From 1bee491eb4f219983b82c9a9705c5f479a7922be Mon Sep 17 00:00:00 2001
From: Aminda Suomalainen <suomalainen@aminda.eu>
Date: Wed, 9 Apr 2025 11:27:04 +0300
Subject: [PATCH] flatpak-workarounds.bash: split long oneliners since scripts
 don't need oneliners

---
 bash/flatpak-workarounds.bash | 54 +++++++++++++++++++++++++++--------
 1 file changed, 42 insertions(+), 12 deletions(-)

diff --git a/bash/flatpak-workarounds.bash b/bash/flatpak-workarounds.bash
index f256c6a..f814101 100755
--- a/bash/flatpak-workarounds.bash
+++ b/bash/flatpak-workarounds.bash
@@ -8,27 +8,45 @@ set -x
 # Reserved directories that cannot be shared
 # to flatpaks include at least: /usr
 
+# NOTE! Multiple overrides can be set in one command (just pass the --flag
+# multiple times), but for the sake of legibility and un/commenting this
+# isn't done within this script.
+
 # Overrides for all apps improving Quality of Life
 # - debugging with gdb
 # - curl configuration following
 # - text editor configuration
 # - user-specific fonts
-flatpak override --filesystem=~/.gdbinit:ro --filesystem=~/gdb.txt:rw --filesystem=~/.curlrc:ro --filesystem=~/.editorconfig:ro --filesystem=~/.local/share/fonts:ro $@
+flatpak override --filesystem=~/.gdbinit:ro $@
+flatpak override --filesystem=~/gdb.txt:rw $@
+flatpak override --filesystem=~/.curlrc:ro $@
+flatpak override --filesystem=~/.editorconfig:ro $@
+flatpak override --filesystem=~/.local/share/fonts:ro $@
 
 # Public git repositories I access or symlink much.
-# Must be rw for access by text editors, otherwise they are ro or I will repeat myself
-flatpak override --filesystem=~/.shell-things:rw --filesystem=~/src/codeberg.org/Aminda/shell-things:rw --filesystem=~/src/gitea.blesmrt.net/Mikaela/shell-things:rw --filesystem=~/src/gitea.blesmrt.net/Mikaela/gist:rw --filesystem=~/src/gitea.blesmrt.net/Mikaela/scripts:rw --filesystem=~/src/github.com/Mikaela/mikaela.github.io:rw $@
+# Must be rw for access by text editors, otherwise they are ro, or I will repeat myself
+#flatpak override --filesystem=~/.shell-things:rw $@
+flatpak override --filesystem=~/src/codeberg.org/Aminda/shell-things:rw $@
+flatpak override --filesystem=~/src/gitea.blesmrt.net/Mikaela/shell-things:rw $@
+flatpak override --filesystem=~/src/gitea.blesmrt.net/Mikaela/gist:rw $@
+flatpak override --filesystem=~/src/gitea.blesmrt.net/Mikaela/scripts:rw $@
+flatpak override --filesystem=~/src/github.com/Mikaela/mikaela.github.io:rw $@
 
 # EXPERIMENT! All apps may use wayland (sandboxed) and downgrade to
 # X11/xwayland only if current desktop doesn't support wayland.
 # SECURITY! May let untrusted apps spy on everything on X11 desktops, but
-# I either don't have those around or Fedora 40 removes them with the new KDE
-# Plasma. NOTE: fallback-x11 should override x11 socket permission.
-flatpak override --socket=wayland --socket=fallback-x11 --nosocket=x11 --env=ELECTRON_OZONE_PLATFORM_HINT=auto $@
+# I either don't have those around or Fedora 40 removes them with the new
+# KDE Plasma. NOTE: fallback-x11 has deprecated and overrides x11 socket
+# permission.
+flatpak override --socket=wayland $@
+flatpak override --socket=fallback-x11 $@
+flatpak override --nosocket=x11 $@
+flatpak override --env=ELECTRON_OZONE_PLATFORM_HINT=auto $@
 
 # Backticks and a lot of common characters in all Flatpaks
 # https://github.com/flatpak/flatpak/issues/2031
-flatpak override --talk-name=org.fcitx.Fcitx --talk-name=org.freedesktop.portal.Fcitx $@
+flatpak override --talk-name=org.fcitx.Fcitx $@
+flatpak override --talk-name=org.freedesktop.portal.Fcitx $@
 # Darkman automatic theme switching
 flatpak override --talk-name=org.freedesktop.impl.portal.desktop.darkman $@
 
