chore: nf-fmt-nix

modules/nixos/home-assistant.nix

@@ -278,7 +278,7 @@ in {
             androidtvremote2
           ])
           (mkIf cfg.grocy.enable [
-            (python3Packages.callPackage ../../packages/grocy/pygrocy.nix { })
+            (python3Packages.callPackage ../../packages/grocy/pygrocy.nix {})
           ])
         ];
     extraComponents = mkMerge [
@@ -306,7 +306,8 @@ in {
       (map ({platform, ...}: platform) cfg.config.tts or [])
     ];
     customComponents = [
-      (mkIf (cfg.reverseProxy.enable && cfg.reverseProxy.auth.enable)
+      (
+        mkIf (cfg.reverseProxy.enable && cfg.reverseProxy.auth.enable)
         pkgs.home-assistant-custom-components.auth-header
       )
     ];

modules/nixos/vouch.nix

@@ -23,7 +23,7 @@
 in {
   options.services.vouch-proxy = with types; {
     enable = mkEnableOption "vouch";
-    package = mkPackageOption pkgs "vouch-proxy" { };
+    package = mkPackageOption pkgs "vouch-proxy" {};
     user = mkOption {
       type = str;
       default = "vouch-proxy";

nixos/access/home-assistant.nix

@@ -32,7 +32,7 @@ in {
       };
     };
     virtualHosts = let
-      vouchHost = { config, ... }: {
+      vouchHost = {config, ...}: {
         vouch = {
           requireAuth = mkDefault false;
           auth.lua = {
@@ -60,7 +60,11 @@ in {
           };
         };
         # TODO: restrict to "/auth/authorize" and "/auth/login_flow" only..?
-        "/auth/" = { virtualHost, config, ... }: {
+        "/auth/" = {
+          virtualHost,
+          config,
+          ...
+        }: {
           proxy = {
             inherit headers;
             enable = true;
@@ -78,13 +82,13 @@ in {
         };
       };
     in {
-      home-assistant = { ... }: {
+      home-assistant = {...}: {
-        imports = [ vouchHost ];
+        imports = [vouchHost];
         inherit name locations;
         proxy.upstream = mkDefault upstreamName;
       };
-      home-assistant'local = { ... }: {
+      home-assistant'local = {...}: {
-        imports = [ vouchHost ];
+        imports = [vouchHost];
         vouch.enable = mkDefault nginx.virtualHosts.home-assistant.vouch.enable;
         inherit name listen' locations;
         ssl.cert = {

nixos/home-assistant.nix

@@ -65,28 +65,31 @@ in {
             address4
             #address6
           ];
-          guest = logistics ++ [
+          guest =
-            # bedroom tv
+            logistics
-            "10.1.1.67"
+            ++ [
-          ];
+              # bedroom tv
+              "10.1.1.67"
+            ];
           kat = koishi;
           arc = shanghai ++ nue;
           enableTrustedAuth = false;
-        in mkIf enableTrustedAuth [
+        in
-          {
+          mkIf enableTrustedAuth [
-            type = "trusted_networks";
+            {
-            #allow_bypass_login = true;
+              type = "trusted_networks";
-            trusted_networks = guest;
+              #allow_bypass_login = true;
-            trusted_users =
+              trusted_networks = guest;
-              genAttrs guest (_: "4051fcce77564010a836fd6b108bbb4b")
+              trusted_users =
-              #genAttrs arc (_: "0c9c9382890746c2b246b76557f22953")
+                genAttrs guest (_: "4051fcce77564010a836fd6b108bbb4b")
-              #genAttrs kat (_: "a6e96c523d334aabaea71743839ef584")
+                #genAttrs arc (_: "0c9c9382890746c2b246b76557f22953")
-            ;
+                #genAttrs kat (_: "a6e96c523d334aabaea71743839ef584")
-          }
+                ;
-          {
+            }
-            type = "homeassistant";
+            {
-          }
+              type = "homeassistant";
-        ];
+            }
+          ];
       };
       frontend = {
         themes = "!include_dir_merge_named themes";

nixos/vouch.nix

@@ -13,10 +13,12 @@ in {
   services.vouch-proxy = {
     enable = mkDefault true;
     package = mkIf hassVouch (pkgs.vouch-proxy.overrideAttrs (old: {
-      postPatch = ''
+      postPatch =
-        sed -i handlers/login.go \
+        ''
-          -e 's/badStrings *=.*$/badStrings = []string{}/'
+          sed -i handlers/login.go \
-      '' + old.postPatch or "";
+            -e 's/badStrings *=.*$/badStrings = []string{}/'
+        ''
+        + old.postPatch or "";
       doCheck = false;
     }));
     domain = mkDefault "login.${config.networking.domain}";

