Set up formatting

flake.lock

@@ -58,6 +58,21 @@
       }
     },
     "flake-utils": {
+      "locked": {
+        "lastModified": 1653893745,
+        "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
       "locked": {
         "lastModified": 1648297722,
         "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
@@ -307,6 +322,7 @@
       "inputs": {
         "darwin": "darwin",
         "deploy-rs": "deploy-rs",
+        "flake-utils": "flake-utils",
         "home-manager": "home-manager",
         "nix-gaming": "nix-gaming",
         "nixpkgs": "nixpkgs_2",
@@ -385,7 +401,7 @@
     },
     "youmubot": {
       "inputs": {
-        "flake-utils": "flake-utils",
+        "flake-utils": "flake-utils_2",
         "naersk": "naersk_2",
         "nixpkgs": [
           "nixpkgs"

flake.nix

@@ -12,6 +12,8 @@
     deploy-rs.url = "github:Serokell/deploy-rs";
     nur.url = "github:nix-community/NUR";
 
+    flake-utils.url = github:numtide/flake-utils;
+
     # ---
     # Imported apps
     rnix-lsp.url = "github:nix-community/rnix-lsp";
@@ -146,5 +148,7 @@
       # This is highly advised, and will prevent many possible mistakes
       checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
 
-    };
+    } // (inputs.flake-utils.lib.eachDefaultSystem (system: {
+      formatter = nixpkgs.legacyPackages.${system}.nixpkgs-fmt;
+    }));
 }

home/config.nix

@@ -1,8 +1,8 @@
 {
-    allowUnfree = true;
+  allowUnfree = true;
-    packageOverrides = pkgs: {
+  packageOverrides = pkgs: {
-        nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
+    nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
-            inherit pkgs;
+      inherit pkgs;
-        };
     };
+  };
 }

home/mac-home.nix

@@ -13,12 +13,11 @@
 
   # Additional packages to be used only on this MacBook.
   home.packages = with pkgs; [
-      anki-bin
+    anki-bin
   ];
 
   # Additional settings for programs
-  programs.fish.shellAliases = {
+  programs.fish.shellAliases = { };
-  };
 
   # This value determines the Home Manager release that your
   # configuration is compatible with. This helps avoid breakage

home/osu.nix

@@ -1,17 +1,17 @@
 { pkgs, config, lib, ... }:
 
 let
-    # pkgsUnstableOsu = import "/home/nki/nixpkgs/osu-lazer" {};
+  # pkgsUnstableOsu = import "/home/nki/nixpkgs/osu-lazer" {};
-    # osu = pkgs.osu-lazer.overrideAttrs (oldAttrs : rec {
+  # osu = pkgs.osu-lazer.overrideAttrs (oldAttrs : rec {
-    #     version = "2021.1006.1";
+  #     version = "2021.1006.1";
-    #     src = pkgs.fetchFromGitHub {
+  #     src = pkgs.fetchFromGitHub {
-    #         owner = "ppy";
+  #         owner = "ppy";
-    #         repo = "osu";
+  #         repo = "osu";
-    #         rev = version;
+  #         rev = version;
-    #         sha256 = "11qwrsp9kfxgz7dvh56mbgkry252ic3l5mgx3hwchrwzll71f0yd";
+  #         sha256 = "11qwrsp9kfxgz7dvh56mbgkry252ic3l5mgx3hwchrwzll71f0yd";
-    #     };
+  #     };
-    # });
+  # });
 in
 {
-    home.packages = [ pkgs.unstable.osu-lazer ];
+  home.packages = [ pkgs.unstable.osu-lazer ];
 }

modules/cloud/mail/default.nix

@@ -341,8 +341,8 @@ in
           ExecStart = "${cfg.package}/bin/maddy ${if cfg.debug then "-debug " else ""}-config ${configFile}";
         };
         reload = ''
-            /bin/kill -USR1 $MAINPID
+          /bin/kill -USR1 $MAINPID
-            /bin/kill -USR2 $MAINPID
+          /bin/kill -USR2 $MAINPID
         '';
       };
     };

modules/cloud/postgresql/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, lib, ... } :
+{ pkgs, config, lib, ... }:
 
