aminda-nocron: ensure firewall allows ssh etc.

etc/systemd/system/aminda-nocron-reboot.service

@@ -15,12 +15,21 @@ ExecStartPre=-/usr/bin/systemctl start firewalld.service
 # https://github.com/systemd/zram-generator
 #ExecStart=-/usr/bin/systemctl start /dev/zram0
 ExecStart=-/usr/bin/systemctl enable --now systemd-zram-setup@zram0.service
-# Ensure we really allow ICMPv6 on FEDORA (or firewalld)
+# Ensure we really allow ICMPv6 on FEDORA (or firewalld). Also other essential services.
 ExecStart=-/usr/bin/firewall-cmd --add-protocol=ipv6-icmp
+ExecStart=-/usr/bin/firewall-cmd --add-service=ssh --permanent
+ExecStart=-/usr/bin/firewall-cmd --add-service=mosh --permanent
+ExecStart=-/usr/bin/firewall-cmd --add-service=ntp --permanent
+ExecStart=-/usr/bin/firewall-cmd --add-service=syncthing --permanent
+ExecStart=-/usr/bin/firewall-cmd --add-service=mdns --permanent
+ExecStart=-/usr/bin/firewall-cmd --add-service=kdeconnect --permanent
+ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=9001/udp
+ExecStart=-/usr/bin/firewall-cmd --permanent --add-port=6771/udp
 # 3rd party Xbox controller initialization. See Mikaela/gist/gayming/
 #ExecStart=-/root/fixcontroller.py
 # This is actually in the delayed variant of this service, but anyway
-ExecStart=-/usr/bin/systemctl start yggdrasil.service
+ExecStart=-/usr/bin/systemctl enable --now yggdrasil.service
+ExecStart=-/usr/bin/systemctl enable --now sshguard.service
 User=root
 StandardOutput=journal
 StandardError=journal

etc/systemd/system/aminda-nocron-rebootish.service

@@ -8,6 +8,7 @@ TimeoutStartSec=infinity
 # Another attempt at ensuring Yggdrasil works with nordvpnd
 ExecStartPre=-/usr/sbin/sysctl net.ipv6.conf.all.disable_ipv6=0
 ExecStart=-/usr/bin/systemctl restart yggdrasil.service
+ExecStart=-/bin/firewall-cmd --reload
 # If they somehow managed to not start already
 ExecStart=-/usr/bin/systemctl enable --now unbound.service
 ExecStart=-/usr/bin/systemctl enable --now systemd-resolved.service