From ee8f7e82b85f436d4de77ada3d866e3cc641c1d5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Sat, 31 Dec 2022 07:24:17 +0100
Subject: [PATCH] apply treefmt to codebase
---
build01/configuration.nix | 2 +-
build02/configuration.nix | 2 +-
build02/packages-with-update-script.nix | 2 +-
build03/configuration.nix | 2 +-
build04/configuration.nix | 2 +-
build04/hardware-configuration.nix | 18 ++--
flake.nix | 136 ++++++++++++------------
pyproject.toml | 13 +++
roles/builder/users.nix | 2 +-
roles/common.nix | 2 +-
roles/hercules-ci/default.nix | 2 +-
roles/hetzner/amd.nix | 2 +-
roles/hetzner/network.nix | 2 +-
roles/nginx.nix | 2 +-
roles/nix-daemon.nix | 34 +++---
roles/security.nix | 2 +-
roles/sops-nix.nix | 2 +-
roles/users.nix | 2 +-
services/hound/default.nix | 2 +-
services/hound/update-hound.py | 76 ++++++-------
services/hydra/default.nix | 15 +--
services/nur-update/default.nix | 50 ++++-----
tasks.py | 48 +++++----
users/adisbladis.nix | 2 +-
users/flokli.nix | 2 +-
users/lewo.nix | 2 +-
users/mic92.nix | 2 +-
users/ryantm.nix | 2 +-
users/zimbatm.nix | 2 +-
users/zowoq.nix | 2 +-
30 files changed, 232 insertions(+), 202 deletions(-)
create mode 100644 pyproject.toml
diff --git a/build01/configuration.nix b/build01/configuration.nix
index 9cfcddf..7814668 100644
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
# Boot recovery:
# Activate 64-bit Rescue system in https://robot.your-server.de/server
# ssh root@build01.nix-community.org "mount /dev/md[0-9]* /mnt && /mnt/kexec_bundle"
diff --git a/build02/configuration.nix b/build02/configuration.nix
index aa9f99e..03ad489 100644
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
{
imports = [
diff --git a/build02/packages-with-update-script.nix b/build02/packages-with-update-script.nix
index 5534106..71ba572 100644
--- a/build02/packages-with-update-script.nix
+++ b/build02/packages-with-update-script.nix
@@ -64,7 +64,7 @@ in
let
- allPackagesWithUpdateScript = packagesWithUpdateScriptMatchingPredicate (path: package: true) pkgs;
+ allPackagesWithUpdateScript = packagesWithUpdateScriptMatchingPredicate (_path: _package: true) pkgs;
in
diff --git a/build03/configuration.nix b/build03/configuration.nix
index b985611..ef93b7c 100644
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
{
# Boot recovery:
# Activate 64-bit Rescue system in https://robot.your-server.de/server
diff --git a/build04/configuration.nix b/build04/configuration.nix
index 1cdc115..3247b33 100644
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
{
imports = [
./hardware-configuration.nix
diff --git a/build04/hardware-configuration.nix b/build04/hardware-configuration.nix
index 41fbbfa..4339df9 100644
--- a/build04/hardware-configuration.nix
+++ b/build04/hardware-configuration.nix
@@ -1,21 +1,17 @@
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
-{
- config,
- lib,
- pkgs,
- modulesPath,
- ...
+{ modulesPath
+, ...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
- boot.initrd.availableKernelModules = ["xhci_pci" "virtio_pci"];
- boot.initrd.kernelModules = [];
- boot.kernelModules = [];
- boot.extraModulePackages = [];
+ boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" ];
+ boot.initrd.kernelModules = [ ];
+ boot.kernelModules = [ ];
+ boot.extraModulePackages = [ ];
disko.devices = {
disk = {
@@ -79,5 +75,5 @@
};
};
- swapDevices = [];
+ swapDevices = [ ];
}
diff --git a/flake.nix b/flake.nix
index 0510848..1c4c8e1 100644
--- a/flake.nix
+++ b/flake.nix
@@ -35,85 +35,87 @@
treefmt-nix.url = "github:numtide/treefmt-nix";
};
- outputs = inputs @ {flake-parts, ...}:
+ outputs = inputs @ { flake-parts, ... }:
flake-parts.lib.mkFlake
- {inherit inputs;}
+ { inherit inputs; }
{
- systems = ["x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin"];
+ systems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];
imports = [
./treefmt.nix
];
- perSystem = {
- inputs',
- pkgs,
- self',
- ...
