nix fmt

2023-03-21 13:38:22 +01:00 · 2023-03-21 13:38:22 +01:00 · 6befc79c8e
commit 6befc79c8e
parent 0777ef46aa
14 changed files with 189 additions and 198 deletions
--- a/nix/os/containers/syncthing.nix
+++ b/nix/os/containers/syncthing.nix
@ -1,31 +1,31 @@
-{ hostAddress
-, localAddress
-, syncthingPort ? 22000
-, syncthingLocalAnnouncePort ? 21027
-, autoStart ? false
-,
+{
+  hostAddress,
+  localAddress,
+  syncthingPort ? 22000,
+  syncthingLocalAnnouncePort ? 21027,
+  autoStart ? false,
 }: {
-  config =
-    { config
-    , pkgs
-    , ...
-    }: {
-      system.stateVersion = "20.05"; # Did you read the comment?
+  config = {
+    config,
+    pkgs,
+    ...
+  }: {
+    system.stateVersion = "20.05"; # Did you read the comment?

-      imports = [ ../profiles/containers/configuration.nix ];
+    imports = [../profiles/containers/configuration.nix];

-      networking.firewall.enable = true;
-      networking.firewall.allowedTCPPorts = [
-        # syncthing gui
-        8384
-      ];
+    networking.firewall.enable = true;
+    networking.firewall.allowedTCPPorts = [
+      # syncthing gui
+      8384
+    ];

-      services.syncthing = {
-        enable = true;
-        openDefaultPorts = true;
-        guiAddress = "0.0.0.0:8384";
-      };
+    services.syncthing = {
+      enable = true;
+      openDefaultPorts = true;
+      guiAddress = "0.0.0.0:8384";
    };
+  };

  inherit autoStart;

@ -36,7 +36,7 @@
    };
  };

-  extraFlags = [ "--resolv-conf=bind-host" ];
+  extraFlags = ["--resolv-conf=bind-host"];

  privateNetwork = true;
  forwardPorts = [
--- a/nix/os/containers/webserver.nix
+++ b/nix/os/containers/webserver.nix
@ -1,96 +1,94 @@
-{ hostAddress
-, localAddress
-, httpPort ? 80
-, httpsPort ? 443
-, autoStart ? false
-,
-}:
-let
-  passwords = import ../../variables/passwords.crypt.nix;
-in
 {
-  config =
-    { config
-    , pkgs
-    , lib
-    , ...
-    }: {
-      system.stateVersion = "22.05"; # Did you read the comment?
+  hostAddress,
+  localAddress,
+  httpPort ? 80,
+  httpsPort ? 443,
+  autoStart ? false,
+}: let
+  passwords = import ../../variables/passwords.crypt.nix;
+in {
+  config = {
+    config,
+    pkgs,
+    lib,
+    ...
+  }: {
+    system.stateVersion = "22.05"; # Did you read the comment?

-      imports = [ ../profiles/containers/configuration.nix ];
+    imports = [../profiles/containers/configuration.nix];

-      networking.firewall.enable = false;
+    networking.firewall.enable = false;

-      services.ddclientovh = {
-        enable = true;
-        domain = "www.stefanjunker.de";
-      };
+    services.ddclientovh = {
+      enable = true;
+      domain = "www.stefanjunker.de";
+    };

-      security.acme = {
-        acceptTerms = true;
-        certs."www.stefanjunker.de".email = "mail@stefanjunker.de";
-        preliminarySelfsigned = true;
+    security.acme = {
+      acceptTerms = true;
+      certs."www.stefanjunker.de".email = "mail@stefanjunker.de";
+      preliminarySelfsigned = true;

-        # can be used for debugging
-        # server = "https://acme-staging-v02.api.letsencrypt.org/directory";
-      };
+      # can be used for debugging
+      # server = "https://acme-staging-v02.api.letsencrypt.org/directory";
+    };

