ treesLibravatar sommerfeld2026-05-134-0/+4
| | | | | | | | | | | | | | | Move the three existing files into systemd-units/system/ and seed systemd-units/user/ with a .ignore stub. Teach the unit-* recipes a user:/system: group-token prefix (bare names keep system semantics for back-compat). unit-apply and unit-status now walk both scopes; user units go through 'systemctl --user' (no sudo), system units via 'sudo systemctl' as before. Soft-fail per unit preserved for both scopes. Top-level add/forget dispatchers need no changes: the unit-extension sniff already routes anything ending in .service/.timer/etc to unit-*, and user:base passes through as the group token. Docs updated in README.md and .github/copilot-instructions.md.
* fix(just): unit-status handles template instances and static unitsLibravatar sommerfeld2026-05-132-1/+1
| | | | | | | | - use systemctl is-enabled per curated unit (list-unit-files does not show instantiated template units like btrfs-scrub@-.timer) - accept static/indirect/generated/alias states in addition to enabled - drop pkgstats.timer from curated (no [Install] section) - ignore systemd-oomd.socket (distro default)
* chore(meta): add fwupd, smartmontools; enable oomd, smartd, btrfs-scrub, ↵Libravatar sommerfeld2026-05-131-1/+4
| | | | fwupd-refresh; drop fstrim.timer
* fix(services): ignore more networkd/resolved companion socketsLibravatar sommerfeld2026-04-211-0/+5
| | | | | | | systemd-networkd-resolve-hook.socket, systemd-networkd-varlink.socket, systemd-networkd-varlink-metrics.socket, systemd-resolved-monitor.socket, systemd-resolved-varlink.socket are all auto-activated via dependency graphs of their parent services and have no [Install] of their own.
* fix(services): drop systemd-networkd.socket from curated, add to .ignoreLibravatar sommerfeld2026-04-212-1/+1
| | | | | | | systemd-networkd.socket has no [Install] section; it's auto-activated by systemd-networkd.service via Sockets=. systemctl enable fails on it. It still shows as enabled (symlinked from the service's dependency graph), so add it to .ignore to keep drift output clean.
* feat(services): add .ignore list for distro-default noiseLibravatar sommerfeld2026-04-211-0/+7
| | | | | | | | | | systemd-units/.ignore is a user-maintainable list of units to suppress from 'just services-drift' uncurated output. Starts with three systemd presets that are harmless noise: remote-fs.target, systemd-network-generator.service, systemd-userdbd.socket. The dotfile is outside the *.txt glob so services / services-enable don't accidentally pick it up.
* feat(services): curate systemd-networkd alongside iwdLibravatar sommerfeld2026-04-211-0/+3
| | | | | User runs iwd (wifi auth) + systemd-networkd (IP config) together, with systemd-networkd-wait-online as boot gate.
* feat(services): curate tor + pcscd, filter @ templates from driftLibravatar sommerfeld2026-04-212-0/+5
| | | | | | | | | | - tor.service -> systemd-units/btc.txt (pairs with tor in meta/btc.txt) - pcscd.socket -> systemd-units/base.txt (smartcards, used by GPG) - services-drift now filters @-template units (getty@ etc.), which are abstract and can't be curated meaningfully anyway systemd-networkd.{service,socket,wait-online} remain uncurated; that's a real decision (conflicts with iwd) left to disable by hand.
* feat(services): curated systemd units via just recipesLibravatar sommerfeld2026-04-211-0/+13
Introduce systemd-units/<group>.txt files paired by name with meta groups (systemd-units/base.txt <-> meta/base.txt). Units listed there are enabled by a new 'just services-enable' recipe, wired into 'just init' so bootstrap.sh no longer needs its own systemctl loop. New justfile recipes (Services section): services list curated units with enabled/active state services-enable idempotent 'systemctl enable --now', soft-fail per unit services-drift two-way diff vs systemctl list-unit-files bootstrap.sh drops its hardcoded 9-unit loop and laptop TLP block (~22 lines); 'just init' now handles it. tlp.service lives directly in systemd-units/base.txt (no laptop gating).
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-01 07:22:07 +0000