Lazy commit

scripts/always/mount.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# ---
+# shellcheck disable=1091
+# ---
+. /usr/local/share/dao/config/dao.conf
+
+CHECK_INTERVAL=30
+BASE_RCLONE_OPTS=(
+	--vfs-cache-mode writes
+	--cache-dir /tmp/rclone-cache
+	--dir-cache-time 5m
+	--poll-interval 1m
+	--timeout 1h
+	--low-level-retries 10
+	--retries 3
+)
+CRYPT_RCLONE_OPTS=(
+	--buffer-size 64M
+	--transfers 4
+)
+
+# Mount configurations: remote:mount_point:name:is_crypt
+MOUNTS=(
+	"koofr:${DAO_STORAGE_DIR}/koofr:koofr:false"
+	"koofr_vault:${DAO_STORAGE_DIR}/vault:vault:true"
+)
+
+ensure_mount() {
+	declare remote="$1" mount_point="$2" mount_name="$3" is_crypt="$4"
+
+	# Return early if already mounted
+	findmnt -rn "$mount_point" >/dev/null 2>&1 && return 0
+
+	declare opts_array=("${BASE_RCLONE_OPTS[@]}")
+	[[ "$is_crypt" == "true" ]] && opts_array+=("${CRYPT_RCLONE_OPTS[@]}")
+
+	/usr/bin/rclone mount "$remote:" "$mount_point" "${opts_array[@]}" &
+}
+
+main() {
+	while true; do
+		for mount_config in "${MOUNTS[@]}"; do
+			IFS=':' read -r remote mount_point mount_name is_crypt <<<"$mount_config"
+			ensure_mount "$remote" "$mount_point" "$mount_name" "$is_crypt"
+		done
+
+		sleep "$CHECK_INTERVAL"
+	done
+}
+
+main "$@"

scripts/on_demand/pwgen.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: pwgen.sh
+# @version: 1.0.1
+# @description: Generate a passphrase
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+set -euo pipefail
+
+declare -gr WORD_LIST='/usr/share/dict/japg.list'
+declare -gr DEFAULT_DELIM='-'
+declare -gi DEFAULT_WORDS=5
+
+
+# ---
+# @return_code: [2] Word-list file not found.
+# @return_code: [3] Required tool 'xclip' not found.
+# shellcheck disable=1091,1090
+# ---
+setup() {
+	. /usr/local/share/dao/libs/libs_dao.sh
+  [[ -f "${WORD_LIST}" ]] || dao::error 2 "Word-list not found: $WORD_LIST"
+  command -v xclip >/dev/null || dao::error 3 "xclip not found (install xclip)"
+}
+
+# ---
+# @arg: $1 - Number of words (optional, defaults to DEFAULT_WORDS).
+# @arg: $2 - Delimiter (optional, defaults to DEFAULT_DELIM).
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [4] Invalid number of words provided.
+# @return_code: [2] Word-list not found (inherited from setup).
+# @return_code: [3] xclip not found (inherited from setup).
+# ---
+main() {
+  setup
+
+  declare num_words="${1:-$DEFAULT_WORDS}"
+  declare delim="${2:-$DEFAULT_DELIM}"
+
+  [[ "${num_words}" =~ ^[1-9][0-9]*$ ]] || dao::error 4 "num_words must be a positive integer"
+
+  declare -a words
+  mapfile -t words < <(shuf -n "$num_words" "$WORD_LIST") || dao::error 1 "Failed to read words from list"
+
+  declare i
+  for i in "${!words[@]}"; do
+    words[i]="${words[i]^}"
+  done
+
+  declare dig_idx=$(( RANDOM % num_words ))
+  words[dig_idx]+=$(( RANDOM % 10 ))
+
+  declare pass
+  IFS="$delim"
+  printf -v pass '%s' "${words[*]}" || dao::error 1 "Failed to construct passphrase"
+
+  printf '%s' "$pass" | xclip -selection clipboard || dao::error 1 "Failed to copy passphrase to clipboard"
+  dao::info "Generated password: $pass"
+  dao::info "Password copied to clipboard."
+}
+
+main "$@"

