Compare commits
2 Commits
89c3a9261e
...
d5c1b8a155
| Author | SHA1 | Date | |
|---|---|---|---|
| d5c1b8a155 | |||
| 8aaf7cae5b |
@ -21,6 +21,8 @@ jobs:
|
||||
echo "$PKGVER" > /tmp/pkgver
|
||||
|
||||
- name: Update PKGBUILD
|
||||
env:
|
||||
PKGBUILD_TOKEN: ${{ secrets.PKGBUILD_TOKEN }}
|
||||
run: |
|
||||
PKGVER=$(cat /tmp/pkgver)
|
||||
git clone https://gitea.moonarch.de/nevaforget/moonarch-pkgbuilds.git pkgbuilds
|
||||
@ -39,4 +41,12 @@ jobs:
|
||||
git config user.email "gitea@moonarch.de"
|
||||
git add moonarch-git/PKGBUILD
|
||||
git commit -m "chore(moonarch-git): bump pkgver to $PKGVER"
|
||||
git -c http.extraHeader="Authorization: token ${{ secrets.PKGBUILD_TOKEN }}" push
|
||||
|
||||
# Push via credential helper with a chmod 600 temp file, so the token
|
||||
# never appears in /proc/PID/cmdline (as it would with `git -c
|
||||
# http.extraHeader=...`).
|
||||
CRED_FILE=$(mktemp)
|
||||
chmod 600 "$CRED_FILE"
|
||||
trap 'rm -f "$CRED_FILE"' EXIT
|
||||
printf "https://pkgver-bot:%s@gitea.moonarch.de\n" "$PKGBUILD_TOKEN" > "$CRED_FILE"
|
||||
git -c credential.helper="store --file=$CRED_FILE" push
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
FROM archlinux:base-devel
|
||||
RUN pacman -Sy --noconfirm git curl && pacman -Scc --noconfirm
|
||||
RUN useradd -m builder && echo "builder ALL=(ALL) NOPASSWD: /usr/bin/pacman -Sy *, /usr/bin/pacman -S --needed *" >> /etc/sudoers
|
||||
RUN useradd -m builder && echo "builder ALL=(ALL) NOPASSWD: /usr/bin/pacman -S --needed *" >> /etc/sudoers
|
||||
ADD https://gitea.com/gitea/act_runner/releases/download/v0.3.1/act_runner-0.3.1-linux-amd64 /usr/local/bin/act_runner
|
||||
RUN echo "a05b2103a7cc5617197da214eaa06a1055362f21f9f475eb7fbacb8344d86cf8 /usr/local/bin/act_runner" | sha256sum -c - \
|
||||
&& chmod +x /usr/local/bin/act_runner
|
||||
COPY --from=gitea/act_runner:latest /usr/local/bin/run.sh /usr/local/bin/run.sh
|
||||
COPY --from=gitea/act_runner:0.3.1 /usr/local/bin/run.sh /usr/local/bin/run.sh
|
||||
RUN mkdir -p /data && chown builder:builder /data
|
||||
USER builder
|
||||
ENV HOME=/home/builder
|
||||
|
||||
@ -5,7 +5,11 @@
|
||||
# choose audio sink via rofi
|
||||
# changes default sink and moves all streams to that sink
|
||||
|
||||
sink=$(pactl list sinks short | awk '{print $1, $2}' | walker -d -p " Sink Switcher" | awk '{print $1}') &&
|
||||
sink=$(pactl list sinks short | awk '{print $1, $2}' | walker -d -p " Sink Switcher" | awk '{print $1}')
|
||||
|
||||
# Walker cancel returns empty — awk masks its non-zero exit. Guard here so we
|
||||
# don't call `pactl set-default-sink ""` on dismissal.
|
||||
[[ -n "$sink" ]] || exit 0
|
||||
|
||||
pactl set-default-sink "$sink" &&
|
||||
for input in $(pactl list sink-inputs short | awk '{print $1}'); do
|
||||
|
||||
@ -39,13 +39,13 @@ function extract_connection_name() {
|
||||
# Requires nm-applet (or another NM secret agent) for interactive auth.
|
||||
function connect_vpn() {
|
||||
local connection="$1"
|
||||
nmcli connection up "$connection"
|
||||
nmcli connection up -- "$connection"
|
||||
}
|
||||
|
||||
# Disconnect a VPN.
|
||||
function disconnect_vpn() {
|
||||
local connection="$1"
|
||||
nmcli connection down "$connection"
|
||||
nmcli connection down -- "$connection"
