treewide: apply nixpkgs-fmt

Used command:
nixpkgs-fmt .

flake.nix

@@ -80,7 +80,8 @@
       flake =
         let
           username = "barkeeper";
-        in {
+        in
+        {
           inherit username;
 
           checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) inputs.deploy-rs.lib;

hosts/flora-6/apps/caddy.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }:
 {
   systemd.tmpfiles.rules = [

hosts/flora-6/apps/drone.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.drone-secrets = {
     file = "${flake.self}/secrets/drone-secrets.age";
@@ -31,10 +30,12 @@
     "d '/var/lib/drone-db' 0750 drone drone - -"
   ];
 
-  systemd.services."docker-network-drone" = let
+  systemd.services."docker-network-drone" =
+    let
       docker = config.virtualisation.oci-containers.backend;
       dockerBin = "${pkgs.${docker}}/bin/${docker}";
-  in {
+    in
+    {
       serviceConfig.Type = "oneshot";
       before = [ "docker-drone-server.service" ];
       script = ''

hosts/flora-6/apps/forgejo-actions-runner.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.forgejo-actions-runner-token = {
     file = "${flake.self}/secrets/forgejo-actions-runner-token.age";

hosts/flora-6/apps/grafana.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.grafana-admin-password = {
     file = "${flake.self}/secrets/grafana-admin-password.age";

hosts/flora-6/apps/loki.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   # source: https://gist.github.com/rickhull/895b0cb38fdd537c1078a858cf15d63e
   # https://grafana.com/docs/loki/latest/configure/examples/#1-local-configuration-exampleyaml

hosts/flora-6/apps/prometheus.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
     file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";

hosts/flora-6/configuration.nix

@@ -1,12 +1,13 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
+}:
-}: let
+let
   psCfg = config.pub-solar;
-in {
+in
+{
   config = {
     # Override nix.conf for more agressive garbage collection
     nix.extraOptions = lib.mkForce ''

hosts/flora-6/default.nix

@@ -2,7 +2,8 @@
 
 {
   imports =
-    [ # Include the results of the hardware scan.
+    [
+      # Include the results of the hardware scan.
       ./hardware-configuration.nix
       ./configuration.nix
       ./triton-vmtools.nix

hosts/flora-6/hardware-configuration.nix

@@ -1,12 +1,11 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, modulesPath
-  modulesPath,
+, ...
-  ...
 }: {
   imports = [ ];
 

hosts/flora-6/triton-vmtools.nix

@@ -1,7 +1,6 @@
-{
+{ pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   environment.systemPackages = with pkgs; [
     flake.inputs.triton-vmtools.packages.${pkgs.system}.default

hosts/nachtigall/apps/collabora.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, self
-  self,
+, ...
-  ...
 }: {
   services.nginx.virtualHosts."collabora.pub.solar" = {
     enableACME = true;

hosts/nachtigall/apps/coturn.nix

@@ -21,7 +21,8 @@
       let
         externalIPv4s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv4.addresses;
         externalIPv6s = lib.strings.concatMapStringsSep "\n" ({ address, ... }: "external-ip=${address}") config.networking.interfaces.enp35s0.ipv6.addresses;
-      in ''
+      in
+      ''
         ${externalIPv4s}
         ${externalIPv6s}
 
@@ -64,7 +65,8 @@
   };
 
   networking.firewall = {
-    interfaces.enp35s0 = let
+    interfaces.enp35s0 =
+      let
         range = with config.services.coturn; [{
           from = min-port;
           to = max-port;

hosts/nachtigall/apps/forgejo.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.forgejo-database-password = {
     file = "${flake.self}/secrets/forgejo-database-password.age";

hosts/nachtigall/apps/keycloak.nix

@@ -1,9 +1,8 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
 }: {
   age.secrets.keycloak-database-password = {
     file = "${flake.self}/secrets/keycloak-database-password.age";

