about summary refs log tree commit diff
path: root/ops/modules
diff options
context:
space:
mode:
Diffstat (limited to 'ops/modules')
-rw-r--r--ops/modules/atward.nix3
-rw-r--r--ops/modules/auto-deploy.nix3
-rw-r--r--ops/modules/automatic-gc.nix3
-rw-r--r--ops/modules/clbot.nix7
-rw-r--r--ops/modules/default.nix2
-rw-r--r--ops/modules/gerrit-queue.nix3
-rw-r--r--ops/modules/git-serving.nix3
-rw-r--r--ops/modules/irccat.nix3
-rw-r--r--ops/modules/monorepo-gerrit.nix5
-rw-r--r--ops/modules/nixery.nix3
-rw-r--r--ops/modules/oauth2_proxy.nix3
-rw-r--r--ops/modules/owothia.nix3
-rw-r--r--ops/modules/panettone.nix40
-rw-r--r--ops/modules/paroxysm.nix3
-rw-r--r--ops/modules/quassel.nix5
-rw-r--r--ops/modules/restic.nix3
-rw-r--r--ops/modules/smtprelay.nix5
-rw-r--r--ops/modules/sourcegraph.nix6
-rw-r--r--ops/modules/tvl-buildkite.nix67
-rw-r--r--ops/modules/tvl-slapd/default.nix5
20 files changed, 101 insertions, 74 deletions
diff --git a/ops/modules/atward.nix b/ops/modules/atward.nix
index 354f9ebdd3cb..f345a08e3131 100644
--- a/ops/modules/atward.nix
+++ b/ops/modules/atward.nix
@@ -3,7 +3,8 @@
 let
   cfg = config.services.depot.atward;
   description = "atward - (attempt to) cleverly route queries";
-in {
+in
+{
   options.services.depot.atward = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/auto-deploy.nix b/ops/modules/auto-deploy.nix
index 83a8273562f6..c504906b2b94 100644
--- a/ops/modules/auto-deploy.nix
+++ b/ops/modules/auto-deploy.nix
@@ -45,7 +45,8 @@ let
     # NixOS in $STATE_DIRECTORY
     (cd / && ${rebuild-system}/bin/rebuild-system)
   '';
-in {
+in
+{
   options.services.depot.auto-deploy = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/automatic-gc.nix b/ops/modules/automatic-gc.nix
index 634785721024..ad53a63f7f16 100644
--- a/ops/modules/automatic-gc.nix
+++ b/ops/modules/automatic-gc.nix
@@ -29,7 +29,8 @@ let
       echo "Skipping GC, enough space available"
     fi
   '';
-in {
+in
+{
   options.services.depot.automatic-gc = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/clbot.nix b/ops/modules/clbot.nix
index ef4c2ab23795..958d321f81ad 100644
--- a/ops/modules/clbot.nix
+++ b/ops/modules/clbot.nix
@@ -21,7 +21,7 @@ let
       (attrValues (mapAttrs (key: value: "-${key} \"${toString value}\"") flags));
 
   # Escapes a unit name for use in systemd
-  systemdEscape = name: removeSuffix "\n" (readFile (runCommandNoCC "unit-name" {} ''
+  systemdEscape = name: removeSuffix "\n" (readFile (runCommandNoCC "unit-name" { } ''
     ${pkgs.systemd}/bin/systemd-escape '${name}' >> $out
   ''));
 
@@ -42,7 +42,8 @@ let
       };
     };
   };
-in {
+in
+{
   options.services.depot.clbot = {
     enable = mkEnableOption description;
 
@@ -68,7 +69,7 @@ in {
     # (notably the SSH private key) readable by this user outside of
     # the module.
     users = {
-      groups.clbot = {};
+      groups.clbot = { };
 
