Some system config changes

- startwl: move `chmod` out of if statement (ensure $XDG_RUNTIME_DIR
  properly has 0700 permission)
- doas: add Void specified config
- nftables: add note for future changes to block rules
- grub: disable submenu

home/.local/bin/startwl

@@ -6,13 +6,10 @@
 # Flatpak apps will not work because of hardcoded /run/user/$UID
 if [ -z "${XDG_RUNTIME_DIR}" ]
 then
-	userid=$(id -u ${USER})
-	export XDG_RUNTIME_DIR="$(mktemp -d /tmp/${userid}-runtime-XXXXXX)"
-	if [ ! -d "${XDG_RUNTIME_DIR}" ]
-	then
-		mkdir -p "${XDG_RUNTIME_DIR}"
-		chmod 0700 "${XDG_RUNTIME_DIR}"
-	fi
+    userid=$(id -u ${USER})
+    export XDG_RUNTIME_DIR="$(mktemp -d /tmp/${userid}-runtime-XXXXXX)"
+    [ ! -d "${XDG_RUNTIME_DIR}" ] && mkdir -p "${XDG_RUNTIME_DIR}"
+    chmod 0700 "${XDG_RUNTIME_DIR}"
 fi
 
 # Valid values: seatd, logind

system/etc/default/grub

@@ -23,6 +23,7 @@ GRUB_COLOR_NORMAL="white/black"
 GRUB_COLOR_HIGHLIGHT="black/white"
 #GRUB_DISABLE_OS_PROBER=true
 GRUB_ENABLE_CRYPTODISK=y
+GRUB_DISABLE_SUBMENU=y
 
 # To generate new font:
 # grub-mkfont -s 24 -o /boot/grub/fonts/hack.pf2 ~/Hack-Regular.ttf

system/etc/doas.conf

@@ -1 +1,6 @@
-permit persist :wheel as root
+# Void specified
+permit persist setenv { SVDIR=/var/service LANG=$LANG } :wheel as root
+permit nopass :wheel cmd reboot
+permit nopass :wheel cmd poweroff
+permit nopass :wheel cmd zzz
+permit nopass :wheel cmd vsv args

system/etc/nftables.conf

@@ -22,6 +22,8 @@
 
 # --------------------------------------------------------------------------------- #
 
+# TODO: move block rules to mangle for faster blocking time (perfomance)
+
 flush ruleset
 
 # TCP ports to accept (both IPv4 and IPv6)