|
||||
}
|
||||
|
||||
# Toggle the VPN connection based on its current state.
|
||||
|
||||
@ -51,7 +51,9 @@ if [[ -f "$USERCONFIG" ]]; then
|
||||
if [[ ! -f "$OUTPUT" ]] ||
|
||||
[[ "$USERCONFIG" -nt "$OUTPUT" ]] ||
|
||||
[[ "$SYSTEM_CONFIG" -nt "$OUTPUT" ]]; then
|
||||
merge_config
|
||||
# On merge failure the previous $OUTPUT is stale — remove it so waybar
|
||||
# falls back to XDG's system config instead of running with stale merged data.
|
||||
merge_config || rm -f "$OUTPUT"
|
||||
fi
|
||||
bootstrap_style
|
||||
fi
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
# ABOUTME: Waybar-Modul das den CPU-Governor als JSON ausgibt.
|
||||
# ABOUTME: Wird von der Waybar custom/cpugov Config referenziert.
|
||||
|
||||
CPU_GOV=$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor)
|
||||
CPU_GOV=$(cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_governor 2>/dev/null)
|
||||
|
||||
case $CPU_GOV in
|
||||
performance)
|
||||
|
||||
@ -9,7 +9,19 @@ ConditionPathExists=/var/lib/moonarch/batsaver-threshold
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -c 'cat /var/lib/moonarch/batsaver-threshold > /sys/class/power_supply/BAT0/charge_control_end_threshold'
|
||||
# Validate the threshold (integer 1–100) before writing. The state file is
|
||||
# written by wheel-group users via moonarch-batsaver-toggle; the kernel rejects
|
||||
# non-numeric values on sysfs, but validating here prevents noise on boot and
|
||||
# makes the trust boundary explicit.
|
||||
ExecStart=/bin/sh -c 'V=$(cat /var/lib/moonarch/batsaver-threshold); case "$V" in ""|*[!0-9]*) exit 0;; esac; [ "$V" -ge 1 ] && [ "$V" -le 100 ] && printf %s "$V" > /sys/class/power_supply/BAT0/charge_control_end_threshold'
|
||||
NoNewPrivileges=true
|
||||
ProtectHome=true
|
||||
PrivateTmp=true
|
||||
ProtectKernelModules=true
|
||||
ProtectControlGroups=true
|
||||
RestrictNamespaces=true
|
||||
RestrictRealtime=true
|
||||
LockPersonality=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
@ -30,26 +30,25 @@ add-zsh-hook preexec _preexec_title
|
||||
|
||||
# --- Prompt (Catppuccin Mocha) ---
|
||||
parse_git_branch() {
|
||||
local branch=""
|
||||
branch=$(git branch 2> /dev/null | sed -e '/^[^*]/d' -e 's/* \(.*\)/\1/')
|
||||
local git_status=$(git status --porcelain 2>/dev/null)
|
||||
local color=green
|
||||
if echo "$git_status" | grep -q "^ M"; then
|
||||
color=yellow
|
||||
branch="${branch}*"
|
||||
# Gate on cheap check first — spawning git in every non-repo directory on every
|
||||
# prompt render costs 20-80ms per prompt. Pattern-match the status output with
|
||||
# zsh glob matching instead of piping to grep for three subshell-spawning checks.
|
||||
git rev-parse --git-dir &>/dev/null || return
|
||||
local branch="" git_status="" color=green flags=""
|
||||
branch=$(git symbolic-ref --short HEAD 2>/dev/null || git rev-parse --short HEAD 2>/dev/null)
|
||||
git_status=$(git status --porcelain 2>/dev/null)
|
||||
if [[ "$git_status" == *$'\n M '* || "$git_status" == " M "* || "$git_status" == *$'\nM'* ]]; then
|
||||
color=yellow; flags+="*"
|
||||
fi
|
||||
if echo "$git_status" | grep -qE "^ A|^\?\?"; then
|
||||
color=yellow
|
||||
branch="${branch}+"
|
||||
if [[ "$git_status" == *$'\nA '* || "$git_status" == "A "* || "$git_status" == *'??'* ]]; then
|
||||
color=yellow; flags+="+"
|
||||
fi
|
||||
if echo "$git_status" | grep -q "^ D"; then
|
||||
color=yellow
|
||||
branch="${branch}-"
|
||||
if [[ "$git_status" == *$'\n D '* || "$git_status" == " D "* ]]; then
|
||||
color=yellow; flags+="-"
|
||||
fi
|
||||
if [[ -n "$branch" ]]; then
|
||||
branch=[%F{${color}}${branch}%F{reset}]
|
||||
echo " [%F{${color}}${branch}${flags}%F{reset}]"
|
||||
fi
|
||||
echo " $branch"
|
||||
}
|
||||
|
||||
precmd() {
|
||||
|
||||
@ -319,7 +319,7 @@
|
||||
"custom/gpu-usage": {
|
||||
"exec": "moonarch-waybar-gpustat",
|
||||
"return-type": "json",
|
||||
"restart-interval": 10
|
||||
"interval": 60
|
||||
},
|
||||
"battery": {
|
||||
"bat": "BAT0",
|
||||
|
||||
@ -109,8 +109,11 @@ section "Packages"
|
||||
OFFICIAL="/usr/share/moonarch/official.txt"
|
||||
AUR="/usr/share/moonarch/aur.txt"
|
||||
|
||||
# Hoist INSTALLED so the AUR block below can use it even if OFFICIAL is absent —
|
||||
# otherwise `set -u` aborts the script when $INSTALLED is referenced unset.
|
||||
INSTALLED=$(pacman -Qq 2>/dev/null)
|
||||
|
||||
if [[ -f "$OFFICIAL" ]]; then
|
||||
INSTALLED=$(pacman -Qq 2>/dev/null)
|
||||
MISSING_OFFICIAL=()
|
||||
while IFS= read -r pkg; do
|
||||
[[ "$pkg" =~ ^[[:space:]]*# ]] && continue
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user