nixfmt

nixos/hosts/hades/bastion/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, lib, ... }:
-{
+{ pkgs, lib, ... }: {
   networking.interfaces.eth0.useDHCP = true;
 
   # mosh ssh

nixos/hosts/hades/bazarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
-{
+_: {
   system.stateVersion = "22.11";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/dns/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, ... }:
-{
+{ pkgs, ... }: {
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/hades/docker-registry-proxy/configuration.nix

@@ -1,17 +1,19 @@
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
-{
+let vs = config.vault-secrets.secrets;
+in {
   system.stateVersion = "22.05";
 
   networking.interfaces.eth0.useDHCP = true;
 
   # the registry port and metrics port
-  networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.dockerRegistry.port 5001 ];
 
   vault-secrets.secrets.docker-registry = { };
 
   # Sets the minio user and password
-  systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment";
+  systemd.services.docker-registry.serviceConfig.EnvironmentFile =
+    "${vs.docker-registry}/environment";
 
   services.dockerRegistry = {
     enable = true;

nixos/hosts/hades/docker-registry/configuration.nix

@@ -1,17 +1,19 @@
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
-{
+let vs = config.vault-secrets.secrets;
+in {
   system.stateVersion = "22.05";
 
   networking.interfaces.eth0.useDHCP = true;
 
   # the registry port and metrics port
-  networking.firewall.allowedTCPPorts = [ config.services.dockerRegistry.port 5001 ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.dockerRegistry.port 5001 ];
 
   vault-secrets.secrets.docker-registry = { };
 
   # Sets the minio user and password
-  systemd.services.docker-registry.serviceConfig.EnvironmentFile = "${vs.docker-registry}/environment";
+  systemd.services.docker-registry.serviceConfig.EnvironmentFile =
+    "${vs.docker-registry}/environment";
 
   services.dockerRegistry = {
     enable = true;
@@ -34,15 +36,13 @@ let vs = config.vault-secrets.secrets; in
       http.debug.prometheus.enabled = true;
 
       # Webhooks
-      notifications.endpoints = [
-        {
-          name = "keel";
-          url = "http://10.10.10.17:9300/v1/webhooks/registry";
-          timeout = "500ms";
-          treshold = 5;
-          backoff = "1s";
-        }
-      ];
+      notifications.endpoints = [{
+        name = "keel";
+        url = "http://10.10.10.17:9300/v1/webhooks/registry";
+        timeout = "500ms";
+        treshold = 5;
+        backoff = "1s";
+      }];
     };
   };
 }

nixos/hosts/hades/jackett/configuration.nix

@@ -1,5 +1,4 @@
-_:
-{
+_: {
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/lucy/hardware-configuration.nix

@@ -4,24 +4,30 @@
 { lib, modulesPath, ... }:
 
 {
-  imports =
-    [ (modulesPath + "/profiles/qemu-guest.nix")
-    ];
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
 
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [
+    "uhci_hcd"
+    "ehci_pci"
+    "ahci"
+    "virtio_pci"
+    "virtio_scsi"
+    "sd_mod"
+    "sr_mod"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2";
-      fsType = "ext4";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/749c02fd-209d-4974-917e-38b749d10ec2";
+    fsType = "ext4";
+  };
 
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/D021-72EB";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/D021-72EB";
+    fsType = "vfat";
+  };
 
   swapDevices = [ ];
 

nixos/hosts/hades/minio/configuration.nix

@@ -1,6 +1,5 @@
 { config, pkgs, ... }:
-let
-  vs = config.vault-secrets.secrets;
+let vs = config.vault-secrets.secrets;
 in {
   system.stateVersion = "22.11";
 

nixos/hosts/hades/nginx/configuration.nix

@@ -28,7 +28,6 @@ in {
   security.acme.acceptTerms = true;
   security.acme.preliminarySelfsigned = true;
 
-
   services.nginx = {
     enable = true;
     recommendedProxySettings = true;

nixos/hosts/hades/overseerr/configuration.nix

@@ -31,9 +31,7 @@
           # LOG_LEVEL = "debug";
           TZ = "Europe/Amsterdam";
         };
-        ports = [
-          "5055:5055"
-        ];
+        ports = [ "5055:5055" ];
         volumes = [ "/var/lib/overseerr/config:/app/config" ];
       };
     };

nixos/hosts/hades/prowlarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
-{
+_: {
   networking.interfaces.eth0.useDHCP = true;
   system.stateVersion = "22.11";
 