scripts/on_demand/transfer.sh

@@ -0,0 +1,115 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: jade.sh
+# @version: 1.3.1
+# @description: Lazy script for modifying docker files
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+set -euo pipefail
+
+# ---
+# shellcheck disable=1091
+# ---
+setup() {
+	. /usr/local/share/dao/libs/libs_dao.sh
+	. /usr/local/share/dao/config/dao.conf
+}
+
+# ---
+# @return_code: [3] Download failed.
+# ---
+download_file() {
+  scp -q "${JADE_REMOTE_HOST}:${JADE_REMOTE_PATH}" "$JADE_LOCAL_PATH" || dao::error 3 'Download failed'
+  dao::info "Downloaded: $JADE_LOCAL_PATH"
+}
+
+# ---
+# @return_code: [4] Local file missing.
+# @return_code: [5] Failed to create remote backup.
+# @return_code: [6] Upload failed.
+# ---
+upload_file() {
+  [[ -f "$JADE_LOCAL_PATH" ]] || dao::error 4 "Local file missing: $JADE_LOCAL_PATH"
+  ssh -q "${JADE_REMOTE_HOST}" "[[ -f '${JADE_REMOTE_PATH}' ]] && cp -f '${JADE_REMOTE_PATH}' '${JADE_REMOTE_PATH}.bak'" || dao::error 5 'Failed to create remote backup'
+  scp -q "$JADE_LOCAL_PATH" "${JADE_REMOTE_HOST}:${JADE_REMOTE_PATH}" || dao::error 6 'Upload failed'
+  dao::info "Uploaded: $JADE_LOCAL_PATH"
+  dao::info "Remote file backed up to: ${JADE_REMOTE_PATH}.bak"
+}
+
+# ---
+# @return_code: [7] JADE_EDITOR command not found.
+# @return_code: [3] Download failed (inherited from download_file).
+# ---
+edit_file() {
+  download_file
+  if ! command -v "$JADE_EDITOR" >/dev/null; then
+    dao::error 7 "JADE_EDITOR not found: '$JADE_EDITOR'"
+  fi
+  "$JADE_EDITOR" "$JADE_LOCAL_PATH"
+}
+
+# ---
+# @return_code: [6] Upload failed (inherited from upload_file).
+# @return_code: [8] Remote docker compose up failed.
+# ---
+upload_compose() {
+  upload_file
+  ssh -q "${JADE_REMOTE_HOST}" \
+    "cd '$(dirname "$JADE_REMOTE_PATH")' && exec docker compose up -d --remove-orphans" \
+    || dao::error 8 'Remote docker compose up failed'
+  dao::info 'Remote docker compose up -d completed'
+}
+
+# ---
+# @return_code: [9] Remote docker compose down failed.
+# @return_code: [6] Upload failed (inherited from upload_file).
+# @return_code: [11] Remote docker compose up failed during restart.
+# ---
+upload_restart() {
+  ssh -q "${JADE_REMOTE_HOST}" \
+    "cd '$(dirname "$JADE_REMOTE_PATH")' && exec docker compose down" \
+    || dao::error 9 'Remote docker compose down failed'
+  upload_file
+  ssh -q "${JADE_REMOTE_HOST}" \
+    "cd '$(dirname "$JADE_REMOTE_PATH")' && exec docker compose up -d --remove-orphans" \
+    || dao::error 11 'Remote docker compose up failed during restart'
+  dao::info 'Remote docker compose restart completed'
+}
+
+# ---
+# @return_code: [10] Unknown command-line option.
+# @return_code: [12] Required tool 'scp' not found.
+# @return_code: [13] Required tool 'ssh' not found.
+# @return_code: [14] Unexpected execution mode.
+# @return_code: [N] Errors from called functions (e.g., download_file, upload_file, etc.).
+# ---
+main() {
+  setup
+  declare mode=''
+  while [[ $# -gt 0 ]]; do
+    case "$1" in
+      -d) mode='download' ; shift ;;
+      -u) mode='upload'   ; shift ;;
+      -uc) mode='up'      ; shift ;;
+      -ur) mode='restart' ; shift ;;
+      *) dao::error 10 "Unknown option: $1 (use -d, -u, -uc, -ur)" ;;
+    esac
+  done
+
+  command -v scp >/dev/null || dao::error 12 "'scp' not found"
+  command -v ssh >/dev/null || dao::error 13 "'ssh' not found"
+
+  case "$mode" in
+    download) download_file ;;
+    upload)   upload_file ;;
+    up)       upload_compose ;;
+    restart)  upload_restart ;;
+    '')       edit_file ;;
+    *)        dao::error 14 "Unexpected mode: $mode" ;;
+  esac
+}
+
+main "$@"

