From 16f689ff07d3ef4f1f105a5ad72d7e6e955ea06d Mon Sep 17 00:00:00 2001 From: Emmet Date: Sun, 16 Feb 2025 15:10:05 -0600 Subject: [PATCH] These scripts broke my thinkpad --- modules/system/phoenix/default.nix | 123 +++++++++++++++-------------- scripts/build.sh | 24 ------ scripts/harden.sh | 33 -------- scripts/install.sh | 48 ----------- scripts/pull.sh | 20 ----- scripts/soften.sh | 27 ------- scripts/sync-posthook.sh | 22 ------ scripts/sync.sh | 13 --- scripts/update.sh | 15 ---- scripts/upgrade.sh | 12 --- 10 files changed, 62 insertions(+), 275 deletions(-) delete mode 100755 scripts/build.sh delete mode 100755 scripts/harden.sh delete mode 100755 scripts/install.sh delete mode 100755 scripts/pull.sh delete mode 100755 scripts/soften.sh delete mode 100755 scripts/sync-posthook.sh delete mode 100755 scripts/sync.sh delete mode 100755 scripts/update.sh delete mode 100755 scripts/upgrade.sh diff --git a/modules/system/phoenix/default.nix b/modules/system/phoenix/default.nix index 15217b90..f662df0e 100644 --- a/modules/system/phoenix/default.nix +++ b/modules/system/phoenix/default.nix @@ -18,67 +18,68 @@ config = { environment.systemPackages = with pkgs; [ attic-client - (pkgs.writeScriptBin "phoenix" '' - if [ "$1" = "sync" ]; then - if [ "$#" = 1 ]; then - ${config.systemSettings.dotfilesDir}/scripts/sync.sh; - exit 0; - fi - elif [ "$1" = "refresh" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'refresh' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/sync-posthook.sh; - exit 0; - elif [ "$1" = "update" ]; then - ${config.systemSettings.dotfilesDir}/scripts/update.sh "''${@:2}"; - exit 0; - elif [ "$1" = "upgrade" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'upgrade' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/upgrade.sh; - exit 0; - elif [ "$1" = "pull" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/pull.sh; - exit 0; - elif [ "$1" = "build" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/build.sh; - exit 0; - elif [ "$1" = "harden" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'harden' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/harden.sh; - exit 0; - elif [ "$1" = "soften" ]; then - if [ "$#" -gt 1 ]; then - echo "Warning: The 'soften' command has no subcommands (no $2 subcommand)"; - fi - ${config.systemSettings.dotfilesDir}/scripts/soften.sh; - exit 0; - elif [ "$1" = "gc" ]; then - if [ "$#" -gt 2 ]; then - echo "Warning: The 'gc' command only accepts one argument (collect_older_than)"; - fi - if [ "$2" = "full" ]; then - sudo nix-collect-garbage --delete-old; - nix-collect-garbage --delete-old; - elif [ "$2" ]; then - sudo nix-collect-garbage --delete-older-than $2; - nix-collect-garbage --delete-older-than $2; - else - sudo nix-collect-garbage --delete-older-than 30d; - nix-collect-garbage --delete-older-than 30d; - fi - fi - '') + # TODO rewrite this from scratch without wrappers + #(pkgs.writeScriptBin "phoenix" '' + # if [ "$1" = "sync" ]; then + # if [ "$#" = 1 ]; then + # ${config.systemSettings.dotfilesDir}/scripts/sync.sh; + # exit 0; + # fi + # elif [ "$1" = "refresh" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'refresh' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/sync-posthook.sh; + # exit 0; + # elif [ "$1" = "update" ]; then + # ${config.systemSettings.dotfilesDir}/scripts/update.sh "''${@:2}"; + # exit 0; + # elif [ "$1" = "upgrade" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'upgrade' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/upgrade.sh; + # exit 0; + # elif [ "$1" = "pull" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/pull.sh; + # exit 0; + # elif [ "$1" = "build" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'pull' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/build.sh; + # exit 0; + # elif [ "$1" = "harden" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'harden' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/harden.sh; + # exit 0; + # elif [ "$1" = "soften" ]; then + # if [ "$#" -gt 1 ]; then + # echo "Warning: The 'soften' command has no subcommands (no $2 subcommand)"; + # fi + # ${config.systemSettings.dotfilesDir}/scripts/soften.sh; + # exit 0; + # elif [ "$1" = "gc" ]; then + # if [ "$#" -gt 2 ]; then + # echo "Warning: The 'gc' command only accepts one argument (collect_older_than)"; + # fi + # if [ "$2" = "full" ]; then + # sudo nix-collect-garbage --delete-old; + # nix-collect-garbage --delete-old; + # elif [ "$2" ]; then + # sudo nix-collect-garbage --delete-older-than $2; + # nix-collect-garbage --delete-older-than $2; + # else + # sudo nix-collect-garbage --delete-older-than 30d; + # nix-collect-garbage --delete-older-than 30d; + # fi + # fi + #'') ]; }; } diff --git a/scripts/build.sh b/scripts/build.sh deleted file mode 100755 index 721bb4cf..00000000 --- a/scripts/build.