@@ -15,9 +14,7 @@ _:
     containers = {
       flaresolverr = {
         image = "flaresolverr/flaresolverr:v3.1.2";
-        ports = [
-          "8191:8191"
-        ];
+        ports = [ "8191:8191" ];
       };
     };
   };

nixos/hosts/hades/rtorrent/rtorrent.nix

@@ -1,116 +1,115 @@
-{ config, lib, pkgs, ... }:
-{
+{ config, lib, pkgs, ... }: {
   services.rtorrent = {
     enable = true;
     port = 54945; # Port Forwarded in mullvad
     downloadDir = "/mnt/storage/torrents/r";
     package = pkgs.jesec-rtorrent;
-    configText = let cfg = config.services.rtorrent; in
-      pkgs.lib.mkForce ''
-        # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"]
-        method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/")
+    configText = let cfg = config.services.rtorrent;
+    in pkgs.lib.mkForce ''
+      # rTorrent runtime directory (cfg.basedir) [default: "$HOME/.local/share/rtorrent"]
+      method.insert = cfg.basedir, private|const|string, (cat,"${cfg.dataDir}/")
 
-        # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"]
-        method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}")
+      # Default download directory (cfg.download) [default: "$(cfg.basedir)/download"]
+      method.insert = cfg.download, private|const|string, (cat,"${cfg.downloadDir}")
 
-        # RPC Socket
-        method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}")
+      # RPC Socket
+      method.insert = cfg.rpcsock, private|const|string, (cat,"${cfg.rpcSocket}")
 
-        # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"]
-        method.insert = cfg.logs,     private|const|string, (cat,(cfg.basedir),"log/")
-        method.insert = cfg.logfile,  private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log")
+      # Log directory (cfg.logs) [default: "$(cfg.basedir)/log"]
+      method.insert = cfg.logs,     private|const|string, (cat,(cfg.basedir),"log/")
+      method.insert = cfg.logfile,  private|const|string, (cat,(cfg.logs),"rtorrent-",(system.time),".log")
 
-        # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"]
-        method.insert = cfg.session,  private|const|string, (cat,(cfg.basedir),".session/")
+      # Torrent session directory (cfg.session) [default: "$(cfg.basedir)/.session"]
+      method.insert = cfg.session,  private|const|string, (cat,(cfg.basedir),".session/")
 
-        # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"]
-        method.insert = cfg.watch,    private|const|string, (cat,(cfg.basedir),"watch/")
+      # Watch (drop to add) directories (cfg.watch) [default: "$(cfg.basedir)/watch"]
+      method.insert = cfg.watch,    private|const|string, (cat,(cfg.basedir),"watch/")
 
-        # Create directories
-        fs.mkdir.recursive = (cat,(cfg.basedir))
+      # Create directories
+      fs.mkdir.recursive = (cat,(cfg.basedir))
 
-        fs.mkdir = (cat,(cfg.download))
-        fs.mkdir = (cat,(cfg.logs))
-        fs.mkdir = (cat,(cfg.session))
+      fs.mkdir = (cat,(cfg.download))
+      fs.mkdir = (cat,(cfg.logs))
+      fs.mkdir = (cat,(cfg.session))
 
-        fs.mkdir = (cat,(cfg.watch))
-        fs.mkdir = (cat,(cfg.watch),"/load")
-        fs.mkdir = (cat,(cfg.watch),"/start")
+      fs.mkdir = (cat,(cfg.watch))
+      fs.mkdir = (cat,(cfg.watch),"/load")
+      fs.mkdir = (cat,(cfg.watch),"/start")
 
-        # Drop to "$(cfg.watch)/load" to add torrent
-        schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent")))
+      # Drop to "$(cfg.watch)/load" to add torrent
+      schedule2 = watch_load, 11, 10, ((load.verbose, (cat, (cfg.watch), "load/*.torrent")))
 
-        # Drop to "$(cfg.watch)/start" to add torrent and start downloading
-        schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent")))
+      # Drop to "$(cfg.watch)/start" to add torrent and start downloading
+      schedule2 = watch_start, 10, 10, ((load.start_verbose, (cat, (cfg.watch), "start/*.torrent")))
 
