aboutsummaryrefslogtreecommitdiff
path: root/dot_config/systemd
diff options
context:
space:
mode:
authorRyan Kavanagh <rak@rak.ac>2024-09-08 12:18:34 -0400
committerRyan Kavanagh <rak@rak.ac>2024-09-08 12:18:34 -0400
commit174a841d7e4ec0fd31c98422bc49ebe45071ff65 (patch)
tree007cf977bedb2924645009031822378ea02ca828 /dot_config/systemd
parentmake default neomutt printer pdf (diff)
parentfix thread sorting neomutt (diff)
Merge remote-tracking branch 'refs/remotes/origin/master'
Diffstat (limited to '')
-rw-r--r--dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service1
-rw-r--r--dot_config/systemd/user/hourly@.timer10
-rw-r--r--dot_config/systemd/user/swaybg-random.service12
-rw-r--r--dot_config/systemd/user/tmpreaper@.service38
-rw-r--r--dot_config/systemd/user/tmpreaper@.timer11
5 files changed, 72 insertions, 0 deletions
diff --git a/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
new file mode 100644
index 0000000..2ebb1f9
--- /dev/null
+++ b/dot_config/systemd/user/default.target.wants/symlink_swaybg-random.service
@@ -0,0 +1 @@
+/home/rak/.config/systemd/user/swaybg-random.service
diff --git a/dot_config/systemd/user/hourly@.timer b/dot_config/systemd/user/hourly@.timer
new file mode 100644
index 0000000..0b3a0db
--- /dev/null
+++ b/dot_config/systemd/user/hourly@.timer
@@ -0,0 +1,10 @@
+[Unit]
+Description=Hourly Timer for %i service
+
+[Timer]
+OnCalendar=*-*-* *:00:00
+Persistent=true
+Unit=%i.service
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/swaybg-random.service b/dot_config/systemd/user/swaybg-random.service
new file mode 100644
index 0000000..37cd49d
--- /dev/null
+++ b/dot_config/systemd/user/swaybg-random.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=randomize background
+
+[Service]
+Type=exec
+Restart=always
+RuntimeMaxSec=1h
+
+ExecStart=/home/rak/bin/swaybg-random
+
+[Install]
+WantedBy=default.target
diff --git a/dot_config/systemd/user/tmpreaper@.service b/dot_config/systemd/user/tmpreaper@.service
new file mode 100644
index 0000000..200dd69
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.service
@@ -0,0 +1,38 @@
+[Unit]
+Description=tmpreaper cleanup
+
+[Service]
+Type=oneshot
+LockPersonality=true
+MemoryDenyWriteExecute=yes
+NoNewPrivileges=yes
+ProtectControlGroups=yes
+ProtectHostname=yes
+RestrictAddressFamilies=
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+# To restrict write access further, change "ProtectSystem" to "strict" and uncomment
+# "ReadWritePaths", "ReadOnlyPaths", "ProtectHome", and "BindPaths". Then add any local repository
+# paths to the list of "ReadWritePaths" and local backup source paths to "ReadOnlyPaths". This
+# leaves most of the filesystem read-only to borgmatic.
+ProtectSystem=strict
+ReadWritePaths=%I
+
+# Lower CPU and I/O priority.
+Nice=19
+CPUSchedulingPolicy=batch
+IOSchedulingClass=best-effort
+IOSchedulingPriority=7
+IOWeight=100
+
+Restart=no
+LogRateLimitIntervalSec=0
+
+# Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and
+# dbus-user-session to be installed.
+#ExecStartPre=sleep 1m
+ExecStart=/usr/sbin/tmpreaper --test --mtime-dir 60d %I
diff --git a/dot_config/systemd/user/tmpreaper@.timer b/dot_config/systemd/user/tmpreaper@.timer
new file mode 100644
index 0000000..a1968c7
--- /dev/null
+++ b/dot_config/systemd/user/tmpreaper@.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run tmpreaper daily
+
+[Timer]
+OnCalendar=daily
+RandomizedDelaySec=1h
+AccuracySec=3h
+Persistent=true
+
+[Install]
+WantedBy=timers.target