 with lib;
 let
@@ -7,7 +7,7 @@ let
   # From a database name, create an "ensureUser"
   # entry with the same name and assign all permissions
   # to that database.
-  userFromDatabase = databaseName : {
+  userFromDatabase = databaseName: {
     name = databaseName;
     ensurePermissions = {
       "DATABASE ${databaseName}" = "ALL PRIVILEGES";
@@ -17,7 +17,7 @@ in
 {
   options.cloud.postgresql.databases = mkOption {
     type = types.listOf types.str;
-    default = [];
+    default = [ ];
     description = ''
       The list of databases to be created.
       An user with the same name

modules/cloud/traefik/certs-dumper.nix

@@ -26,21 +26,21 @@ in
 
     description = "Dump certificates generated by traefik to a destination folder";
     serviceConfig =
-    let
+      let
-      user = config.systemd.services.traefik.serviceConfig.User;
+        user = config.systemd.services.traefik.serviceConfig.User;
-      group = config.systemd.services.traefik.serviceConfig.Group;
+        group = config.systemd.services.traefik.serviceConfig.Group;
-      certsPath = config.cloud.traefik.certsPath;
+        certsPath = config.cloud.traefik.certsPath;
-    in
+      in
-    {
+      {
-      User = user;
+        User = user;
-      Group = group;
+        Group = group;
-      ExecStart = "${cfg.package}/bin/traefik-certs-dumper file --watch --domain-subdir=true --version v2 --source ${certsPath} --dest ${cfg.destination} --post-hook 'chmod -R +r ${cfg.destination}'";
+        ExecStart = "${cfg.package}/bin/traefik-certs-dumper file --watch --domain-subdir=true --version v2 --source ${certsPath} --dest ${cfg.destination} --post-hook 'chmod -R +r ${cfg.destination}'";
-      LimitNOFILE = "1048576";
+        LimitNOFILE = "1048576";
-      PrivateTmp = "true";
+        PrivateTmp = "true";
-      PrivateDevices = "true";
+        PrivateDevices = "true";
-      ProtectHome = "true";
+        ProtectHome = "true";
-      ProtectSystem = "strict";
+        ProtectSystem = "strict";
-      StateDirectory = "traefik-certs";
+        StateDirectory = "traefik-certs";
-    };
+      };
   };
 }

modules/cloud/traefik/default.nix

@@ -1,22 +1,24 @@
-{ pkgs, config, lib, ... } :
+{ pkgs, config, lib, ... }:
 
 with lib;
 let
   # Copied from traefik.nix
   jsonValue = with types;
     let
-      valueType = nullOr (oneOf [
+      valueType = nullOr
-        bool
+        (oneOf [
-        int
+          bool
-        float
+          int
-        str
+          float
-        (lazyAttrsOf valueType)
+          str
-        (listOf valueType)
+          (lazyAttrsOf valueType)
-      ]) // {
+          (listOf valueType)
+        ]) // {
         description = "JSON value";
         emptyValue.value = { };
       };
-    in valueType;
+    in
+    valueType;
 
   cfg = config.cloud.traefik;
 in
@@ -30,7 +32,7 @@ in
 
     config = mkOption {
       type = jsonValue;
-      default = {};
+      default = { };
       description = "The dynamic configuration to be passed to traefik";
     };
 
@@ -62,7 +64,7 @@ in
 
       # Logging
       # -------
-      accessLog = {};
+      accessLog = { };
       log.level = "info";
 
       # ACME Automatic SSL

modules/my-tinc/default.nix

@@ -38,61 +38,63 @@ in
 
   config = mkIf cfg.enable (builtins.seq
     (mkIf (isNull cfg.rsaPrivateKey && isNull cfg.ed25519PrivateKey) (builtins.abort "one of the keys must be defined"))
-    (let
+    (
-      networkName = "my-tinc";
+      let
+        networkName = "my-tinc";
 
