chore: fmt, feat(syncthing): allow on tailscale

nixos/access/kitchencam.nix

@@ -78,7 +78,8 @@ in {
   };
   config.networking.firewall.allowedTCPPorts = let
     inherit (nginx.virtualHosts.kitchencam) listen';
-  in mkIf listen'.stream.enable [
+  in
-    listen'.stream.port
+    mkIf listen'.stream.enable [
-  ];
+      listen'.stream.port
+    ];
 }

nixos/fluidd.nix

@@ -1,4 +1,10 @@
-{ config, access, gensokyo-zone, lib, ... }: let
+{
+  config,
+  access,
+  gensokyo-zone,
+  lib,
+  ...
+}: let
   inherit (gensokyo-zone.lib) domain;
   inherit (lib.modules) mkIf mkDefault mkForce;
   inherit (lib.strings) removePrefix;
@@ -11,9 +17,9 @@ in {
       enable = mkDefault true;
       hostName = mkDefault "print.local.${domain}"; # TODO: serverName?
       nginx.locations."/webcam".proxyPass = let
-            inherit (config.services.motion.cameras) printercam;
+        inherit (config.services.motion.cameras) printercam;
-            inherit (printercam.settings) camera_id;
+        inherit (printercam.settings) camera_id;
-          in "https://kitchen.local.${domain}/${toString camera_id}/stream";
+      in "https://kitchen.local.${domain}/${toString camera_id}/stream";
     };
     nginx = mkIf cfg.enable {
       proxied.enable = true;
@@ -22,9 +28,10 @@ in {
           serviceName = "moonraker";
           scheme = "";
         };
-      in mkForce {
+      in
-        servers.${moonraker} = { };
+        mkForce {
-      };
+          servers.${moonraker} = {};
+        };
       virtualHosts = {
         ${cfg.hostName} = {
           enable = false;
@@ -32,7 +39,7 @@ in {
         ${serverName} = {
           # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/web-apps/fluidd.nix
           # XXX: non-@ host required for gatus to work
-          serverAliases = [ (removePrefix "@" serverName) ];
+          serverAliases = [(removePrefix "@" serverName)];
           proxied.enable = true;
           # TODO: proxy.upstream = "fluidd-apiserver";
           proxy.url = "http://fluidd-apiserver";

nixos/klipper.nix

@@ -1,4 +1,9 @@
-{ config, gensokyo-zone, lib, ... }: let
+{
+  config,
+  gensokyo-zone,
+  lib,
+  ...
+}: let
   inherit (gensokyo-zone.lib) mkAlmostOptionDefault;
   inherit (lib.modules) mkIf mkDefault;
   inherit (config.services) moonraker octoprint;

nixos/moonraker.nix

@@ -1,16 +1,22 @@
-{ config, access, gensokyo-zone, lib, ... }: let
+{
+  config,
+  access,
+  gensokyo-zone,
+  lib,
+  ...
+}: let
   inherit (lib.modules) mkIf mkDefault;
   inherit (gensokyo-zone.lib) domain;
   inherit (config.services) klipper;
   cfg = config.services.moonraker;
- in {
+in {
   sops.secrets = {
     moonraker_cfg = {
       sopsFile = ./secrets/moonraker.yaml;
       path = "${cfg.stateDir}/config/secrets.conf";
       owner = cfg.user;
     };
-   };
+  };
   services = {
     moonraker = {
       enable = mkDefault true;
@@ -19,9 +25,9 @@
       group = mkDefault klipper.group;
       port = 7125; # it's the default but i'm specifying it anyway
       settings = {
-        "include secrets.conf" = { };
+        "include secrets.conf" = {};
-        octoprint_compat = { };
+        octoprint_compat = {};
-        history = { };
+        history = {};
         "webcam printer" = let
           inherit (config.services.motion.cameras) printercam;
           inherit (printercam.settings) camera_id;
@@ -46,7 +52,7 @@
           trusted_clients =
             access.cidrForNetwork.allLocal.all
             # XXX: only safe when protected behind vouch!
-            ++ [ "0.0.0.0/0" "::/0" ];
+            ++ ["0.0.0.0/0" "::/0"];
         };
         machine = {
           # disable all machine control

