Reformatted with nixfmt

2025-03-31 22:34:25 -07:00 · 2025-03-31 22:34:25 -07:00 · 3f16537322
commit 3f16537322
parent f51256c3ae
80 changed files with 1454 additions and 992 deletions
--- a/modules/nixos/services/adguardhome/default.nix
+++ b/modules/nixos/services/adguardhome/default.nix
@ -3,11 +3,18 @@
  lib,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.adguardhome;
-in {
+in
+{
  options.${namespace}.services.adguardhome = {
    enable = mkEnableOption "adguardhome";
    acmeCertName = mkOption {
--- a/modules/nixos/services/forgejo/default.nix
+++ b/modules/nixos/services/forgejo/default.nix
@ -4,12 +4,19 @@
  pkgs,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.forgejo;
  forgejo_cfg = config.services.forgejo;
-in {
+in
+{
  options.${namespace}.services.forgejo = {
    enable = mkEnableOption "forgejo";
    domain = mkOption {
--- a/modules/nixos/services/grafana/default.nix
+++ b/modules/nixos/services/grafana/default.nix
@ -4,13 +4,20 @@
  pkgs,
  namespace,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    types
+    ;

  cfg = config.${namespace}.services.grafana;
  server_settings = config.services.grafana.settings.server;
  grafana_dashboards = pkgs.${namespace}.teslamate-grafana-dashboards;
-in {
+in
+{
  options.${namespace}.services.grafana = {
    enable = mkEnableOption "grafana";
    acmeCertName = mkOption {
@ -120,7 +127,10 @@ in {
    };

    networking.firewall = {
-      allowedTCPPorts = [80 443];
+      allowedTCPPorts = [
+        80
+        443
+      ];
    };
  };
 }
--- a/modules/nixos/services/hydra/default.nix
+++ b/modules/nixos/services/hydra/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.hydra;
-in {
+in
+{
  options.${namespace}.services.hydra = with lib; {
    enable = mkEnableOption "hydra";
    hostname = mkOption {
@ -72,7 +74,7 @@ in {
      enable = true;
      hydraURL = "https://${cfg.hostname}";
      notificationSender = "hydra@localhost";
-      buildMachinesFiles = [];
+      buildMachinesFiles = [ ];
      useSubstitutes = true;
      extraConfig = ''
        store_uri = s3://${cfg.s3Bucket}?compression=zstd&parallel-compression=true&write-nar-listing=1&ls-compression=br&log-compression=br&scheme=${cfg.s3Scheme}&endpoint=${cfg.s3Endpoint}&secret-key=${cfg.secretKeyPath}
@ -103,7 +105,10 @@ in {
        "hydra"
        "hydra-www"
      ];
-      allowed-uris = ["github:" "git+https://git.alejandr0angul0.dev/"];
+      allowed-uris = [
+        "github:"
+        "git+https://git.alejandr0angul0.dev/"
+      ];
    };
  };
 }
--- a/modules/nixos/services/loki/default.nix
+++ b/modules/nixos/services/loki/default.nix
@ -3,10 +3,12 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.loki;
  loki = config.services.loki;
-in {
+in
+{
  options.${namespace}.services.loki = with lib; {
    enable = mkEnableOption "loki";
  };
@ -102,7 +104,7 @@ in {
    };

    networking.firewall = {
-      allowedTCPPorts = [loki.configuration.server.http_listen_port];
+      allowedTCPPorts = [ loki.configuration.server.http_listen_port ];
    };
  };
 }
--- a/modules/nixos/services/minio/default.nix
+++ b/modules/nixos/services/minio/default.nix
@ -3,9 +3,11 @@
  lib,
  namespace,
  ...
-}: let
+}:
+let
  cfg = config.${namespace}.services.minio;
-in {
+in
+{
  options.${namespace}.services.minio = with lib; {
    enable = mkEnableOption "minio";
    acmeCertName = mkOption {
--- a/modules/nixos/services/mosquitto/default.nix
+++ b/modules/nixos/services/mosquitto/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.mosquitto;
-in {
+in
+{
  options.aa.services.mosquitto = with lib; {
    enable = mkEnableOption "home assistant";
  };
@ -36,7 +38,7 @@ in {
              passwordFile = config.age.secrets.theengs_ble_mqtt.path;
            };
            teslamate = {
-              acl = ["readwrite teslamate/#"];
+              acl = [ "readwrite teslamate/#" ];
              passwordFile = config.age.secrets.teslamate_mqtt.path;
            };
          };
@ -44,6 +46,6 @@ in {
      ];
    };