-        # Listening port for incoming peer traffic
-        network.port_range.set = ${toString cfg.port}-${toString cfg.port}
-        network.port_random.set = no
+      # Listening port for incoming peer traffic
+      network.port_range.set = ${toString cfg.port}-${toString cfg.port}
+      network.port_random.set = no
 
-        # Distributed Hash Table and Peer EXchange
-        dht.mode.set = disable
-        dht.port.set = 6881
-        protocol.pex.set = yes
+      # Distributed Hash Table and Peer EXchange
+      dht.mode.set = disable
+      dht.port.set = 6881
+      protocol.pex.set = yes
 
-        # UDP tracker support
-        trackers.use_udp.set = yes
+      # UDP tracker support
+      trackers.use_udp.set = yes
 
-        # Peer settings
-        throttle.max_uploads.set = 100
-        throttle.max_uploads.global.set = 250
-        throttle.min_peers.normal.set = 20
-        throttle.max_peers.normal.set = 60
-        throttle.min_peers.seed.set = 30
-        throttle.max_peers.seed.set = 80
-        trackers.numwant.set = 80
+      # Peer settings
+      throttle.max_uploads.set = 100
+      throttle.max_uploads.global.set = 250
+      throttle.min_peers.normal.set = 20
+      throttle.max_peers.normal.set = 60
+      throttle.min_peers.seed.set = 30
+      throttle.max_peers.seed.set = 80
+      trackers.numwant.set = 80
 
-        protocol.encryption.set = allow_incoming,try_outgoing,enable_retry
+      protocol.encryption.set = allow_incoming,try_outgoing,enable_retry
 
-        # Limits for file handle resources, this is optimized for
-        # an `ulimit` of 1024 (a common default). You MUST leave
-        # a ceiling of handles reserved for rTorrent's internal needs!
-        network.max_open_files.set = 600
-        network.max_open_sockets.set = 300
+      # Limits for file handle resources, this is optimized for
+      # an `ulimit` of 1024 (a common default). You MUST leave
+      # a ceiling of handles reserved for rTorrent's internal needs!
+      network.max_open_files.set = 600
+      network.max_open_sockets.set = 300
 
-        # Memory resource usage (increase if you have a large number of items loaded,
-        # and/or the available resources to spend)
-        pieces.memory.max.set = 1800M
-        network.xmlrpc.size_limit.set = 32M
+      # Memory resource usage (increase if you have a large number of items loaded,
+      # and/or the available resources to spend)
+      pieces.memory.max.set = 1800M
+      network.xmlrpc.size_limit.set = 32M
 
-        # Basic operational settings
-        session.path.set = (cat, (cfg.session))
-        directory.default.set = (cat, (cfg.download))
-        log.execute = (cat, (cfg.logs), "execute.log")
+      # Basic operational settings
+      session.path.set = (cat, (cfg.session))
+      directory.default.set = (cat, (cfg.download))
+      log.execute = (cat, (cfg.logs), "execute.log")
 
-        # Other operational settings
-        encoding.add = utf8
-        system.umask.set = 0027
-        system.cwd.set = (directory.default)
-        #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M))
-        #pieces.hash.on_completion.set = no
+      # Other operational settings
+      encoding.add = utf8
+      system.umask.set = 0027
+      system.cwd.set = (directory.default)
+      #schedule2 = low_diskspace, 5, 60, ((close_low_diskspace, 500M))
+      #pieces.hash.on_completion.set = no
 
-        # HTTP and SSL
-        network.http.max_open.set = 50
-        network.http.dns_cache_timeout.set = 25
+      # HTTP and SSL
+      network.http.max_open.set = 50
+      network.http.dns_cache_timeout.set = 25
 
-        #network.http.ssl_verify_peer.set = 1
-        #network.http.ssl_verify_host.set = 1
+      #network.http.ssl_verify_peer.set = 1
+      #network.http.ssl_verify_host.set = 1
 
-        # Run the rTorrent process as a daemon in the background
-        system.daemon.set = true
+      # Run the rTorrent process as a daemon in the background
+      system.daemon.set = true
 
-        # XML-RPC interface
-        network.scgi.open_local = (cat,(cfg.rpcsock))
-        schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)"
-        schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)"
+      # XML-RPC interface
+      network.scgi.open_local = (cat,(cfg.rpcsock))
+      schedule = scgi_group,0,0,"execute.nothrow=chown,\":rtorrent\",(cfg.rpcsock)"
+      schedule = scgi_permission,0,0,"execute.nothrow=chmod,\"g+w,o=\",(cfg.rpcsock)"
 
