add alejandra formatter

flake.nix

@@ -28,24 +28,24 @@
     };
   };
 
-  outputs =
+  outputs = flakes @ {
-    flakes@{ self
+    self,
-    , nixpkgs
+    nixpkgs,
-    , unstable
+    unstable,
-    , home-manager
+    home-manager,
-    , impermanence
+    impermanence,
-    , flake-utils
+    flake-utils,
-    , vpsadminos
+    vpsadminos,
-    , homepage
+    homepage,
-    , conduwuit
+    conduwuit,
-    , mediawikiSkinCitizen
+    mediawikiSkinCitizen,
-    }:
+  }: let
-    let
     system = "x86_64-linux";
 
     pkgs = importPkgs nixpkgs;
 
-      importPkgs = flake: import flake {
+    importPkgs = flake:
+      import flake {
         inherit system;
 
         config = import ./pkgs/config nixpkgs.lib;
@@ -55,11 +55,10 @@
     local = import ./pkgs;
   in
     with pkgs.lib; {
-      formatter.${system} = pkgs.nixpkgs-fmt;
+      formatter.${system} = pkgs.alejandra;
       packages.${system} = pkgs.local;
 
-      overlays.default = final: prev:
+      overlays.default = final: prev: let
-        let
         locals = local {
           inherit final prev flakes;
         };
@@ -67,7 +66,8 @@
         {
           local = locals;
           unstable = importPkgs unstable;
-        } // locals.override;
+        }
+        // locals.override;
 
       nixosConfigurations.vps = makeOverridable nixpkgs.lib.nixosSystem {
         inherit pkgs system;
@@ -80,4 +80,3 @@
       };
     };
 }
-

pkgs/default.nix

@@ -1,4 +1,8 @@
-{ final, prev, flakes }: {
+{
+  final,
+  prev,
+  flakes,
+}: {
   homepage = flakes.homepage.packages.${final.system}.default;
 
   override = {};

sys/default.nix

@@ -1,6 +1,11 @@
-{ config, pkgs, lib, flakes, ... }:
-with lib;
 {
+  config,
+  pkgs,
+  lib,
+  flakes,
+  ...
+}:
+with lib; {
   imports = [
     flakes.vpsadminos.nixosConfigurations.container
     flakes.home-manager.nixosModules.home-manager
@@ -57,7 +62,7 @@ with lib;
       group = "fabian";
       shell = pkgs.zsh;
       extraGroups = ["users" "wheel" "networkmanager" "dialout" "libvirtd"];
-      openssh.authorizedKeys.keyFiles = [ "${flakes.self}/pki/fabian.pub" ];
+      openssh.authorizedKeys.keyFiles = [../pki/fabian.pub];
     };
     groups.fabian.gid = 1000;
   };

sys/home/cli.nix

@@ -1,6 +1,9 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   programs = {
     zsh = {
       enable = true;
@@ -13,8 +16,7 @@ with lib;
     };
     neovim.enable = true;
   };
-  home.packages = with pkgs;
+  home.packages = with pkgs; [
-    [
     file
     htop
     killall

sys/home/default.nix

@@ -1,7 +1,11 @@
-{ config, pkgs, lib, flakes, ... }:
-with lib;
 {
-
+  config,
+  pkgs,
+  lib,
+  flakes,
+  ...
+}:
+with lib; {
   imports = [
     ./cli.nix
   ];

sys/srv/bepasty.nix

@@ -1,8 +1,10 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   services = {
-
     nginx = {
       virtualHosts."send.posixlycorrect.com" = {
         enableACME = true;
@@ -14,7 +16,6 @@ with lib;
         locations."/" = {
           proxyPass = "http://127.0.0.1:8989";
         };
-
       };
     };
 

sys/srv/default.nix

@@ -1,6 +1,11 @@
-{ config, pkgs, lib, flakes, ... }:
-with lib;
 {
+  config,
+  pkgs,
+  lib,
+  flakes,
+  ...
+}:
+with lib; {
   imports = [
     ./net.nix
     ./mediawiki.nix