- }: {
- devShells.default = pkgs.callPackage ./shell.nix {
- inherit (inputs'.sops-nix.packages) sops-import-keys-hook;
- inherit (self'.packages) treefmt;
+ perSystem =
+ { inputs'
+ , pkgs
+ , self'
+ , ...
+ }: {
+ devShells.default = pkgs.callPackage ./shell.nix {
+ inherit (inputs'.sops-nix.packages) sops-import-keys-hook;
+ inherit (self'.packages) treefmt;
+ };
};
- };
- flake.nixosConfigurations = let
- inherit (inputs.nixpkgs.lib) nixosSystem;
- common = [
- { _module.args.inputs = inputs; }
- inputs.sops-nix.nixosModules.sops
- inputs.srvos.nixosModules.server
+ flake.nixosConfigurations =
+ let
+ inherit (inputs.nixpkgs.lib) nixosSystem;
+ common = [
+ { _module.args.inputs = inputs; }
+ inputs.sops-nix.nixosModules.sops
+ inputs.srvos.nixosModules.server
- inputs.srvos.nixosModules.telegraf
- { networking.firewall.allowedTCPPorts = [ 9273 ]; }
- ];
- in {
- "build01.nix-community.org" = nixosSystem {
- system = "x86_64-linux";
- modules =
- common
- ++ [
- ./build01/configuration.nix
- ];
- };
+ inputs.srvos.nixosModules.telegraf
+ { networking.firewall.allowedTCPPorts = [ 9273 ]; }
+ ];
+ in
+ {
+ "build01.nix-community.org" = nixosSystem {
+ system = "x86_64-linux";
+ modules =
+ common
+ ++ [
+ ./build01/configuration.nix
+ ];
+ };
- "build02.nix-community.org" = nixosSystem {
- system = "x86_64-linux";
- modules =
- common
- ++ [
- (import ./build02/nixpkgs-update.nix {
- inherit
- (inputs)
- nixpkgs-update
- nixpkgs-update-github-releases
- nixpkgs-update-pypi-releases
- ;
- })
- ./build02/configuration.nix
- ];
- };
+ "build02.nix-community.org" = nixosSystem {
+ system = "x86_64-linux";
+ modules =
+ common
+ ++ [
+ (import ./build02/nixpkgs-update.nix {
+ inherit
+ (inputs)
+ nixpkgs-update
+ nixpkgs-update-github-releases
+ nixpkgs-update-pypi-releases
+ ;
+ })
+ ./build02/configuration.nix
+ ];
+ };
- "build03.nix-community.org" = nixosSystem {
- system = "x86_64-linux";
- modules =
- common
- ++ [
- (import ./services/nur-update {
- inherit (inputs) nur-update;
- })
- ./build03/configuration.nix
- ];
- };
+ "build03.nix-community.org" = nixosSystem {
+ system = "x86_64-linux";
+ modules =
+ common
+ ++ [
+ (import ./services/nur-update {
+ inherit (inputs) nur-update;
+ })
+ ./build03/configuration.nix
+ ];
+ };
- "build04.nix-community.org" = nixosSystem {
- system = "aarch64-linux";
- modules =
- common
- ++ [
- ./build04/configuration.nix
- inputs.disko.nixosModules.disko
- ];
+ "build04.nix-community.org" = nixosSystem {
+ system = "aarch64-linux";
+ modules =
+ common
+ ++ [
+ ./build04/configuration.nix
+ inputs.disko.nixosModules.disko
+ ];
+ };
};
- };
};
}
diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 0000000..cf90945
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,13 @@
+[tool.ruff]
+line-length = 88
+
+select = ["E", "F", "I"]
+ignore = [ "E501" ]
+
+
+[tool.mypy]
+python_version = "3.10"
+warn_redundant_casts = true
+disallow_untyped_calls = true
+disallow_untyped_defs = true
+no_implicit_optional = true
diff --git a/roles/builder/users.nix b/roles/builder/users.nix
index 2290bf7..a740d66 100644