scripts/on_demand/update.sh

@@ -0,0 +1,139 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: jau.sh
+# @version: 1.0.0
+# @description: Full system update handler for Fedora-based systems with DNF and Flatpak
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+set -euo pipefail
+
+# ---
+# @description: Perform initial setup checks. Verifies required base commands (dnf, sudo) are available.
+# @return_code: [2] Required tool 'sudo' not found.
+# @return_code: [3] Required tool 'dnf' not found.
+# shellcheck disable=1091,1090
+# ---
+setup() {
+	. /usr/local/share/dao/libs/libs_dao.sh
+
+	command -v sudo >/dev/null || dao::error 2 "sudo not found"
+  sudo sh -c 'command -v dnf >/dev/null' || dao::error 3 "dnf not found (script requires a DNF-based system)"
+}
+
+# ---
+# @description: Install package if missing.
+# @arg: $1 - The name of the package/command to check and install.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [4] Failed to install the specified package.
+# ---
+install_if_missing() {
+  declare pkg="$1"
+  if ! command -v "$pkg" &>/dev/null; then
+    dao::info "Installing missing dependency: $pkg"
+    sudo dnf install -y "$pkg" || dao::error 4 "Failed to install $pkg"
+  else
+    dao::info "Dependency satisfied: $pkg"
+  fi
+}
+
+# ---
+# @description: Refresh DNF cache and update all packages.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [5] Failed to refresh DNF cache.
+# @return_code: [6] DNF update failed.
+# ---
+run_dnf_update() {
+  dao::info "Refreshing DNF cache..."
+  sudo dnf -y makecache --refresh || dao::error 5 "Failed to refresh DNF cache"
+
+  dao::info "Updating all packages..."
+  sudo dnf -y update || dao::error 6 "DNF update failed"
+}
+
+# ---
+# @description: Handle leftover RPM configuration files.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [7] rpmconf execution failed.
+# ---
+handle_rpmconf() {
+  if command -v rpmconf &>/dev/null; then
+    dao::info "Handling leftover RPM configuration files..."
+    sudo rpmconf -a || dao::error 7 "rpmconf execution failed"
+  else
+    dao::info "rpmconf not available; skipping config file handling"
+  fi
+}
+
+# ---
+# @description: Install security updates if any exist.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [8] Security update failed.
+# ---
+install_security_updates() {
+  dao::info "Checking for security updates..."
+  # dnf check-update returns 100 if updates are available, 1 on error, 0 if not.
+  # We only want to proceed if it returns 100 (success with updates) or 0 (no updates).
+  # Using || true prevents set -e from triggering on exit code 100.
+  if sudo dnf check-update --security &>/dev/null || [[ $? -eq 100 ]]; then
+    dao::info "Installing security updates..."
+    sudo dnf -y update --security || dao::error 8 "Security update failed"
+  else
+    dao::info "No security updates available."
+  fi
+}
+
+# ---
+# @description: Remove unused packages and clean cache.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [9] DNF autoremove failed.
+# @return_code: [10] DNF clean failed.
+# ---
+cleanup_packages() {
+  dao::info "Removing unused dependencies..."
+  sudo dnf -y autoremove || dao::error 9 "DNF autoremove failed"
+
+  dao::info "Cleaning cached package data..."
+  sudo dnf clean all || dao::error 10 "DNF clean failed"
+}
+
+# ---
+# @description: Update Flatpak applications and remove unused runtimes.
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [11] Flatpak update failed.
+# @return_code: [12] Flatpak cleanup failed.
+# ---
+update_flatpak() {
+  if command -v flatpak &>/dev/null; then
+    dao::info "Updating Flatpak applications..."
+    flatpak update -y || dao::error 11 "Flatpak update failed"
+
+    dao::info "Removing unused Flatpak runtimes..."
+    flatpak uninstall --unused -y || dao::error 12 "Flatpak cleanup failed"
+  else
+    dao::info "Flatpak not installed; skipping Flatpak updates"
+  fi
+}
+
+# ---
+# @description: Main routine.
+# @arg: $@ - Command-line arguments (currently unused).
+# @return_code: [1] General dao::error (inherits from set -e).
+# @return_code: [N] Errors from called functions (e.g., setup, install_if_missing, etc.).
+# ---
+main() {
+  setup
+  dao::info "Starting system updates..."
+  install_if_missing rpmconf
+  install_if_missing flatpak
+  run_dnf_update
+  handle_rpmconf
+  install_security_updates
+  cleanup_packages
+  update_flatpak
+  dao::info "System updates completed successfully."
+}
+
+main "$@"