       users.clbot = {
         group = "clbot";
diff --git a/ops/modules/default.nix b/ops/modules/default.nix
index 8bdfecdf41b0..d747e8e1319a 100644
--- a/ops/modules/default.nix
+++ b/ops/modules/default.nix
@@ -1,2 +1,2 @@
 # Make readTree happy at this level.
-_: {}
+_: { }
diff --git a/ops/modules/gerrit-queue.nix b/ops/modules/gerrit-queue.nix
index a4b073f8560b..66d584cc3361 100644
--- a/ops/modules/gerrit-queue.nix
+++ b/ops/modules/gerrit-queue.nix
@@ -8,7 +8,8 @@ let
     inherit default;
     type = lib.types.str;
   };
-in {
+in
+{
   options.services.depot.gerrit-queue = {
     enable = lib.mkEnableOption description;
     gerritUrl = mkStringOption "https://cl.tvl.fyi";
diff --git a/ops/modules/git-serving.nix b/ops/modules/git-serving.nix
index 6b8bef29b15a..49af01a0fd3e 100644
--- a/ops/modules/git-serving.nix
+++ b/ops/modules/git-serving.nix
@@ -12,7 +12,8 @@
 
 let
   cfg = config.services.depot.git-serving;
-in {
+in
+{
   options.services.depot.git-serving = with lib; {
     enable = mkEnableOption "Enable cgit & josh configuration";
 
diff --git a/ops/modules/irccat.nix b/ops/modules/irccat.nix
index deb0b4ecaf34..05a783fd6614 100644
--- a/ops/modules/irccat.nix
+++ b/ops/modules/irccat.nix
@@ -27,7 +27,8 @@ let
 
     exec ${depot.third_party.irccat}/bin/irccat
   '';
-in {
+in
+{
   options.services.depot.irccat = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/monorepo-gerrit.nix b/ops/modules/monorepo-gerrit.nix
index 6638f30b3f9f..509500c9139d 100644
--- a/ops/modules/monorepo-gerrit.nix
+++ b/ops/modules/monorepo-gerrit.nix
@@ -9,12 +9,13 @@ let
     exec -a ${name} ${depot.ops.besadii}/bin/besadii "$@"
   '';
 
-  gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" {} ''
+  gerritHooks = pkgs.runCommandNoCC "gerrit-hooks" { } ''
     mkdir -p $out
     ln -s ${besadiiWithConfig "change-merged"} $out/change-merged
     ln -s ${besadiiWithConfig "patchset-created"} $out/patchset-created
   '';
-in {
+in
+{
   services.gerrit = {
     enable = true;
     listenAddress = "[::]:4778"; # 4778 - grrt
diff --git a/ops/modules/nixery.nix b/ops/modules/nixery.nix
index 60d151045756..33f196372dbb 100644
--- a/ops/modules/nixery.nix
+++ b/ops/modules/nixery.nix
@@ -6,7 +6,8 @@ let
   cfg = config.services.depot.nixery;
   description = "Nixery - container images on-demand";
   storagePath = "/var/lib/nixery/${pkgs.nixpkgsCommits.unstable}";
-in {
+in
+{
   options.services.depot.nixery = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/oauth2_proxy.nix b/ops/modules/oauth2_proxy.nix
index 07ba8861e745..423f9010c5d2 100644
--- a/ops/modules/oauth2_proxy.nix
+++ b/ops/modules/oauth2_proxy.nix
@@ -19,7 +19,8 @@ let
     reverse_proxy = true
     set_xauthrequest = true
   '';
-in {
+in
+{
   options.services.depot.oauth2_proxy = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/owothia.nix b/ops/modules/owothia.nix
index b2a77cddc2dd..d11fdd26ecbc 100644
--- a/ops/modules/owothia.nix
+++ b/ops/modules/owothia.nix
@@ -4,7 +4,8 @@
 let
   cfg = config.services.depot.owothia;
   description = "owothia - i'm a service owo";
-in {
+in
+{
   options.services.depot.owothia = {
     enable = lib.mkEnableOption description;
 
diff --git a/ops/modules/panettone.nix b/ops/modules/panettone.nix
index 11e934ec2e8d..d57e53e75442 100644
--- a/ops/modules/panettone.nix
+++ b/ops/modules/panettone.nix
@@ -2,7 +2,8 @@
 
 let
   cfg = config.services.depot.panettone;
-in {
+in
+{
   options.services.depot.panettone = with lib; {
     enable = mkEnableOption "Panettone issue tracker";
 
