systemd: remove unnecessary full paths

This commit is contained in:
Aminda Suomalainen 2024-10-04 13:21:21 +03:00
parent 3ea2736c47
commit 11d517e644
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q
25 changed files with 103 additions and 85 deletions

View File

@ -4,10 +4,11 @@ Description=Aminda's deduplication service
[Service] [Service]
Type=oneshot Type=oneshot
TimeoutStartSec=infinity TimeoutStartSec=infinity
ExecStart=-/usr/bin/duperemove -rdhq --hashfile=/root/home.hash /home # Contained in `systemd-path search-binaries-default`
ExecStart=-/usr/bin/duperemove -rdhq --hashfile=/root/usr-local-bin.hash /usr/local/bin ExecStart=-duperemove -rdhq --hashfile=/root/home.hash /home
ExecStart=-/usr/bin/duperemove -rdhq --hashfile=/root/flatpak.hash /var/lib/flatpak ExecStart=-duperemove -rdhq --hashfile=/root/usr-local-bin.hash /usr/local/bin
ExecStart=-/usr/bin/duperemove -rdhq --hashfile=/root/snap.hash /var/lib/snapd ExecStart=-duperemove -rdhq --hashfile=/root/flatpak.hash /var/lib/flatpak
ExecStart=-duperemove -rdhq --hashfile=/root/snap.hash /var/lib/snapd
User=root User=root
StandardOutput=journal StandardOutput=journal
StandardError=journal StandardError=journal

View File

@ -1,4 +1,5 @@
[Service] [Service]
# https://superuser.com/a/1290109 # https://superuser.com/a/1290109
ExecStartPre=-/usr/sbin/btrfs balance start -dusage=25 -dlimit=10 -musage=25 -mlimit=10 / # Contained in `systemd-path search-binaries-default`
ExecStartPost=-/usr/sbin/btrfs balance start -dusage=50 / ExecStartPre=-btrfs balance start -dusage=25 -dlimit=10 -musage=25 -mlimit=10 /
ExecStartPost=-btrfs balance start -dusage=50 /

View File

@ -3,4 +3,4 @@
# WARNING: This is most likely a bad idea. My excuse is this system being on # WARNING: This is most likely a bad idea. My excuse is this system being on
# a small USB STICK with nothing important on it, what is yours? # a small USB STICK with nothing important on it, what is yours?
ExecStart= ExecStart=
ExecStart=-/usr/bin/duperemove -rdhq --hashfile=/root/rootfs.hash / ExecStart=-duperemove -rdhq --hashfile=/root/rootfs.hash /