scripts/patches/kitty_send.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: kitty_send.sh
+# @version: 1.0.0
+# @description: handles commands from kws alias
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+
+	main() {
+		stty -echo
+		exec "$@"
+		stty echo
+	}
+
+	main "$@"

scripts/reboot/firewall.sh

@@ -0,0 +1,65 @@
+#!/usr/bin/env bash
+# ---
+# @file_name: mullvad_tailscale.sh
+# @version: 1.0.0
+# @description: Installs mullvad nft rules
+# @author: Jamie Albert (empty_produce)
+# @author_contact: <mailto:empty.produce@flatmail.me>
+# @license: GNU Affero General Public License v3.0 (Included in LICENSE)
+# Copyright (C) 2025, Jamie Albert
+# ---
+
+# ---
+# shellcheck disable=1091
+# --
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+setup() {
+	. /usr/local/share/dao/config/dao.conf
+}
+
+wait_for_network() {
+	echo "[i] Waiting for network connectivity..."
+	local max_attempts=30
+	local attempt=1
+
+	while ! ping -c1 -W1 nasa.gov >/dev/null 2>&1; do
+		if [ $attempt -ge $max_attempts ]; then
+			echo "[e] Network not available after ${max_attempts} attempts"
+			exit 1
+		fi
+		echo "[i] Attempt $attempt/${max_attempts}: Network not ready, waiting 2 seconds..."
+		sleep 2
+		((attempt++))
+	done
+	echo "[i] Network connectivity confirmed"
+}
+
+nft_mullvad() {
+	echo "[i] Applying firewall rules..."
+	if sudo nft -f "$DAO_USER_HOME/.config/dao/firewall/mullvad_tailscale.conf"; then
+		echo "[i] Firewall rules applied successfully"
+	else
+		echo "[e] Failed to apply firewall rules"
+		exit 1
+	fi
+}
+
+main() {
+	setup
+	case "${1:-}" in
+		--enable)
+			wait_for_network
+			nft_mullvad
+			;;
+		*)
+			echo "Usage: $0 --enable"
+			exit 1
+			;;
+	esac
+}
+
+main "$@"
+