--- a/roles/builder/users.nix
+++ b/roles/builder/users.nix
@@ -36,7 +36,7 @@ let
trusted = true;
keys = ./keys/raitobezarius;
};
-
+
schmittlauch = {
trusted = true;
keys = ./keys/schmittlauch;
diff --git a/roles/common.nix b/roles/common.nix
index 1c9e0e3..e0b1dcf 100644
--- a/roles/common.nix
+++ b/roles/common.nix
@@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
{
imports = [
diff --git a/roles/hercules-ci/default.nix b/roles/hercules-ci/default.nix
index ce75bbc..e73cb5c 100644
--- a/roles/hercules-ci/default.nix
+++ b/roles/hercules-ci/default.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, ... }:
let
herculesSecret = {
owner = "hercules-ci-agent";
diff --git a/roles/hetzner/amd.nix b/roles/hetzner/amd.nix
index 76716b1..5d0cd75 100644
--- a/roles/hetzner/amd.nix
+++ b/roles/hetzner/amd.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{ modulesPath, ... }:
{
imports = [
diff --git a/roles/hetzner/network.nix b/roles/hetzner/network.nix
index 9e2313e..112c96f 100644
--- a/roles/hetzner/network.nix
+++ b/roles/hetzner/network.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
with lib;
let
cfg = config.networking.nix-community;
diff --git a/roles/nginx.nix b/roles/nginx.nix
index 20bf7e4..856be49 100644
--- a/roles/nginx.nix
+++ b/roles/nginx.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, ... }:
{
networking.firewall.allowedTCPPorts = [ 443 80 ];
diff --git a/roles/nix-daemon.nix b/roles/nix-daemon.nix
index 46edc0d..2ca2b78 100644
--- a/roles/nix-daemon.nix
+++ b/roles/nix-daemon.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, inputs, ... }:
+{ lib, pkgs, inputs, ... }:
let
asGB = size: toString (size * 1024 * 1024);
@@ -37,23 +37,25 @@ in
};
# inputs == flake inputs in configurations.nix
- environment.etc = let
- inputsWithDate = lib.filterAttrs (_: input: input ? lastModified) inputs;
- flakeAttrs = input: (lib.mapAttrsToList (n: v: ''${n}="${v}"'')
- (lib.filterAttrs (n: v: (builtins.typeOf v) == "string") input));
- lastModified = name: input: ''
- flake_input_last_modified{input="${name}",${lib.concatStringsSep "," (flakeAttrs input)}} ${toString input.lastModified}
- '';
- in {
- "flake-inputs.prom" = {
- mode = "0555";
- text = ''
- # HELP flake_registry_last_modified Last modification date of flake input in unixtime
- # TYPE flake_input_last_modified gauge
- ${lib.concatStringsSep "\n" (lib.mapAttrsToList lastModified inputsWithDate)}
+ environment.etc =
+ let
+ inputsWithDate = lib.filterAttrs (_: input: input ? lastModified) inputs;
+ flakeAttrs = input: (lib.mapAttrsToList (n: v: ''${n}="${v}"'')
+ (lib.filterAttrs (_n: v: (builtins.typeOf v) == "string") input));
+ lastModified = name: input: ''
+ flake_input_last_modified{input="${name}",${lib.concatStringsSep "," (flakeAttrs input)}} ${toString input.lastModified}
'';
+ in
+ {
+ "flake-inputs.prom" = {
+ mode = "0555";
+ text = ''
+ # HELP flake_registry_last_modified Last modification date of flake input in unixtime
+ # TYPE flake_input_last_modified gauge
+ ${lib.concatStringsSep "\n" (lib.mapAttrsToList lastModified inputsWithDate)}
+ '';
+ };
};
- };