@@ -62,23 +63,26 @@ in {
       assertion =
         cfg.dbHost != "localhost" || config.services.postgresql.enable;
       message = "Panettone requires a postgresql database";
-    } {
-      assertion =
-        cfg.dbHost != "localhost" || config.services.postgresql.enableTCPIP;
-      message = "Panettone can only connect to the postgresql database over TCP";
-    } {
-      assertion =
-        cfg.dbHost != "localhost" || (lib.any
-          (user: user.name == cfg.dbUser)
-          config.services.postgresql.ensureUsers);
-      message = "Panettone requires a database user";
-    } {
-      assertion =
-        cfg.dbHost != "localhost" || (lib.any
-          (db: db == cfg.dbName)
-          config.services.postgresql.ensureDatabases);
-      message = "Panettone requires a database";
-    }];
+    }
+      {
+        assertion =
+          cfg.dbHost != "localhost" || config.services.postgresql.enableTCPIP;
+        message = "Panettone can only connect to the postgresql database over TCP";
+      }
+      {
+        assertion =
+          cfg.dbHost != "localhost" || (lib.any
+            (user: user.name == cfg.dbUser)
+            config.services.postgresql.ensureUsers);
+        message = "Panettone requires a database user";
+      }
+      {
+        assertion =
+          cfg.dbHost != "localhost" || (lib.any
+            (db: db == cfg.dbName)
+            config.services.postgresql.ensureDatabases);
+        message = "Panettone requires a database";
+      }];
 
     systemd.services.panettone = {
       wantedBy = [ "multi-user.target" ];
diff --git a/ops/modules/paroxysm.nix b/ops/modules/paroxysm.nix
index cd9cd3866e47..070e7623db09 100644
--- a/ops/modules/paroxysm.nix
+++ b/ops/modules/paroxysm.nix
@@ -3,7 +3,8 @@
 let
   cfg = config.services.depot.paroxysm;
   description = "TVL's majestic IRC bot";
-in {
+in
+{
   options.services.depot.paroxysm.enable = lib.mkEnableOption description;
 
   config = lib.mkIf cfg.enable {
diff --git a/ops/modules/quassel.nix b/ops/modules/quassel.nix
index 9c8692629a2a..4a0b64ffc100 100644
--- a/ops/modules/quassel.nix
+++ b/ops/modules/quassel.nix
@@ -8,7 +8,8 @@ let
     enableDaemon = true;
     withKDE = false;
   };
-in {
+in
+{
   options.services.depot.quassel = with lib; {
     enable = mkEnableOption "Quassel IRC daemon";
 
@@ -70,7 +71,7 @@ in {
         group = "quassel";
       };
 
-      groups.quassel = {};
+      groups.quassel = { };
     };
   };
 }
diff --git a/ops/modules/restic.nix b/ops/modules/restic.nix
index 1aacf68973e3..869539603578 100644
--- a/ops/modules/restic.nix
+++ b/ops/modules/restic.nix
@@ -14,7 +14,8 @@ let
     inherit default;
     type = lib.types.str;
   };
-in {
+in
+{
   options.services.depot.restic = {
     enable = lib.mkEnableOption description;
     bucketEndpoint = mkStringOption "objects.dc-sto1.glesys.net";
diff --git a/ops/modules/smtprelay.nix b/ops/modules/smtprelay.nix
index 106593fe39d1..cfb185ecd107 100644
--- a/ops/modules/smtprelay.nix
+++ b/ops/modules/smtprelay.nix
@@ -27,8 +27,9 @@ let
   prepareArgs = args:
     concatStringsSep " "
       (attrValues (mapAttrs (key: value: "-${key} \"${toString value}\"")
-                            (args // overrideArgs)));
-in {
+        (args // overrideArgs)));
+in
+{
   options.services.depot.smtprelay = {
     enable = mkEnableOption description;
 
diff --git a/ops/modules/sourcegraph.nix b/ops/modules/sourcegraph.nix
index a72cd75d477d..5311b42dd1db 100644
--- a/ops/modules/sourcegraph.nix
+++ b/ops/modules/sourcegraph.nix
@@ -4,7 +4,8 @@
 
 let
   cfg = config.services.depot.sourcegraph;
-in {
+in
+{
   options.services.depot.sourcegraph = with lib; {
     enable = mkEnableOption "SourceGraph code search engine";
 
