run nix fmt

systems/hetzner/bind.nix

@@ -28,14 +28,20 @@
   };
 
   systemd.services.dns-rfc2136-conf = {
-    requiredBy = [ "acme-net0loggy.net.service" "bind.service" ];
-    before = [ "acme-net0loggy.net.service" "bind.service" ];
+    requiredBy = [
+      "acme-net0loggy.net.service"
+      "bind.service"
+    ];
+    before = [
+      "acme-net0loggy.net.service"
+      "bind.service"
+    ];
     unitConfig = {
       ConditionPathExists = "!/var/lib/secrets/dnskeys.conf";
     };
     serviceConfig = {
       Type = "oneshot";
-      UMask = 0077;
+      UMask = 77;
     };
     path = [ pkgs.bind ];
     script = ''

systems/hetzner/default.nix

@@ -1,4 +1,10 @@
-{ config, pkgs, lib, self, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  self,
+  ...
+}:
 
 {
 
@@ -24,7 +30,10 @@
     ssh.enable = true;
   };
 
-  boot.initrd.availableKernelModules = [ "ahci" "nvme" ];
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "nvme"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];

systems/hetzner/mail.nix

@@ -1,17 +1,54 @@
-{ config, pkgs, lib, ...}:
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
 
 {
   mailserver = {
     enable = true;
     fqdn = "mail.missing.ninja";
-    domains = [ "missing.ninja" "joens.zone" "joens.website" "joens.site" "joens.online" "joens.link" "joens.international" "joens.family" "joens.digital" "joens.blog" "net0loggy.net" "clan-war.net" "net0loggy.de" "dtg-c.de" "joens.email" ];
+    domains = [
+      "missing.ninja"
+      "joens.zone"
+      "joens.website"
+      "joens.site"
+      "joens.online"
+      "joens.link"
+      "joens.international"
+      "joens.family"
+      "joens.digital"
+      "joens.blog"
+      "net0loggy.net"
+      "clan-war.net"
+      "net0loggy.de"
+      "dtg-c.de"
+      "joens.email"
+    ];
 
     # A list of all login accounts. To create the password hashes, use
     # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
     loginAccounts = {
       "jopejoe1@missing.ninja" = {
         hashedPassword = "$2b$05$ZZk/X.gQqjRc08ej9XTuaO0aVnWjPGWUqo/xYGxHGsMEyDL.Hr8AS";
-        aliases = [ "@missing.ninja" "@joens.zone" "@joens.website" "@joens.site" "@joens.online" "@joens.link" "@joens.international" "@joens.family" "@joens.digital" "@joens.blog" "@net0loggy.net" "@clan-war.net" "@net0loggy.de" "@dtg-c.de" "@joens.email" ];
+        aliases = [
+          "@missing.ninja"
+          "@joens.zone"
+          "@joens.website"
+          "@joens.site"
+          "@joens.online"
+          "@joens.link"
+          "@joens.international"
+          "@joens.family"
+          "@joens.digital"
+          "@joens.blog"
+          "@net0loggy.net"
+          "@clan-war.net"
+          "@net0loggy.de"
+          "@dtg-c.de"
+          "@joens.email"
+        ];
       };
     };
 
@@ -30,18 +67,21 @@
   };
 
   services.roundcube = {
-     enable = true;
-     # this is the url of the vhost, not necessarily the same as the fqdn of
-     # the mailserver
-     hostName = "webmail.missing.ninja";
-     extraConfig = ''
-       # starttls needed for authentication, so the fqdn required to match
-       # the certificate
-       $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
-       $config['smtp_user'] = "%u";
-       $config['smtp_pass'] = "%p";
-     '';
+    enable = true;
+    # this is the url of the vhost, not necessarily the same as the fqdn of
+    # the mailserver
+    hostName = "webmail.missing.ninja";
+    extraConfig = ''
+      # starttls needed for authentication, so the fqdn required to match
+      # the certificate
+      $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
+      $config['smtp_user'] = "%u";
+      $config['smtp_pass'] = "%p";
+    '';
   };
 