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -# Script to build all systems -# And push to attic cache - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) - - -pushd $SCRIPT_DIR/.. &> /dev/null; -nixos-rebuild build --flake .#snowfire; -attic push emmet ./result; -rm ./result; -nixos-rebuild build --flake .#polarias; -attic push emmet ./result; -rm ./result; -nixos-rebuild build --flake .#zenith; -attic push emmet ./result; -rm ./result; -nixos-rebuild build --flake .#stardust; -attic push emmet ./result; -rm ./result; -nixos-rebuild build --flake .#ori; -attic push emmet ./result; -rm ./result; diff --git a/scripts/harden.sh b/scripts/harden.sh deleted file mode 100755 index 02416d26..00000000 --- a/scripts/harden.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -# This will harden the security of these dotfiles, preventing -# unpriveleged users from editing system-level (root configuration) -# files maliciously - -# Run this inside of ~/.dotfiles (or whatever directory you installed -# the dotfiles to) - -# Run this as root! - -# BTW, this assumes your user account has a PID/GID of 1000 - -# After running this, the command `nix flake update` will require root - -if [ "$#" = 1 ]; then - SCRIPT_DIR=$1; -else - SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -fi -pushd $SCRIPT_DIR/.. &> /dev/null; -sudo chown 0:0 .; -sudo chown 0:0 profiles/*; -sudo chown -R 0:0 system; -sudo chown 0:0 -R scripts; -sudo chown -R 0:0 patches; -sudo chown 0:0 flake.lock; -sudo chown 0:0 flake.nix -sudo chown 0:0 profiles -sudo chown 0:0 profiles/*/configuration.nix; -sudo chown 0:0 profiles/homelab/base.nix; -sudo chown 1000:users **/README.org; -popd &> /dev/null; diff --git a/scripts/install.sh b/scripts/install.sh deleted file mode 100755 index 6b18b53d..00000000 --- a/scripts/install.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/sh - -## THIS DOESN'T WORK ANYMORE BTW - -# TODO update this.. -# Automated script to install my dotfiles - -# Clone dotfiles -if [ $# -gt 0 ] - then - SCRIPT_DIR=$1 - else - SCRIPT_DIR=~/.dotfiles -fi -nix-shell -p git --command "git clone https://gitlab.com/librephoenix/nixos-config $SCRIPT_DIR" - -# Generate hardware config for new system -sudo nixos-generate-config --show-hardware-config > $SCRIPT_DIR/system/hardware-configuration.nix - -# Check if uefi or bios -if [ -d /sys/firmware/efi/efivars ]; then - sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"uefi\";/" $SCRIPT_DIR/flake.nix -else - sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"bios\";/" $SCRIPT_DIR/flake.nix - grubDevice=$(findmnt / | awk -F' ' '{ print $2 }' | sed 's/\[.*\]//g' | tail -n 1 | lsblk -no pkname | tail -n 1 ) - sed -i "0,/grubDevice.*=.*\".*\";/s//grubDevice = \"\/dev\/$grubDevice\";/" $SCRIPT_DIR/flake.nix -fi - -# Patch flake.nix with different username/name and remove email by default -sed -i "0,/emmet/s//$(whoami)/" $SCRIPT_DIR/flake.nix -sed -i "0,/Emmet/s//$(getent passwd $(whoami) | cut -d ':' -f 5 | cut -d ',' -f 1)/" $SCRIPT_DIR/flake.nix -sed -i "s/emmet@librephoenix.com//" $SCRIPT_DIR/flake.nix -sed -i "s+~/.dotfiles+$SCRIPT_DIR+g" $SCRIPT_DIR/flake.nix - -# Open up editor to manually edit flake.nix before install -if [ -z "$EDITOR" ]; then - EDITOR=nano; -fi -$EDITOR $SCRIPT_DIR/flake.nix; - -# Permissions for files that should be owned by root -sudo $SCRIPT_DIR/scripts/harden.sh $SCRIPT_DIR; - -# Rebuild system -sudo nixos-rebuild switch --flake $SCRIPT_DIR#system; - -# Install and build home-manager configuration -nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake $SCRIPT_DIR#user; diff --git a/scripts/pull.sh b/scripts/pull.sh deleted file mode 100755 index 31b5c85e..00000000 --- a/scripts/pull.