@@ -51,7 +52,8 @@ in {
       # Sourcegraph needs a higher nofile limit, it logs warnings
       # otherwise (unclear whether it actually affects the service).
       extraOptions = [
-        "--ulimit" "nofile=10000:10000"
+        "--ulimit"
+        "nofile=10000:10000"
       ];
     };
   };
diff --git a/ops/modules/tvl-buildkite.nix b/ops/modules/tvl-buildkite.nix
index aaeb5a0f7554..a6e7372a250a 100644
--- a/ops/modules/tvl-buildkite.nix
+++ b/ops/modules/tvl-buildkite.nix
@@ -13,7 +13,7 @@ let
 
   # All Buildkite hooks are actually besadii, but it's being invoked
   # with different names.
-  buildkiteHooks = pkgs.runCommandNoCC "buildkite-hooks" {} ''
+  buildkiteHooks = pkgs.runCommandNoCC "buildkite-hooks" { } ''
     mkdir -p $out/bin
     ln -s ${besadiiWithConfig "post-command"} $out/bin/post-command
   '';
@@ -22,7 +22,8 @@ let
     echo 'username=buildkite'
     echo "password=$(jq -r '.gerritPassword' /run/agenix/buildkite-besadii-config)"
   '';
-in {
+in
+{
   options.services.depot.buildkite = {
     enable = lib.mkEnableOption description;
     agentCount = lib.mkOption {
@@ -33,39 +34,43 @@ in {
 
   config = lib.mkIf cfg.enable {
     # Run the Buildkite agents using the default upstream module.
-    services.buildkite-agents = builtins.listToAttrs (map (n: rec {
-      name = "whitby-${toString n}";
-      value = {
-        inherit name;
-        enable = true;
-        tokenPath = "/run/agenix/buildkite-agent-token";
-        hooks.post-command = "${buildkiteHooks}/bin/post-command";
+    services.buildkite-agents = builtins.listToAttrs (map
+      (n: rec {
+        name = "whitby-${toString n}";
+        value = {
+          inherit name;
+          enable = true;
+          tokenPath = "/run/agenix/buildkite-agent-token";
+          hooks.post-command = "${buildkiteHooks}/bin/post-command";
 
-        runtimePackages = with pkgs; [
-          bash
-          coreutils
-          credentialHelper
-          curl
-          git
-          gnutar
-          gzip
-          jq
-          nix
-        ];
-      };
-    }) agents);
+          runtimePackages = with pkgs; [
+            bash
+            coreutils
+            credentialHelper
+            curl
+            git
+            gnutar
+            gzip
+            jq
+            nix
+          ];
+        };
+      })
+      agents);
 
     # Set up a group for all Buildkite agent users
     users = {
-      groups.buildkite-agents = {};
-      users = builtins.listToAttrs (map (n: rec {
-        name = "buildkite-agent-whitby-${toString n}";
-        value = {
-          isSystemUser = true;
-          group = lib.mkForce "buildkite-agents";
-          extraGroups = [ name "docker" ];
-        };
-      }) agents);
+      groups.buildkite-agents = { };
+      users = builtins.listToAttrs (map
+        (n: rec {
+          name = "buildkite-agent-whitby-${toString n}";
+          value = {
+            isSystemUser = true;
+            group = lib.mkForce "buildkite-agents";
+            extraGroups = [ name "docker" ];
+          };
+        })
+        agents);
     };
   };
 }
diff --git a/ops/modules/tvl-slapd/default.nix b/ops/modules/tvl-slapd/default.nix
index dbcf139338ea..d0d6616e224b 100644
--- a/ops/modules/tvl-slapd/default.nix
+++ b/ops/modules/tvl-slapd/default.nix
@@ -26,7 +26,8 @@ let
 
   inherit (depot.ops) users;
 
-in {
+in
+{
   services.openldap = {
     enable = true;
 
@@ -48,7 +49,7 @@ in {
 
       "cn=schema".includes =
         map (schema: "${pkgs.openldap}/etc/schema/${schema}.ldif")
-            [ "core" "cosine" "inetorgperson" "nis" ];
+          [ "core" "cosine" "inetorgperson" "nis" ];
     };
 
     # Contents are immutable at runtime, and adding user accounts etc.