nixos/syncthing-kat/syncthing.nix

@@ -5,5 +5,10 @@
     openDefaultPorts = true;
     dataDir = "/mnt/kyuuto-litterbox";
   };
-  networking.firewall.interfaces.local.allowedTCPPorts = [ 8384 ];
+  networking.firewall.interfaces = let
+    x.allowedTCPPorts = [8384];
+  in {
+    local = x;
+    tail = x;
+  };
 }

packages/klipper.nix

@@ -1,11 +1,11 @@
-{ stdenv
+{
-, lib
+  stdenv,
-, fetchFromGitHub
+  lib,
-, python3
+  fetchFromGitHub,
-, unstableGitUpdater
+  python3,
-, makeWrapper
+  unstableGitUpdater,
+  makeWrapper,
 }:
-
 stdenv.mkDerivation rec {
   pname = "klipper";
   version = "0.12.0-unstable-2024-07-05";
@@ -21,11 +21,11 @@ stdenv.mkDerivation rec {
 
   # NB: This is needed for the postBuild step
   nativeBuildInputs = [
-    (python3.withPackages ( p: with p; [ cffi ] ))
+    (python3.withPackages (p: with p; [cffi]))
     makeWrapper
   ];
 
-  buildInputs = [ (python3.withPackages (p: with p; [ can cffi pyserial greenlet jinja2 markupsafe numpy ])) ];
+  buildInputs = [(python3.withPackages (p: with p; [can cffi pyserial greenlet jinja2 markupsafe numpy]))];
 
   # we need to run this to prebuild the chelper.
   postBuild = ''
@@ -76,9 +76,8 @@ stdenv.mkDerivation rec {
     description = "Klipper 3D printer firmware";
     mainProgram = "klippy";
     homepage = "https://github.com/KevinOConnor/klipper";
-    maintainers = with maintainers; [ lovesegfault zhaofengli cab404 ];
+    maintainers = with maintainers; [lovesegfault zhaofengli cab404];
     platforms = platforms.linux;
     license = licenses.gpl3Only;
   };
 }
-

packages/niimprint.nix

@@ -1,43 +1,44 @@
 {
-  buildPythonApplication
+  buildPythonApplication,
-, fetchFromGitHub
+  fetchFromGitHub,
-, poetry-core
+  poetry-core,
-, pyserial
+  pyserial,
-, pillow
+  pillow,
-, click
+  click,
 }: let
   mainProgram = "niimprint";
-in buildPythonApplication {
+in
-  pname = "niimprint";
+  buildPythonApplication {
-  version = "2024_04_05";
+    pname = "niimprint";
+    version = "2024_04_05";
 
-  src = fetchFromGitHub {
+    src = fetchFromGitHub {
-    owner = "AndBondStyle";
+      owner = "AndBondStyle";
-    repo = "niimprint";
+      repo = "niimprint";
-    rev = "be39f68c16a5a7dc1b09bb173700d0ee1ec9cb66";
+      rev = "be39f68c16a5a7dc1b09bb173700d0ee1ec9cb66";
-    sha256 = "sha256-+YISYchdqeVKrQ0h2cj5Jy2ezMjnQcWCCYm5f95H9dI=";
+      sha256 = "sha256-+YISYchdqeVKrQ0h2cj5Jy2ezMjnQcWCCYm5f95H9dI=";
-  };
+    };
 
-  pyproject = true;
+    pyproject = true;
 
-  nativeBuildInputs = [
+    nativeBuildInputs = [
-    poetry-core
+      poetry-core
-  ];
+    ];
 
-  propagatedBuildInputs = [
+    propagatedBuildInputs = [
-    pyserial
+      pyserial
-    pillow
+      pillow
-    click
+      click
-  ];
+    ];
 
-  postInstall = ''
+    postInstall = ''
-    install -d $out/bin
+      install -d $out/bin
-    echo '#!/usr/bin/env python' > $out/bin/${mainProgram}
+      echo '#!/usr/bin/env python' > $out/bin/${mainProgram}
-    cat niimprint/__main__.py >> $out/bin/${mainProgram}
+      cat niimprint/__main__.py >> $out/bin/${mainProgram}
-    chmod +x $out/bin/${mainProgram}
+      chmod +x $out/bin/${mainProgram}
-  '';
+    '';
 
-  meta = {
+    meta = {
-    inherit mainProgram;
+      inherit mainProgram;
-  };
+    };
-}
+  }