From 1bdda28ffed964eb175c5f620160f9edcda69fce Mon Sep 17 00:00:00 2001 From: Gabriel Arazas Date: Thu, 8 Jun 2023 21:19:17 +0800 Subject: [PATCH] chore: reformat codebase --- hosts/ni/default.nix | 72 ++++++++++--------- hosts/plover/modules/services/coredns.nix | 17 ++--- hosts/plover/modules/services/gitea.nix | 35 ++++----- hosts/plover/modules/services/keycloak.nix | 7 +- modules/home-manager/files/mutable-files.nix | 5 +- templates/sample-nixos-template/flake.nix | 24 ++++--- users/home-manager/foo-dogsquared/default.nix | 16 +++-- 7 files changed, 94 insertions(+), 82 deletions(-) diff --git a/hosts/ni/default.nix b/hosts/ni/default.nix index 8425a390..21861697 100644 --- a/hosts/ni/default.nix +++ b/hosts/ni/default.nix @@ -231,41 +231,45 @@ in # We're using wg-quick here as this host is using network managers that can # differ between workflows (i.e., GNOME and KDE Plasma using NetworkManager, # others might be using systemd-networkd). - networking.wg-quick.interfaces.wireguard0 = let - domains = [ - "~plover.foodogsquared.one" - "~0.27.172.in-addr.arpa" - ]; - in { - privateKeyFile = config.sops.secrets."ni/wireguard/private-key".path; - listenPort = wireguardPort; - dns = with interfaces.internal; [ IPv4.adress IPv6.address ]; - postUp = let - resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl"; - in '' - ${resolvectl} domain %i ${lib.concatStringsSep " " domains} - ''; + networking.wg-quick.interfaces.wireguard0 = + let + domains = [ + "~plover.foodogsquared.one" + "~0.27.172.in-addr.arpa" + ]; + in + { + privateKeyFile = config.sops.secrets."ni/wireguard/private-key".path; + listenPort = wireguardPort; + dns = with interfaces.internal; [ IPv4.adress IPv6.address ]; + postUp = + let + resolvectl = "${lib.getBin pkgs.systemd}/bin/resolvectl"; + in + '' + ${resolvectl} domain %i ${lib.concatStringsSep " " domains} + ''; - address = with wireguardPeers.desktop; [ - "${IPv4}/32" - "${IPv6}/128" - ]; + address = with wireguardPeers.desktop; [ + "${IPv4}/32" + "${IPv6}/128" + ]; - peers = [ - # The "server" peer. - { - publicKey = lib.removeSuffix "\n" (lib.readFile ../plover/files/wireguard/wireguard-public-key-plover); - presharedKeyFile = config.sops.secrets."ni/wireguard/preshared-keys/plover".path; - allowedIPs = wireguardAllowedIPs; - endpoint = "${interfaces.main'.IPv4.address}:${toString wireguardPort}"; - } + peers = [ + # The "server" peer. + { + publicKey = lib.removeSuffix "\n" (lib.readFile ../plover/files/wireguard/wireguard-public-key-plover); + presharedKeyFile = config.sops.secrets."ni/wireguard/preshared-keys/plover".path; + allowedIPs = wireguardAllowedIPs; + endpoint = "${interfaces.main'.IPv4.address}:${toString wireguardPort}"; + } - # The "phone" peer. - { - publicKey = lib.removeSuffix "\n" (lib.readFile ../plover/files/wireguard/wireguard-public-key-phone); - presharedKeyFile = config.sops.secrets."ni/wireguard/preshared-keys/phone".path; - allowedIPs = wireguardAllowedIPs; - } - ]; - }; + # The "phone" peer. + { + publicKey = lib.removeSuffix "\n" (lib.readFile ../plover/files/wireguard/wireguard-public-key-phone); + presharedKeyFile = config.sops.secrets."ni/wireguard/preshared-keys/phone".path; + allowedIPs = wireguardAllowedIPs; + } + ]; + }; } diff --git a/hosts/plover/modules/services/coredns.nix b/hosts/plover/modules/services/coredns.nix index 0b7f5030..39da8400 100644 --- a/hosts/plover/modules/services/coredns.nix +++ b/hosts/plover/modules/services/coredns.nix @@ -165,13 +165,14 @@ in ${replaceSecretBin} '#mailboxSecurityKey#' '${secretsPath "dns/${domain}/mailbox-security-key"}' '${domainZoneFile'}' ${replaceSecretBin} '#mailboxSecurityKeyRecord#' '${secretsPath "dns/${domain}/mailbox-security-key-record"}' '${domainZoneFile'}' ''; - serviceConfig.LoadCredential = let - certDirectory = certs."${dnsDomainName}".directory; - in - [ - "cert.pem:${certDirectory}/cert.pem" - "key.pem:${certDirectory}/key.pem" - "fullchain.pem:${certDirectory}/fullchain.pem" - ]; + serviceConfig.LoadCredential = + let + certDirectory = certs."${dnsDomainName}".directory; + in + [ + "cert.pem:${certDirectory}/cert.pem" + "key.pem:${certDirectory}/key.pem" + "fullchain.pem:${certDirectory}/fullchain.pem" + ]; }; } diff --git a/hosts/plover/modules/services/gitea.nix b/hosts/plover/modules/services/gitea.nix index 898cd05d..9f19bcdc 100644 --- a/hosts/plover/modules/services/gitea.nix +++ b/hosts/plover/modules/services/gitea.nix @@ -137,25 +137,26 @@ in # Gitea service module will have to set up certain things first which is # why we have to go first. - preStart = let - giteaBin = "${lib.getBin config.services.gitea.package}/bin/gitea"; - giteaAdminUsername = lib.escapeShellArg "foodogsquared"; + preStart = + let + giteaBin = "${lib.getBin config.services.gitea.package}/bin/gitea"; + giteaAdminUsername = lib.escapeShellArg "foodogsquared"; in - lib.mkMerge [ - (lib.mkBefore '' - # Setting up the appropriate schema for PostgreSQL secure schema usage. - psql -tAc "SELECT 1 FROM information_schema.schemata WHERE schema_name='${giteaDatabaseUser}';" \ - grep -q 1 || psql -tAc "CREATE SCHEMA IF NOT EXISTS AUTHORIZATION ${giteaDatabaseUser};" - '') + lib.mkMerge [ + (lib.mkBefore '' + # Setting up the appropriate schema for PostgreSQL secure schema usage. + psql -tAc "SELECT 1 FROM information_schema.schemata WHERE schema_name='${giteaDatabaseUser}';" \ + grep -q 1 || psql -tAc "CREATE SCHEMA IF NOT EXISTS AUTHORIZATION ${giteaDatabaseUser};" + '') - (lib.mkAfter '' - # Setting up the administrator account automated. - ${giteaBin} admin user list --admin | grep -q ${giteaAdminUsername} \ - || ${giteaBin} admin user create \ - --username ${giteaAdminUsername} --email foodogsquared@${config.networking.domain} \ - --random-password --random-password-length 76 --admin - '') - ]; + (lib.mkAfter '' + # Setting up the administrator account automated. + ${giteaBin} admin user list --admin | grep -q ${giteaAdminUsername} \ + || ${giteaBin} admin user create \ + --username ${giteaAdminUsername} --email foodogsquared@${config.networking.domain} \ + --random-password --random-password-length 76 --admin + '') + ]; }; # Attaching it altogether with the reverse proxy of choice. diff --git a/hosts/plover/modules/services/keycloak.nix b/hosts/plover/modules/services/keycloak.nix index 9dc1efb3..2fc2941f 100644 --- a/hosts/plover/modules/services/keycloak.nix +++ b/hosts/plover/modules/services/keycloak.nix @@ -62,8 +62,9 @@ in # Modifying it a little bit for per-user schema. systemd.services.keycloak = { - preStart = let - psqlBin = "${lib.getBin config.services.postgresql.package}/bin/psql"; + preStart = + let + psqlBin = "${lib.getBin config.services.postgresql.package}/bin/psql"; in lib.mkAfter '' # Setting up the appropriate schema for PostgreSQL secure schema usage. @@ -88,7 +89,7 @@ in (lib.lists.map (appPath: lib.nameValuePair appPath { proxyPass = keycloakPath appPath; }) [ "/js/" "/realms/" "/resources/" "/robots.txt" ]) - // { "/".return = "444"; }; + // { "/".return = "444"; }; }; "${authInternalDomain}" = { diff --git a/modules/home-manager/files/mutable-files.nix b/modules/home-manager/files/mutable-files.nix index cc6c3863..ea7447fb 100644 --- a/modules/home-manager/files/mutable-files.nix +++ b/modules/home-manager/files/mutable-files.nix @@ -61,7 +61,7 @@ let note of the commands used for each type as documented from `config.home.mutableFile..type`. ''; - default = []; + default = [ ]; example = [ "--depth" "1" ]; }; }; @@ -136,7 +136,8 @@ in script = pkgs.writeShellScript "fetch-mutable-files" '' ${lib.concatStringsSep "\n" mutableFilesCmds} ''; - in builtins.toString script; + in + builtins.toString script; }; Install.WantedBy = [ "default.target" ]; diff --git a/templates/sample-nixos-template/flake.nix b/templates/sample-nixos-template/flake.nix index 265d1382..98944d2e 100644 --- a/templates/sample-nixos-template/flake.nix +++ b/templates/sample-nixos-template/flake.nix @@ -6,17 +6,19 @@ home-manager.url = "github:nix-community/home-manager"; }; - outputs = { nixpkgs, home-manager, ... }: let - system = "x85_64-linux"; - in { - nixosConfigurations.desktop = nixpkgs.lib.nixosSystem { - inherit system; - modules = [ ./hosts/desktop ]; - }; + outputs = { nixpkgs, home-manager, ... }: + let + system = "x85_64-linux"; + in + { + nixosConfigurations.desktop = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ ./hosts/desktop ]; + }; - homeConfigurations.foodogsquared = home-manager.lib.homeManagerConfiguration { - pkgs = import nixpkgs { inherit system; }; - modules = [ ./users/foodogsquared ]; + homeConfigurations.foodogsquared = home-manager.lib.homeManagerConfiguration { + pkgs = import nixpkgs { inherit system; }; + modules = [ ./users/foodogsquared ]; + }; }; - }; } diff --git a/users/home-manager/foo-dogsquared/default.nix b/users/home-manager/foo-dogsquared/default.nix index 3be69a1b..bf062ca1 100644 --- a/users/home-manager/foo-dogsquared/default.nix +++ b/users/home-manager/foo-dogsquared/default.nix @@ -354,12 +354,14 @@ in }; systemd.user.services.fetch-mutable-files = { - Service.ExecStartPost = let - script = pkgs.writeShellScript "post-fetch-mutable-files" '' - # Automate installation of Doom Emacs. - ${config.xdg.configHome}/emacs/bin/doom install --no-config --no-fonts --install --force - ${config.xdg.configHome}/emacs/bin/doom sync - ''; - in builtins.toString script; + Service.ExecStartPost = + let + script = pkgs.writeShellScript "post-fetch-mutable-files" '' + # Automate installation of Doom Emacs. + ${config.xdg.configHome}/emacs/bin/doom install --no-config --no-fonts --install --force + ${config.xdg.configHome}/emacs/bin/doom sync + ''; + in + builtins.toString script; }; }