-      services.nginx.enable = true;
-      services.nginx.recommendedProxySettings = true;
-      services.nginx.virtualHosts."www.stefanjunker.de" = {
-        default = true;
-        addSSL = true;
-        listen = [
-          {
-            addr = "0.0.0.0";
-            port = httpPort;
-            ssl = false;
-          }
-          {
-            addr = "0.0.0.0";
-            port = httpsPort;
-            ssl = true;
-          }
-        ];
+    services.nginx.enable = true;
+    services.nginx.recommendedProxySettings = true;
+    services.nginx.virtualHosts."www.stefanjunker.de" = {
+      default = true;
+      addSSL = true;
+      listen = [
+        {
+          addr = "0.0.0.0";
+          port = httpPort;
+          ssl = false;
+        }
+        {
+          addr = "0.0.0.0";
+          port = httpsPort;
+          ssl = true;
+        }
+      ];

-        root = "/var/www/stefanjunker.de/htdocs";
+      root = "/var/www/stefanjunker.de/htdocs";

-        enableACME = true;
+      enableACME = true;

-        locations."/hedgedoc/" = { proxyPass = "http://[::1]:3000/"; };
+      locations."/hedgedoc/" = {proxyPass = "http://[::1]:3000/";};

-        locations."/hedgedoc/socket.io/" = {
-          proxyPass = "http://[::1]:3000/socket.io/";
-          proxyWebsockets = true;
-        };
-      };
-
-      services.hedgedoc = {
-        enable = true;
-        settings = {
-          domain = "www.stefanjunker.de";
-          urlPath = "hedgedoc";
-          protocolUseSSL = true;
-          db = {
-            dialect = "sqlite";
-            storage = "/var/lib/hedgedoc/db.hedgedoc.sqlite";
-          };
-
-          allowAnonymous = false;
-          allowAnonymousEdits = false;
-          allowGravatar = false;
-          allowFreeURL = false;
-          defaultPermission = "private";
-          allowEmailRegister = false;
-
-          # oauth2 provider config
-          inherit (passwords.www_stefanjunker_de_hedgedoc) dropbox;
-
-          uploadsPath = "/var/lib/hedgedoc/uploads";
-        };
+      locations."/hedgedoc/socket.io/" = {
+        proxyPass = "http://[::1]:3000/socket.io/";
+        proxyWebsockets = true;
      };
    };

+    services.hedgedoc = {
+      enable = true;
+      settings = {
+        domain = "www.stefanjunker.de";
+        urlPath = "hedgedoc";
+        protocolUseSSL = true;
+        db = {
+          dialect = "sqlite";
+          storage = "/var/lib/hedgedoc/db.hedgedoc.sqlite";
+        };
+
+        allowAnonymous = false;
+        allowAnonymousEdits = false;
+        allowGravatar = false;
+        allowFreeURL = false;
+        defaultPermission = "private";
+        allowEmailRegister = false;
+
+        # oauth2 provider config
+        inherit (passwords.www_stefanjunker_de_hedgedoc) dropbox;
+
+        uploadsPath = "/var/lib/hedgedoc/uploads";
+      };
+    };
+  };
+
  inherit autoStart;

  bindMounts = {
@ -115,7 +113,7 @@ in
    };
  };

-  extraFlags = [ "--resolv-conf=bind-host" ];
+  extraFlags = ["--resolv-conf=bind-host"];

