nixfmt-rfc-style

There is nothing in this commit except for the changes made by nix-shell -p nixfmt-rfc-style --run "nixfmt ." If this has mucked up your open branches then sorry about that. You can probably nixfmt them to match before merging
2025-02-10 21:55:08 +00:00
parent 13cc5a8992
commit 7e2b0068e6
211 changed files with 6049 additions and 4355 deletions
--- a/modules/secrets/default.nix
+++ b/modules/secrets/default.nix
@@ -3,12 +3,18 @@
 ## various ways to manage secrets without writing them to the
 ## nix store

-{ lib, pkgs, config, ...}:
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}:
 let
  inherit (lib) mkOption types;
  inherit (pkgs) liminix;
  inherit (pkgs.liminix.services) longrun;
-in {
+in
+{
  options.system.service.secrets = {
    outboard = mkOption {
      description = "fetch secrets from external vault with https";
@@ -42,7 +48,7 @@ in {
        description = "service name";
        type = types.str;
      };
-      interval =  mkOption {
+      interval = mkOption {
        type = types.int;
        default = 30;
        description = "how often to check the source, in minutes";
@@ -57,7 +63,7 @@ in {
        description = "service name";
        type = types.str;
      };
-      interval =  mkOption {
+      interval = mkOption {
        type = types.int;
        default = 30;
        description = "how often to check the source, in minutes";
@@ -76,9 +82,16 @@ in {
        description = "how do we notify the service to regenerate its config";
        default = "restart-all";
        type = types.enum [
-          "restart" "restart-all"
-          "hup" "int" "quit" "kill" "term"
-          "winch" "usr1" "usr2"
+          "restart"
+          "restart-all"
+          "hup"
+          "int"
+          "quit"
+          "kill"
+          "term"
+          "winch"
+          "usr1"
+          "usr2"
        ];
      };
    };
--- a/modules/secrets/outboard.nix
+++ b/modules/secrets/outboard.nix
@@ -1,11 +1,21 @@
 {
-  liminix, lib, json-to-fstree, serviceFns
+  liminix,
+  lib,
+  json-to-fstree,
+  serviceFns,
+}:
+{
+  name,
+  url,
+  interval,
+  username,
+  password,
 }:
-{ name, url, interval, username, password  } :
 let
  inherit (liminix.services) oneshot longrun;
  inherit (lib) optionalString;
-in longrun {
+in
+longrun {
  inherit name;
  buildInputs = [ json-to-fstree ];
  run = ''
--- a/modules/secrets/subscriber.nix
+++ b/modules/secrets/subscriber.nix
@@ -1,7 +1,16 @@
 {
-  liminix, lib, lim, s6, s6-rc, watch-outputs
+  liminix,
+  lib,
+  lim,
+  s6,
+  s6-rc,
+  watch-outputs,
+}:
+{
+  watch,
+  service,
+  action,
 }:
-{ watch, service, action } :
 let
  inherit (liminix.services) oneshot longrun;
  inherit (builtins) length head toString;
@@ -11,41 +20,51 @@ let
  watched-services = unique (map (f: f "service") watch);
  paths = unique (map (f: f "path") watch);

-  restart-flag = {
-    restart = "-r";
-    restart-all = "-R";
-    "hup" = "-s 1";
-    "int" = "-s 2";
-    "quit" = "-s 3";
-    "kill" = "-s 9";
-    "term" = "-s 15";
-    "winch" = "-s 28";
-    "usr1" = "-s 10";
-    "usr2" = "-s 12";
-  }.${action};
+  restart-flag =
+    {
+      restart = "-r";
+      restart-all = "-R";
+      "hup" = "-s 1";
+      "int" = "-s 2";
+      "quit" = "-s 3";
+      "kill" = "-s 9";
+      "term" = "-s 15";
+      "winch" = "-s 28";
+      "usr1" = "-s 10";
+      "usr2" = "-s 12";
+    }
+    .${action};

  watched-service =
-    if length watched-services == 0
-    then null
-    else if length watched-services == 1
-    then head watched-services
-    else throw "cannot subscribe to more than one source service for secrets";
+    if length watched-services == 0 then
+      null
+    else if length watched-services == 1 then
+      head watched-services
+    else
+      throw "cannot subscribe to more than one source service for secrets";

-  watcher = let name' = "restart-${name}"; in longrun {
-    name = name';
-    run = ''
-      dir=/run/service/${name}
-      echo waiting for $dir
-      if test -e $dir/notification-fd; then flag="-U"; else flag="-u"; fi
-      ${s6}/bin/s6-svwait $flag /run/service/${name} || exit
-      PATH=${s6-rc}/bin:${s6}/bin:$PATH
-      ${watch-outputs}/bin/watch-outputs ${restart-flag} ${name} ${watched-service.name} ${lib.concatStringsSep " " paths}
-    '';
-  };
-in service.overrideAttrs(o: {
-  buildInputs =  (lim.orEmpty o.buildInputs) ++
-                 optional (watched-service != null) watcher;
-  dependencies = (lim.orEmpty o.dependencies) ++
-                 optionals (watched-service != null)
-                   [ watcher watched-service ];
+  watcher =
+    let
+      name' = "restart-${name}";
+    in
+    longrun {
+      name = name';
+      run = ''
+        dir=/run/service/${name}
+        echo waiting for $dir
+        if test -e $dir/notification-fd; then flag="-U"; else flag="-u"; fi
+        ${s6}/bin/s6-svwait $flag /run/service/${name} || exit
+        PATH=${s6-rc}/bin:${s6}/bin:$PATH
+        ${watch-outputs}/bin/watch-outputs ${restart-flag} ${name} ${watched-service.name} ${lib.concatStringsSep " " paths}
+      '';
+    };
+in
+service.overrideAttrs (o: {
+  buildInputs = (lim.orEmpty o.buildInputs) ++ optional (watched-service != null) watcher;
+  dependencies =
+    (lim.orEmpty o.dependencies)
+    ++ optionals (watched-service != null) [
+      watcher
+      watched-service
+    ];
 })
--- a/modules/secrets/tang.nix
+++ b/modules/secrets/tang.nix
@@ -1,11 +1,20 @@
 {
-  liminix, lib, json-to-fstree, serviceFns, tangc
+  liminix,
+  lib,
+  json-to-fstree,
+  serviceFns,
+  tangc,
+}:
+{
+  name,
+  path,
+  interval,
 }:
-{ name, path, interval } :
 let
  inherit (liminix.services) longrun;
  inherit (lib) optionalString;
-in longrun {
+in
+longrun {
  inherit name;
  buildInputs = [ json-to-fstree ];
  notification-fd = 10;