apply treefmt to codebase

2022-12-31 07:24:17 +01:00 · 2022-12-31 07:24:17 +01:00 · ee8f7e82b8
commit ee8f7e82b8
parent fea7e110c2
30 changed files with 232 additions and 202 deletions
--- a/build01/configuration.nix
+++ b/build01/configuration.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 # Boot recovery:
 # Activate 64-bit Rescue system in https://robot.your-server.de/server
 # ssh root@build01.nix-community.org "mount /dev/md[0-9]* /mnt && /mnt/kexec_bundle"
--- a/build02/configuration.nix
+++ b/build02/configuration.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 {
  imports = [
--- a/build02/packages-with-update-script.nix
+++ b/build02/packages-with-update-script.nix
@ -64,7 +64,7 @@ in
 let
-  allPackagesWithUpdateScript = packagesWithUpdateScriptMatchingPredicate (path: package: true) pkgs;
+  allPackagesWithUpdateScript = packagesWithUpdateScriptMatchingPredicate (_path: _package: true) pkgs;
 in
--- a/build03/configuration.nix
+++ b/build03/configuration.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 {
  # Boot recovery:
  # Activate 64-bit Rescue system in https://robot.your-server.de/server
--- a/build04/configuration.nix
+++ b/build04/configuration.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 {
  imports = [
    ./hardware-configuration.nix
--- a/build04/hardware-configuration.nix
+++ b/build04/hardware-configuration.nix
@ -1,12 +1,8 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
+{ modulesPath
-  config,
+, ...
  lib,
  pkgs,
  modulesPath,
  ...
 }: {
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
--- a/flake.nix
+++ b/flake.nix
@ -45,18 +45,19 @@
          ./treefmt.nix
        ];
-        perSystem = {
+        perSystem =
-          inputs',
+          { inputs'
-          pkgs,
+          , pkgs
-          self',
+          , self'
-          ...
+          , ...
          }: {
            devShells.default = pkgs.callPackage ./shell.nix {
              inherit (inputs'.sops-nix.packages) sops-import-keys-hook;
              inherit (self'.packages) treefmt;
            };
          };
-        flake.nixosConfigurations = let
+        flake.nixosConfigurations =
          let
            inherit (inputs.nixpkgs.lib) nixosSystem;
            common = [
              { _module.args.inputs = inputs; }
@ -66,7 +67,8 @@
              inputs.srvos.nixosModules.telegraf
              { networking.firewall.allowedTCPPorts = [ 9273 ]; }
            ];
-        in {
+          in
          {
            "build01.nix-community.org" = nixosSystem {
              system = "x86_64-linux";
              modules =
--- a/pyproject.toml
+++ b/pyproject.toml
@ -0,0 +1,13 @@
 [tool.ruff]
 line-length = 88
 select = ["E", "F", "I"]
 ignore = [ "E501" ]
 [tool.mypy]
 python_version = "3.10"
 warn_redundant_casts = true
 disallow_untyped_calls = true
 disallow_untyped_defs = true
 no_implicit_optional = true
--- a/roles/common.nix
+++ b/roles/common.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }:
+{ lib, config, ... }:
 {
  imports = [
--- a/roles/hercules-ci/default.nix
+++ b/roles/hercules-ci/default.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, ... }:
 let
  herculesSecret = {
    owner = "hercules-ci-agent";
--- a/roles/hetzner/amd.nix
+++ b/roles/hetzner/amd.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, modulesPath, ... }:
+{ modulesPath, ... }:
 {
  imports = [
--- a/roles/hetzner/network.nix
+++ b/roles/hetzner/network.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
 with lib;
 let
  cfg = config.networking.nix-community;
--- a/roles/nginx.nix
+++ b/roles/nginx.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, ... }:
 {
  networking.firewall.allowedTCPPorts = [ 443 80 ];
--- a/roles/nix-daemon.nix
+++ b/roles/nix-daemon.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, inputs, ... }:
+{ lib, pkgs, inputs, ... }:
 let
  asGB = size: toString (size * 1024 * 1024);
@ -37,14 +37,16 @@ in
  };
  # inputs == flake inputs in configurations.nix
-  environment.etc = let
+  environment.etc =
    let
      inputsWithDate = lib.filterAttrs (_: input: input ? lastModified) inputs;
      flakeAttrs = input: (lib.mapAttrsToList (n: v: ''${n}="${v}"'')
-      (lib.filterAttrs (n: v: (builtins.typeOf v) == "string") input));
+        (lib.filterAttrs (_n: v: (builtins.typeOf v) == "string") input));
      lastModified = name: input: ''
        flake_input_last_modified{input="${name}",${lib.concatStringsSep "," (flakeAttrs input)}} ${toString input.lastModified}
      '';
-  in {
+    in
    {
      "flake-inputs.prom" = {
        mode = "0555";
        text = ''
--- a/roles/security.nix
+++ b/roles/security.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ ... }:
