updated styling and installation steps

scripts/01-cosmic-setup.sh

@@ -1,4 +1,26 @@
 #!/bin/bash
 set -e
 
+MOUNT_POINT="/mnt"
+
 echo "Setting up Cosmic Desktop..."
+
+echo "Configuring display manager..."
+systemctl enable cosmic-greeter
+
+echo "Installing additional Cosmic components..."
+pacman -S --noconfirm --needed \
+    cosmic-files \
+    cosmic-edit \
+    cosmic-term \
+    cosmic-store \
+    cosmic-settings
+
+echo "Setting up user environment..."
+if [ -n "$SUDO_USER" ]; then
+    USER_HOME="/home/$SUDO_USER"
+    mkdir -p "$USER_HOME/.config"
+    chown -R "$SUDO_USER:$SUDO_USER" "$USER_HOME/.config"
+fi
+
+echo "Cosmic Desktop setup complete!"

scripts/02-hardening.sh

@@ -2,3 +2,36 @@
 set -e
 
 echo "Applying system hardening..."
+
+echo "Configuring kernel parameters..."
+cat > /etc/sysctl.d/99-hardening.conf << 'EOF'
+kernel.dmesg_restrict = 1
+kernel.kptr_restrict = 2
+kernel.unprivileged_bpf_disabled = 1
+net.core.bpf_jit_harden = 2
+kernel.yama.ptrace_scope = 2
+net.ipv4.conf.all.rp_filter = 1
+net.ipv4.conf.default.rp_filter = 1
+net.ipv4.conf.all.accept_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
+net.ipv4.conf.all.send_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
+net.ipv4.icmp_echo_ignore_all = 1
+EOF
+
+echo "Configuring firewall..."
+pacman -S --noconfirm --needed ufw
+systemctl enable ufw
+ufw default deny incoming
+ufw default allow outgoing
+ufw enable
+
+echo "Setting secure umask..."
+echo "umask 077" >> /etc/profile
+
+echo "Disabling core dumps..."
+echo "* hard core 0" >> /etc/security/limits.conf
+
+echo "System hardening complete!"