View File

@ -7,52 +7,53 @@ Type=oneshot
TimeoutStartSec=infinity TimeoutStartSec=infinity
Environment=LINUXBREWUSER=root Environment=LINUXBREWUSER=root
Environment=LINUXBREWGROUP=wheel Environment=LINUXBREWGROUP=wheel
ExecStartPre=-/usr/bin/echo 1 > /sys/devices/system/cpu/microcode/reload # Remember `systemd-path search-binaries-default`
ExecStartPre=-echo 1 > /sys/devices/system/cpu/microcode/reload
# - means it can fail, without failing those after it. # - means it can fail, without failing those after it.
# These aren't given --now as THEY WOULD INFINITE LOOP. # These aren't given --now as THEY WOULD INFINITE LOOP.
ExecStartPre=-/usr/bin/systemctl enable aminda-nocron-rebootish.service ExecStartPre=-systemctl enable aminda-nocron-rebootish.service
ExecStartPre=-/usr/bin/systemctl enable aminda-nocron-rebootish.timer ExecStartPre=-systemctl enable aminda-nocron-rebootish.timer
ExecStartPre=-/usr/bin/systemctl enable --now unbound.service ExecStartPre=-systemctl enable --now unbound.service
ExecStartPre=-/usr/bin/systemctl enable --now systemd-resolved.service ExecStartPre=-systemctl enable --now systemd-resolved.service
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0 ExecStartPre=-sysctl net.ipv6.conf.all.disable_ipv6=0
# These services are called here, so # These services are called here, so
ExecStartPre=-/usr/bin/systemctl start firewalld.service ExecStartPre=-systemctl start firewalld.service
# https://github.com/systemd/zram-generator # https://github.com/systemd/zram-generator
#ExecStart=-/usr/bin/systemctl start /dev/zram0 #ExecStart=-systemctl start /dev/zram0
ExecStart=-/usr/bin/systemctl enable --now systemd-zram-setup@zram0.service ExecStart=-systemctl enable --now systemd-zram-setup@zram0.service
# Ensure we really allow ICMPv6 on FEDORA (or firewalld). Also other essential services. # Ensure we really allow ICMPv6 on FEDORA (or firewalld). Also other essential services.
ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp ExecStart=-firewall-cmd --add-protocol=ipv6-icmp
ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp --zone=home ExecStart=-firewall-cmd --add-protocol=ipv6-icmp --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=ssh --permanent ExecStart=-firewall-cmd --add-service=ssh --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=ssh --permanent --zone=home ExecStart=-firewall-cmd --add-service=ssh --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=mosh --permanent ExecStart=-firewall-cmd --add-service=mosh --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=mosh --permanent --zone=home ExecStart=-firewall-cmd --add-service=mosh --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=ntp --permanent ExecStart=-firewall-cmd --add-service=ntp --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=ntp --permanent --zone=home ExecStart=-firewall-cmd --add-service=ntp --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=syncthing --permanent ExecStart=-firewall-cmd --add-service=syncthing --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=syncthing --permanent --zone=home ExecStart=-firewall-cmd --add-service=syncthing --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=mdns --permanent ExecStart=-firewall-cmd --add-service=mdns --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=mdns --permanent --zone=home ExecStart=-firewall-cmd --add-service=mdns --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --add-service=kdeconnect --permanent ExecStart=-firewall-cmd --add-service=kdeconnect --permanent
ExecStart=-/usr/bin/firewall-cmd --add-service=kdeconnect --permanent --zone=home ExecStart=-firewall-cmd --add-service=kdeconnect --permanent --zone=home
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=9001/udp ExecStart=-firewall-cmd --permanent --add-port=9001/udp
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=9001/udp --zone=home ExecStart=-firewall-cmd --permanent --add-port=9001/udp --zone=home
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=6771/udp ExecStart=-firewall-cmd --permanent --add-port=6771/udp
ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=6771/udp --zone=home ExecStart=-firewall-cmd --permanent --add-port=6771/udp --zone=home
# 3rd party Xbox controller initialization. See Mikaela/gist/gayming/ # 3rd party Xbox controller initialization. See Mikaela/gist/gayming/
#ExecStart=-/root/fixcontroller.py #ExecStart=-/root/fixcontroller.py
# This is actually in the delayed variant of this service, but anyway # This is actually in the delayed variant of this service, but anyway
ExecStart=-/usr/bin/systemctl enable --now yggdrasil.service ExecStart=-systemctl enable --now yggdrasil.service
ExecStart=-/usr/bin/systemctl enable --now ssh.service ExecStart=-systemctl enable --now ssh.service
ExecStart=-/usr/bin/systemctl enable --now sshd.service ExecStart=-systemctl enable --now sshd.service
ExecStart=-/usr/bin/systemctl enable --now sshguard.service ExecStart=-systemctl enable --now sshguard.service
ExecStart=-/usr/bin/systemctl enable --now unbound.service ExecStart=-systemctl enable --now unbound.service
ExecStart=-/usr/bin/systemctl enable --now chrony.service ExecStart=-systemctl enable --now chrony.service
ExecStart=-/usr/bin/systemctl enable --now chronyd.service ExecStart=-systemctl enable --now chronyd.service
ExecStart=-/usr/bin/systemctl enable --now systemd-oomd.service systemd-oomd.socket ExecStart=-systemctl enable --now systemd-oomd.service systemd-oomd.socket
ExecStart=-/bin/chown -R ${LINUXBREWUSER}:${LINUXBREWGROUP} /home/linuxbrew -R ExecStart=-chown -R ${LINUXBREWUSER}:${LINUXBREWGROUP} /home/linuxbrew -R
ExecStart=-/bin/chmod -R u+rw,g+rw,o+r /home/linuxbrew ExecStart=-chmod -R u+rw,g+rw,o+r /home/linuxbrew
ExecStart=-/bin/setfacl -R -m g:${LINUXBREWGROUP}:rwX,o:rX /home/linuxbrew ExecStart=-setfacl -R -m g:${LINUXBREWGROUP}:rwX,o:rX /home/linuxbrew
User=root User=root
StandardOutput=journal StandardOutput=journal
StandardError=journal StandardError=journal

