applied nixfmt (new version)

2024-09-22 14:45:24 -06:00
parent dd00fb4854
commit b514828594
89 changed files with 2091 additions and 1339 deletions
--- a/pkgs/shiori/shiori-service.nix
+++ b/pkgs/shiori/shiori-service.nix
@@ -1,7 +1,14 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:

-let cfg = config.services.shiori;
-in {
+let
+  cfg = config.services.shiori;
+in
+{
  options = {
    services.shiori = {
      enable = lib.mkEnableOption "Shiori simple bookmarks manager";
@@ -54,18 +61,16 @@ in {
    systemd.services.shiori = {
      description = "Shiori simple bookmarks manager";
      wantedBy = [ "multi-user.target" ];
-      after = [ "postgresql.service" "mysql.service" ];
+      after = [
+        "postgresql.service"
+        "mysql.service"
+      ];
      environment = {
        SHIORI_DIR = "/var/lib/shiori";
-      } // lib.optionalAttrs (cfg.databaseUrl != null) {
-        SHIORI_DATABASE_URL = cfg.databaseUrl;
-      };
+      } // lib.optionalAttrs (cfg.databaseUrl != null) { SHIORI_DATABASE_URL = cfg.databaseUrl; };

      serviceConfig = {
-        ExecStart =
-          "${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${
-            toString cfg.port
-          }' --webroot '${cfg.webRoot}'";
+        ExecStart = "${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${toString cfg.port}' --webroot '${cfg.webRoot}'";

        DynamicUser = true;
        StateDirectory = "shiori";
@@ -73,17 +78,20 @@ in {
        RuntimeDirectory = "shiori";

        # Security options
-        EnvironmentFile =
-          lib.optional (cfg.environmentFile != null) cfg.environmentFile;
-        BindReadOnlyPaths = [
-          "/nix/store"
+        EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile;
+        BindReadOnlyPaths =
+          [
+            "/nix/store"

-          # For SSL certificates, and the resolv.conf
-          "/etc"
-        ] ++ lib.optional (lib.strings.hasInfix "postgres" cfg.databaseUrl
-          && config.services.postgresql.enable) "/run/postgresql"
-          ++ lib.optional (lib.strings.hasInfix "mysql" cfg.databaseUrl
-            && config.services.mysql.enable) "/var/run/mysqld";
+            # For SSL certificates, and the resolv.conf
+            "/etc"
+          ]
+          ++ lib.optional (
+            lib.strings.hasInfix "postgres" cfg.databaseUrl && config.services.postgresql.enable
+          ) "/run/postgresql"
+          ++ lib.optional (
+            lib.strings.hasInfix "mysql" cfg.databaseUrl && config.services.mysql.enable
+          ) "/var/run/mysqld";

        CapabilityBoundingSet = "";
        AmbientCapabilities = "CAP_NET_BIND_SERVICE";
@@ -106,7 +114,11 @@ in {
        ProtectKernelTunables = true;

        RestrictNamespaces = true;
-        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
+        RestrictAddressFamilies = [
+          "AF_INET"
+          "AF_INET6"
+          "AF_UNIX"
+        ];
        RestrictRealtime = true;
        RestrictSUIDSGID = true;

@@ -128,5 +140,8 @@ in {
    };
  };

-  meta.maintainers = with lib.maintainers; [ minijackson CaptainJawZ ];
+  meta.maintainers = with lib.maintainers; [
+    minijackson
+    CaptainJawZ
+  ];
 }