-        # Logging:
-        #   Levels = critical error warn notice info debug
-        #   Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_*
-        print = (cat, "Logging to ", (cfg.logfile))
-        log.open_file = "log", (cfg.logfile)
-        log.add_output = "debug", "log"
-      '';
+      # Logging:
+      #   Levels = critical error warn notice info debug
+      #   Groups = connection_* dht_* peer_* rpc_* storage_* thread_* tracker_* torrent_*
+      print = (cat, "Logging to ", (cfg.logfile))
+      log.open_file = "log", (cfg.logfile)
+      log.add_output = "debug", "log"
+    '';
   };
 }
 

nixos/hosts/hades/sonarr/configuration.nix

@@ -1,5 +1,4 @@
-_:
-{
+_: {
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/unifi/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, lib, ... }:
-{
+{ pkgs, lib, ... }: {
   system.stateVersion = "21.05";
   networking.interfaces.eth0.useDHCP = true;
 

nixos/hosts/hades/unpackerr/configuration.nix

@@ -1,7 +1,6 @@
 { config, ... }:
 let vs = config.vault-secrets.secrets;
-in
-{
+in {
   networking.interfaces.eth0.useDHCP = true;
 
   fileSystems."/mnt/storage" = {

nixos/hosts/olympus/bastion/hardware-configuration.nix

@@ -6,7 +6,8 @@
 {
   imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules =
+    [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
@@ -16,6 +17,7 @@
     fsType = "ext4";
   };
 
-  swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
 
 }

nixos/hosts/olympus/dns/configuration.nix

@@ -1,5 +1,4 @@
-{ pkgs, ... }:
-{
+{ pkgs, ... }: {
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/gitea/configuration.nix

@@ -3,10 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { lib, config, pkgs, ... }:
-let
-  vs = config.vault-secrets.secrets;
-in
-{
+let vs = config.vault-secrets.secrets;
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -22,7 +20,8 @@ in
 
   environment.noXlibs = lib.mkForce false;
 
-  networking.firewall.allowedTCPPorts = [ config.services.gitea.settings.server.HTTP_PORT ];
+  networking.firewall.allowedTCPPorts =
+    [ config.services.gitea.settings.server.HTTP_PORT ];
 
   services.openssh.startWhenNeeded = false;
 
@@ -37,10 +36,8 @@ in
   };
 
   system.activationScripts.gitea-theme =
-    let
-      target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
-    in
-    lib.stringAfter [ "var" ] ''
+    let target_dir = "${config.services.gitea.stateDir}/custom/public/css/";
+    in lib.stringAfter [ "var" ] ''
       mkdir -p ${target_dir}
       ln -sf ${pkgs.v.gitea-agatheme} "${target_dir}/theme-agatheme.css"
     '';
@@ -54,9 +51,7 @@ in
     mailerPasswordFile = "${vs.gitea}/mailPassword";
 
     settings = {
-      actions = {
-        "ENABLED" = true;
-      };
+      actions = { "ENABLED" = true; };
       repository = {
         "ENABLE_PUSH_CREATE_USER" = true;
         "DEFAULT_PUSH_CREATE_PRIVATE" = false;

nixos/hosts/olympus/mailserver/configuration.nix

@@ -3,8 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, pkgs, ... }:
-let vs = config.vault-secrets.secrets; in
-{
+let vs = config.vault-secrets.secrets;
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -22,9 +22,7 @@ let vs = config.vault-secrets.secrets; in
     10.42.42.6 vault.olympus
   '';
 
-  vault-secrets.secrets.mailserver = {
-    services = [ "dovecot2" "postfix" ];
-  };
+  vault-secrets.secrets.mailserver = { services = [ "dovecot2" "postfix" ]; };
 
   mailserver = {
     enable = true;
@@ -36,7 +34,8 @@ let vs = config.vault-secrets.secrets; in
       # People
       "v@0x76.dev" = {
         hashedPasswordFile = "${vs.mailserver}/v@0x76.dev";
-        aliases = [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ];
+        aliases =
+          [ "v@meowy.tech" "postmaster@0x76.dev" "postmaster@meowy.tech" ];
       };
       "laura@meowy.tech" = {
         hashedPasswordFile = "${vs.mailserver}/laura@meowy.tech";
@@ -79,7 +78,8 @@ let vs = config.vault-secrets.secrets; in
 
   services.roundcube = {
     enable = true;
-    package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
+    package =
+      pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login ]);
     plugins = [
       "archive"
       # "enigma"
@@ -98,9 +98,7 @@ let vs = config.vault-secrets.secrets; in
     '';
   };
 