View File

@ -1,3 +1,3 @@
# Disables all swap. Very questionable. # Disables all swap. Very questionable.
[Service] [Service]
ExecStart=-/usr/sbin/swapoff -a ExecStart=-swapoff -a

View File

@ -1,3 +1,3 @@
#[Service] #[Service]
#ExecStart=-/usr/bin/systemctl enable --now syncthing@mikaela.service --quiet #ExecStart=-systemctl enable --now syncthing@mikaela.service --quiet
#ExecStart=-/usr/bin/systemctl enable --now syncthing@aminda.service --quiet #ExecStart=-systemctl enable --now syncthing@aminda.service --quiet

View File

@ -4,19 +4,20 @@ Description=Aminda's cronless tasks to do a bit after booting
[Service] [Service]
Type=oneshot Type=oneshot
TimeoutStartSec=infinity TimeoutStartSec=infinity
# Remember `systemd-path search-binaries-default`
# - means it can fail, without failing those after it # - means it can fail, without failing those after it
# Another attempt at ensuring Yggdrasil works with nordvpnd # Another attempt at ensuring Yggdrasil works with nordvpnd
ExecStartPre=-/usr/bin/systemctl enable --now aminda-nocron-reboot.service ExecStartPre=-systemctl enable --now aminda-nocron-reboot.service
ExecStartPre=-/usr/bin/systemctl enable --now aminda-nocron-reboot.timer ExecStartPre=-systemctl enable --now aminda-nocron-reboot.timer
ExecStartPre=-/usr/bin/systemctl enable --now monthly-btrfs-balance.timer ExecStartPre=-systemctl enable --now monthly-btrfs-balance.timer
ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0 ExecStartPre=-sysctl net.ipv6.conf.all.disable_ipv6=0
ExecStartPre=-/usr/bin/systemctl enable --now tlp ExecStartPre=-systemctl enable --now tlp
ExecStart=-/usr/bin/systemctl restart yggdrasil.service ExecStart=-systemctl restart yggdrasil.service
ExecStart=-/bin/firewall-cmd --reload ExecStart=-firewall-cmd --reload
# If they somehow managed to not start already # If they somehow managed to not start already
ExecStart=-/usr/bin/systemctl enable --now unbound.service ExecStart=-systemctl enable --now unbound.service
ExecStart=-/usr/bin/systemctl enable --now systemd-resolved.service ExecStart=-systemctl enable --now systemd-resolved.service
ExecStart=-/usr/sbin/tlp setcharge ExecStart=-tlp setcharge
User=root User=root
StandardOutput=journal StandardOutput=journal
StandardError=journal StandardError=journal

View File

@ -9,7 +9,7 @@ After=network.target mullvad-daemon.service
# Wait a minute before actually starting Chrony so Mullvad has surely had # Wait a minute before actually starting Chrony so Mullvad has surely had
# time to start and thus not fail at excluding (cannot set the cgroup, no # time to start and thus not fail at excluding (cannot set the cgroup, no
# such file or directory) # such file or directory)
#ExecStartPre=/usr/bin/sleep 60 #ExecStartPre=sleep 60
# Empty the main chrony.service ExecStart line so it can be overwritten # Empty the main chrony.service ExecStart line so it can be overwritten
ExecStart= ExecStart=
ExecStart=/usr/bin/mullvad-exclude /usr/sbin/chronyd $DAEMON_OPTS ExecStart=mullvad-exclude /usr/sbin/chronyd $DAEMON_OPTS

View File

@ -3,5 +3,6 @@ Description=install flatpak updates and uninstall unused flatpaks
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/flatpak update --assumeyes --noninteractive # Contained in `systemd-path search-binaries-default`
ExecStartPost=/usr/bin/flatpak uninstall --unused --assumeyes --noninteractive ExecStart=flatpak update --assumeyes --noninteractive
ExecStartPost=flatpak uninstall --unused --assumeyes --noninteractive