hosts/nachtigall/apps/mailman.nix

@@ -1,9 +1,8 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
 }:
 {
   networking.firewall.allowedTCPPorts = [ 25 ];

hosts/nachtigall/apps/matrix/irc.nix

@@ -90,7 +90,8 @@
               sendConnectionMessages = true;
               ssl = true;
             };
-          in {
+          in
+          {
             "irc.libera.chat" = lib.attrsets.recursiveUpdate commonConfig {
               name = "libera";
               dynamicChannels.groupId = "+libera.chat:localhost";

hosts/nachtigall/apps/matrix/synapse.nix

@@ -2,7 +2,8 @@
 let
   publicDomain = "matrix.pub.solar";
   serverDomain = "pub.solar";
-in {
+in
+{
   age.secrets."matrix-synapse-signing-key" = {
     file = "${flake.self}/secrets/matrix-synapse-signing-key.age";
     mode = "400";

hosts/nachtigall/apps/mediawiki.nix

@@ -1,10 +1,10 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
+}:
-}: let 
+let
   localSettingsPHP = pkgs.writeScript "LocalSettings.php" ''
     <?php
       # Protect against web entry
@@ -154,7 +154,8 @@
 
   uid = 986;
   gid = 984;
-in {
+in
+{
   age.secrets.mediawiki-database-password = {
     file = "${flake.self}/secrets/mediawiki-database-password.age";
     path = "/run/mediawiki/database-password";

hosts/nachtigall/apps/nextcloud.nix

@@ -1,8 +1,7 @@
-{
+{ config
-  config,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }:
 {
   age.secrets."nextcloud-secrets" = {

hosts/nachtigall/apps/nginx-mastodon.nix

@@ -46,10 +46,12 @@ in
         least_conn;
       '';
       servers = builtins.listToAttrs
-        (map (i: {
+        (map
+          (i: {
             name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
             value = { };
-        }) (lib.range 1 cfg.streamingProcesses));
+          })
+          (lib.range 1 cfg.streamingProcesses));
     };
   };
 }

hosts/nachtigall/apps/nginx-matrix.nix

@@ -128,7 +128,8 @@ in
         port = 8448;
         addr = "0.0.0.0";
         ssl = true;
-      } {
+      }
+        {
           port = 8448;
           addr = "[::]";
           ssl = true;

hosts/nachtigall/apps/nginx.nix

@@ -1,13 +1,14 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, self
-  self,
+, ...
-  ...
+}:
-}: let
+let
   acmeEmailAddress = "admins@pub.solar";
   webserverGroup = "hakkonaut";
-in {
+in
+{
   services.nginx = {
     enable = true;
     group = webserverGroup;

hosts/nachtigall/apps/owncast.nix

@@ -1,9 +1,8 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
 }: {
   services.nginx.virtualHosts."stream.pub.solar" = {
     enableACME = true;

hosts/nachtigall/apps/prometheus-exporters.nix

@@ -1,6 +1,5 @@
-{
+{ config
-  config,
+, ...
-  ...
 }: {
   services.prometheus = {
     exporters = {

hosts/nachtigall/apps/promtail.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, flake
-  flake,
+, ...
-  ...
 }: {
   age.secrets.nachtigall-metrics-prometheus-basic-auth-password = {
     file = "${flake.self}/secrets/nachtigall-metrics-prometheus-basic-auth-password.age";

hosts/nachtigall/apps/searx.nix

@@ -1,9 +1,8 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, lib
-  lib,
+, pkgs
-  pkgs,
+, ...
-  ...
 }:
 {
   age.secrets.searx-environment = {

hosts/nachtigall/configuration.nix

@@ -1,8 +1,7 @@
-{
+{ flake
-  flake,
+, config
-  config,
+, pkgs
-  pkgs,
+, ...
-  ...
 }: {
   # Use GRUB2 as the boot loader.
   # We don't use systemd-boot because Hetzner uses BIOS legacy boot.