@@ -36,16 +54,22 @@ flatpak override --talk-name=org.freedesktop.impl.portal.desktop.darkman $@
 flatpak override --env=FLATPAK_ENABLE_SDK_EXT=texlive,dotnet,golang $@
 
 # I don't have other nvim on SteamOS
-flatpak override io.neovim.nvim --filesystem=host --filesystem=host-os --filesystem=host-etc $@
+flatpak override io.neovim.nvim --filesystem=host $@
+flatpak override io.neovim.nvim --filesystem=host-os $@
+flatpak override io.neovim.nvim --filesystem=host-etc $@
 
 # https://github.com/flathub/org.briarproject.Briar/issues/5
-flatpak override org.briarproject.Briar --filesystem=~/.briar:create --filesystem=~/.java/.userPrefs/org/briarproject/briar:create --nosocket=fallback-x11 --socket=x11 $@
+flatpak override org.briarproject.Briar --filesystem=~/.briar:create $@
+flatpak override org.briarproject.Briar --filesystem=~/.java/.userPrefs/org/briarproject/briar:create $@
+flatpak override org.briarproject.Briar --nosocket=fallback-x11 $@
+flatpak override org.briarproject.Briar --socket=x11 $@
 
 # Directory I have normal Nextcloud in
 flatpak override com.nextcloud.desktopclient.nextcloud --filesystem=~/Nextcloud:create $@
 
 # PCSX2 files
-flatpak override net.pcsx2.PCSX2 --filesystem=~/.config/PCSX2:create --filesystem=~/PS2:create $@
+flatpak override net.pcsx2.PCSX2 --filesystem=~/.config/PCSX2:create $@
+flatpak override net.pcsx2.PCSX2 --filesystem=~/PS2:create $@
 
 # A directory I can share between native and flatpak Steam so both have the
 # same games without having to navigate weird paths.
@@ -65,7 +89,11 @@ flatpak override me.kozec.syncthingtk --filesystem=~/.config/syncthing:create $@
 flatpak override --filesystem=/run/udev:ro com.microsoft.Edge $@
 
 # Mosh starts by opening an SSH connection and thus it needs to at least read my SSH config. Seeing new keys probably needs rw to known_hosts and as I use sockets, they may need rw. Then there is my config.d being in a private git repo...
-flatpak override --filesystem=~/.ssh/config:ro --filesystem=~/.ssh/config.d:ro --filesystem=~/.ssh/known_hosts:rw --filesystem=~/.ssh/sockets:rw --filesystem=~/src/gitea.blesmrt.net/Mikaela/privgist/ssh/config.d:ro org.mosh.mosh $@
+flatpak override org.mosh.mosh --filesystem=~/.ssh/config:ro $@
+flatpak override org.mosh.mosh --filesystem=~/.ssh/config.d:ro $@
+flatpak override org.mosh.mosh --filesystem=~/.ssh/known_hosts:rw $@
+flatpak override org.mosh.mosh --filesystem=~/.ssh/sockets:rw $@
+flatpak override org.mosh.mosh --filesystem=~/src/gitea.blesmrt.net/Mikaela/privgist/ssh/config.d:ro $@
 
 # Apparently Element needs this talk for encrypted search
 # https://github.com/flathub/im.riot.Riot/issues/303#issuecomment-1816055123
@@ -76,7 +104,9 @@ flatpak override im.riot.Riot --talk-name=org.freedesktop.secrets $@
 flatpak override org.squidowl.halloy --filesystem=~/snap/halloy:create $@
 
 # Hardening GearLever, https://github.com/mijorus/gearlever/issues/143
-flatpak override it.mijorus.gearlever --nofilesystem=host:reset --filesystem=~/.local/share/applications:create --filesystem=~/AppImages:create
+flatpak override it.mijorus.gearlever --nofilesystem=host:reset $@
+flatpak override it.mijorus.gearlever --filesystem=~/.local/share/applications:create $@
+flatpak override it.mijorus.gearlever --filesystem=~/AppImages:create $@
 
 # Display the overrides
 if [ -d /var/lib/flatpak/overrides/ ]; then