maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

style: Switch to nixfmt from nixpkgs-fmt

Browse source 
Most of the ecosystem has moved to this formatter,
and many people configured their editors to autoformat it with this formatter.

Closes: https://git.snix.dev/snix/snix/issues/62
Change-Id: Icf39e7836c91fc2ae49fbe22a40a639105bfb0bd
Reviewed-on: https://cl.snix.dev/c/snix/+/30671
Reviewed-by: Florian Klink <flokli@flokli.de>
Tested-by: besadii
Autosubmit: Ilan Joselevich <personal@ilanjoselevich.com>
This commit is contained in:
Ilan Joselevich 2025-08-09 21:08:41 +02:00
parent 3443e6bd08
commit 91d02d8c84
136 changed files with 39952 additions and 11007 deletions
Download patch file Download diff file Expand all files Collapse all files

8
ops/machines/archivist-ec2/default.nix
View file

@ -21,10 +21,11 @@ in
path = [ depot.contrib.archivist.parse-bucket-logs ];
serviceConfig = {
Type = "oneshot";
ExecStart = (pkgs.writers.writePython3 "parse-bucket-logs-continuously"
{
ExecStart = (
pkgs.writers.writePython3 "parse-bucket-logs-continuously" {
libraries = [ pkgs.python3Packages.boto3 ];
} ./parse-bucket-logs-continuously.py);
} ./parse-bucket-logs-continuously.py
);
DynamicUser = "yes";
StateDirectory = "parse-bucket-logs";
};
@ -38,4 +39,3 @@ in
system.stateVersion = "23.05"; # Did you read the comment?
}

33
ops/machines/archivist-ec2/hardware-configuration.nix
View file

@ -1,27 +1,30 @@
{ lib, modulesPath, ... }:
{
imports =
[
(modulesPath + "/profiles/qemu-guest.nix")
];
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.availableKernelModules = [
"ahci"
"xhci_pci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{
device = "/dev/disk/by-partlabel/root";
fsType = "xfs";
};
fileSystems."/" = {
device = "/dev/disk/by-partlabel/root";
fsType = "xfs";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-partlabel/boot";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-partlabel/boot";
fsType = "vfat";
};
swapDevices = [ ];

27
ops/machines/build01/default.nix
View file

@ -1,4 +1,9 @@
{ depot, lib, pkgs, ... }: # readTree options
{
depot,
lib,
pkgs,
...
}: # readTree options
{ config, ... }: # passed by module system
let
mod = name: depot.path.origSrc + ("/ops/modules/" + name);
@ -24,7 +29,11 @@ in
boot.specialFileSystems = lib.mkForce {
"/run/wrappers" = {
fsType = "tmpfs";
options = [ "nodev" "mode=755" "size=${config.security.wrapperDirSize}" ];
options = [
"nodev"
"mode=755"
"size=${config.security.wrapperDirSize}"
];
};
};
@ -56,10 +65,17 @@ in
interfaces.host0.ipv6 = {
addresses = [
{ address = "2001:bc8:38ee:100:7000::20"; prefixLength = 64; }
{
address = "2001:bc8:38ee:100:7000::20";
prefixLength = 64;
}
];
routes = [
{ address = "64:ff9b::"; via = "2001:bc8:38ee:100::100"; prefixLength = 96; }
{
address = "64:ff9b::";
via = "2001:bc8:38ee:100::100";
prefixLength = 96;
}
];
};
@ -112,7 +128,8 @@ in
];
time.timeZone = "UTC";
users.users.root.openssh.authorizedKeys.keys = depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
users.users.root.openssh.authorizedKeys.keys =
depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
users.groups.kvm = { };
users.users.root.extraGroups = [ "kvm" ];

10
ops/machines/gerrit01/default.nix
View file

@ -1,4 +1,9 @@
{ depot, lib, pkgs, ... }: # readTree options
{
depot,
lib,
pkgs,
...
}: # readTree options
{ config, ... }: # passed by module system
let
@ -111,7 +116,8 @@ in
createHome = true;
home = "/var/lib/git";
};
users.root.openssh.authorizedKeys.keys = depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
users.root.openssh.authorizedKeys.keys =
depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
};
boot.initrd.systemd.enable = true;