-    networking.firewall.allowedTCPPorts = [1883];
+    networking.firewall.allowedTCPPorts = [ 1883 ];
  };
 }
--- a/modules/nixos/services/nix-serve/default.nix
+++ b/modules/nixos/services/nix-serve/default.nix
@ -3,9 +3,11 @@
  lib,
  pkgs,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.nix-serve;
-in {
+in
+{
  options.aa.services.nix-serve = with lib; {
    enable = mkEnableOption "nix-serve";
    domain_name = mkOption {
@ -28,11 +30,11 @@ in {

  config = lib.mkIf cfg.enable {
    nix.settings = {
-      allowed-users = ["nix-serve"];
-      trusted-users = ["nix-serve"];
+      allowed-users = [ "nix-serve" ];
+      trusted-users = [ "nix-serve" ];
    };

-    environment.systemPackages = [pkgs.nix-serve];
+    environment.systemPackages = [ pkgs.nix-serve ];

    services = {
      nix-serve = {
@ -45,7 +47,7 @@ in {
        enable = true;
        virtualHosts."${cfg.subdomain_name}.${cfg.domain_name}" =
          {
-            serverAliases = ["${cfg.subdomain_name}"];
+            serverAliases = [ "${cfg.subdomain_name}" ];
            locations."/".extraConfig = ''
              proxy_pass http://localhost:${toString config.services.nix-serve.port};
              proxy_set_header Host $host;
@ -61,7 +63,10 @@ in {
    };

    networking.firewall = {
-      allowedTCPPorts = [80 443];
+      allowedTCPPorts = [
+        80
+        443
+      ];
    };
  };
 }
--- a/modules/nixos/services/octoprint/default.nix
+++ b/modules/nixos/services/octoprint/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.octoprint;
-in {
+in
+{
  options.aa.services.octoprint = with lib; {
    enable = mkEnableOption "octoprint";
    acmeCertName = mkOption {
@ -39,6 +41,9 @@ in {
        };
    };

-    networking.firewall.allowedTCPPorts = [80 443];
+    networking.firewall.allowedTCPPorts = [
+      80
+      443
+    ];
  };
 }
--- a/modules/nixos/services/openssh/default.nix
+++ b/modules/nixos/services/openssh/default.nix
@ -3,17 +3,25 @@
  lib,
  format,
  ...
-}: let
-  inherit (lib) mkIf mkEnableOption mkOption mkDefault types;
+}:
+let
+  inherit (lib)
+    mkIf
+    mkEnableOption
+    mkOption
+    mkDefault
+    types
+    ;

  cfg = config.aa.services.openssh;
  default-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmPdQcM0KCQ3YunF1gwN+B+i1Q8KrIfiUvNtgFQjTy2";
-in {
+in
+{
  options.aa.services.openssh = {
    enable = mkEnableOption "ssh";
    authorizedKeys = mkOption {
      type = types.listOf types.str;
-      default = [default-key];
+      default = [ default-key ];
      description = "The public keys to authorize";
    };
  };
@ -23,11 +31,7 @@ in {
      enable = true;
      settings = {
        PasswordAuthentication = false;
-        PermitRootLogin = mkDefault (
-          if format == "install-iso"
-          then "yes"
-          else "no"
-        );
+        PermitRootLogin = mkDefault (if format == "install-iso" then "yes" else "no");
      };
    };

