From 7db21c9fc5f427f7280f62335c2de2fcc3052039 Mon Sep 17 00:00:00 2001 From: Gabriel Arazas Date: Tue, 11 Jan 2022 20:22:08 +0800 Subject: [PATCH] Format the files through `nixfmt` --- flake.nix | 9 +- modules/home-manager/services/archivebox.nix | 7 +- modules/home-manager/services/bleachbit.nix | 6 +- modules/home-manager/services/mopidy.nix | 18 ++-- modules/nixos/profiles/desktop.nix | 11 +- modules/nixos/services/borgmatic.nix | 102 +++++++++---------- 6 files changed, 81 insertions(+), 72 deletions(-) diff --git a/flake.nix b/flake.nix index f403df6d..8b93a28d 100644 --- a/flake.nix +++ b/flake.nix @@ -79,7 +79,10 @@ # Set several binary caches. nix = { - binaryCaches = [ "https://nix-community.cachix.org" "https://foo-dogsquared.cachix.org" ]; + binaryCaches = [ + "https://nix-community.cachix.org" + "https://foo-dogsquared.cachix.org" + ]; binaryCachePublicKeys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "foo-dogsquared.cachix.org-1:/2fmqn/gLGvCs5EDeQmqwtus02TUmGy0ZlAEXqRE70E=" @@ -158,7 +161,9 @@ # The development environment for this flake. devShell = forAllSystems (system: - import ./shell.nix { pkgs = import nixpkgs { inherit system overlays; }; }); + import ./shell.nix { + pkgs = import nixpkgs { inherit system overlays; }; + }); # My several development shells for usual type of projects. This is much # more preferable than installing all of the packages at the system diff --git a/modules/home-manager/services/archivebox.nix b/modules/home-manager/services/archivebox.nix index 93783ac6..e0cb9ce5 100644 --- a/modules/home-manager/services/archivebox.nix +++ b/modules/home-manager/services/archivebox.nix @@ -1,7 +1,6 @@ { config, options, lib, pkgs, ... }: -let - cfg = config.services.archivebox; +let cfg = config.services.archivebox; in { options.services.archivebox = { enable = lib.mkEnableOption "Archivebox service"; @@ -31,7 +30,9 @@ in { Install.WantedBy = [ "graphical-session.target" ]; Service = { - ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${toString cfg.port}"; + ExecStart = "${pkgs.archivebox}/bin/archivebox server localhost:${ + toString cfg.port + }"; WorkingDirectory = cfg.archivePath; Restart = "on-failure"; }; diff --git a/modules/home-manager/services/bleachbit.nix b/modules/home-manager/services/bleachbit.nix index f5af9b2d..52790893 100644 --- a/modules/home-manager/services/bleachbit.nix +++ b/modules/home-manager/services/bleachbit.nix @@ -35,8 +35,7 @@ in { "google_toolbar.search_history" "thumbnails.cache" "zoom.logs" - ] - ++ lib.optionals cfg.withBrowserCleanup [ + ] ++ lib.optionals cfg.withBrowserCleanup [ "brave.cache" "brave.form_history" "brave.history" @@ -68,7 +67,8 @@ in { ]; }; - withBrowserCleanup = lib.mkEnableOption "browser-related cleaners to be included in the list"; + withBrowserCleanup = + lib.mkEnableOption "browser-related cleaners to be included in the list"; }; config = lib.mkIf cfg.enable { diff --git a/modules/home-manager/services/mopidy.nix b/modules/home-manager/services/mopidy.nix index c9ed984c..b05ca86c 100644 --- a/modules/home-manager/services/mopidy.nix +++ b/modules/home-manager/services/mopidy.nix @@ -26,9 +26,10 @@ in { }; extensionPackages = lib.mkOption { - default = []; + default = [ ]; type = with lib.types; listOf package; - example = lib.literalExpression "with pkgs; [ mopidy-spotify mopidy-mpd mopidy-mpris ]"; + example = lib.literalExpression + "with pkgs; [ mopidy-spotify mopidy-mpd mopidy-mpris ]"; description = '' Mopidy extensions that should be loaded by the service. ''; @@ -42,7 +43,7 @@ in { }; extraConfigFiles = lib.mkOption { - default = []; + default = [ ]; type = with lib.types; listOf str; description = '' Extra config files to be read to the service. @@ -53,7 +54,8 @@ in { config = lib.mkIf cfg.enable { assertions = [ - (lib.hm.assertions.assertPlatform "services.mopidy" pkgs lib.platforms.linux) + (lib.hm.assertions.assertPlatform "services.mopidy" pkgs + lib.platforms.linux) ]; systemd.user.services.mopidy = { @@ -64,7 +66,9 @@ in { }; Service = { - ExecStart = "${mopidyEnv}/bin/mopidy --config ${lib.concatStringsSep ":" ([mopidyConf] ++ cfg.extraConfigFiles)}"; + ExecStart = "${mopidyEnv}/bin/mopidy --config ${ + lib.concatStringsSep ":" ([ mopidyConf ] ++ cfg.extraConfigFiles) + }"; }; Install.WantedBy = [ "default.target" ]; @@ -78,7 +82,9 @@ in { }; Service = { - ExecStart = "${mopidyEnv}/bin/mopidy --config ${lib.concatStringsSep ":" ([mopidyConf] ++ cfg.extraConfigFiles)} local scan"; + ExecStart = "${mopidyEnv}/bin/mopidy --config ${ + lib.concatStringsSep ":" ([ mopidyConf ] ++ cfg.extraConfigFiles) + } local scan"; Type = "oneshot"; }; diff --git a/modules/nixos/profiles/desktop.nix b/modules/nixos/profiles/desktop.nix index 1831cefe..04d330e1 100644 --- a/modules/nixos/profiles/desktop.nix +++ b/modules/nixos/profiles/desktop.nix @@ -135,12 +135,11 @@ in { # I try to avoid using Wine on NixOS because most of them uses FHS or something and I just want it to work but here goes. (lib.mkIf cfg.wine.enable { - environment.systemPackages = with pkgs; - [ - cfg.wine.package # The star of the show. - winetricks # We do a little trickery with missing Windows runtimes. - bottles # PlayOnLinux but better. :) - ]; + environment.systemPackages = with pkgs; [ + cfg.wine.package # The star of the show. + winetricks # We do a little trickery with missing Windows runtimes. + bottles # PlayOnLinux but better. :) + ]; }) ]); } diff --git a/modules/nixos/services/borgmatic.nix b/modules/nixos/services/borgmatic.nix index 681d9c82..ee5c4cc7 100644 --- a/modules/nixos/services/borgmatic.nix +++ b/modules/nixos/services/borgmatic.nix @@ -30,8 +30,9 @@ in { options.services.borgmatic = { jobs = lib.mkOption { type = with lib.types; attrsOf (submodule jobOption); - description = "borgmatic jobs with each bearing a configuration file to be used."; - default = {}; + description = + "borgmatic jobs with each bearing a configuration file to be used."; + default = { }; example = { external-hard-drive = { startAt = "daily"; @@ -42,59 +43,56 @@ in { }; config = { - systemd.services = (lib.mapAttrs' - (name: settings: - lib.nameValuePair - ("borgmatic-backup-" + name) - ({ - unitConfig = { - Description = "Backup with Borgmatic job '${name}'"; - Wants = [ "network-online.target" ]; - After = [ "network-online.target" ]; - }; + systemd.services = (lib.mapAttrs' (name: settings: + lib.nameValuePair ("borgmatic-backup-" + name) ({ + unitConfig = { + Description = "Backup with Borgmatic job '${name}'"; + Wants = [ "network-online.target" ]; + After = [ "network-online.target" ]; + }; - startAt = settings.startAt; - serviceConfig = { - # Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and - # dbus-user-session to be installed. - ExecStartPre = "${pkgs.coreutils}/bin/sleep 1m"; - ExecStart = '' - ${pkgs.systemd}/bin/systemd-inhibit --who="borgmatic" --why="Prevent interrupting scheduled backup" ${pkgs.borgmatic}/bin/borgmatic --verbosity -1 --syslog-verbosity 1 --config ${settings.configPath} - ''; + startAt = settings.startAt; + serviceConfig = { + # Delay start to prevent backups running during boot. Note that systemd-inhibit requires dbus and + # dbus-user-session to be installed. + ExecStartPre = "${pkgs.coreutils}/bin/sleep 1m"; + ExecStart = '' + ${pkgs.systemd}/bin/systemd-inhibit --who="borgmatic" --why="Prevent interrupting scheduled backup" ${pkgs.borgmatic}/bin/borgmatic --verbosity -1 --syslog-verbosity 1 --config ${settings.configPath} + ''; - # Set security-related stuff. - LockPersonality = "true"; - ProtectSystem = "full"; - MemoryDenyWriteExecute = "no"; - NoNewPrivileges = "yes"; - PrivateDevices = "yes"; - PrivateTmp = "yes"; - ProtectClock = "yes"; - ProtectControlGroups = "yes"; - ProtectHostname = "yes"; - ProtectKernelLogs = "yes"; - ProtectKernelModules = "yes"; - ProtectKernelTunables = "yes"; - RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK"; - RestrictNamespaces = "yes"; - RestrictRealtime = "yes"; - RestrictSUIDSGID = "yes"; - SystemCallArchitectures = "native"; - SystemCallFilter = "@system-service"; - SystemCallErrorNumber = "EPERM"; - CapabilityBoundingSet = "CAP_DAC_READ_SEARCH CAP_NET_RAW"; + # Set security-related stuff. + LockPersonality = "true"; + ProtectSystem = "full"; + MemoryDenyWriteExecute = "no"; + NoNewPrivileges = "yes"; + PrivateDevices = "yes"; + PrivateTmp = "yes"; + ProtectClock = "yes"; + ProtectControlGroups = "yes"; + ProtectHostname = "yes"; + ProtectKernelLogs = "yes"; + ProtectKernelModules = "yes"; + ProtectKernelTunables = "yes"; + RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK"; + RestrictNamespaces = "yes"; + RestrictRealtime = "yes"; + RestrictSUIDSGID = "yes"; + SystemCallArchitectures = "native"; + SystemCallFilter = "@system-service"; + SystemCallErrorNumber = "EPERM"; + CapabilityBoundingSet = "CAP_DAC_READ_SEARCH CAP_NET_RAW"; - # Lower CPU and I/O priority. - Nice = 19; - CPUSchedulingPolicy = "batch"; - IOSchedulingClass = "best-effort"; - IOSchedulingPriority = 7; - IOWeight = 100; + # Lower CPU and I/O priority. + Nice = 19; + CPUSchedulingPolicy = "batch"; + IOSchedulingClass = "best-effort"; + IOSchedulingPriority = 7; + IOWeight = 100; - # Prevent rate limiting of borgmatic log events. If you are using an older version of systemd that - # doesn't support this (pre-240 or so), you may have to remove this option. - LogRateLimitIntervalSec = "0"; - }; - })) cfg.jobs); + # Prevent rate limiting of borgmatic log events. If you are using an older version of systemd that + # doesn't support this (pre-240 or so), you may have to remove this option. + LogRateLimitIntervalSec = "0"; + }; + })) cfg.jobs); }; }