Format tree with treefmt

2026-06-16 16:46:17 +07:00
parent cf0d796bee
commit de7d950596
9 changed files with 104 additions and 40 deletions
@@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 let
  cfg = config.cnx.hetznerFirewall;
 in
@@ -29,8 +34,7 @@ in
    tokenFile = lib.mkOption {
      type = lib.types.path;
      default = config.clan.core.vars.generators.hetzner-firewall.files.token.path;
-      defaultText = lib.literalExpression
-        "config.clan.core.vars.generators.hetzner-firewall.files.token.path";
+      defaultText = lib.literalExpression "config.clan.core.vars.generators.hetzner-firewall.files.token.path";
      description = "File holding the Hetzner Cloud API token (Read & Write).";
    };
  };
@@ -48,7 +52,11 @@ in
      description = "Sync Hetzner Cloud firewall rules from Nix config";
      after = [ "network-online.target" ];
      wants = [ "network-online.target" ];
-      path = [ pkgs.curl pkgs.jq pkgs.coreutils ];
+      path = [
+        pkgs.curl
+        pkgs.jq
+        pkgs.coreutils
+      ];
      environment.SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt";
      serviceConfig = {
        Type = "oneshot";
@@ -71,20 +79,22 @@ in
          curl -fsS -H @"$hdr" -H "Content-Type: application/json" "$@"
        }

-        ${lib.concatStringsSep "\n" (lib.mapAttrsToList (fwName: rules: ''
-          name=${lib.escapeShellArg fwName}
-          rules=${lib.escapeShellArg (builtins.toJSON rules)}
-          id="$(hapi "$api/firewalls?name=$name" | jq -r '.firewalls[0].id // empty')"
-          if [ -z "$id" ]; then
-            echo "hetzner-firewall: creating $name"
-            jq -n --arg name "$name" --argjson rules "$rules" '{name: $name, rules: $rules}' \
-              | hapi -X POST --data-binary @- "$api/firewalls" > /dev/null
-          else
-            echo "hetzner-firewall: setting rules on $name (id $id)"
-            jq -n --argjson rules "$rules" '{rules: $rules}' \
-              | hapi -X POST --data-binary @- "$api/firewalls/$id/actions/set_rules" > /dev/null
-          fi
-        '') cfg.firewalls)}
+        ${lib.concatStringsSep "\n" (
+          lib.mapAttrsToList (fwName: rules: ''
+            name=${lib.escapeShellArg fwName}
+            rules=${lib.escapeShellArg (builtins.toJSON rules)}
+            id="$(hapi "$api/firewalls?name=$name" | jq -r '.firewalls[0].id // empty')"
+            if [ -z "$id" ]; then
+              echo "hetzner-firewall: creating $name"
+              jq -n --arg name "$name" --argjson rules "$rules" '{name: $name, rules: $rules}' \
+                | hapi -X POST --data-binary @- "$api/firewalls" > /dev/null
+            else
+              echo "hetzner-firewall: setting rules on $name (id $id)"
+              jq -n --argjson rules "$rules" '{rules: $rules}' \
+                | hapi -X POST --data-binary @- "$api/firewalls/$id/actions/set_rules" > /dev/null
+            fi
+          '') cfg.firewalls
+        )}
      '';
    };