chore: reformat codebase

2025-01-30 22:57:55 +00:00 · 2023-06-29 14:17:38 +08:00 · 2023-06-29 14:17:38 +08:00 · 53f7cf6e83
commit 53f7cf6e83
parent 52b66fa47d
5 changed files with 55 additions and 48 deletions
--- a/hosts/plover/modules/services/bind.nix
+++ b/hosts/plover/modules/services/bind.nix
@ -210,9 +210,9 @@ in
    };
  };

-  networking.firewall ={
+  networking.firewall = {
    allowedUDPPorts = [
-      53  # DNS
+      53 # DNS
      853 # DNS-over-TLS/DNS-over-QUIC
    ];
    allowedTCPPorts = [ 53 853 ];
--- a/hosts/plover/modules/services/postgresql.nix
+++ b/hosts/plover/modules/services/postgresql.nix
@ -33,16 +33,18 @@ in
        ${lib.concatStringsSep "\n" perUserSchemas}
      '';

-    settings = let
-      credsDir = path: "/run/credentials/postgresql.service/${path}";
-    in {
-      # Still doing the secure schema usage pattern.
-      search_path = "\"$user\"";
+    settings =
+      let
+        credsDir = path: "/run/credentials/postgresql.service/${path}";
+      in
+      {
+        # Still doing the secure schema usage pattern.
+        search_path = "\"$user\"";

-      ssl_cert_file = credsDir "cert.pem";
-      ssl_key_file = credsDir "key.pem";
-      ssl_ca_file = credsDir "fullchain.pem";
-    };
+        ssl_cert_file = credsDir "cert.pem";
+        ssl_key_file = credsDir "key.pem";
+        ssl_ca_file = credsDir "fullchain.pem";
+      };
  };

  # With a database comes a dumping.
@ -58,15 +60,16 @@ in
  # Setting this up for TLS.
  systemd.services.postgresql = {
    requires = [ "acme-finished-${postgresqlDomain}.target" ];
-    serviceConfig.LoadCredential = let
-      certDirectory = config.security.acme.certs."${postgresqlDomain}".directory;
-      certCredentialPath = path: "${path}:${certDirectory}/${path}";
-    in
-    [
-      (certCredentialPath "cert.pem")
-      (certCredentialPath "key.pem")
-      (certCredentialPath "fullchain.pem")
-    ];
+    serviceConfig.LoadCredential =
+      let
+        certDirectory = config.security.acme.certs."${postgresqlDomain}".directory;
+        certCredentialPath = path: "${path}:${certDirectory}/${path}";
+      in
+      [
+        (certCredentialPath "cert.pem")
+        (certCredentialPath "key.pem")
+        (certCredentialPath "fullchain.pem")
+      ];
  };

  security.acme.certs."${postgresqlDomain}".postRun = ''
--- a/hosts/plover/modules/services/wireguard.nix
+++ b/hosts/plover/modules/services/wireguard.nix
@ -16,30 +16,32 @@ in
 {
  environment.systemPackages = [ pkgs.wireguard-tools ];

-  sops.secrets = let
-    getKey = key: {
-      inherit key;
-      sopsFile = ../../secrets/secrets.yaml;
-    };
+  sops.secrets =
+    let
+      getKey = key: {
+        inherit key;
+        sopsFile = ../../secrets/secrets.yaml;
+      };

-    getSecrets = secrets:
-      (lib.mapAttrs' (name: config:
-        lib.nameValuePair
-          "plover/${name}"
-          ((getKey name) // config))
+      getSecrets = secrets:
+        (lib.mapAttrs'
+          (name: config:
+            lib.nameValuePair
+              "plover/${name}"
+              ((getKey name) // config))
          secrets);

-    systemdNetworkdPermission = {
-      group = config.users.users.systemd-network.group;
-      reloadUnits = [ "systemd-networkd.service" ];
-      mode = "0640";
+      systemdNetworkdPermission = {
+        group = config.users.users.systemd-network.group;
+        reloadUnits = [ "systemd-networkd.service" ];
+        mode = "0640";
+      };
+    in
+    getSecrets {
+      "wireguard/private-key" = systemdNetworkdPermission;
+      "wireguard/preshared-keys/ni" = systemdNetworkdPermission;
+      "wireguard/preshared-keys/phone" = systemdNetworkdPermission;
    };
-  in
-  getSecrets {
-    "wireguard/private-key" = systemdNetworkdPermission;
-    "wireguard/preshared-keys/ni" = systemdNetworkdPermission;
-    "wireguard/preshared-keys/phone" = systemdNetworkdPermission;
-  };

  networking.firewall = {
    # Allow the UDP traffic for the Wireguard service.
--- a/modules/home-manager/profiles/dev.nix
+++ b/modules/home-manager/profiles/dev.nix
@ -46,13 +46,15 @@ in {
      };

      # A fuzzy finder that enables fuzzy finding not furry finding, a common misconception.
-      programs.fzf = let
-        fd = "${lib.getBin pkgs.fd}/bin/fd";
-      in {
-        enable = true;
-        changeDirWidgetCommand = "${fd} --type d";
-        defaultCommand = "${fd} --type f";
-      };
+      programs.fzf =
+        let
+          fd = "${lib.getBin pkgs.fd}/bin/fd";
+        in
+        {
+          enable = true;
+          changeDirWidgetCommand = "${fd} --type d";
+          defaultCommand = "${fd} --type f";
+        };

      # dog > sky dog > cat.
      programs.bat = {
--- a/shells/gnome.nix
+++ b/shells/gnome.nix
@ -28,7 +28,7 @@

 , nodePackages

-# Rust
+  # Rust
 , cargo
 , rustc
 }: