diff options
author | Vincent Ambo <mail@tazj.in> | 2022-01-30T16·06+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2022-01-31T16·11+0000 |
commit | aa122cbae78ce97d60c0c98ba14df753d97e40b1 (patch) | |
tree | 12b98d85c4b18fe870feb26de70db9ba61837bd7 /ops/modules | |
parent | 2d10d60fac0fd00a71b65cfdcb9fba0477b2086c (diff) |
style: format entire depot with nixpkgs-fmt r/3723
This CL can be used to compare the style of nixpkgs-fmt against other formatters (nixpkgs, alejandra). Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: wpcarro <wpcarro@gmail.com> Reviewed-by: Profpatsch <mail@profpatsch.de> Reviewed-by: kanepyork <rikingcoding@gmail.com> Reviewed-by: tazjin <tazjin@tvl.su> Reviewed-by: cynthia <cynthia@tvl.fyi> Reviewed-by: edef <edef@edef.eu> Reviewed-by: eta <tvl@eta.st> Reviewed-by: grfn <grfn@gws.fyi>
Diffstat (limited to 'ops/modules')
-rw-r--r-- | ops/modules/atward.nix | 3 | ||||
-rw-r--r-- | ops/modules/auto-deploy.nix | 3 | ||||
-rw-r--r-- | ops/modules/automatic-gc.nix | 3 | ||||
-rw-r--r-- | ops/modules/clbot.nix | 7 | ||||
-rw-r--r-- | ops/modules/default.nix | 2 | ||||
-rw-r--r-- | ops/modules/gerrit-queue.nix | 3 | ||||
-rw-r--r-- | ops/modules/git-serving.nix | 3 | ||||
-rw-r--r-- | ops/modules/irccat.nix | 3 | ||||
-rw-r--r-- | ops/modules/monorepo-gerrit.nix | 5 | ||||
-rw-r--r-- | ops/modules/nixery.nix | 3 | ||||
-rw-r--r-- | ops/modules/oauth2_proxy.nix | 3 | ||||
-rw-r--r-- | ops/modules/owothia.nix | 3 | ||||
-rw-r--r-- | ops/modules/panettone.nix | 40 | ||||
-rw-r--r-- | ops/modules/paroxysm.nix | 3 | ||||
-rw-r--r-- | ops/modules/quassel.nix | 5 | ||||
-rw-r--r-- | ops/modules/restic.nix | 3 | ||||
-rw-r--r-- | ops/modules/smtprelay.nix | 5 | ||||
-rw-r--r-- | ops/modules/sourcegraph.nix | 6 | ||||
-rw-r--r-- | ops/modules/tvl-buildkite.nix | 67 | ||||
-rw-r--r-- | ops/modules/tvl-slapd/default.nix | 5 |
20 files changed, 101 insertions, 74 deletions
diff --git a/ops/modules/atward.nix b/ops/modules/atward.nix index 354f9ebdd3cb..f345a08e3131 100644 --- a/ops/modules/atward.nix +++ b/ops/modules/atward.nix @@ -3,7 +3,8 @@ let cfg = config.services.depot.atward; description = "atward - (attempt to) cleverly route queries"; -in { +in +{ options.services.depot.atward = { enable = lib.mkEnableOption description; diff --git a/ops/modules/auto-deploy.nix b/ops/modules/auto-deploy.nix index 83a8273562f6..c504906b2b94 100644 --- a/ops/modules/auto-deploy.nix +++ b/ops/modules/auto-deploy.nix @@ -45,7 +45,8 @@ let # NixOS in $STATE_DIRECTORY (cd / && ${rebuild-system}/bin/rebuild-system) ''; -in { +in +{ options.services.depot.auto-deploy = { enable = lib.mkEnableOption description; diff --git a/ops/modules/automatic-gc.nix b/ops/modules/automatic-gc.nix index 634785721024..ad53a63f7f16 100644 --- a/ops/modules/automatic-gc.nix +++ b/ops/modules/automatic-gc.nix @@ -29,7 +29,8 @@ let echo "Skipping GC, enough space available" fi ''; -in { +in +{ options.services.depot.automatic-gc = { enable = lib.mkEnableOption description; diff --git a/ops/modules/clbot.nix b/ops/modules/clbot.nix index ef4c2ab23795..958d321f81ad 100644 --- a/ops/modules/clbot.nix +++ b/ops/modules/clbot.nix @@ -21,7 +21,7 @@ let (attrValues (mapAttrs (key: value: "-${key} \"${toString value}\"") flags)); # Escapes a unit name for use in systemd - systemdEscape = name: removeSuffix "\n" (readFile (runCommandNoCC "unit-name" {} '' + systemdEscape = name: removeSuffix "\n" (readFile (runCommandNoCC "unit-name" { } '' ${pkgs.systemd}/bin/systemd-escape '${name}' >> $out '')); @@ -42,7 +42,8 @@ let }; }; }; -in { +in +{ options.services.depot.clbot = { enable = mkEnableOption description; @@ -68,7 +69,7 @@ in { # (notably the SSH private key) readable by this user outside of # the module. users = { - groups.clbot = {}; + groups.clbot = { }; users.clbot = { group = "clbot"; diff --git a/ops/modules/default.nix b/ops/modules/default.nix index 8bdfecdf41b0..d747e8e1319a 100644 --- a/ops/modules/default.nix +++ b/ops/modules/default.nix @@ -1,2 +1,2 @@ # Make readTree happy at this level. -_: {} +_: { } diff --git a/ops/modules/gerrit-queue.nix b/ops/modules/gerrit-queue.nix index a4b073f8560b..66d584cc3361 100644 --- a/ops/modules/gerrit-queue.nix +++ b/ops/modules/gerrit-queue.nix @@ -8,7 +8,8 @@ let inherit default; type = lib.types.str; }; -in { +in +{ options.services.depot.gerrit-queue = { enable = lib.mkEnableOption description; gerritUrl = mkStringOption "https://cl.tvl.fyi"; diff --git a/ops/modules/git-serving.nix b/ops/modules/git-serving.nix index 6b8bef29b15a..49af01a0fd3e 100644 --- a/ops/modules/git-serving.nix +++ b/ops/modules/git-serving.nix @@ -12,7 +12,8 @@ let cfg = config.services.depot.git-serving; -in { +in +{ options.services.depot.git-serving = with lib; { enable = mkEnableOption "Enable cgit & josh configuration"; diff --git a/ops/modules/irccat.nix b/ops/modules/irccat.nix index deb0b4ecaf34..05a783fd6614 100644 --- a/ops/modules/irccat.nix +++ b/ops/modules/irccat.nix @@ -27,7 +27,8 @@ let exec ${depot.third_party.irccat}/bin/irccat ''; -in { +in +{ options.services.depot.irccat = { enable = lib.mkEnableOption description; diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix index 6638f30b3f9f..509500c9139d 100644 --- a/ops/modules/monorepo-gerrit.nix +++ b/ops/modules/monorepo-gerrit.nix @@ -9,12 +9,13 @@ let exec -a ${name} ${depot.ops.besadii}/bin/besadii "$@" ''; - gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" {} '' + gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" { } '' mkdir -p $out ln -s ${besadiiWithConfig "change-merged"} $out/change-merged ln -s ${besadiiWithConfig "patchset-created"} $out/patchset-created ''; -in { +in +{ services.gerrit = { enable = true; listenAddress = "[::]:4778"; # 4778 - grrt diff --git a/ops/modules/nixery.nix b/ops/modules/nixery.nix index 60d151045756..33f196372dbb 100644 --- a/ops/modules/nixery.nix +++ b/ops/modules/nixery.nix @@ -6,7 +6,8 @@ let cfg = config.services.depot.nixery; description = "Nixery - container images on-demand"; storagePath = "/var/lib/nixery/${pkgs.nixpkgsCommits.unstable}"; -in { +in +{ options.services.depot.nixery = { enable = lib.mkEnableOption description; diff --git a/ops/modules/oauth2_proxy.nix b/ops/modules/oauth2_proxy.nix index 07ba8861e745..423f9010c5d2 100644 --- a/ops/modules/oauth2_proxy.nix +++ b/ops/modules/oauth2_proxy.nix @@ -19,7 +19,8 @@ let reverse_proxy = true set_xauthrequest = true ''; -in { +in +{ options.services.depot.oauth2_proxy = { enable = lib.mkEnableOption description; diff --git a/ops/modules/owothia.nix b/ops/modules/owothia.nix index b2a77cddc2dd..d11fdd26ecbc 100644 --- a/ops/modules/owothia.nix +++ b/ops/modules/owothia.nix @@ -4,7 +4,8 @@ let cfg = config.services.depot.owothia; description = "owothia - i'm a service