services.telegraf.extraConfig.inputs.file = [
{
diff --git a/roles/security.nix b/roles/security.nix
index e27ec76..777c7e6 100644
--- a/roles/security.nix
+++ b/roles/security.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
{
# Make sure that the firewall is enabled, even if it's the default.
networking.firewall.enable = true;
diff --git a/roles/sops-nix.nix b/roles/sops-nix.nix
index b98b247..769394f 100644
--- a/roles/sops-nix.nix
+++ b/roles/sops-nix.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
let
defaultSopsPath = ../. + "/${config.networking.hostName}/secrets.yaml";
in
diff --git a/roles/users.nix b/roles/users.nix
index 01e005e..b0e2bb1 100644
--- a/roles/users.nix
+++ b/roles/users.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
let
userImports =
diff --git a/services/hound/default.nix b/services/hound/default.nix
index 3742116..16a5dbd 100644
--- a/services/hound/default.nix
+++ b/services/hound/default.nix
@@ -13,7 +13,7 @@
enable = true;
listen = "127.0.0.1:6080";
config = builtins.readFile ./hound.json;
- package = pkgs.hound.overrideAttrs (x: {
+ package = pkgs.hound.overrideAttrs (_x: {
patches = [
./0001-Fail-to-start-if-any-repos-fail-to-index.patch
];
diff --git a/services/hound/update-hound.py b/services/hound/update-hound.py
index 216ecd1..097ef07 100755
--- a/services/hound/update-hound.py
+++ b/services/hound/update-hound.py
@@ -1,63 +1,67 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3Packages.python -p python3Packages.requests
-import requests
import json
-from pprint import pprint
+
+import requests
disallowed_repos = [
- 'NixOS/nixops-dashboard', # empty repo causes an error
-];
+ "NixOS/nixops-dashboard", # empty repo causes an error
+]
allowed_forks = [
- 'nix-community/acpi_call',
- 'nix-community/bundix',
- 'nix-community/luarocks-nix',
- 'nix-community/nix-doom-emacs',
- 'nix-community/nix-straight.el',
- 'nix-community/travis-build',
- 'nix-community/vagrant-nixos-plugin',
- 'NixOS/calamares-nixos-extensions',
-];
+ "nix-community/acpi_call",
+ "nix-community/bundix",
+ "nix-community/luarocks-nix",
+ "nix-community/nix-doom-emacs",
+ "nix-community/nix-straight.el",
+ "nix-community/travis-build",
+ "nix-community/vagrant-nixos-plugin",
+ "NixOS/calamares-nixos-extensions",
+]
+
def all_for_org(org):
resp = {}
- next_url = 'https://api.github.com/orgs/{}/repos'.format(org)
+ next_url = "https://api.github.com/orgs/{}/repos".format(org)
while next_url is not None:
repo_resp = requests.get(next_url)
- if 'next' in repo_resp.links:
- next_url = repo_resp.links['next']['url']
+ if "next" in repo_resp.links:
+ next_url = repo_resp.links["next"]["url"]
else:
next_url = None
repos = repo_resp.json()
- resp.update({
- "{}-{}".format(org, repo['name']): {
- 'url': repo['clone_url'],
+ resp.update(
+ {
+ "{}-{}".format(org, repo["name"]): {
+ "url": repo["clone_url"],
+ }
+ for repo in repos
+ if repo["full_name"] not in disallowed_repos
+ if repo["archived"] is False
+ if repo["fork"] is False or repo["full_name"] in allowed_forks
}
- for repo in repos
- if repo['full_name'] not in disallowed_repos
- if repo['archived'] == False
- if repo['fork'] == False or repo['full_name'] in allowed_forks
- })
+ )
return resp
-repos = {**all_for_org('NixOS'), **all_for_org('nix-community')}
-print(json.dumps(
- {
- "max-concurrent-indexers" : 1,
- "dbpath" : "/var/lib/hound/data",
- "repos": repos,
- "vcs-config" : {
- "git": { "detect-ref" : True }
+repos = {**all_for_org("NixOS"), **all_for_org("nix-community")}
+
+print(
+ json.dumps(
+ {
+ "max-concurrent-indexers": 1,
+ "dbpath": "/var/lib/hound/data",
+ "repos": repos,
+ "vcs-config": {"git": {"detect-ref": True}},