  privateNetwork = true;
  forwardPorts = [
--- a/nix/os/devices/167.233.1.14/configuration.nix
+++ b/nix/os/devices/167.233.1.14/configuration.nix
@ -1,5 +1,5 @@
-{ ... }: {
-  disabledModules = [ ];
+{...}: {
+  disabledModules = [];
  imports = [
    ../../profiles/common/configuration.nix
    ../../modules/opinionatedDisk.nix
--- a/nix/os/devices/167.233.1.14/hw.nix
+++ b/nix/os/devices/167.233.1.14/hw.nix
@ -1,5 +1,4 @@
-{ ... }:
-let
+{...}: let
  stage1Modules = [
    "virtio_balloon"
    "virtio_scsi"
@ -15,8 +14,7 @@ let
    "pata_acpi"
    "ata_generic"
  ];
-in
-{
+in {
  hardware.opinionatedDisk = {
    enable = true;
    encrypted = false;
--- a/nix/os/devices/167.233.1.14/pkg.nix
+++ b/nix/os/devices/167.233.1.14/pkg.nix
@ -1,14 +1,16 @@
-{ config
-, pkgs
-, lib
-, ...
+{
+  config,
+  pkgs,
+  lib,
+  ...
 }: {
  nixpkgs.config.packageOverrides = pkgs:
    with pkgs; {
      nixPath =
        (import ../../../default.nix {
          versionsPath = ./versions.nix;
-        }).nixPath;
+        })
+        .nixPath;
    };
  home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
    inherit pkgs;
--- a/nix/os/devices/167.233.1.14/system.nix
+++ b/nix/os/devices/167.233.1.14/system.nix
@ -1,12 +1,11 @@
-{ pkgs
-, lib
-, config
-, ...
-}:
-let
-  keys = import ../../../variables/keys.nix;
-in
 {
+  pkgs,
+  lib,
+  config,
+  ...
+}: let
+  keys = import ../../../variables/keys.nix;
+in {
  # TASK: new device
  networking.hostName = "sj-pvehtz0"; # Define your hostname.
  # networking.domain =  "";
@ -31,7 +30,7 @@ in
        "prefixLength" = 29;
      }
    ];
-    ipv6.addresses = [ ];
+    ipv6.addresses = [];
  };

  networking.defaultGateway = {
@ -44,11 +43,11 @@ in
    interface = "eth0";
  };

-  networking.nameservers = [ "1.1.1.1" ];
+  networking.nameservers = ["1.1.1.1"];

  networking.nat = {
    enable = true;
-    internalInterfaces = [ "ve-+" ];
+    internalInterfaces = ["ve-+"];
    externalInterface = "eth0";
  };

@ -56,12 +55,12 @@ in
  # services.kubernetes.roles = ["master" "node"];

  # virtualization
-  virtualisation = { docker.enable = true; };
+  virtualisation = {docker.enable = true;};

  services.spice-vdagentd.enable = true;
  services.qemuGuest.enable = true;

-  nix.gc = { automatic = true; };
+  nix.gc = {automatic = true;};

  # networking.useHostResolvConf = true;

@ -78,7 +77,8 @@ in
      sievePort = 4190;
    };

-    webserver = import ../../containers/webserver.nix
+    webserver =
+      import ../../containers/webserver.nix
      {
        autoStart = true;

--- a/nix/os/devices/167.233.1.14/versions.nix
+++ b/nix/os/devices/167.233.1.14/versions.nix
@ -5,10 +5,9 @@ let
    rev = ''
      a7cc81913bb3cd1ef05ed0ece048b773e1839e51'';
  };
-in
-{
+in {
  inherit nixpkgs;
-  nixos = nixpkgs // { suffix = "/nixos"; };
+  nixos = nixpkgs // {suffix = "/nixos";};
  "channels-nixos-stable" = nixpkgs;
  "channels-nixos-unstable" = {
    url = "https://github.com/NixOS/nixpkgs/";
--- a/nix/os/devices/167.233.1.14/versions.tmpl.nix
+++ b/nix/os/devices/167.233.1.14/versions.tmpl.nix
@ -6,10 +6,9 @@ let
      <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d '
      ' -%>'';
  };
-in
-{
+in {
  inherit nixpkgs;
-  nixos = nixpkgs // { suffix = "/nixos"; };
+  nixos = nixpkgs // {suffix = "/nixos";};
  "channels-nixos-stable" = nixpkgs;
  "channels-nixos-unstable" = {
    url = "https://github.com/NixOS/nixpkgs/";
--- a/nix/os/devices/vmd102066.contaboserver.net/system.nix
+++ b/nix/os/devices/vmd102066.contaboserver.net/system.nix
@ -1,13 +1,12 @@
-{ pkgs
-, lib
-, config
-, ...
-}:
-let
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}: let
  keys = import ../../../variables/keys.nix;
  passwords = import ../../../variables/passwords.crypt.nix;
-in
-{
+in {
  # TASK: new device
  networking.hostName = "vmd102066"; # Define your hostname.
  networking.domain = "contaboserver.net";
@ -41,7 +40,7 @@ in

  networking.nat = {
    enable = true;
-    internalInterfaces = [ "ve-+" ];
+    internalInterfaces = ["ve-+"];
    externalInterface = "eth0";
  };

