project-wide: nixdirfmt

hosts/athame/meta.nix

@@ -1,14 +1,14 @@
 { config, hosts, lib, ... }:
 with config.resources; {
-    resources.hcloud_ssh_key = {
+  resources.hcloud_ssh_key = {
-          provider = "hcloud";
+    provider = "hcloud";
-          type = "ssh_key";
+    type = "ssh_key";
-          inputs = {
+    inputs = {
-            name = "yubikey";
+      name = "yubikey";
-            public_key =
+      public_key =
-              "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454";
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCocjQqiDIvzq+Qu3jkf7FXw5piwtvZ1Mihw9cVjdVcsra3U2c9WYtYrA3rS50N3p00oUqQm9z1KUrvHzdE+03ZCrvaGdrtYVsaeoCuuvw7qxTQRbItTAEsfRcZLQ5c1v/57HNYNEsjVrt8VukMPRXWgl+lmzh37dd9w45cCY1QPi+JXQQ/4i9Vc3aWSe4X6PHOEMSBHxepnxm5VNHm4PObGcVbjBf0OkunMeztd1YYA9sEPyEK3b8IHxDl34e5t6NDLCIDz0N/UgzCxSxoz+YJ0feQuZtud/YLkuQcMxW2dSGvnJ0nYy7SA5DkW1oqcy6CGDndHl5StOlJ1IF9aGh0gGkx5SRrV7HOGvapR60RphKrR5zQbFFka99kvSQgOZqSB3CGDEQGHv8dXKXIFlzX78jjWDOBT67vA/M9BK9FS2iNnBF5x6shJ9SU5IK4ySxq8qvN7Us8emkN3pyO8yqgsSOzzJT1JmWUAx0tZWG/BwKcFBHfceAPQl6pwxx28TM3BTBRYdzPJLTkAy48y6iXW6UYdfAPlShy79IYjQtEThTuIiEzdzgYdros0x3PDniuAP0KOKMgbikr0gRa6zahPjf0qqBnHeLB6nHAfaVzI0aNbhOg2bdOueE1FX0x48sjKqjOpjlIfq4WeZp9REr2YHEsoLFOBfgId5P3BPtpBQ== cardno:000612078454";
-          };
+    };
-        };
+  };
 
   resources.athame = {
     provider = "null";
@@ -49,15 +49,16 @@ with config.resources; {
   #  ];
   #};
 
-/*  resources.athame_rdns = {
+  /* resources.athame_rdns = {
-    provider = "hcloud";
+       provider = "hcloud";
-    type = "rdns";
+       type = "rdns";
-    inputs = {
+       inputs = {
-      server_id = athame.refAttr "id";
+         server_id = athame.refAttr "id";
-      dns_ptr = "athame.kittywit.ch";
+         dns_ptr = "athame.kittywit.ch";
-      ip_address = athame.refAttr "ipv4_address";
+         ip_address = athame.refAttr "ipv4_address";
-    };
+       };
-  }; */
+     };
+  */
 
   #dns.records.kittywitch_athame = {
   #  tld = "kittywit.ch.";
@@ -92,10 +93,10 @@ with config.resources; {
   deploy.systems.athame = {
     nixosConfig = hosts.athame.config;
     connection = athame.connection.set;
-#    connection = {
+    #    connection = {
-#      host = athame.refAttr "ipv4_address";
+    #      host = athame.refAttr "ipv4_address";
-#      port = 62954;
+    #      port = 62954;
-#    };
+    #    };
     triggers.copy.athame = athame.refAttr "id";
     triggers.secrets.athame = athame.refAttr "id";
     #triggers.switch = lib.mapAttrs (name: record:

hosts/athame/nixos/default.nix

@@ -36,7 +36,6 @@
     interfaces.enp1s0.useDHCP = true;
   };
 
-
   networking.firewall.allowedTCPPorts =
     [ 22 80 443 5160 5060 8999 64738 1935 53589 5001 ];
   networking.firewall.allowedUDPPorts = [ 5160 5060 64738 ];

lib/deploy.nix

@@ -72,7 +72,7 @@ let
           key_algorithm = "hmac-sha512";
         };
       };
-   });
+    });
 in {
   inherit tf;
   target =

services/murmur.nix

@@ -19,11 +19,7 @@
 
   users.groups."voice-cert".members = [ "nginx" "murmur" ];
 
-  security.acme.certs = {
+  security.acme.certs = { "voice.kittywit.ch" = { group = "voice-cert"; }; };
-    "voice.kittywit.ch" = {
-      group = "voice-cert";
-    };
-  };
 
   deploy.tf.dns.records.kittywitch_voice = {
     tld = "kittywit.ch.";

services/syncplay.nix

@@ -24,5 +24,7 @@
     certDir = "/var/lib/acme/sync.kittywit.ch/";
   };
 
-  security.acme.certs."sync.kittywit.ch".postRun = "cp key.pem privkey.pem\nchown acme:voice-cert privkey.pem";
+  security.acme.certs."sync.kittywit.ch".postRun = ''
+    cp key.pem privkey.pem
+    chown acme:voice-cert privkey.pem'';
 }