},
- },
- indent=4,
- sort_keys=True
-))
+ indent=4,
+ sort_keys=True,
+ )
+)
diff --git a/services/hydra/default.nix b/services/hydra/default.nix
index dc5c0e6..9292c8a 100644
--- a/services/hydra/default.nix
+++ b/services/hydra/default.nix
@@ -18,7 +18,8 @@ with lib; let
export HOME=/root
exec ${pkgs.cachix}/bin/cachix -c ${config.sops.secrets.nix-community-cachix.path} push nix-community $OUT_PATHS > /tmp/hydra_cachix 2>&1
'';
-in {
+in
+{
options.services.hydra = {
adminPasswordFile = mkOption {
type = types.str;
@@ -61,7 +62,7 @@ in {
};
sops.secrets.nix-community-cachix.sopsFile = ../../roles/nix-community-cache/secrets.yaml;
- sops.secrets.id_buildfarm = {};
+ sops.secrets.id_buildfarm = { };
services.hydra = {
enable = true;
@@ -86,7 +87,7 @@ in {
services.postgresql = {
enable = true;
- ensureDatabases = ["hydra"];
+ ensureDatabases = [ "hydra" ];
settings = {
max_connections = "300";
effective_cache_size = "4GB";
@@ -108,13 +109,13 @@ in {
Type = "oneshot";
TimeoutStartSec = "60";
};
- wantedBy = ["multi-user.target"];
- after = ["hydra-server.service"];
- requires = ["hydra-server.service"];
+ wantedBy = [ "multi-user.target" ];
+ after = [ "hydra-server.service" ];
+ requires = [ "hydra-server.service" ];
environment = {
inherit (cfg.systemd.services.hydra-init.environment) HYDRA_DBI;
};
- path = with pkgs; [config.services.hydra.package netcat];
+ path = with pkgs; [ config.services.hydra.package netcat ];
script = ''
set -e
while IFS=';' read -r user role passwordhash email fullname; do
diff --git a/services/nur-update/default.nix b/services/nur-update/default.nix
index 62234ac..9716bd4 100644
--- a/services/nur-update/default.nix
+++ b/services/nur-update/default.nix
@@ -1,4 +1,4 @@
-{ nur-update }: { config, lib, pkgs, ... }:
+{ nur-update }: { config, pkgs, ... }:
{
services.nginx.virtualHosts."nur-update.nix-community.org" = {
@@ -9,28 +9,30 @@
sops.secrets.nur-update-github-token = { };
- systemd.services.nur-update = let
- python = pkgs.python3.withPackages
- (ps: with ps; [
- (ps.toPythonModule nur-update.packages.${pkgs.system}.default)
- gunicorn
- ]);
- in {
- description = "nur-update";
- script = ''
- GITHUB_TOKEN="$(<$CREDENTIALS_DIRECTORY/github-token)" \
- ${python}/bin/gunicorn nur_update:app \
- --bind unix:/run/nur-update/gunicorn.sock \
- --log-level info \
- --timeout 30 \
- --workers 3
- '';
- serviceConfig = {
- DynamicUser = true;
- LoadCredential = [ "github-token:${config.sops.secrets.nur-update-github-token.path}" ];
- Restart = "always";
- RuntimeDirectory = "nur-update";
+ systemd.services.nur-update =
+ let
+ python = pkgs.python3.withPackages
+ (ps: with ps; [
+ (ps.toPythonModule nur-update.packages.${pkgs.system}.default)
+ gunicorn
+ ]);
+ in
+ {
+ description = "nur-update";
+ script = ''
+ GITHUB_TOKEN="$(<$CREDENTIALS_DIRECTORY/github-token)" \
+ ${python}/bin/gunicorn nur_update:app \
+ --bind unix:/run/nur-update/gunicorn.sock \
+ --log-level info \
+ --timeout 30 \
+ --workers 3
+ '';
+ serviceConfig = {
+ DynamicUser = true;
+ LoadCredential = [ "github-token:${config.sops.secrets.nur-update-github-token.path}" ];
+ Restart = "always";
+ RuntimeDirectory = "nur-update";
+ };
+ wantedBy = [ "multi-user.target" ];
};
- wantedBy = [ "multi-user.target" ];
- };
}
diff --git a/tasks.py b/tasks.py
index 423553f..b0959e1 100644
--- a/tasks.py
+++ b/tasks.py
@@ -1,12 +1,12 @@
#!/usr/bin/env python3
-from invoke import task
-
-import sys
-from typing import List, Any
-from deploykit import DeployHost, DeployGroup
-import subprocess
import json
+import subprocess
+import sys
+from typing import Any, List
+
+from deploykit import DeployGroup, DeployHost
