From 766f143e5175cfc81b6fdfcb17e227c2208bc088 Mon Sep 17 00:00:00 2001 From: Administrator Date: Tue, 4 Nov 2025 11:31:52 +0000 Subject: [PATCH] fmt --- secrets/secrets.nix | 9 ++++----- services/dante.nix | 4 ++-- services/mailserver.nix | 7 +++---- services/nextcloud.nix | 8 ++++---- services/vaultwarden.nix | 8 +++----- system/configuration.nix | 15 +++++++-------- 6 files changed, 23 insertions(+), 28 deletions(-) diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 60cf7f6..a97a6d2 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,13 +1,12 @@ let user = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHxah5pnxmk+P7HtwRsryDoAHZsDs5RcGP9IPCNg1KFe cardno:16_179_196"; - users = [ user ]; - + users = [user]; + system = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMKxw1fDsIUUh3vWCD90LDgDMAG/NSVRg7QamUbknz5A root@distrust"; - systems = [ system ]; + systems = [system]; all = users ++ systems; -in -{ +in { "bind_pw".publicKeys = all; "nextcloud-admin-pass".publicKeys = all; "vaultwarden.env".publicKeys = all; diff --git a/services/dante.nix b/services/dante.nix index 9193a64..60bae3a 100644 --- a/services/dante.nix +++ b/services/dante.nix @@ -9,6 +9,6 @@ ''; }; - networking.firewall.allowedTCPPorts = [ 1080 ]; - networking.firewall.allowedUDPPorts = [ 1080 ]; + networking.firewall.allowedTCPPorts = [1080]; + networking.firewall.allowedUDPPorts = [1080]; } diff --git a/services/mailserver.nix b/services/mailserver.nix index 393da6f..c034882 100644 --- a/services/mailserver.nix +++ b/services/mailserver.nix @@ -1,16 +1,15 @@ -{ config, ... }: -{ +{config, ...}: { mailserver = { enable = true; fqdn = "distrust.network"; - domains = [ "distrust.network" ]; + domains = ["distrust.network"]; certificateScheme = "acme"; ldap = { enable = true; bind.dn = "cn=bind,ou=people,dc=distrust,dc=network"; bind.passwordFile = config.age.secrets."bind_pw".path; searchBase = "ou=people,dc=distrust,dc=network"; - uris = [ "ldap://localhost:3890" ]; + uris = ["ldap://localhost:3890"]; }; }; } diff --git a/services/nextcloud.nix b/services/nextcloud.nix index fcc914c..4811d20 100644 --- a/services/nextcloud.nix +++ b/services/nextcloud.nix @@ -7,7 +7,7 @@ onionUrl = "http://znfdxs4e3rqvzxtkksiidomupgm2x44wtrzyxtpomczto3xg5qxpcbqd.onion"; in { age.secrets."nextcloud-admin-pass".file = ../secrets/nextcloud-admin-pass; - + services.nextcloud = { enable = true; hostName = "cloud.distrust.network"; @@ -27,7 +27,7 @@ in { database.createLocally = true; }; - users.groups.nextcloud.members = [ "nextcloud" "caddy" ]; + users.groups.nextcloud.members = ["nextcloud" "caddy"]; services.nginx.enable = lib.mkForce false; services.phpfpm.pools.nextcloud.settings = { "listen.owner" = "caddy"; @@ -35,7 +35,7 @@ in { }; services.caddy.virtualHosts."https://cloud.distrust.network ${onionUrl}".extraConfig = '' # encode zstd gzip - + root * ${config.services.nginx.virtualHosts."cloud.distrust.network".root} redir /.well-known/carddav /remote.php/dav 301 @@ -61,7 +61,7 @@ in { X-Forwarded-Host {host} } - + php_fastcgi unix/${config.services.phpfpm.pools.nextcloud.socket} { root ${config.services.nginx.virtualHosts."cloud.distrust.network".root} env front_controller_active true diff --git a/services/vaultwarden.nix b/services/vaultwarden.nix index 834ddb1..c876e22 100644 --- a/services/vaultwarden.nix +++ b/services/vaultwarden.nix @@ -1,11 +1,9 @@ -{ config, ... }: -let +{config, ...}: let vaultPort = 8222; onionUrl = "http://gfoqwlo4nmhcywzzyhfanhkf7hz64lkjayngfyrpbd7ohaucu3q4znqd.onion"; -in -{ +in { age.secrets."vaultwarden.env".file = ../secrets/vaultwarden.env; - + services.vaultwarden = { enable = true; config = { diff --git a/system/configuration.nix b/system/configuration.nix index b979e19..4c8656d 100644 --- a/system/configuration.nix +++ b/system/configuration.nix @@ -1,11 +1,10 @@ -{pkgs, ...}: -let updateScript = pkgs.writeShellScriptBin "rebuild" '' - #!/bin/sh - nixos-rebuild switch --flake /etc/nixos#distrust --impure -''; -in -{ - environment.systemPackages = with pkgs; [vim btop git alejandra statix deadnix] ++ [ updateScript ]; +{pkgs, ...}: let + updateScript = pkgs.writeShellScriptBin "rebuild" '' + #!/bin/sh + nixos-rebuild switch --flake /etc/nixos#distrust --impure + ''; +in { + environment.systemPackages = with pkgs; [vim btop git alejandra statix deadnix] ++ [updateScript]; nix.settings.experimental-features = ["nix-command" "flakes"];