70 lines
4.9 KiB
Bash
70 lines
4.9 KiB
Bash
#!/bin/bash
|
|
# ╔══════════════════════════════════════════════════════════════════════════════╗
|
|
# ║ setup/modules/core.sh — Core system services enablement ║
|
|
# ║ ║
|
|
# ║ PURPOSE: ║
|
|
# ║ Enables the essential systemd services that every installation needs. ║
|
|
# ║ Also deploys the greetd login manager config from the dotfiles repo. ║
|
|
# ║ ║
|
|
# ║ WHEN TO RUN: ║
|
|
# ║ After core-packages.sh — the services must be installed before they can ║
|
|
# ║ be enabled. Called "svc" in the TUI installer's component checklist. ║
|
|
# ║ ║
|
|
# ║ SERVICES ENABLED: ║
|
|
# ║ - NetworkManager: manages wired/wireless network connections ║
|
|
# ║ - cronie: cron daemon for scheduled tasks ║
|
|
# ║ - greetd: minimal display/login manager (uses tuigreet TUI) ║
|
|
# ║ - fail2ban: bans IPs after repeated failed SSH/auth attempts ║
|
|
# ║ - udisks2: auto-mounts USB drives and other removable media ║
|
|
# ╚══════════════════════════════════════════════════════════════════════════════╝
|
|
|
|
set -euo pipefail
|
|
# -e: exit immediately on any error (service enable failures abort the script)
|
|
# -u: treat unset variables as errors
|
|
# -o pipefail: fail if any pipe stage fails
|
|
|
|
# Load shared logging helpers (log, skip, warn, err functions)
|
|
source "$(dirname "${BASH_SOURCE[0]}")/lib/logging.sh"
|
|
|
|
# ── NetworkManager ─────────────────────────────────────────────────────────────
|
|
# WHY: Arch ships with no network daemon enabled by default. NetworkManager is
|
|
# the most user-friendly option — handles DHCP, WiFi, VPN, and has applets.
|
|
# NOTE: systemctl enable only marks it to start at boot; it doesn't start it now.
|
|
log "Enabling NetworkManager..."
|
|
sudo systemctl enable NetworkManager.service
|
|
|
|
# ── cronie ────────────────────────────────────────────────────────────────────
|
|
# WHY: Provides the system cron daemon. Some tools (backups, vnstat stats,
|
|
# fail2ban cleanup) rely on cron jobs. Arch does not enable it by default.
|
|
log "Enabling cronie..."
|
|
sudo systemctl enable cronie.service
|
|
|
|
# ── greetd / tuigreet ─────────────────────────────────────────────────────────
|
|
# WHY: greetd is a minimal, standards-compliant display manager (login screen).
|
|
# We use the tuigreet greeter which is a TUI (text-mode, no GPU needed).
|
|
# It's lighter than GDM/SDDM and works well on TTY in Wayland setups.
|
|
#
|
|
# HOW: Copy our pre-configured config.toml from the dotfiles repo into /etc/greetd/
|
|
# then enable the service. The config.toml specifies which greeter to run
|
|
# and optionally auto-login settings.
|
|
# -f flag forces overwrite of any existing config.
|
|
log "Deploying greetd config..."
|
|
sudo cp -f ~/Dotfiles/desktopenvs/hyprland/greetd-tuigreet/config.toml /etc/greetd/config.toml
|
|
sudo systemctl enable greetd.service
|
|
|
|
# ── fail2ban ──────────────────────────────────────────────────────────────────
|
|
# WHY: Protects against brute-force attacks by monitoring log files and
|
|
# temporarily banning IPs that show malicious signs (too many failed logins).
|
|
# Important on any machine with SSH open to the network.
|
|
log "Enabling fail2ban..."
|
|
sudo systemctl enable fail2ban.service
|
|
|
|
# ── udisks2 ───────────────────────────────────────────────────────────────────
|
|
# WHY: udisks2 provides automatic mounting of USB drives and other removable
|
|
# media via D-Bus. Required by file managers (Thunar, pcmanfm) and desktop
|
|
# utilities that want to offer "Open when inserted" functionality.
|
|
log "Enabling udisks2..."
|
|
sudo systemctl enable udisks2.service
|
|
|
|
log "Core services enabled."
|