feat: various justfile improvements

2025-11-01 19:07:52 +00:00 · 2024-03-09 17:38:24 -08:00
parent d3db9c8c8b
commit 195d2e90ff
1 changed files with 33 additions and 7 deletions
--- a/config/files/usr/share/ublue-os/just/60-custom.just
+++ b/config/files/usr/share/ublue-os/just/60-custom.just
@@ -1,5 +1,6 @@
 # Add additional boot parameters for hardening (requires reboot)
 set-kargs-hardening:
+    #!/usr/bin/bash
    rpm-ostree kargs \
      --append-if-missing="init_on_alloc=1" \
      --append-if-missing="init_on_free=1" \
@@ -20,18 +21,43 @@ set-kargs-hardening:
      --append-if-missing="mitigations=auto,nosmt"

 set-kargs-hardening-unstable:
+    #!/usr/bin/bash
    echo "Warning: setting these kargs may lead to boot issues on some hardware."
    rpm-ostree kargs \
      --append-if-missing="efi=disable_early_pci_dma" \
      --append-if-missing="debugfs=off"

 harden-flatpak:
+    #!/usr/bin/bash
    flatpak override --user --filesystem=host-os:ro --env=LD_PRELOAD=/var/run/host/usr/lib64/libhardened_malloc.so

-enable-cups:
-    firewall-cmd --permanent --add-port=631/tcp
-    firewall-cmd --permanent --add-port=631/udp 
-    firewall-cmd --reload 
-    systemctl unmask cups
-    systemctl enable cups
-    systemctl start cups
+toggle-cups:
+    #!/usr/bin/bash
+    if systemctl is-enabled --quiet cups; then
+      firewall-cmd --permanent --remove-port=631/tcp
+      firewall-cmd --permanent --remove-port=631/udp 
+      firewall-cmd --reload 
+      systemctl mask cups
+      systemctl disable cups
+      systemctl stop cups
+    else
+      firewall-cmd --permanent --add-port=631/tcp
+      firewall-cmd --permanent --add-port=631/udp 
+      firewall-cmd --reload 
+      systemctl unmask cups
+      systemctl enable cups
+      systemctl start cups
+    fi
+
+toggle-bluetooth-modules:
+    #!/usr/bin/bash
+    BLUE_MOD_FILE="/etc/modprobe.d/99-bluetooth.conf"
+    if test -e $BLUE_MOD_FILE; then
+      sudo rm -f $BLUE_MOD_FILE
+      echo "Bluetooth kernel modules disabled. Reboot to take effect."
+    else
+      sudo sh -c 'echo "install bluetooth /sbin/modprobe --ignore-install bluetooth" >> "$1"' _ "$BLUE_MOD_FILE"
+      sudo sh -c 'echo "install btusb /sbin/modprobe --ignore-install btusb" >> "$1"' _ "$BLUE_MOD_FILE"
+      sudo chmod 644 $BLUE_MOD_FILE
+      echo "Bluetooth kernel modules enabled. Reboot to take effect."
+    fi