packages/grocy/pygrocy.nix

@@ -1,63 +1,69 @@
-{ lib
+{
-, buildPythonPackage
+  lib,
-, fetchFromGitHub
+  buildPythonPackage,
-, backports-zoneinfo
+  fetchFromGitHub,
-, deprecation
+  backports-zoneinfo,
-, pydantic
+  deprecation,
-, requests
+  pydantic,
-, responses
+  requests,
-, pre-commit
+  responses,
-, isort
+  pre-commit,
-, vcrpy
+  isort,
-, pytest
+  vcrpy,
-, pytest-recording
+  pytest,
-, pytest-mock
+  pytest-recording,
-, pythonOlder
+  pytest-mock,
-# requires an instance of grocy api running...
+  pythonOlder,
-, doCheckGrocy ? false
+  # requires an instance of grocy api running...
+  doCheckGrocy ? false,
 }: let
   inherit (lib.lists) optional optionals;
   inherit (lib.strings) optionalString;
-in buildPythonPackage rec {
+in
-  pname = "pygrocy";
+  buildPythonPackage rec {
-  version = "2.1.0";
+    pname = "pygrocy";
-  format = "setuptools";
+    version = "2.1.0";
+    format = "setuptools";
 
-  src = fetchFromGitHub {
+    src = fetchFromGitHub {
-    owner = "SebRut";
+      owner = "SebRut";
-    repo = "pygrocy";
+      repo = "pygrocy";
-    rev = "v${version}";
+      rev = "v${version}";
-    hash = "sha256-ijwcdWMeBnYPhrNYt/IxucPvzc+0InudLxJSMVwulNw=";
+      hash = "sha256-ijwcdWMeBnYPhrNYt/IxucPvzc+0InudLxJSMVwulNw=";
-  };
+    };
 
-  postPatch = optionalString (!doCheckGrocy) ''
+    postPatch = optionalString (!doCheckGrocy) ''
-    rm test/test_grocy.py
+      rm test/test_grocy.py
-  '';
+    '';
 
-  propagatedBuildInputs = [
+    propagatedBuildInputs =
-    requests
+      [
-    deprecation
+        requests
-    pydantic
+        deprecation
-  ] ++ optional (pythonOlder "3.9") backports-zoneinfo;
+        pydantic
+      ]
+      ++ optional (pythonOlder "3.9") backports-zoneinfo;
 
-  pythonImportsCheck = [
+    pythonImportsCheck = [
-    "pygrocy"
+      "pygrocy"
-  ];
+    ];
 
-  checkInputs = [
+    checkInputs =
-    pytest
+      [
-    pytest-recording
+        pytest
-    pytest-mock
+        pytest-recording
-  ] ++ optionals doCheckGrocy [
+        pytest-mock
-    responses
+      ]
-    pre-commit
+      ++ optionals doCheckGrocy [
-    isort
+        responses
-    vcrpy
+        pre-commit
-  ];
+        isort
+        vcrpy
+      ];
 
-  meta = {
+    meta = {
-    homepage = "https://github.com/SebRut/pygrocy";
+      homepage = "https://github.com/SebRut/pygrocy";
-    license = lib.licenses.mit;
+      license = lib.licenses.mit;
-    broken = pythonOlder "3.8";
+      broken = pythonOlder "3.8";
-  };
+    };
-}
+  }

systems/tei/cloudflared.nix

@@ -19,7 +19,8 @@ in {
           (nginx.virtualHosts.zigbee2mqtt.proxied.cloudflared.getIngress {})
           (nginx.virtualHosts.grocy.proxied.cloudflared.getIngress {})
           (nginx.virtualHosts.barcodebuddy.proxied.cloudflared.getIngress {})
-          (if home-assistant.reverseProxy.auth.enable
+          (
+            if home-assistant.reverseProxy.auth.enable
             then (nginx.virtualHosts.home-assistant.proxied.cloudflared.getIngress {})
             else {
               ${home-assistant.domain} = assert home-assistant.enable && home-assistant.reverseProxy.enable; {

systems/tei/nixos.nix

@@ -11,23 +11,25 @@
 in {
   imports = let
     inherit (meta) nixos;
-  in [
+  in
-    nixos.reisen-ct
+    [
-    nixos.sops
+      nixos.reisen-ct
-    nixos.tailscale
+      nixos.sops
-    nixos.cloudflared
+      nixos.tailscale
-    nixos.postgres
+      nixos.cloudflared
-    nixos.nginx
+      nixos.postgres
-    nixos.access.zigbee2mqtt
+      nixos.nginx
-    nixos.access.grocy
+      nixos.access.zigbee2mqtt
-    nixos.access.barcodebuddy
+      nixos.access.grocy
-    nixos.home-assistant
+      nixos.access.barcodebuddy
-    nixos.zigbee2mqtt
+      nixos.home-assistant
-    nixos.syncplay
+      nixos.zigbee2mqtt
-    nixos.grocy
+      nixos.syncplay
-    nixos.barcodebuddy
+      nixos.grocy
-    ./cloudflared.nix
+      nixos.barcodebuddy
-  ] ++ optional hassVouchAuth nixos.access.home-assistant;
+      ./cloudflared.nix
+    ]
+    ++ optional hassVouchAuth nixos.access.home-assistant;
 
   services.nginx = {
     proxied.enable = true;