+from invoke import task
RSYNC_EXCLUDES = [".terraform", ".direnv", ".mypy-cache", ".git"]
@@ -23,7 +23,7 @@ def deploy_nixos(hosts: List[DeployHost]) -> None:
f"rsync {' --exclude '.join([''] + RSYNC_EXCLUDES)} -vaF --delete -e ssh . {target}:/etc/nixos"
)
- h.run(f"nixos-rebuild switch --option accept-flake-config true")
+ h.run("nixos-rebuild switch --option accept-flake-config true")
g.run_function(deploy)
@@ -73,19 +73,19 @@ def _format_disks(host: DeployHost, devices: List[str]) -> None:
f"zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 -O atime=off {root_part}"
)
- host.run(f"partprobe")
+ host.run("partprobe")
host.run(f"mkfs.ext4 -F {boot}")
# setup zfs dataset
- host.run(f"zfs create -o mountpoint=none zroot/root")
- host.run(f"zfs create -o mountpoint=legacy zroot/root/nixos")
- host.run(f"zfs create -o mountpoint=legacy zroot/root/home")
+ host.run("zfs create -o mountpoint=none zroot/root")
+ host.run("zfs create -o mountpoint=legacy zroot/root/nixos")
+ host.run("zfs create -o mountpoint=legacy zroot/root/home")
## and finally mount
- host.run(f"mount -t zfs zroot/root/nixos /mnt")
- host.run(f"mkdir /mnt/home /mnt/boot")
- host.run(f"mount -t zfs zroot/root/home /mnt/home")
- host.run(f"mount -t ext4 /dev/md127 /mnt/boot")
+ host.run("mount -t zfs zroot/root/nixos /mnt")
+ host.run("mkdir /mnt/home /mnt/boot")
+ host.run("mount -t zfs zroot/root/home /mnt/home")
+ host.run("mount -t ext4 /dev/md127 /mnt/boot")
@task
@@ -103,15 +103,24 @@ find . \
"""
)
+
@task
def scan_age_keys(c, host):
"""
Scans for the host key via ssh an converts it to age
"""
import subprocess
- proc = subprocess.run(["ssh-keyscan", host], stdout=subprocess.PIPE, text=True, check=True)
+
+ proc = subprocess.run(
+ ["ssh-keyscan", host], stdout=subprocess.PIPE, text=True, check=True
+ )
print("###### Age keys ######")
- subprocess.run(["nix", "run", "--inputs-from", ".#", "nixpkgs#ssh-to-age"], input=proc.stdout, check=True, text=True)
+ subprocess.run(
+ ["nix", "run", "--inputs-from", ".#", "nixpkgs#ssh-to-age"],
+ input=proc.stdout,
+ check=True,
+ text=True,
+ )
@task
@@ -198,7 +207,8 @@ def build_local(c, hosts=""):
def wait_for_port(host: str, port: int, shutdown: bool = False) -> None:
- import socket, time
+ import socket
+ import time
while True:
try:
@@ -209,7 +219,7 @@ def wait_for_port(host: str, port: int, shutdown: bool = False) -> None:
sys.stdout.flush()
else:
break
- except OSError as ex:
+ except OSError:
if shutdown:
break
else:
diff --git a/users/adisbladis.nix b/users/adisbladis.nix
index 9463939..58a235b 100644
--- a/users/adisbladis.nix
+++ b/users/adisbladis.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/flokli.nix b/users/flokli.nix
index 37deacc..86659bb 100644
--- a/users/flokli.nix
+++ b/users/flokli.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/lewo.nix b/users/lewo.nix
index e17c662..b909ccb 100644
--- a/users/lewo.nix
+++ b/users/lewo.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/mic92.nix b/users/mic92.nix
index af28a51..2f68f55 100644
--- a/users/mic92.nix
+++ b/users/mic92.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/ryantm.nix b/users/ryantm.nix
index a7b9815..6bf21cf 100644
--- a/users/ryantm.nix
+++ b/users/ryantm.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/zimbatm.nix b/users/zimbatm.nix
index 70f84d3..d1eec7f 100644
--- a/users/zimbatm.nix
+++ b/users/zimbatm.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [
diff --git a/users/zowoq.nix b/users/zowoq.nix
index 6693b82..2d5fc86 100644
--- a/users/zowoq.nix
+++ b/users/zowoq.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
let
userLib = import ./lib.nix { inherit lib; };
keys = [