systemd/socketd.d: fix dualstack binds for sshd & oidentd

etc/systemd/system/aminda-nocron-reboot.service

@@ -55,8 +55,9 @@ ExecStart=-firewall-cmd --permanent --add-port=6771/udp --zone=home
 #ExecStart=-/root/fixcontroller.py
 # This is actually in the delayed variant of this service, but anyway
 ExecStart=-systemctl enable --now yggdrasil.service
-ExecStart=-systemctl enable --now ssh.service
-ExecStart=-systemctl enable --now sshd.service
+ExecStart=-systemctl enable --now avahi-daemon.socket
+ExecStart=-systemctl enable --now ssh.socket
+ExecStart=-systemctl enable --now sshd.socket
 ExecStart=-systemctl enable --now sshguard.service
 ExecStart=-systemctl enable --now unbound.service
 ExecStart=-systemctl enable --now chrony.service

etc/systemd/system/oidentd.socket.d/dualstack-bind.conf

@@ -0,0 +1 @@
+../socket.d/dualstack-bind.conf

etc/systemd/system/ssh.socket.d/dualstack-bind.conf

@@ -0,0 +1 @@
+../socket.d/dualstack-bind.conf

etc/systemd/system/sshd.socket.d/dualstack-bind.conf

@@ -0,0 +1 @@
+../socket.d/dualstack-bind.conf

etc/systemd/system/tlp-masker.bash

@@ -10,11 +10,11 @@ systemctl enable tlp.service
 
 # Stop the services if they are running
 systemctl disable --quiet --now power-profiles-daemon.service
-systemctl disable --quiet --now systemd-rfkill.service
+systemctl disable --quiet --now systemd-rfkill.{service,socket}
 
 # Actual masking
 systemctl mask power-profiles-daemon.service
-systemctl mask systemd-rfkill.service systemd-rfkill.socket
+systemctl mask systemd-rfkill.service systemd-rfkill.{service,socket}
 
 # In case this script is ran multiple times in succession like when I did
 # when writing it

install

@@ -170,18 +170,23 @@ if [ "$(id -u)" == "0" ]; then
 	cp -v etc/systemd/system/app.slice.d/90-cpuquota.conf /etc/systemd/system/app.slice.d/90-cpuquota.conf
 	mkdir -vp /etc/systemd/{coredump,login,oomd,journald,resolved,system,timesyncd}.conf.d/
 	cp -v etc/systemd/oomd.conf.d/20-oomd.conf /etc/systemd/oomd.conf.d/20-oomd.conf
-	mkdir -vp /etc/systemd/system/{ssh,sshd,sshguard,systemd-resolved,systemd-networkd,NetworkManager,iwd,unbound,tor,yggdrasil}.service.d/
+	mkdir -vp /etc/systemd/system/{ssh,sshd,sshguard,systemd-resolved,systemd-networkd,NetworkManager,iwd,unbound,tor,oidentd,yggdrasil}.service.d/
+	mkdir -vp /etc/systemd/system/{ssh,sshd,oidentd}.socket.d/
 	# SECURITY WARNING!
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/ssh.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/sshd.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/sshguard.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/systemd-resolved.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/systemd-networkd.service.d/
+	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/oidentd.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/NetworkManager.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/iwd.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/unbound.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/tor.service.d/
 	cp -v etc/systemd/system/service.d/never-fail.conf /etc/systemd/system/yggdrasil.service.d/
+	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/ssh.socket.d/
+	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/sshd.socket.d/
+	cp -v etc/systemd/system/socket.d/dualstack-bind.conf /etc/systemd/system/oidentd.socket.d/
 
 	if hash systemctl 2> /dev/null; then
 		systemctl daemon-reload

submodules/jauderho-nts-servers

@@ -1 +1 @@
-Subproject commit a922f0df842463d348a0852a26532bb644bf066c
+Subproject commit 4760a430407901a2d83c1a5ee61ed86ac04ab6dd