sys/srv/forgejo.nix

@@ -1,6 +1,9 @@
-{ config, lib, ... }:
-with lib;
 {
+  config,
+  lib,
+  ...
+}:
+with lib; {
   config = {
     environment.etc."fail2ban/filter.d/gitea.local".text = ''
       [Definition]

sys/srv/jellyfin.nix

@@ -1,9 +1,10 @@
-{ lib, pkgs, ... }:
-with lib;
 {
-
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   services = {
-
     nginx = {
       virtualHosts."stream.posixlycorrect.com" = {
         enableACME = true;

sys/srv/jitsi.nix

@@ -1,9 +1,10 @@
-{ lib, pkgs, flakes, ... }:
-with lib;
 {
-
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   services = {
-
     nginx = {
       virtualHosts."meet.posixlycorrect.com" = {
         enableACME = true;
@@ -14,7 +15,7 @@ with lib;
 
             ssl_verify_depth 1;
             ssl_verify_client on;
-            ssl_client_certificate ${flakes.self}/pki/gatekeeper_ca.pem;
+            ssl_client_certificate ${../../pki/gatekeeper_ca.pem};
             if ($ssl_client_verify != "SUCCESS") {
               return 403;
             }
@@ -22,7 +23,6 @@ with lib;
       };
     };
 
-
     jitsi-meet = {
       enable = true;
       hostName = "meet.posixlycorrect.com";

sys/srv/kuma.nix

@@ -1,6 +1,9 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   services = {
     nginx = {
       virtualHosts."status.posixlycorrect.com" = {

sys/srv/matrix.nix

@@ -1,10 +1,14 @@
-{ lib, pkgs, config, flakes, ... }:
+{
-with lib;
+  lib,
-let
+  pkgs,
+  config,
+  flakes,
+  ...
+}:
+with lib; let
   subdomain = "matrix.posixlycorrect.com";
   baseUrl = "https://${subdomain}";
-in
+in {
-{
   # ver https://nixos.org/manual/nixos/stable/#module-services-matrix
   services = {
     matrix-conduit = {
@@ -23,8 +27,7 @@ in
       };
     };
 
-    nginx.virtualHosts =
+    nginx.virtualHosts = let
-      let
       clientConfig."m.homeserver".base_url = baseUrl;
       serverConfig."m.server" = "${subdomain}:443";
       mkWellKnown = data: ''
@@ -32,8 +35,7 @@ in
         add_header Access-Control-Allow-Origin *;
         return 200 '${builtins.toJSON data}';
       '';
-      in
+    in {
-      {
       "posixlycorrect.com" = {
         locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
         locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
@@ -50,10 +52,7 @@ in
         '';
         locations."/_matrix".proxyPass = "http://[::1]:6167";
         locations."/_synapse/client".proxyPass = "http://[::1]:6167";
-
       };
     };
-
-
   };
 }

sys/srv/mediawiki.nix

@@ -1,6 +1,10 @@
-{ lib, pkgs, flakes, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  flakes,
+  ...
+}:
+with lib; {
   services = {
     nginx = {
       virtualHosts."wiki.posixlycorrect.com" = {

sys/srv/msmtp.nix

@@ -1,6 +1,9 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   users.groups = {
     mailsenders = {
       members = ["fabian" "mediawiki"];

sys/srv/net.nix

@@ -1,6 +1,9 @@
-{ lib, pkgs, ... }:
-with lib;
 {
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
   networking = {
     nftables.enable = true;
     firewall = {

sys/srv/vaultwarden.nix

@@ -1,6 +1,9 @@
-{ config, lib, ... }:
-with lib;
 {
+  config,
+  lib,
+  ...
+}:
+with lib; {
   services = {
     nginx = {
       virtualHosts."vault.posixlycorrect.com" = {
@@ -18,10 +21,12 @@ with lib;
 
     postgresql = {
       ensureDatabases = ["vaultwarden"];
-      ensureUsers = [{
+      ensureUsers = [
+        {
           name = "vaultwarden";
           ensureDBOwnership = true;
-      }];
+        }
+      ];
     };
 
     vaultwarden = {