Moved scripts into scripts/

scripts/harden.sh

@@ -0,0 +1,33 @@
+#!/bin/sh
+
+# This will harden the security of these dotfiles, preventing
+# unpriveleged users from editing system-level (root configuration)
+# files maliciously
+
+# Run this inside of ~/.dotfiles (or whatever directory you installed
+# the dotfiles to)
+
+# Run this as root!
+
+# BTW, this assumes your user account has a PID/GID of 1000
+
+# After running this, the command `nix flake update` will require root
+
+if [ "$#" = 1 ]; then
+    SCRIPT_DIR=$1;
+else
+    SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+fi
+pushd $SCRIPT_DIR/.. &> /dev/null;
+sudo chown 0:0 .;
+sudo chown 0:0 profiles/*;
+sudo chown -R 0:0 system;
+sudo chown 0:0 -R scripts;
+sudo chown -R 0:0 patches;
+sudo chown 0:0 flake.lock;
+sudo chown 0:0 flake.nix
+sudo chown 0:0 profiles
+sudo chown 0:0 profiles/*/configuration.nix;
+sudo chown 0:0 profiles/homelab/base.nix;
+sudo chown 1000:users **/README.org;
+popd &> /dev/null;

scripts/install.sh

@@ -0,0 +1,45 @@
+#!/bin/sh
+
+# Automated script to install my dotfiles
+
+# Clone dotfiles
+if [ $# -gt 0 ]
+  then
+    SCRIPT_DIR=$1
+  else
+    SCRIPT_DIR=~/.dotfiles
+fi
+nix-shell -p git --command "git clone https://gitlab.com/librephoenix/nixos-config $SCRIPT_DIR"
+
+# Generate hardware config for new system
+sudo nixos-generate-config --show-hardware-config > $SCRIPT_DIR/system/hardware-configuration.nix
+
+# Check if uefi or bios
+if [ -d /sys/firmware/efi/efivars ]; then
+    sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"uefi\";/" $SCRIPT_DIR/flake.nix
+else
+    sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"bios\";/" $SCRIPT_DIR/flake.nix
+    grubDevice=$(findmnt / | awk -F' ' '{ print $2 }' | sed 's/\[.*\]//g' | tail -n 1 | lsblk -no pkname | tail -n 1 )
+    sed -i "0,/grubDevice.*=.*\".*\";/s//grubDevice = \"\/dev\/$grubDevice\";/" $SCRIPT_DIR/flake.nix
+fi
+
+# Patch flake.nix with different username/name and remove email by default
+sed -i "0,/emmet/s//$(whoami)/" $SCRIPT_DIR/flake.nix
+sed -i "0,/Emmet/s//$(getent passwd $(whoami) | cut -d ':' -f 5 | cut -d ',' -f 1)/" $SCRIPT_DIR/flake.nix
+sed -i "s/emmet@librephoenix.com//" $SCRIPT_DIR/flake.nix
+sed -i "s+~/.dotfiles+$SCRIPT_DIR+g" $SCRIPT_DIR/flake.nix
+
+# Open up editor to manually edit flake.nix before install
+if [ -z "$EDITOR" ]; then
+    EDITOR=nano;
+fi
+$EDITOR $SCRIPT_DIR/flake.nix;
+
+# Permissions for files that should be owned by root
+sudo $SCRIPT_DIR/scripts/harden.sh $SCRIPT_DIR;
+
+# Rebuild system
+sudo nixos-rebuild switch --flake $SCRIPT_DIR#system;
+
+# Install and build home-manager configuration
+nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake $SCRIPT_DIR#user;

scripts/pull.sh

@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# Automated script to update my non-primary systems
+# config to be in sync with upstream git repo while
+# preserving local edits to dotfiles via git stash
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+# Relax permissions temporarily so git can work
+sudo $SCRIPT_DIR/scripts/soften.sh $SCRIPT_DIR;
+
+# Stash local edits, pull changes, and re-apply local edits
+pushd $SCRIPT_DIR/.. &> /dev/null;
+git stash;
+git pull;
+git stash apply;
+popd &> /dev/null;
+
+# Permissions for files that should be owned by root
+sudo $SCRIPT_DIR/harden.sh $SCRIPT_DIR;