--- a/modules/nixos/services/printing/default.nix
+++ b/modules/nixos/services/printing/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.apps.steam;
-in {
+in
+{
  options.aa.services.printing = with lib; {
    enable = mkEnableOption "printing";
  };
--- a/modules/nixos/services/prometheus/default.nix
+++ b/modules/nixos/services/prometheus/default.nix
@ -2,12 +2,14 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf;

  cfg = config.aa.services.prometheus;
  exporters = config.services.prometheus.exporters;
-in {
+in
+{
  options.aa.services.prometheus = with lib; {
    enable = mkEnableOption "prometheus";
    enableServer = mkOption {
@ -28,7 +30,7 @@ in {
      exporters = {
        node = {
          enable = cfg.enableNodeExporter;
-          enabledCollectors = ["systemd"];
+          enabledCollectors = [ "systemd" ];
          port = 9002;
          openFirewall = true;
        };
@ -52,7 +54,7 @@ in {
    };

    networking.firewall = mkIf cfg.enableServer {
-      allowedTCPPorts = [config.services.prometheus.port];
+      allowedTCPPorts = [ config.services.prometheus.port ];
    };
  };
 }
--- a/modules/nixos/services/promtail/default.nix
+++ b/modules/nixos/services/promtail/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.promtail;
-in {
+in
+{
  options.aa.services.promtail = with lib; {
    enable = mkEnableOption "promtail";
  };
@ -38,7 +40,7 @@ in {
            };
            relabel_configs = [
              {
-                source_labels = ["__journal__systemd_unit"];
+                source_labels = [ "__journal__systemd_unit" ];
                target_label = "unit";
              }
            ];
--- a/modules/nixos/services/tailscale/default.nix
+++ b/modules/nixos/services/tailscale/default.nix
@ -3,11 +3,13 @@
  pkgs,
  lib,
  ...
-}: let
+}:
+let
  inherit (lib) mkIf;

  cfg = config.aa.services.tailscale;
-in {
+in
+{
  options.aa.services.tailscale = with lib; {
    enable = mkEnableOption "tailscale";
    configureClientRouting = mkOption {
@ -35,18 +37,14 @@ in {
      tailscale
      tailscale-systray
    ];
-    networking.firewall.allowedUDPPorts = [config.services.tailscale.port];
+    networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
    services.tailscale = {
      enable = true;
      useRoutingFeatures = mkIf (cfg.configureClientRouting || cfg.configureServerRouting) (
-        if (cfg.configureClientRouting && cfg.configureServerRouting)
-        then "both"
+        if (cfg.configureClientRouting && cfg.configureServerRouting) then
+          "both"
        else
-          (
-            if cfg.configureClientRouting
-            then "client"
-            else "server"
-          )
+          (if cfg.configureClientRouting then "client" else "server")
      );
    };
  };
--- a/modules/nixos/services/teslamate/default.nix
+++ b/modules/nixos/services/teslamate/default.nix
@ -2,9 +2,11 @@
  config,
  lib,
  ...
-}: let
+}:
+let
  cfg = config.aa.services.teslamate;
-in {
+in
+{
  options.aa.services.teslamate = with lib; {
    enable = mkEnableOption "teslamate";

@ -104,7 +106,7 @@ in {
      backend = "docker";
      containers."teslamate" = {
        image = "teslamate/teslamate:1.32";
-        environmentFiles = ["/var/lib/teslamate/env"];
+        environmentFiles = [ "/var/lib/teslamate/env" ];
        environment = {
          # TODO: Make this configurable
          PORT = "4000";
@ -116,9 +118,12 @@ in {
          MQTT_USERNAME = "teslamate";
          TZ = "America/Los_Angeles";
        };
-        extraOptions = ["--cap-drop=all" "--network=host"];
+        extraOptions = [
+          "--cap-drop=all"
+          "--network=host"
+        ];
        # TODO: Make this configurable
-        ports = ["4000:4000"];
+        ports = [ "4000:4000" ];
      };
    };

@ -126,12 +131,12 @@ in {
      isSystemUser = true;
      group = cfg.group;
    };
-    users.groups.${cfg.group} = {};
+    users.groups.${cfg.group} = { };

    services.postgresql = lib.optionalAttrs cfg.database.createDatabase {
      enable = lib.mkDefault true;

-      ensureDatabases = [cfg.database.name];
+      ensureDatabases = [ cfg.database.name ];
      ensureUsers = [
        {
          name = cfg.database.user;
@ -157,6 +162,6 @@ in {
        };
    };

-    networking.firewall.allowedTCPPorts = [4000];
+    networking.firewall.allowedTCPPorts = [ 4000 ];
  };
 }