-  services.nginx = {
-    enable = true;
-  };
+  services.nginx = { enable = true; };
 
   security.acme.acceptTerms = true;
   security.acme.defaults.email = "v@0x76.dev";

nixos/hosts/olympus/minecraft/configuration.nix

@@ -2,8 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
-{ lib, pkgs, ... }:
-{
+{ lib, pkgs, ... }: {
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/mosquitto/configuration.nix

@@ -4,8 +4,7 @@
 
 { config, pkgs, ... }:
 let mosquittoPort = 1883;
-in
-{
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default

nixos/hosts/olympus/ntfy/configuration.nix

@@ -20,7 +20,8 @@
 
   networking.firewall.allowedTCPPorts = [ 80 ];
 
-  services.ntfy-sh = let datadir = "/var/lib/ntfy"; in {
+  services.ntfy-sh = let datadir = "/var/lib/ntfy";
+  in {
     enable = true;
     settings = {
       base-url = "https://ntfy.0x76.dev";

nixos/hosts/olympus/outline/configuration.nix

@@ -3,8 +3,8 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { config, ... }:
-let vs = config.vault-secrets.secrets; in
-{
+let vs = config.vault-secrets.secrets;
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -16,9 +16,7 @@ let vs = config.vault-secrets.secrets; in
   system.stateVersion = "22.11"; # Did you read the comment?
 
   # Additional packages
-  networking.firewall.allowedTCPPorts = [
-    config.services.outline.port
-  ];
+  networking.firewall.allowedTCPPorts = [ config.services.outline.port ];
 
   vault-secrets.secrets.outline = {
     inherit (config.services.outline) user group;
@@ -40,7 +38,7 @@ let vs = config.vault-secrets.secrets; in
       uploadBucketName = "outline";
       region = "us-east-1"; # fake
     };
-  oidcAuthentication = {
+    oidcAuthentication = {
       displayName = "Dex";
       userinfoUrl = "https://dex.0x76.dev/userinfo";
       tokenUrl = "https://dex.0x76.dev/token";

nixos/hosts/olympus/synapse/configuration.nix

@@ -7,8 +7,7 @@ let
   vs = config.vault-secrets.secrets;
   port = 8008;
   metricsPort = 9000;
-in
-{
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -53,66 +52,60 @@ in
       "${vs.synapse}/email_password" # Also contains the rest of the email config
     ];
 
-    settings =
-    let log_file = pkgs.writeText "log.yml" ''
-version: 1
+    settings = let
+      log_file = pkgs.writeText "log.yml" ''
+        version: 1
 
-formatters:
-    structured:
-        class: synapse.logging.TerseJsonFormatter
+        formatters:
+            structured:
+                class: synapse.logging.TerseJsonFormatter
 
-handlers:
-    file:
-        class: logging.handlers.TimedRotatingFileHandler
-        formatter: structured
-        filename: /var/lib/matrix-synapse/synapse.log
-        when: midnight
-        backupCount: 3  # Does not include the current log file.
-        encoding: utf8
+        handlers:
+            file:
+                class: logging.handlers.TimedRotatingFileHandler
+                formatter: structured
+                filename: /var/lib/matrix-synapse/synapse.log
+                when: midnight
+                backupCount: 3  # Does not include the current log file.
+                encoding: utf8
 