 {
  # Make sure that the firewall is enabled, even if it's the default.
  networking.firewall.enable = true;
--- a/roles/sops-nix.nix
+++ b/roles/sops-nix.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
 let
  defaultSopsPath = ../. + "/${config.networking.hostName}/secrets.yaml";
 in
--- a/roles/users.nix
+++ b/roles/users.nix
@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
 let
  userImports =
--- a/services/hound/default.nix
+++ b/services/hound/default.nix
@ -13,7 +13,7 @@
    enable = true;
    listen = "127.0.0.1:6080";
    config = builtins.readFile ./hound.json;
-    package = pkgs.hound.overrideAttrs (x: {
+    package = pkgs.hound.overrideAttrs (_x: {
      patches = [
        ./0001-Fail-to-start-if-any-repos-fail-to-index.patch
      ];
--- a/services/hound/update-hound.py
+++ b/services/hound/update-hound.py
@ -1,63 +1,67 @@
 #!/usr/bin/env nix-shell
 #!nix-shell -i python3 -p python3Packages.python -p python3Packages.requests
 import requests
 import json
-from pprint import pprint
+
 import requests
 disallowed_repos = [
-  'NixOS/nixops-dashboard', # empty repo causes an error
+    "NixOS/nixops-dashboard",  # empty repo causes an error
-];
+]
 allowed_forks = [
-    'nix-community/acpi_call',
+    "nix-community/acpi_call",
-    'nix-community/bundix',
+    "nix-community/bundix",
-    'nix-community/luarocks-nix',
+    "nix-community/luarocks-nix",
-    'nix-community/nix-doom-emacs',
+    "nix-community/nix-doom-emacs",
-    'nix-community/nix-straight.el',
+    "nix-community/nix-straight.el",
-    'nix-community/travis-build',
+    "nix-community/travis-build",
-    'nix-community/vagrant-nixos-plugin',
+    "nix-community/vagrant-nixos-plugin",
-    'NixOS/calamares-nixos-extensions',
+    "NixOS/calamares-nixos-extensions",
-];
+]
 def all_for_org(org):
    resp = {}
-    next_url = 'https://api.github.com/orgs/{}/repos'.format(org)
+    next_url = "https://api.github.com/orgs/{}/repos".format(org)
    while next_url is not None:
        repo_resp = requests.get(next_url)
-        if 'next' in repo_resp.links:
+        if "next" in repo_resp.links:
-            next_url = repo_resp.links['next']['url']
+            next_url = repo_resp.links["next"]["url"]
        else:
            next_url = None
        repos = repo_resp.json()
-        resp.update({
+        resp.update(
-            "{}-{}".format(org, repo['name']): {
+            {
-                'url': repo['clone_url'],
+                "{}-{}".format(org, repo["name"]): {
                    "url": repo["clone_url"],
                }
                for repo in repos
-            if repo['full_name'] not in disallowed_repos
+                if repo["full_name"] not in disallowed_repos
-            if repo['archived'] == False
+                if repo["archived"] is False
-            if repo['fork'] == False or repo['full_name'] in allowed_forks
+                if repo["fork"] is False or repo["full_name"] in allowed_forks
-        })
+            }
        )
    return resp
 repos = {**all_for_org('NixOS'), **all_for_org('nix-community')}
-print(json.dumps(
+repos = {**all_for_org("NixOS"), **all_for_org("nix-community")}
 print(
    json.dumps(
        {
            "max-concurrent-indexers": 1,
            "dbpath": "/var/lib/hound/data",
            "repos": repos,
-        "vcs-config" : {
+            "vcs-config": {"git": {"detect-ref": True}},
            "git": { "detect-ref" : True }
        },
        },
        indent=4,
-    sort_keys=True
+        sort_keys=True,
-))
+    )
 )
--- a/services/hydra/default.nix
+++ b/services/hydra/default.nix
@ -18,7 +18,8 @@ with lib; let
    export HOME=/root
    exec ${pkgs.cachix}/bin/cachix -c ${config.sops.secrets.nix-community-cachix.path} push nix-community $OUT_PATHS > /tmp/hydra_cachix 2>&1
  '';
-in {
+in
 {
  options.services.hydra = {
    adminPasswordFile = mkOption {
      type = types.str;
--- a/services/nur-update/default.nix
+++ b/services/nur-update/default.nix
@ -1,4 +1,4 @@
-{ nur-update }: { config, lib, pkgs, ... }:
+{ nur-update }: { config, pkgs, ... }:
 {
  services.nginx.virtualHosts."nur-update.nix-community.org" = {
@ -9,13 +9,15 @@
  sops.secrets.nur-update-github-token = { };