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ];
 }

systems/hetzner/matrix.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, ...}:
+{ config, pkgs, ... }:
 
 let
   fqdn = "matrix.missing.ninja";
@@ -54,9 +54,7 @@ in
       server_name = "missing.ninja";
       registration_shared_secret = "";
       public_baseurl = baseUrl;
-      app_service_config_files = [
-        "/var/lib/matrix-synapse/whatsapp-registration.yaml"
-      ];
+      app_service_config_files = [ "/var/lib/matrix-synapse/whatsapp-registration.yaml" ];
       listeners = [
         {
           port = 8448;
@@ -66,7 +64,10 @@ in
           x_forwarded = true;
           resources = [
             {
-              names = [ "client" "federation" ];
+              names = [
+                "client"
+                "federation"
+              ];
               compress = true;
             }
           ];

systems/hetzner/nginx.nix

@@ -1,4 +1,9 @@
-{config, pkgs, self, ...}:
+{
+  config,
+  pkgs,
+  self,
+  ...
+}:
 
 {
   services.nginx = {
@@ -9,7 +14,21 @@
     recommendedProxySettings = true;
     virtualHosts = {
       "missing.ninja" = {
-        serverAliases = [ "joens.zone" "joens.website" "joens.site" "joens.online" "joens.link" "joens.international" "joens.family" "joens.digital" "joens.blog" "net0loggy.net" "clan-war.net" "net0loggy.de" "dtg-c.de" ];
+        serverAliases = [
+          "joens.zone"
+          "joens.website"
+          "joens.site"
+          "joens.online"
+          "joens.link"
+          "joens.international"
+          "joens.family"
+          "joens.digital"
+          "joens.blog"
+          "net0loggy.net"
+          "clan-war.net"
+          "net0loggy.de"
+          "dtg-c.de"
+        ];
         enableACME = true;
         forceSSL = true;
       };
@@ -23,9 +42,7 @@
         locations."/socket.io/" = {
           proxyPass = "http://localhost:3333";
           proxyWebsockets = true;
-          extraConfig =
-            "proxy_ssl_server_name on;"
-            ;
+          extraConfig = "proxy_ssl_server_name on;";
         };
       };
       "test.missing.ninja" = {
@@ -57,24 +74,25 @@
     max_input_time = 300
   '';
 
-  services.wordpress.sites."test.missing.ninja" = with self.packages.${config.nixpkgs.hostPlatform.system}; {
-    themes = [
-      madara
-      madara-child
-      pkgs.wordpressPackages.themes.twentytwentythree
-    ];
-    plugins = [
-      madara-core
-      madara-shortcodes
-      option-tree
-      option-tree-lean
-      widget-logic
-    ];
-    settings = {
-      FORCE_SSL_ADMIN = true;
+  services.wordpress.sites."test.missing.ninja" =
+    with self.packages.${config.nixpkgs.hostPlatform.system}; {
+      themes = [
+        madara
+        madara-child
+        pkgs.wordpressPackages.themes.twentytwentythree
+      ];
+      plugins = [
+        madara-core
+        madara-shortcodes
+        option-tree
+        option-tree-lean
+        widget-logic
+      ];
+      settings = {
+        FORCE_SSL_ADMIN = true;
+      };
+      extraConfig = ''
+        $_SERVER['HTTPS']='on';
+      '';
     };
-    extraConfig = ''
-      $_SERVER['HTTPS']='on';
-    '';
-  };
 }

systems/hetzner/radicale.nix

@@ -1,16 +1,22 @@
-{ config, pkgs, lib, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
 
 with lib;
 
 let
   mailAccounts = config.mailserver.loginAccounts;
-  htpasswd = pkgs.writeText "radicale.users" (concatStrings
-    (flip mapAttrsToList mailAccounts (mail: user:
-      mail + ":" + user.hashedPassword + "\n"
-    ))
+  htpasswd = pkgs.writeText "radicale.users" (
+    concatStrings (
+      flip mapAttrsToList mailAccounts (mail: user: mail + ":" + user.hashedPassword + "\n")
+    )
   );
 
-in {
+in
+{
   services.radicale = {
     enable = true;
     settings = {