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -# Automated script to update my non-primary systems -# config to be in sync with upstream git repo while -# preserving local edits to dotfiles via git stash - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) - -# Relax permissions temporarily so git can work -sudo $SCRIPT_DIR/soften.sh $SCRIPT_DIR; - -# Stash local edits, pull changes, and re-apply local edits -pushd $SCRIPT_DIR/.. &> /dev/null; -git stash; -git pull; -git stash apply; -popd &> /dev/null; - -# Permissions for files that should be owned by root -sudo $SCRIPT_DIR/harden.sh $SCRIPT_DIR; diff --git a/scripts/soften.sh b/scripts/soften.sh deleted file mode 100755 index ba3196d4..00000000 --- a/scripts/soften.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh - -# This will soften the security of these dotfiles, allowing -# the default unpriveleged user with UID/GID of 1000 to edit ALL FILES -# in the dotfiles directory - -# This mainly is just here to be used by some scripts - -# Run this inside of ~/.dotfiles (or whatever directory you installed -# the dotfiles to) - -# Run this as root! - -# BTW, this assumes your user account has a UID/GID of 1000 - -# After running this, YOUR UNPRIVELEGED USER CAN MAKE EDITS TO -# IMPORTANT SYSTEM FILES WHICH MAY COMPROMISE THE SYSTEM AFTER -# RUNNING nixos-rebuild switch! - -if [ "$#" = 1 ]; then - SCRIPT_DIR=$1; -else - SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -fi -pushd $SCRIPT_DIR/scripts &> /dev/null; -sudo chown -R 1000:users .; -popd &> /dev/null; diff --git a/scripts/sync-posthook.sh b/scripts/sync-posthook.sh deleted file mode 100755 index 9dcca1fd..00000000 --- a/scripts/sync-posthook.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -# Post hooks to be called after a -# configuration sync - -# Mainly just to reload stylix - -# xmonad -pgrep xmobar &> /dev/null && echo "Killing old xmobar instances" && echo "Running killall xmobar" && killall xmobar &> /dev/null; # xmonad will restart xmobar -pgrep xmonad &> /dev/null && echo "Recompiling xmonad" && echo "Running xmonad --recompile && xmonad --restart" && xmonad --recompile &> /dev/null && xmonad --restart &> /dev/null; -pgrep .dunst-wrapped &> /dev/null && echo "Restarting dunst" && killall .dunst-wrapped && echo "Running dunst" && dunst &> /dev/null & disown; -pgrep xmonad &> /dev/null && echo "Reapplying background from stylix via feh" && echo "Running ~/.fehbg-stylix" && ~/.fehbg-stylix &> /dev/null & disown; - -# hyprland -pgrep Hyprland &> /dev/null && echo "Reloading hyprland" && hyprctl reload &> /dev/null; -pgrep .waybar-wrapped &> /dev/null && echo "Restarting waybar" && killall .waybar-wrapped && echo "Running waybar" && waybar &> /dev/null & disown; -pgrep fnott &> /dev/null && echo "Restarting fnott" && killall fnott && echo "Running fnott" && fnott &> /dev/null & disown; -pgrep hyprpaper &> /dev/null && echo "Reapplying background via hyprpaper" && killall hyprpaper && echo "Running hyprpaper" && hyprpaper &> /dev/null & disown; -pgrep nwggrid-server &> /dev/null && echo "Restarting nwggrid-server" && killall nwggrid-server && echo "Running nwggrid-wrapper" && nwggrid-wrapper &> /dev/null & disown; - -# emacs -pgrep emacs &> /dev/null && echo "Reloading emacs stylix theme" && echo "Running emacsclient --no-wait --eval \"(load-theme 'doom-stylix t nil)\"" && emacsclient --no-wait --eval "(load-theme 'doom-stylix t nil)" &> /dev/null; diff --git a/scripts/sync.sh b/scripts/sync.sh deleted file mode 100755 index b8e8ac53..00000000 --- a/scripts/sync.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh - -# Script to synchronize system state -# with configuration files for nixos system -# and home-manager - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) - -# Rebuild system -sudo nixos-rebuild switch --flake $SCRIPT_DIR/..; - -# Refresh -$SCRIPT_DIR/sync-posthook.sh diff --git a/scripts/update.sh b/scripts/update.sh deleted file mode 100755 index ad2529dd..00000000 --- a/scripts/update.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -# Script to update my flake without -# synchronizing configuration - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) -OUTOFDATEFLAKEREFS=(hyprland/hyprcursor) - -# Update flake -pushd $SCRIPT_DIR/.. &> /dev/null; -sudo nix flake update "$@"; -if [ "$#" -eq 0 ]; then - sudo nix flake update $OUTOFDATEFLAKEREFS; -fi -popd &> /dev/null; diff --git a/scripts/upgrade.sh b/scripts/upgrade.sh deleted file mode 100755 index 08303166..00000000 --- a/scripts/upgrade.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -# Script to update system and sync -# Does not pull changes from git - -SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) - -# Update flake -$SCRIPT_DIR/update.sh; - -# Synchronize system -$SCRIPT_DIR/sync.sh;