-      myHost = builtins.getAttr cfg.hostName hosts;
+        myHost = builtins.getAttr cfg.hostName hosts;
-      myMeshIp = myHost.subnetAddr;
+        myMeshIp = myHost.subnetAddr;
-    in
+      in
-    {
+      {
-      # Scripts that set up the tinc services
+        # Scripts that set up the tinc services
-      environment.etc = {
+        environment.etc = {
-        "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" ''
+          "tinc/${networkName}/tinc-up".source = pkgs.writeScript "tinc-up-${networkName}" ''
             #!${pkgs.stdenv.shell}
             ${pkgs.nettools}/bin/ifconfig $INTERFACE ${myMeshIp} netmask 255.255.255.0
-        '';
+          '';
-        "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" ''
+          "tinc/${networkName}/tinc-down".source = pkgs.writeScript "tinc-down-${networkName}" ''
             #!${pkgs.stdenv.shell}
             /run/wrappers/bin/sudo ${pkgs.nettools}/bin/ifconfig $INTERFACE down
-        '';
+          '';
-      };
+        };
 
-      # Allow the tinc service to call ifconfig without sudo password.
+        # Allow the tinc service to call ifconfig without sudo password.
-      security.sudo.extraRules = [
+        security.sudo.extraRules = [
-        {
+          {
-          users    = [ "tinc.${networkName}" ];
+            users = [ "tinc.${networkName}" ];
-          commands = [
+            commands = [
-            {
+              {
-              command  = "${pkgs.nettools}/bin/ifconfig";
+                command = "${pkgs.nettools}/bin/ifconfig";
-              options  = [ "NOPASSWD" ];
+                options = [ "NOPASSWD" ];
-            }
+              }
-          ];
+            ];
-        }
+          }
-      ];
+        ];
 
-      # simple interface setup
+        # simple interface setup
-      # ----------------------
+        # ----------------------
-      networking.interfaces."tinc.${networkName}".ipv4.addresses = [ { address = myMeshIp; prefixLength = 24; } ];
+        networking.interfaces."tinc.${networkName}".ipv4.addresses = [{ address = myMeshIp; prefixLength = 24; }];
 
-      # firewall
+        # firewall
-      networking.firewall.allowedUDPPorts = [ 655 ];
+        networking.firewall.allowedUDPPorts = [ 655 ];
-      networking.firewall.allowedTCPPorts = [ 655 ];
+        networking.firewall.allowedTCPPorts = [ 655 ];
 
-      # configure tinc service
+        # configure tinc service
-      # ----------------------
+        # ----------------------
-      services.tinc.networks."${networkName}"= {
+        services.tinc.networks."${networkName}" = {
 
-        name          = cfg.hostName;       # who are we in this network.
+          name = cfg.hostName; # who are we in this network.
 
-        debugLevel    = 3;            # the debug level for journal -u tinc.private
+          debugLevel = 3; # the debug level for journal -u tinc.private
-        chroot        = false;        # otherwise addresses can't be a DNS
+          chroot = false; # otherwise addresses can't be a DNS
-        interfaceType = "tap";        # tun might also work.
+          interfaceType = "tap"; # tun might also work.
 
-        bindToAddress = "* ${toString cfg.bindPort}";
+          bindToAddress = "* ${toString cfg.bindPort}";
 
-        ed25519PrivateKeyFile = cfg.ed25519PrivateKey;
+          ed25519PrivateKeyFile = cfg.ed25519PrivateKey;
-        rsaPrivateKeyFile = cfg.rsaPrivateKey;
+          rsaPrivateKeyFile = cfg.rsaPrivateKey;
-      };
+        };
-    })
+      }
+    )
   );
 }

modules/my-tinc/hosts.nix

@@ -13,11 +13,13 @@ in
 {
   config = mkIf cfg.enable {
     # All hosts we know of
-    services.tinc.networks.my-tinc.hostSettings = mapAttrs (name: host: {
+    services.tinc.networks.my-tinc.hostSettings = mapAttrs
-      addresses = if (host ? address) then [ { address = host.address; } ] else [];
+      (name: host: {
-      subnets = [ { address = host.subnetAddr; } ];
+        addresses = if (host ? address) then [{ address = host.address; }] else [ ];
-      rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey;
+        subnets = [{ address = host.subnetAddr; }];
-      settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey;
+        rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey;
-    }) hosts;
+        settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey;
+      })
+      hosts;
   };
 }

nki-personal-do/hardware-configuration.nix

@@ -6,5 +6,5 @@
   fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
 
   # swap
-  swapDevices = [ { device = "/var/swapfile"; } ];
+  swapDevices = [{ device = "/var/swapfile"; }];
 }