hosts/nachtigall/default.nix

@@ -2,7 +2,8 @@
 
 {
   imports =
-    [ # Include the results of the hardware scan.
+    [
+      # Include the results of the hardware scan.
       ./hardware-configuration.nix
       ./configuration.nix
 

hosts/nachtigall/hardware-configuration.nix

@@ -5,7 +5,8 @@
 
 {
   imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    [
+      (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
   boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
@@ -14,32 +15,38 @@
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = "root_pool/root";
+    {
+      device = "root_pool/root";
       fsType = "zfs";
     };
 
   fileSystems."/var/lib" =
-    { device = "root_pool/data";
+    {
+      device = "root_pool/data";
       fsType = "zfs";
     };
 
   fileSystems."/var/lib/postgresql" =
-    { device = "root_pool/data/postgresql";
+    {
+      device = "root_pool/data/postgresql";
       fsType = "zfs";
     };
 
   fileSystems."/var/lib/docker" =
-    { device = "root_pool/data/docker";
+    {
+      device = "root_pool/data/docker";
       fsType = "zfs";
     };
 
   fileSystems."/boot1" =
-    { device = "/dev/disk/by-uuid/5493-EFF5";
+    {
+      device = "/dev/disk/by-uuid/5493-EFF5";
       fsType = "vfat";
     };
 
   fileSystems."/boot2" =
-    { device = "/dev/disk/by-uuid/5494-BA1E";
+    {
+      device = "/dev/disk/by-uuid/5494-BA1E";
       fsType = "vfat";
     };
 

lib/compat/nixos/default.nix

@@ -1,4 +1,5 @@
-{...}: let
+{ ... }:
+let
   inherit (default.inputs.nixos) lib;
 
   host = configs.${hostname} or configs.PubSolarOS;

lib/default.nix

@@ -1,9 +1,11 @@
 { self, lib, inputs, ... }: {
   # Configuration common to all Linux systems
   flake = {
-    lib = let
+    lib =
+      let
         callLibs = file: import file { inherit lib; };
-    in rec {
+      in
+      rec {
         ## Define your own library functions here!
         #id = x: x;
         ## Or in files, containing functions that take {lib}

lib/deploy.nix

@@ -5,7 +5,8 @@
  * Licensed under the MIT license
  */
 
-{ lib, inputs }: let
+{ lib, inputs }:
+let
   # https://github.com/serokell/deploy-rs#overall-usage
   system = "x86_64-linux";
   pkgs = import inputs.nixpkgs { inherit system; };
@@ -16,7 +17,8 @@
       (self: super: { deploy-rs = { inherit (pkgs) deploy-rs; lib = super.deploy-rs.lib; }; })
     ];
   };
-  getFqdn = c: let
+  getFqdn = c:
+    let
       net = c.config.networking;
       fqdn =
         if (net ? domain) && (net.domain != null)
@@ -24,7 +26,8 @@
         else net.hostName;
     in
     fqdn;
-in {
+in
+{
   mkDeployNodes = systemConfigurations: extraConfig:
     /*
      *

modules/nix.nix

@@ -1,9 +1,8 @@
-{
+{ config
-  config,
+, pkgs
-  pkgs,
+, lib
-  lib,
+, flake
-  flake,
+, ...
-  ...
 }: {
   nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
   ];

overlays/default.nix

@@ -1,7 +1,6 @@
-{
+{ self
-  self,
+, inputs
-  inputs,
+, ...
-  ...
 }: {
   flake = {
     nixosModules = rec {

secrets/secrets.nix

@@ -24,7 +24,8 @@ let
   flora6Keys = [
     flora-6-host
   ];
-in {
+in
+{
   # ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBB5XaH02a6+TchnyQED2VwaltPgeFCbildbE2h6nF5e root@nachtigall
   "nachtigall-root-ssh-key.age".publicKeys = nachtigallKeys ++ baseKeys;