diff --git a/flake.nix b/flake.nix index 6a50f8b..4fee7ca 100644 --- a/flake.nix +++ b/flake.nix @@ -37,7 +37,7 @@ "aarch64-linux" "aarch64-darwin" ]; - forAllSystems = f: nixlib.genAttrs systems (system: f system); + forAllSystems = f: nixlib.genAttrs systems f; allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations; importantMachines = [ "bekkalokk" diff --git a/hosts/bekkalokk/services/kerberos/pam.nix b/hosts/bekkalokk/services/kerberos/pam.nix index b5e5dcb..91e3181 100644 --- a/hosts/bekkalokk/services/kerberos/pam.nix +++ b/hosts/bekkalokk/services/kerberos/pam.nix @@ -879,7 +879,7 @@ let inherit (pkgs) pam_krb5 pam_ccreds; - use_ldap = (config.users.ldap.enable && config.users.ldap.loginPam); + use_ldap = config.users.ldap.enable && config.users.ldap.loginPam; pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap; # Create a limits.conf(5) file. @@ -1510,7 +1510,7 @@ in it complains "Cannot create session: Already running in a session". */ runuser-l = { rootOK = true; unixAuth = false; }; - } // optionalAttrs (config.security.pam.enableFscrypt) { + } // optionalAttrs config.security.pam.enableFscrypt { # Allow fscrypt to verify login passphrase fscrypt = {}; }; diff --git a/hosts/bicep/services/matrix/mjolnir.nix b/hosts/bicep/services/matrix/mjolnir.nix index 21dd04d..270a2e9 100644 --- a/hosts/bicep/services/matrix/mjolnir.nix +++ b/hosts/bicep/services/matrix/mjolnir.nix @@ -11,7 +11,7 @@ services.mjolnir = { enable = true; pantalaimon.enable = false; - homeserverUrl = http://127.0.0.1:8008; + homeserverUrl = "http://127.0.0.1:8008"; accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path; managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no"; protectedRooms = map (a: "https://matrix.to/#/${a}") [ diff --git a/hosts/bicep/services/matrix/synapse.nix b/hosts/bicep/services/matrix/synapse.nix index f24b6da..0906cf5 100644 --- a/hosts/bicep/services/matrix/synapse.nix +++ b/hosts/bicep/services/matrix/synapse.nix @@ -143,10 +143,10 @@ in { services.redis.servers."".enable = true; services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [ - ({ + { kTLS = true; - }) - ({ + } + { locations."/.well-known/matrix/server" = { return = '' 200 '{"m.server": "matrix.pvv.ntnu.no:443"}' @@ -156,16 +156,16 @@ in { add_header Access-Control-Allow-Origin *; ''; }; - }) - ({ + } + { locations = let connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w; - socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString (c.port)}"; + socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString c.port}"; metricsPath = w: "/metrics/${w.type}/${toString w.index}"; proxyPath = w: "http://${socketAddress w}/_synapse/metrics"; in lib.mapAttrs' (n: v: lib.nameValuePair - (metricsPath v) ({ + (metricsPath v) { proxyPass = proxyPath v; extraConfig = '' allow ${values.hosts.ildkule.ipv4}; @@ -174,10 +174,10 @@ in { allow ${values.hosts.ildkule.ipv6_global}; deny all; ''; - })) + }) cfg.workers.instances; - }) - ({ + } + { locations."/metrics/master/1" = { proxyPass = "http://127.0.0.1:9000/_synapse/metrics"; extraConfig = '' @@ -202,5 +202,5 @@ in { labels = { }; }]) + "/"; }; - })]; + }]; } diff --git a/hosts/ildkule/services/monitoring/grafana.nix b/hosts/ildkule/services/monitoring/grafana.nix index a4d022f..f1190dc 100644 --- a/hosts/ildkule/services/monitoring/grafana.nix +++ b/hosts/ildkule/services/monitoring/grafana.nix @@ -34,13 +34,13 @@ in { { name = "Ildkule Prometheus"; type = "prometheus"; - url = ("http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}"); + url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}"; isDefault = true; } { name = "Ildkule loki"; type = "loki"; - url = ("http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}"); + url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}"; } ]; dashboards.settings.providers = [ diff --git a/shell.nix b/shell.nix index 6133b0c..e12ac41 100644 --- a/shell.nix +++ b/shell.nix @@ -3,6 +3,7 @@ pkgs.mkShell { nativeBuildInputs = with pkgs; [ sops gnupg + statix openstackclient ]; diff --git a/statix.toml b/statix.toml new file mode 100644 index 0000000..530ee77 --- /dev/null +++ b/statix.toml @@ -0,0 +1,24 @@ +ignore = [".direnv"] +nix_version = '2.18' # '2.4' +disabled = [ + # "bool_comparison", # W01 + # "empty_let_in", # W02 + "manual_inherit", # W03 + "manual_inherit_from", # W04 + # "legacy_let_syntax", # W05 + "collapsible_let_in", # W06 + # "eta_reduction", # W07 + # "useless_parens", # W08 + "empty_pattern", # W10 + # "redundant_pattern_bind", # W11 + # "unquoted_uri", # W12 + # "deprecated_is_null", # W13 + # "empty_inherit", # W14 + # "faster_groupby", # W15 + # "faster_zipattrswith", # W16 + # "deprecated_to_path", # W17 + # "bool_simplification", # W18 + # "useless_has_attr", # W19 + "repeated_keys", # W20 + "empty_list_concat", # W23 +]