scripts/soften.sh

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# This will soften the security of these dotfiles, allowing
+# the default unpriveleged user with UID/GID of 1000 to edit ALL FILES
+# in the dotfiles directory
+
+# This mainly is just here to be used by some scripts
+
+# Run this inside of ~/.dotfiles (or whatever directory you installed
+# the dotfiles to)
+
+# Run this as root!
+
+# BTW, this assumes your user account has a UID/GID of 1000
+
+# After running this, YOUR UNPRIVELEGED USER CAN MAKE EDITS TO
+# IMPORTANT SYSTEM FILES WHICH MAY COMPROMISE THE SYSTEM AFTER
+# RUNNING nixos-rebuild switch!
+
+if [ "$#" = 1 ]; then
+    SCRIPT_DIR=$1;
+else
+    SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+fi
+pushd $SCRIPT_DIR/scripts &> /dev/null;
+sudo chown -R 1000:users .;
+popd &> /dev/null;

scripts/sync-posthook.sh

@@ -0,0 +1,22 @@
+#!/bin/sh
+
+# Post hooks to be called after a
+# configuration sync
+
+# Mainly just to reload stylix
+
+# xmonad
+pgrep xmobar &> /dev/null && echo "Killing old xmobar instances" && echo "Running killall xmobar" && killall xmobar &> /dev/null; # xmonad will restart xmobar
+pgrep xmonad &> /dev/null && echo "Recompiling xmonad" && echo "Running xmonad --recompile && xmonad --restart" && xmonad --recompile &> /dev/null && xmonad --restart &> /dev/null;
+pgrep .dunst-wrapped &> /dev/null && echo "Restarting dunst" && killall .dunst-wrapped && echo "Running dunst" && dunst &> /dev/null & disown;
+pgrep xmonad &> /dev/null && echo "Reapplying background from stylix via feh" && echo "Running ~/.fehbg-stylix" && ~/.fehbg-stylix &> /dev/null & disown;
+
+# hyprland
+pgrep Hyprland &> /dev/null && echo "Reloading hyprland" && hyprctl reload &> /dev/null;
+pgrep .waybar-wrapped &> /dev/null && echo "Restarting waybar" && killall .waybar-wrapped && echo "Running waybar" && waybar &> /dev/null & disown;
+pgrep fnott &> /dev/null && echo "Restarting fnott" && killall fnott && echo "Running fnott" && fnott &> /dev/null & disown;
+pgrep hyprpaper &> /dev/null && echo "Reapplying background via hyprpaper" && killall hyprpaper && echo "Running hyprpaper" && hyprpaper &> /dev/null & disown;
+pgrep nwggrid-server &> /dev/null && echo "Restarting nwggrid-server" && killall nwggrid-server && echo "Running nwggrid-wrapper" && nwggrid-wrapper &> /dev/null & disown;
+
+# emacs
+pgrep emacs &> /dev/null && echo "Reloading emacs stylix theme" && echo "Running emacsclient --no-wait --eval \"(load-theme 'doom-stylix t nil)\"" && emacsclient --no-wait --eval "(load-theme 'doom-stylix t nil)" &> /dev/null;

scripts/sync-system.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Script to synchronize system state
+# with configuration files for nixos system
+# and home-manager
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+# Rebuild system
+sudo nixos-rebuild switch --flake $SCRIPT_DIR/..#system;

scripts/sync-user.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# Script to synchronize system state
+# with configuration files for nixos system
+# and home-manager
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+# Install and build home-manager configuration
+home-manager switch --flake $SCRIPT_DIR/..#user -b bkp;
+
+$SCRIPT_DIR/sync-posthook.sh

scripts/sync.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Script to synchronize system state
+# with configuration files for nixos system
+# and home-manager
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+$SCRIPT_DIR/sync-system.sh
+$SCRIPT_DIR/sync-user.sh

scripts/update.sh

@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Script to update my flake without
+# synchronizing configuration
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+# Update flake
+pushd $SCRIPT_DIR/.. &> /dev/null;
+sudo nix flake update;
+sudo nix-channel --update;
+nix-channel --update;
+popd &> /dev/null;

scripts/upgrade.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+
+# Script to update system and sync
+# Does not pull changes from git
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+
+# Update flake
+$SCRIPT_DIR/update.sh;
+
+# Synchronize system
+$SCRIPT_DIR/sync.sh;