[Unit] Description=Aminda's cronless boot tasks Wants=sysctl-p--system.service [Service] Type=oneshot TimeoutStartSec=infinity Environment=LINUXBREWUSER=root Environment=LINUXBREWGROUP=wheel # Remember `systemd-path search-binaries-default` ExecStartPre=-echo 1 > /sys/devices/system/cpu/microcode/reload # - means it can fail, without failing those after it. # These aren't given --now as THEY WOULD INFINITE LOOP. ExecStartPre=-systemctl enable aminda-nocron-rebootish.service ExecStartPre=-systemctl enable aminda-nocron-rebootish.timer ExecStartPre=-systemctl enable --now unbound.service ExecStartPre=-systemctl enable --now systemd-resolved.service ExecStartPre=-sysctl net.ipv6.conf.all.disable_ipv6=0 # These services are called here, so ExecStartPre=-systemctl start firewalld.service # https://github.com/systemd/zram-generator #ExecStart=-systemctl start /dev/zram0 ExecStart=-systemctl enable --now systemd-zram-setup@zram0.service # Ensure we really allow ICMPv6 on FEDORA (or firewalld). Also other essential services. ExecStart=-firewall-cmd --add-protocol=ipv6-icmp ExecStart=-firewall-cmd --add-protocol=ipv6-icmp --zone=home ExecStart=-firewall-cmd --add-service=ssh --permanent ExecStart=-firewall-cmd --add-service=ssh --permanent --zone=home ExecStart=-firewall-cmd --add-service=mosh --permanent ExecStart=-firewall-cmd --add-service=mosh --permanent --zone=home ExecStart=-firewall-cmd --add-service=ntp --permanent ExecStart=-firewall-cmd --add-service=ntp --permanent --zone=home ExecStart=-firewall-cmd --add-service=syncthing --permanent ExecStart=-firewall-cmd --add-service=syncthing --permanent --zone=home ExecStart=-firewall-cmd --add-service=mdns --permanent ExecStart=-firewall-cmd --add-service=mdns --permanent --zone=home ExecStart=-firewall-cmd --add-service=kdeconnect --permanent ExecStart=-firewall-cmd --add-service=kdeconnect --permanent --zone=home ExecStart=-firewall-cmd --permanent --add-port=9001/udp ExecStart=-firewall-cmd --permanent --add-port=9001/udp --zone=home ExecStart=-firewall-cmd --permanent --add-port=6771/udp ExecStart=-firewall-cmd --permanent --add-port=6771/udp --zone=home # 3rd party Xbox controller initialization. See Mikaela/gist/gayming/ #ExecStart=-/root/fixcontroller.py # This is actually in the delayed variant of this service, but anyway ExecStart=-systemctl enable --now yggdrasil.service ExecStart=-systemctl enable --now ssh.service ExecStart=-systemctl enable --now sshd.service ExecStart=-systemctl enable --now sshguard.service ExecStart=-systemctl enable --now unbound.service ExecStart=-systemctl enable --now chrony.service ExecStart=-systemctl enable --now chronyd.service ExecStart=-systemctl enable --now systemd-oomd.service systemd-oomd.socket ExecStart=-chown -R ${LINUXBREWUSER}:${LINUXBREWGROUP} /home/linuxbrew -R ExecStart=-chmod -R u+rw,g+rw,o+r /home/linuxbrew ExecStart=-setfacl -R -m g:${LINUXBREWGROUP}:rwX,o:rX /home/linuxbrew User=root StandardOutput=journal StandardError=journal [Install] WantedBy=multi-user.target