View File

@ -14,8 +14,8 @@ Wants=gpsd.service gpsd.socket
ExecStartPre=-/tmp/gps-share.sock ExecStartPre=-/tmp/gps-share.sock
# Creating a socket for geoclue to connect to # Creating a socket for geoclue to connect to
# Credit: @schnell at https://gitlab.freedesktop.org/geoclue/geoclue/-/issues/145#note_1772702 # Credit: @schnell at https://gitlab.freedesktop.org/geoclue/geoclue/-/issues/145#note_1772702
ExecStartPost=/bin/sh -c "(gpspipe --nmea | ( read; read; read; cat ) | ncat --verbose --keep-open --listen --unixsock /tmp/gps-share.sock&)" ExecStartPost=sh -c "(gpspipe --nmea | ( read; read; read; cat ) | ncat --verbose --keep-open --listen --unixsock /tmp/gps-share.sock&)"
# In case of clean shutdown, remove the socket for restart # In case of clean shutdown, remove the socket for restart
ExecStopPost=-/usr/bin/rm -vf /tmp/gps-share.sock ExecStopPost=-rm -vf /tmp/gps-share.sock
# vim: filetype=systemd # vim: filetype=systemd

View File

@ -3,4 +3,5 @@ Description=Gitea restarter
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/bin/systemctl restart gitea.service --quiet # Contained in `systemd-path search-binaries-default`
ExecStart=systemctl restart gitea.service --quiet

View File

@ -5,14 +5,14 @@ Type=exec
# In case the file exists, I can throw my own additional options there # In case the file exists, I can throw my own additional options there
EnvironmentFile=-/etc/gpsd.aminda.conf EnvironmentFile=-/etc/gpsd.aminda.conf
# Kernel module possibly required for USB GPS devices especially with Chrony? # Kernel module possibly required for USB GPS devices especially with Chrony?
ExecStartPre=-/usr/sbin/modprobe pps_ldisc ExecStartPre=-modprobe pps_ldisc
# Empty ExecStart= before the actual ExecStart= removes the original # Empty ExecStart= before the actual ExecStart= removes the original
# ExecStart= line # ExecStart= line
ExecStart= ExecStart=
# Maybe specify the GPS device in /etc/gpsd.aminda.conf instead? # Maybe specify the GPS device in /etc/gpsd.aminda.conf instead?
ExecStart=/usr/sbin/gpsd --readonly --nowait --foreground $AMINDAGPSD ExecStart=gpsd --readonly --nowait --foreground $AMINDAGPSD
# Missing from the original unit, will reconnect all GPS says man gpsd # Missing from the original unit, will reconnect all GPS says man gpsd
ExecReload=/usr/bin/killall -HUP gpsd ExecReload=killall -HUP gpsd
# Avoiding systemd considering the unit as failed. # Avoiding systemd considering the unit as failed.
Restart=always Restart=always
RestartSec=5s RestartSec=5s

View File

@ -5,6 +5,7 @@ Requires=mullvad-daemon.service
After=mullvad-daemon.service After=mullvad-daemon.service
[Service] [Service]
ExecStartPre=/usr/bin/sleep 30 # Contained in `systemd-path search-binaries-default`
ExecStartPre=sleep 30
ExecStart= ExecStart=
ExecStart=/usr/bin/mullvad-exclude /usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service ExecStart=mullvad-exclude i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service

View File

@ -3,7 +3,8 @@ Description=Matterbridge mediarepo cleanup for things older than a week
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=-/usr/bin/find /var/www/html/matterbridge -type f -cmin +10080 -delete # Contained in `systemd-path search-binaries-default`
ExecStart=-find /var/www/html/matterbridge -type f -cmin +10080 -delete
User=matterbridge User=matterbridge
StandardOutput=null StandardOutput=null
StandardError=null StandardError=null

View File

@ -3,4 +3,5 @@ Description=Matterbridge restarter
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/bin/systemctl restart matterbridge.service --quiet # Contained in `systemd-path search-binaries-default`
ExecStart=systemctl restart matterbridge.service --quiet

View File

@ -4,7 +4,8 @@ Description=Monthly BTRFS full balancing
[Service] [Service]
Type=oneshot Type=oneshot
TimeoutStartSec=infinity TimeoutStartSec=infinity
ExecStart=/usr/sbin/btrfs balance start --full-balance / # Contained in `systemd-path search-binaries-default`
ExecStart=btrfs balance start --full-balance /
User=root User=root
StandardOutput=journal StandardOutput=journal
StandardError=journal StandardError=journal