10
ops/machines/meta01/default.nix
View file

@ -1,4 +1,9 @@
{ depot, lib, pkgs, ... }: # readTree options
{
depot,
lib,
pkgs,
...
}: # readTree options
{ config, ... }: # passed by module system
let
@ -130,7 +135,8 @@ in
# Required for prometheus to be able to scrape stats
services.nginx.statusPage = true;
users.users.root.openssh.authorizedKeys.keys = depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
users.users.root.openssh.authorizedKeys.keys =
depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
boot.initrd.systemd.enable = true;
zramSwap.enable = true;

10
ops/machines/public01/default.nix
View file

@ -1,4 +1,9 @@
{ depot, lib, pkgs, ... }: # readTree options
{
depot,
lib,
pkgs,
...
}: # readTree options
{ config, ... }: # passed by module system
let
@ -158,7 +163,8 @@ in
# Required for prometheus to be able to scrape stats
services.nginx.statusPage = true;
users.users.root.openssh.authorizedKeys.keys = depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
users.users.root.openssh.authorizedKeys.keys =
depot.ops.users.edef ++ depot.ops.users.flokli ++ depot.ops.users.raito;
boot.initrd.systemd.enable = true;
zramSwap.enable = true;

25
ops/machines/snix-cache/default.nix
View file

@ -1,18 +1,24 @@
{ depot, pkgs, lib, ... }: # readTree options
{
depot,
pkgs,
lib,
...
}: # readTree options
{ config, ... }: # passed by module system
let
srvos =
import (builtins.fetchTarball {
srvos = import (
builtins.fetchTarball {
url = "https://github.com/nix-community/srvos/archive/8e7d3c690975ee6790926bdfd1258016c967d163.tar.gz";
sha256 = "sha256-l7epHqAcg8Qktu8vO2ZfjSH1wcai01XQOKQA9ADHIk4=";
});
disko =
(builtins.fetchTarball {
}
);
disko = (
builtins.fetchTarball {
url = "https://github.com/nix-community/disko/archive/84dd8eea9a06006d42b8af7cfd4fda4cf334db81.tar.gz";
sha256 = "13mfnjnjp21wms4mw35ar019775qgy3fnjc59zrpnqbkfmzyvv02";
});
}
);
in
{
@ -38,7 +44,6 @@ in
forceSSL = true;
};
security.acme.acceptTerms = true;
security.acme.defaults.email = "admin+acme@numtide.com";
@ -48,11 +53,9 @@ in
systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3071:1091::2/64";
# Enable SSH and add some keys
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys =
depot.ops.users.edef
++ depot.ops.users.flokli

3
ops/machines/snix-cache/monitoring.nix
View file

@ -174,7 +174,8 @@ in
};
};
systemd.services.grafana.serviceConfig.LoadCredential = "github_auth_client_secret:/etc/secrets/grafana_github_auth_client_secret";
systemd.services.grafana.serviceConfig.LoadCredential =
"github_auth_client_secret:/etc/secrets/grafana_github_auth_client_secret";
systemd.services.grafana.serviceConfig.RuntimeDirectory = "grafana";
systemd.services.grafana.serviceConfig.SupplementaryGroups = "nginx";

13
ops/machines/snix-cache/nar-bridge-module.nix
View file

@ -1,9 +1,10 @@
{ config
, lib
, utils
, pkgs
, depot
, ...
{
config,
lib,
utils,
pkgs,
depot,
...
}:
let
cfg = config.services.nar-bridge;

16
ops/machines/snix-cache/nar-bridge.nix
View file

@ -9,13 +9,15 @@
virtualHosts.${config.machine.domain} = {
locations."=/" = {
tryFiles = "$uri $uri/index.html =404";
root = pkgs.runCommand "index"
{
nativeBuildInputs = [ pkgs.markdown2html-converter ];
} ''
mkdir -p $out
markdown2html-converter ${./README.md} -o $out/index.html
'';
root =
pkgs.runCommand "index"
{
nativeBuildInputs = [ pkgs.markdown2html-converter ];
}
''
mkdir -p $out
markdown2html-converter ${./README.md} -o $out/index.html
'';
};
locations."/" = {
proxyPass = "http://unix:/run/nar-bridge.sock:/";