@ -49,7 +48,7 @@ in
  # services.kubernetes.roles = ["master" "node"];

  # virtualization
-  virtualisation = { docker.enable = true; };
+  virtualisation = {docker.enable = true;};

  services.spice-vdagentd.enable = true;
  services.qemuGuest.enable = true;
@ -57,18 +56,18 @@ in
  systemd.services."sshd-status" = {
    enable = true;
    description = "sshd-status service";
-    path = [ pkgs.systemd ];
+    path = [pkgs.systemd];
    script = ''
      systemctl status sshd | grep -i tasks
    '';
  };

-  systemd.services.sshd.serviceConfig = { TasksMax = 32; };
+  systemd.services.sshd.serviceConfig = {TasksMax = 32;};

  systemd.timers."sshd-status" = {
    description = "Timer to trigger sshd-status periodically";
    enable = true;
-    wantedBy = [ "timer.target" "multi-user.target" ];
+    wantedBy = ["timer.target" "multi-user.target"];
    timerConfig = {
      OnActiveSec = "5s";
      OnUnitActiveSec = "5s";
@ -77,11 +76,11 @@ in
    };
  };

-  nix.gc = { automatic = true; };
+  nix.gc = {automatic = true;};

  boot.initrd.network = {
    enable = true;
-    udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ];
+    udhcpc.extraArgs = ["-x hostname:${config.networking.hostName}"];

    ssh = {
      enable = true;
@ -110,7 +109,7 @@ in
      inherit config;
      hostAddress = "192.168.100.16";
      localAddress = "192.168.100.17";
-      subvolumes = [ "mailserver" "webserver" "backup" "syncthing" ];
+      subvolumes = ["mailserver" "webserver" "backup" "syncthing"];
    };

    bkpTarget = import ../../containers/backup-target.nix {
--- a/nix/os/devices/vmd102066.contaboserver.net/versions.nix
+++ b/nix/os/devices/vmd102066.contaboserver.net/versions.nix
@ -5,8 +5,7 @@ let
    rev = ''
      a7cc81913bb3cd1ef05ed0ece048b773e1839e51'';
  };
-in
-{
+in {
  inherit nixpkgs;
  "channels-nixos-stable" = nixpkgs;
  "nixpkgs-master" = {
--- a/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix
+++ b/nix/os/devices/vmd102066.contaboserver.net/versions.tmpl.nix
@ -6,8 +6,7 @@ let
      <% git ls-remote https://github.com/nixos/nixpkgs nixos-22.11 | awk '{ print $1 }' | tr -d '
      ' -%>'';
  };
-in
-{
+in {
  inherit nixpkgs;
  "channels-nixos-stable" = nixpkgs;
  "nixpkgs-master" = {
--- a/nix/os/profiles/common/system.nix
+++ b/nix/os/profiles/common/system.nix
@ -1,7 +1,8 @@
-{ config
-, pkgs
-, lib
-, ...
+{
+  config,
+  pkgs,
+  lib,
+  ...
 }: {
  nix.settings.trusted-public-keys = [
    # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
@ -27,14 +28,14 @@
    }
  '';

-  environment.variables = { NIX_PATH = lib.mkForce pkgs.nixPath; };
+  environment.variables = {NIX_PATH = lib.mkForce pkgs.nixPath;};

  # Fonts, I18N, Date ...
-  fonts.fonts = [ pkgs.corefonts ];
+  fonts.fonts = [pkgs.corefonts];

  console.font = "lat9w-16";

-  i18n = { defaultLocale = "en_US.UTF-8"; };
+  i18n = {defaultLocale = "en_US.UTF-8";};
  time.timeZone = "Etc/UTC";
  services.gpm.enable = true;

@ -67,6 +68,6 @@

  programs.zsh.enable = true;
  users.defaultUserShell = pkgs.zsh;
-  environment.pathsToLink = [ "/share/zsh" ];
+  environment.pathsToLink = ["/share/zsh"];
  programs.fuse.userAllowOther = true;
 }