format the repo files

2026-04-26 10:27:50 +02:00
parent 92fd97c9a2
commit b319cd93e9
116 changed files with 4726 additions and 4247 deletions
--- a/modules/services/nas/default.nix
+++ b/modules/services/nas/default.nix
@@ -9,7 +9,6 @@
 #           └─ default.nix *
 #               └─ ...
 #
-
 [
  ./nfs.nix
  ./nginx.nix
@@ -17,6 +16,6 @@
  ./syncthing.nix
  ./paperless.nix
 ]
-
 # picom, polybar and sxhkd are pulled from desktop module
 # redshift temporarely disables
+
--- a/modules/services/nas/nfs.nix
+++ b/modules/services/nas/nfs.nix
@@ -1,18 +1,23 @@
-{config, pkgs, lib, ...}: {
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: {
  # enable nfs
  services.nfs.server = rec {
-      enable = true;
-      exports = ''
-          /export         192.168.2.0/24(rw,fsid=0,no_subtree_check)
-          /export/Pluto   192.168.2.0/24(rw,no_subtree_check)
-          /export/Mars    192.168.2.0/24(rw,no_subtree_check)
-      '';
-      createMountPoints = true;
+    enable = true;
+    exports = ''
+      /export         192.168.2.0/24(rw,fsid=0,no_subtree_check)
+      /export/Pluto   192.168.2.0/24(rw,no_subtree_check)
+      /export/Mars    192.168.2.0/24(rw,no_subtree_check)
+    '';
+    createMountPoints = true;
  };
  # open the firewall
  networking.firewall = {
    interfaces.ens18 = {
-      allowedTCPPorts = [ 2049 ];
+      allowedTCPPorts = [2049];
    };
  };
 }
--- a/modules/services/nas/nginx.nix
+++ b/modules/services/nas/nginx.nix
@@ -1,10 +1,12 @@
 #
 # System notifications
 #
-
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
@@ -56,13 +58,12 @@
      };
    };
  };
-    

  security.acme = {
    acceptTerms = true;
    defaults = {
      email = "webmaster@opel-online.de";
-#      server = "https://acme-staging-v02.api.letsencrypt.org/directory";
+      #      server = "https://acme-staging-v02.api.letsencrypt.org/directory";
      dnsResolver = "9.9.9.9:53";
    };
    certs = {
@@ -75,17 +76,16 @@
    };
  };

-  systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/mnt/Pluto/nix-cache" ];
+  systemd.services.nginx.serviceConfig.ReadWritePaths = ["/mnt/Pluto/nix-cache"];

  networking.firewall = {
    enable = true;
-    allowedUDPPorts = [  ];
-    allowedTCPPorts = [ 80 443 ];
+    allowedUDPPorts = [];
+    allowedTCPPorts = [80 443];
  };

  age.secrets."services/acme/opel-online" = {
    file = ../../../secrets/services/acme/opel-online.age;
    owner = "acme";
  };
-
 }
--- a/modules/services/nas/paperless.nix
+++ b/modules/services/nas/paperless.nix
@@ -1,15 +1,17 @@
 #
 # System notifications
 #
-
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
  services.paperless = {
    enable = true;
    domain = "paperless.home.opel-online.de";
    passwordFile = config.age.secrets."services/paperless/pwFile".path;
-#    environmentFile = config.age.secrets."services/paperless/environment".path;
+    #    environmentFile = config.age.secrets."services/paperless/environment".path;
    configureTika = true;
    settings = {
      PAPERLESS_OCR_LANGUAGE = "deu+eng";
@@ -31,8 +33,7 @@
  };

  age.secrets."services/paperless/pwFile" = {
-      file = ../../../secrets/services/paperless/pwFile.age;
-      owner = "paperless";
+    file = ../../../secrets/services/paperless/pwFile.age;
+    owner = "paperless";
  };
-
 }
--- a/modules/services/nas/syncthing.nix
+++ b/modules/services/nas/syncthing.nix
@@ -1,29 +1,32 @@
 #
 # System notifications
 #
-
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
  services.syncthing = {
    enable = true;
    group = "users";
    user = "kabbone";
    dataDir = "/home/${config.services.syncthing.user}/Sync";
    configDir = "/home/${config.services.syncthing.user}/.config/syncthing";
-    overrideDevices = true;     # overrides any devices added or deleted through the WebUI
-    overrideFolders = true;     # overrides any folders added or deleted through the WebUI
+    overrideDevices = true; # overrides any devices added or deleted through the WebUI
+    overrideFolders = true; # overrides any folders added or deleted through the WebUI
    openDefaultPorts = true;
    settings = {
      devices = {
-        "hades.home.opel-online.de" = { id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA"; };
-        "lifebook.home.opel-online.de" = { id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4"; };
+        "hades.home.opel-online.de" = {id = "3VPCBVW-RH7XKFM-TWJGQHC-ZRAQ575-CQKGGKP-NAB4VXE-KCKJFUT-AMCUQQA";};
+        "lifebook.home.opel-online.de" = {id = "RKPZG3H-BDUZID3-DV26MKR-UOARIQC-JBCAFXP-J5QFM4H-5EGBSM5-VEGXHQ4";};
      };
      folders = {
-        "Sync" = {         # Name of folder in Syncthing, also the folder ID
-          path = "/mnt/Mars/${config.services.syncthing.user}/Sync";    # Which folder to add to Syncthing
-          devices = [ "hades.home.opel-online.de" "lifebook.home.opel-online.de" ];      # Which devices to share the folder with
-          ignorePerms = false;  # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
+        "Sync" = {
+          # Name of folder in Syncthing, also the folder ID
+          path = "/mnt/Mars/${config.services.syncthing.user}/Sync"; # Which folder to add to Syncthing
+          devices = ["hades.home.opel-online.de" "lifebook.home.opel-online.de"]; # Which devices to share the folder with
+          ignorePerms = false; # By default, Syncthing doesn't sync file permissions. This line enables it for this folder.
        };
      };
    };
@@ -35,19 +38,18 @@
        useACMEHost = "home.opel-online.de";
        forceSSL = true;
        locations."/" = {
-	  recommendedProxySettings = false;
-	  proxyPass = "http://${toString config.services.syncthing.guiAddress}";
+          recommendedProxySettings = false;
+          proxyPass = "http://${toString config.services.syncthing.guiAddress}";
          extraConfig = ''
-          proxy_set_header        Host localhost;
-          proxy_set_header        X-Real-IP $remote_addr;
-          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
-          proxy_set_header        X-Forwarded-Proto $scheme;
-          proxy_set_header        X-Forwarded-Host $host;
-          proxy_set_header        X-Forwarded-Server $host;
+            proxy_set_header        Host localhost;
+            proxy_set_header        X-Real-IP $remote_addr;
+            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header        X-Forwarded-Proto $scheme;
+            proxy_set_header        X-Forwarded-Host $host;
+            proxy_set_header        X-Forwarded-Server $host;
          '';
        };
      };
    };
  };
-
 }
--- a/modules/services/nas/vaultwarden.nix
+++ b/modules/services/nas/vaultwarden.nix
@@ -1,10 +1,12 @@
 #
 # System notifications
 #
-
-{ config, lib, pkgs, ... }:
-
 {
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
  services.vaultwarden = {
    enable = true;
    dbBackend = "sqlite";
@@ -31,8 +33,7 @@
  };

  age.secrets."services/vaultwarden/environment" = {
-      file = ../../../secrets/services/vaultwarden/environment.age;
-      owner = "vaultwarden";
+    file = ../../../secrets/services/vaultwarden/environment.age;
+    owner = "vaultwarden";
  };
-
 }