owo"; -in { +in +{ options.services.depot.owothia = { enable = lib.mkEnableOption description; diff --git a/ops/modules/panettone.nix b/ops/modules/panettone.nix index 11e934ec2e8d..d57e53e75442 100644 --- a/ops/modules/panettone.nix +++ b/ops/modules/panettone.nix @@ -2,7 +2,8 @@ let cfg = config.services.depot.panettone; -in { +in +{ options.services.depot.panettone = with lib; { enable = mkEnableOption "Panettone issue tracker"; @@ -62,23 +63,26 @@ in { assertion = cfg.dbHost != "localhost" || config.services.postgresql.enable; message = "Panettone requires a postgresql database"; - } { - assertion = - cfg.dbHost != "localhost" || config.services.postgresql.enableTCPIP; - message = "Panettone can only connect to the postgresql database over TCP"; - } { - assertion = - cfg.dbHost != "localhost" || (lib.any - (user: user.name == cfg.dbUser) - config.services.postgresql.ensureUsers); - message = "Panettone requires a database user"; - } { - assertion = - cfg.dbHost != "localhost" || (lib.any - (db: db == cfg.dbName) - config.services.postgresql.ensureDatabases); - message = "Panettone requires a database"; - }]; + } + { + assertion = + cfg.dbHost != "localhost" || config.services.postgresql.enableTCPIP; + message = "Panettone can only connect to the postgresql database over TCP"; + } + { + assertion = + cfg.dbHost != "localhost" || (lib.any + (user: user.name == cfg.dbUser) + config.services.postgresql.ensureUsers); + message = "Panettone requires a database user"; + } + { + assertion = + cfg.dbHost != "localhost" || (lib.any + (db: db == cfg.dbName) + config.services.postgresql.ensureDatabases); + message = "Panettone requires a database"; + }]; systemd.services.panettone = { wantedBy = [ "multi-user.target" ]; diff --git a/ops/modules/paroxysm.nix b/ops/modules/paroxysm.nix index cd9cd3866e47..070e7623db09 100644 --- a/ops/modules/paroxysm.nix +++ b/ops/modules/paroxysm.nix @@ -3,7 +3,8 @@ let cfg = config.services.depot.paroxysm; description = "TVL's majestic IRC bot"; -in { +in +{ options.services.depot.paroxysm.enable = lib.mkEnableOption description; config = lib.mkIf cfg.enable { diff --git a/ops/modules/quassel.nix b/ops/modules/quassel.nix index 9c8692629a2a..4a0b64ffc100 100644 --- a/ops/modules/quassel.nix +++ b/ops/modules/quassel.nix @@ -8,7 +8,8 @@ let enableDaemon = true; withKDE = false; }; -in { +in +{ options.services.depot.quassel = with lib; { enable = mkEnableOption "Quassel IRC daemon"; @@ -70,7 +71,7 @@ in { group = "quassel"; }; - groups.quassel = {}; + groups.quassel = { }; }; }; } diff --git a/ops/modules/restic.nix b/ops/modules/restic.nix index 1aacf68973e3..869539603578 100644 --- a/ops/modules/restic.nix +++ b/ops/modules/restic.nix @@ -14,7 +14,8 @@ let inherit default; type = lib.types.str; }; -in { +in +{ options.services.depot.restic = { enable = lib.mkEnableOption description; bucketEndpoint = mkStringOption "objects.dc-sto1.glesys.net"; diff --git a/ops/modules/smtprelay.nix b/ops/modules/smtprelay.nix index 106593fe39d1..cfb185ecd107 100644 --- a/ops/modules/smtprelay.nix +++ b/ops/modules/smtprelay.nix @@ -27,8 +27,9 @@ let prepareArgs = args: concatStringsSep " " (attrValues (mapAttrs (key: value: "-${key} \"${toString value}\"") - (args // overrideArgs))); -in { + (args // overrideArgs))); +in +{ options.services.depot.smtprelay = { enable = mkEnableOption description; diff --git a/ops/modules/sourcegraph.nix