View File

@ -1,3 +1,4 @@
[Service] [Service]
ExecStart= ExecStart=
ExecStart=/usr/bin/qbittorrent-nox --webui-port=8081 # Contained in `systemd-path search-binaries-default`
ExecStart=qbittorrent-nox --webui-port=8081

View File

@ -7,7 +7,8 @@ After=network-online.target
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/reflector --protocol https --latest 30 --number 20 --sort rate --save /etc/pacman.d/mirrorlist # Contained in `systemd-path search-binaries-default`
ExecStart=reflector --protocol https --latest 30 --number 20 --sort rate --save /etc/pacman.d/mirrorlist
[Install] [Install]
RequiredBy=multi-user.target RequiredBy=multi-user.target

View File

@ -1,4 +1,4 @@
[Service] [Service]
ExecStart= ExecStart=
# Remember reflector --list-countries # Remember reflector --list-countries
ExecStart=/usr/bin/reflector --save /etc/pacman.d/mirrorlist --protocol https --country 'Finland,Sweden,Norway,Estonia,Germany' --latest 25 --sort rate ExecStart=reflector --save /etc/pacman.d/mirrorlist --protocol https --country 'Finland,Sweden,Norway,Estonia,Germany' --latest 25 --sort rate

View File

@ -3,4 +3,5 @@ Requires=firewalld.service
After=firewalld.service After=firewalld.service
[Service] [Service]
ExecStartPost=/usr/bin/firewall-cmd --add-protocol=ipv6-icmp # Contained in `systemd-path search-binaries-default`
ExecStartPost=firewall-cmd --add-protocol=ipv6-icmp

View File

@ -3,4 +3,5 @@ Requires=nordvpnd.service
After=nordvpnd.service After=nordvpnd.service
[Service] [Service]
ExecStartPre=/usr/bin/nordvpn connect p2p # Contained in `systemd-path search-binaries-default`
ExecStartPre=nordvpn connect p2p

View File

@ -4,7 +4,8 @@ Description=Read /etc/sysctl.conf and /etc/sysctl.d/
[Service] [Service]
Type=oneshot Type=oneshot
TimeoutStartSec=infinity TimeoutStartSec=infinity
ExecStart=-/usr/sbin/sysctl -p --system # Contained in `systemd-path search-binaries-default`
ExecStart=-sysctl -p --system
User=root User=root
StandardOutput=journal StandardOutput=journal
StandardError=journal StandardError=journal

View File

@ -3,8 +3,9 @@ Description=Tor client
After=network.target After=network.target
[Service] [Service]
ExecStart=/usr/bin/tor -f /etc/tor/torrc-client # Contained in `systemd-path search-binaries-default`
ExecReload=/bin/kill -HUP $MAINPID ExecStart=tor -f /etc/tor/torrc-client
ExecReload=kill -HUP $MAINPID
Restart=always Restart=always
User=debian-tor User=debian-tor

View File

@ -3,8 +3,9 @@ Description=Tor one hop onion service host
After=network.target After=network.target
[Service] [Service]
ExecStart=/usr/bin/tor -f /etc/tor/torrc-onehoponion # Contained in `systemd-path search-binaries-default`
ExecReload=/bin/kill -HUP $MAINPID ExecStart=tor -f /etc/tor/torrc-onehoponion
ExecReload=kill -HUP $MAINPID
Restart=always Restart=always
User=debian-tor User=debian-tor

View File

@ -9,7 +9,8 @@ After=network.target mullvad-daemon.service
# Wait a ~minute before actually starting Yggdrasil so Mullvad has surely had # Wait a ~minute before actually starting Yggdrasil so Mullvad has surely had
# time to start and thus not fail at excluding (cannot set the cgroup, no # time to start and thus not fail at excluding (cannot set the cgroup, no
# such file or directory) # such file or directory)
#ExecStartPre=/usr/bin/sleep 45 #ExecStartPre=sleep 45
# Empty the main yggdrasil.service ExecStart line so it can be overwritten # Empty the main yggdrasil.service ExecStart line so it can be overwritten
ExecStart= ExecStart=
ExecStart=/usr/bin/mullvad-exclude /usr/bin/yggdrasil -useconffile /etc/yggdrasil.conf # Contained in `systemd-path search-binaries-default`
ExecStart=mullvad-exclude yggdrasil -useconffile /etc/yggdrasil.conf