-loggers:
-    synapse:
-        level: INFO
-        handlers: [file]
-    ''; in
-      {
-        server_name = "meowy.tech";
-        enable_registration = true;
-        public_baseurl = "https://chat.meowy.tech";
-        enable_metrics = true;
-        max_upload_size = "100M";
-        registration_requires_token = true;
-        media_retention = {
-          remote_media_lifetime = "90d";
-        };
-        log_config =  "${log_file}";
-        listeners = [
-          {
-            inherit port;
-            bind_addresses = [ "0.0.0.0" ];
-            type = "http";
-            tls = false;
-            x_forwarded = true;
-            resources = [
-              {
-                names = [ "client" "federation" ];
-                compress = true;
-              }
-            ];
-          }
-          {
-            port = metricsPort;
-            bind_addresses = [ "0.0.0.0" ];
-            type = "metrics";
-            tls = false;
-            resources = [
-              {
-                names = [ "metrics" ];
-                compress = false;
-              }
-            ];
-          }
-        ];
-      };
+        loggers:
+            synapse:
+                level: INFO
+                handlers: [file]
+      '';
+    in {
+      server_name = "meowy.tech";
+      enable_registration = true;
+      public_baseurl = "https://chat.meowy.tech";
+      enable_metrics = true;
+      max_upload_size = "100M";
+      registration_requires_token = true;
+      media_retention = { remote_media_lifetime = "90d"; };
+      log_config = "${log_file}";
+      listeners = [
+        {
+          inherit port;
+          bind_addresses = [ "0.0.0.0" ];
+          type = "http";
+          tls = false;
+          x_forwarded = true;
+          resources = [{
+            names = [ "client" "federation" ];
+            compress = true;
+          }];
+        }
+        {
+          port = metricsPort;
+          bind_addresses = [ "0.0.0.0" ];
+          type = "metrics";
+          tls = false;
+          resources = [{
+            names = [ "metrics" ];
+            compress = false;
+          }];
+        }
+      ];
+    };
   };
 }

nixos/hosts/olympus/unifi/configuration.nix

@@ -22,7 +22,7 @@
   services.unifi = {
     enable = true;
     unifiPackage = pkgs.unifi;
-    mongodbPackage = pkgs.mongodb-4_2; 
+    mongodbPackage = pkgs.mongodb-4_2;
     openFirewall = true;
   };
 }

nixos/hosts/olympus/victoriametrics/configuration.nix

@@ -6,8 +6,7 @@
 let
   vmPort = 8428;
   vs = config.vault-secrets.secrets;
-in
-{
+in {
   imports = [ ];
 
   # This value determines the NixOS release from which the default
@@ -21,7 +20,8 @@ in
   # Additional packages
   environment.systemPackages = with pkgs; [ ];
 
-  networking.firewall.allowedTCPPorts = [ vmPort config.services.grafana.settings.server.http_port ];
+  networking.firewall.allowedTCPPorts =
+    [ vmPort config.services.grafana.settings.server.http_port ];
   networking.firewall.allowedUDPPorts = [ vmPort ];
 
   services.victoriametrics = {
@@ -42,12 +42,10 @@ in
       scrape_configs = [
         {
           job_name = "nginx";
-          static_configs = [
-            {
-              targets = [ "nginx.olympus:9113" ];
-              labels.app = "nginx";
-            }
-          ];
+          static_configs = [{
+            targets = [ "nginx.olympus:9113" ];
+            labels.app = "nginx";
+          }];
         }
         {
           job_name = "synapse";

nixos/hosts/thalassa/aoife/hardware-configuration.nix

@@ -4,29 +4,27 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.availableKernelModules =
+    [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" "sdhci_pci" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9";
-      fsType = "btrfs";
-      options = [ "subvol=@" ];
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/c184866a-9a53-4a9f-9a1f-493792af7ea9";
+    fsType = "btrfs";
+    options = [ "subvol=@" ];
+  };
 
-  fileSystems."/boot/efi" =
-    { device = "/dev/disk/by-uuid/5BB8-7503";
-      fsType = "vfat";
-    };
+  fileSystems."/boot/efi" = {
+    device = "/dev/disk/by-uuid/5BB8-7503";
+    fsType = "vfat";
+  };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; }
-    ];
+    [{ device = "/dev/disk/by-uuid/bedb5b75-578e-441f-a9eb-2ecff1f4cfca"; }];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -36,6 +34,7 @@
   # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
   # high-resolution display
 }

nixos/hosts/thalassa/eevee/configuration.nix

@@ -3,17 +3,14 @@
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
 { pkgs, inputs, ... }: {
-  imports = [
-    ../../../common/desktop
-    ./hardware-configuration.nix
-    ./hardware.nix
-  ];
+  imports =
+    [ ../../../common/desktop ./hardware-configuration.nix ./hardware.nix ];
 
   # Bootloader.
   boot = {
     kernelPackages = pkgs.linuxPackages_latest;
     initrd = {
-      kernelModules =  [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
+      kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
     };
   };
 

nixos/hosts/thalassa/eevee/hardware-configuration.nix

@@ -4,29 +4,27 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c";
-      fsType = "btrfs";
-      options = [ "subvol=@" ];
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c";
+    fsType = "btrfs";
+    options = [ "subvol=@" ];
+  };
 