-  systemd.services.nur-update = let
+  systemd.services.nur-update =
    let
      python = pkgs.python3.withPackages
        (ps: with ps; [
          (ps.toPythonModule nur-update.packages.${pkgs.system}.default)
          gunicorn
        ]);
-  in {
+    in
    {
      description = "nur-update";
      script = ''
        GITHUB_TOKEN="$(<$CREDENTIALS_DIRECTORY/github-token)" \
--- a/tasks.py
+++ b/tasks.py
@ -1,12 +1,12 @@
 #!/usr/bin/env python3
 from invoke import task
 import sys
 from typing import List, Any
 from deploykit import DeployHost, DeployGroup
 import subprocess
 import json
 import subprocess
 import sys
 from typing import Any, List
 from deploykit import DeployGroup, DeployHost
 from invoke import task
 RSYNC_EXCLUDES = [".terraform", ".direnv", ".mypy-cache", ".git"]
@ -23,7 +23,7 @@ def deploy_nixos(hosts: List[DeployHost]) -> None:
            f"rsync {' --exclude '.join([''] + RSYNC_EXCLUDES)} -vaF --delete -e ssh . {target}:/etc/nixos"
        )
-        h.run(f"nixos-rebuild switch --option accept-flake-config true")
+        h.run("nixos-rebuild switch --option accept-flake-config true")
    g.run_function(deploy)
@ -73,19 +73,19 @@ def _format_disks(host: DeployHost, devices: List[str]) -> None:
            f"zpool create zroot -O acltype=posixacl -O xattr=sa -O compression=lz4 -O atime=off {root_part}"
        )
-    host.run(f"partprobe")
+    host.run("partprobe")
    host.run(f"mkfs.ext4 -F {boot}")
    # setup zfs dataset
-    host.run(f"zfs create -o mountpoint=none zroot/root")
+    host.run("zfs create -o mountpoint=none zroot/root")
-    host.run(f"zfs create -o mountpoint=legacy zroot/root/nixos")
+    host.run("zfs create -o mountpoint=legacy zroot/root/nixos")
-    host.run(f"zfs create -o mountpoint=legacy zroot/root/home")
+    host.run("zfs create -o mountpoint=legacy zroot/root/home")
    ## and finally mount
-    host.run(f"mount -t zfs zroot/root/nixos /mnt")
+    host.run("mount -t zfs zroot/root/nixos /mnt")
-    host.run(f"mkdir /mnt/home /mnt/boot")
+    host.run("mkdir /mnt/home /mnt/boot")
-    host.run(f"mount -t zfs zroot/root/home /mnt/home")
+    host.run("mount -t zfs zroot/root/home /mnt/home")
-    host.run(f"mount -t ext4 /dev/md127 /mnt/boot")
+    host.run("mount -t ext4 /dev/md127 /mnt/boot")
@task
@ -103,15 +103,24 @@ find . \
 """
    )
@task
 def scan_age_keys(c, host):
    """
    Scans for the host key via ssh an converts it to age
    """
    import subprocess
-    proc = subprocess.run(["ssh-keyscan", host], stdout=subprocess.PIPE, text=True, check=True)
+
    proc = subprocess.run(
        ["ssh-keyscan", host], stdout=subprocess.PIPE, text=True, check=True
    )
    print("###### Age keys ######")
-    subprocess.run(["nix", "run", "--inputs-from", ".#", "nixpkgs#ssh-to-age"], input=proc.stdout, check=True, text=True)
+    subprocess.run(
        ["nix", "run", "--inputs-from", ".#", "nixpkgs#ssh-to-age"],
        input=proc.stdout,
        check=True,
        text=True,
    )
@task
@ -198,7 +207,8 @@ def build_local(c, hosts=""):
 def wait_for_port(host: str, port: int, shutdown: bool = False) -> None:
-    import socket, time
+    import socket
    import time
    while True:
        try:
@ -209,7 +219,7 @@ def wait_for_port(host: str, port: int, shutdown: bool = False) -> None:
                    sys.stdout.flush()
                else:
                    break
-        except OSError as ex:
+        except OSError:
            if shutdown:
                break
            else:
--- a/users/adisbladis.nix
+++ b/users/adisbladis.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/flokli.nix
+++ b/users/flokli.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/lewo.nix
+++ b/users/lewo.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/mic92.nix
+++ b/users/mic92.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/ryantm.nix
+++ b/users/ryantm.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/zimbatm.nix
+++ b/users/zimbatm.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [
--- a/users/zowoq.nix
+++ b/users/zowoq.nix
@ -1,4 +1,4 @@
-{ config, pkgs, lib, ... }:
+{ lib, ... }:
 let
  userLib = import ./lib.nix { inherit lib; };
  keys = [