b/ops/modules/sourcegraph.nix index a72cd75d477d..5311b42dd1db 100644 --- a/ops/modules/sourcegraph.nix +++ b/ops/modules/sourcegraph.nix @@ -4,7 +4,8 @@ let cfg = config.services.depot.sourcegraph; -in { +in +{ options.services.depot.sourcegraph = with lib; { enable = mkEnableOption "SourceGraph code search engine"; @@ -51,7 +52,8 @@ in { # Sourcegraph needs a higher nofile limit, it logs warnings # otherwise (unclear whether it actually affects the service). extraOptions = [ - "--ulimit" "nofile=10000:10000" + "--ulimit" + "nofile=10000:10000" ]; }; }; diff --git a/ops/modules/tvl-buildkite.nix b/ops/modules/tvl-buildkite.nix index aaeb5a0f7554..a6e7372a250a 100644 --- a/ops/modules/tvl-buildkite.nix +++ b/ops/modules/tvl-buildkite.nix @@ -13,7 +13,7 @@ let # All Buildkite hooks are actually besadii, but it's being invoked # with different names. - buildkiteHooks = pkgs.runCommandNoCC "buildkite-hooks" {} '' + buildkiteHooks = pkgs.runCommandNoCC "buildkite-hooks" { } '' mkdir -p $out/bin ln -s ${besadiiWithConfig "post-command"} $out/bin/post-command ''; @@ -22,7 +22,8 @@ let echo 'username=buildkite' echo "password=$(jq -r '.gerritPassword' /run/agenix/buildkite-besadii-config)" ''; -in { +in +{ options.services.depot.buildkite = { enable = lib.mkEnableOption description; agentCount = lib.mkOption { @@ -33,39 +34,43 @@ in { config = lib.mkIf cfg.enable { # Run the Buildkite agents using the default upstream module. - services.buildkite-agents = builtins.listToAttrs (map (n: rec { - name = "whitby-${toString n}"; - value = { - inherit name; - enable = true; - tokenPath = "/run/agenix/buildkite-agent-token"; - hooks.post-command = "${buildkiteHooks}/bin/post-command"; + services.buildkite-agents = builtins.listToAttrs (map + (n: rec { + name = "whitby-${toString n}"; + value = { + inherit name; + enable = true; + tokenPath = "/run/agenix/buildkite-agent-token"; + hooks.post-command = "${buildkiteHooks}/bin/post-command"; - runtimePackages = with pkgs; [ - bash - coreutils - credentialHelper - curl - git - gnutar - gzip - jq - nix - ]; - }; - }) agents); + runtimePackages = with pkgs; [ + bash + coreutils + credentialHelper + curl + git + gnutar + gzip + jq + nix + ]; + }; + }) + agents); # Set up a group for all Buildkite agent users users = { - groups.buildkite-agents = {}; - users = builtins.listToAttrs (map (n: rec { - name = "buildkite-agent-whitby-${toString n}"; - value = { - isSystemUser = true; - group = lib.mkForce "buildkite-agents"; - extraGroups = [ name "docker" ]; - }; - }) agents); + groups.buildkite-agents = { }; + users = builtins.listToAttrs (map + (n: rec { + name = "buildkite-agent-whitby-${toString n}"; + value = { + isSystemUser = true; + group = lib.mkForce "buildkite-agents"; + extraGroups = [ name "docker" ]; + }; + }) + agents); }; }; } diff --git a/ops/modules/tvl-slapd/default.nix b/ops/modules/tvl-slapd/default.nix index dbcf139338ea..d0d6616e224b 100644 --- a/ops/modules/tvl-slapd/default.nix +++ b/ops/modules/tvl-slapd/default.nix @@ -26,7 +26,8 @@ let inherit (depot.ops) users; -in { +in +{ services.openldap = { enable = true; @@ -48,7 +49,7 @@ in { "cn=schema".includes = map (schema: "${pkgs.openldap}/etc/schema/${schema}.ldif") - [ "core" "cosine" "inetorgperson" "nis" ]; + [ "core" "cosine" "inetorgperson" "nis" ]; }; # Contents are immutable at runtime, and adding user accounts etc. |