-  fileSystems."/boot/efi" =
-    { device = "/dev/disk/by-uuid/D883-F146";
-      fsType = "vfat";
-    };
+  fileSystems."/boot/efi" = {
+    device = "/dev/disk/by-uuid/D883-F146";
+    fsType = "vfat";
+  };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }
-    ];
+    [{ device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -37,5 +35,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

nixos/hosts/thalassa/null/hardware-configuration.nix

@@ -4,37 +4,36 @@
 { config, lib, modulesPath, ... }:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
-      fsType = "btrfs";
-      options = [ "subvol=@" ];
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    fsType = "btrfs";
+    options = [ "subvol=@" ];
+  };
 
-  fileSystems."/nix" =
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
-      fsType = "btrfs";
-      options = [ "subvol=@/nix" ];
-    };
+  fileSystems."/nix" = {
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    fsType = "btrfs";
+    options = [ "subvol=@/nix" ];
+  };
 
-  fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
-      fsType = "btrfs";
-      options = [ "subvol=@home" ];
-    };
+  fileSystems."/home" = {
+    device = "/dev/disk/by-uuid/d4f56e5b-2509-4e63-8324-65a35c71e90c";
+    fsType = "btrfs";
+    options = [ "subvol=@home" ];
+  };
 
-  fileSystems."/boot/efi" =
-    { device = "/dev/disk/by-uuid/D478-6F66";
-      fsType = "vfat";
-    };
+  fileSystems."/boot/efi" = {
+    device = "/dev/disk/by-uuid/D478-6F66";
+    fsType = "vfat";
+  };
 
   swapDevices = [ ];
 
@@ -48,5 +47,6 @@
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

nixos/hosts/thalassa/null/home/neovim.nix

@@ -10,10 +10,10 @@
 
     plugins = {
       nix.enable = true;
-      treesitter = { 
+      treesitter = {
         enable = true;
         nixGrammars = false;
-        ensureInstalled = [];
+        ensureInstalled = [ ];
       };
       surround.enable = true;
       fugitive.enable = true;

nixos/hosts/thalassa/null/networking.nix

@@ -1,5 +1,4 @@
-_:
-{
+_: {
   services.v.dns = {
     enable = true;
     openFirewall = false;
@@ -30,21 +29,11 @@ _:
             ca_cert="/etc/ssl/certs/ca-bundle.crt"
           '';
         };
-        "Pikachu 5G" = {
-          psk = "@PIKACHU_PASSWORD@";
-        };
-        "sha256('yeet')" = {
-          psk = "@SHA256_PASSWORD@";
-        };
-        "wired" = {
-          psk = "@WIRED_PASSWORD@";
-        };
-        "meowy hotspot" = {
-          psk = "@HOTSPOT_PASSWORD@";
-        };
-        "WiFi Roest" = {
-          psk = "@WIFI_ROEST_PASSWORD@";
-        };
+        "Pikachu 5G" = { psk = "@PIKACHU_PASSWORD@"; };
+        "sha256('yeet')" = { psk = "@SHA256_PASSWORD@"; };
+        "wired" = { psk = "@WIRED_PASSWORD@"; };
+        "meowy hotspot" = { psk = "@HOTSPOT_PASSWORD@"; };
+        "WiFi Roest" = { psk = "@WIFI_ROEST_PASSWORD@"; };
       };
     };
 

nixos/hosts/thalassa/null/rescue-boot.nix

@@ -11,9 +11,7 @@ let
   module = {
     system.stateVersion = "22.11";
     boot.supportedFilesystems = [ "btrfs" "ext4" ];
-    environment.systemPackages = with pkgs; [
-      git
-    ];
+    environment.systemPackages = with pkgs; [ git ];
   };
 in {
   boot.loader.systemd-boot = {
@@ -22,7 +20,9 @@ in {
         title Rescue Boot
         linux /rescue-kernel
         initrd /rescue-initrd
-        options init=${netboot.config.system.build.toplevel}/init ${toString netboot.config.boot.kernelParams}
+        options init=${netboot.config.system.build.toplevel}/init ${
+          toString netboot.config.boot.kernelParams
+        }
       '';
     };