chore: nf-fmt-nix

2026-02-09 12:29:19 -08:00 · 2024-05-13 15:13:58 -07:00 · 2024-05-13 15:13:58 -07:00 · 9903866044
commit 9903866044
parent 7486517713
160 changed files with 4570 additions and 3019 deletions
--- a/modules/nixos/access/cidr.nix
+++ b/modules/nixos/access/cidr.nix
@ -76,10 +76,12 @@ in {
        ];
      };
      allLan = {
-        v4 = cfg.cidrForNetwork.loopback.v4
+        v4 =
+          cfg.cidrForNetwork.loopback.v4
          ++ cfg.cidrForNetwork.local.v4
          ++ cfg.cidrForNetwork.int.v4;
-        v6 = cfg.cidrForNetwork.loopback.v6
+        v6 =
+          cfg.cidrForNetwork.loopback.v6
          ++ cfg.cidrForNetwork.local.v6
          ++ cfg.cidrForNetwork.int.v6;
      };
--- a/modules/nixos/access/local.nix
+++ b/modules/nixos/access/local.nix
@ -55,7 +55,7 @@ in {
    nftables.ruleset = mkIf cfg.enable (mkBefore cfg.nftablesInclude);
    firewall = {
      interfaces.local = {
-        nftables.conditions = mkIf (cfg.enable && networking.enableIPv6) [ "ip6 saddr $localrange6" ];
+        nftables.conditions = mkIf (cfg.enable && networking.enableIPv6) ["ip6 saddr $localrange6"];
      };
    };
  };
--- a/modules/nixos/access/peeps.nix
+++ b/modules/nixos/access/peeps.nix
@ -15,33 +15,42 @@
  hasSops = options ? sops.secrets;
 in {
  options.networking.access.peeps = with lib.types; {
-    enable = mkEnableOption "peeps" // { default = hasSops; };
+    enable = mkEnableOption "peeps" // {default = hasSops;};
    ranges = mkOption {
      type = attrsOf str;
-      default = { };
+      default = {};
    };
    stateDir = mkOption {
      type = path;
      default = "/run/access/peeps";
    };
  };
-  config.${if hasSops then "sops" else null}.secrets = let
+  config.${
+    if hasSops
+    then "sops"
+    else null
+  }.secrets = let
    sopsFile = mkDefault ../../../nixos/secrets/access.yaml;
-    sopsSecrets = mapAttrs' (name: _: nameValuePair (mkSopsName name) {
-      inherit sopsFile;
-      path = mkDefault "${cfg.stateDir}/${name}.nft";
-    }) cfg.ranges;
-  in mkIf cfg.enable sopsSecrets;
+    sopsSecrets = mapAttrs' (name: _:
+      nameValuePair (mkSopsName name) {
+        inherit sopsFile;
+        path = mkDefault "${cfg.stateDir}/${name}.nft";
+      })
+    cfg.ranges;
+  in
+    mkIf cfg.enable sopsSecrets;

  config.networking = let
    nftRanges = mapAttrsToList (name: range: let
      nft = "define ${mkNftName name} = ${range}";
-    in mkBefore nft) cfg.ranges;
+    in
+      mkBefore nft)
+    cfg.ranges;
    condition = "ip6 saddr { ${concatStringsSep "," (mapAttrsToList (name: _: "$" + mkNftName name) cfg.ranges)} }";
  in {
    nftables.ruleset = mkIf cfg.enable (mkMerge (
      nftRanges
-      ++ [ (mkBefore ''include "${cfg.stateDir}/*.nft"'') ]
+      ++ [(mkBefore ''include "${cfg.stateDir}/*.nft"'')]
    ));
    firewall.interfaces.peeps = {
      nftables.enable = cfg.enable;