treewide: Format all Nix files

Format all Nix files using the officially approved formatter, making the CI check introduced in the previous commit succeed: nix-build ci -A fmt.check This is the next step of the of the [implementation](https://github.com/NixOS/nixfmt/issues/153) of the accepted [RFC 166](https://github.com/NixOS/rfcs/pull/166). This commit will lead to merge conflicts for a number of PRs, up to an estimated ~1100 (~33%) among the PRs with activity in the past 2 months, but that should be lower than what it would be without the previous [partial treewide format](https://github.com/NixOS/nixpkgs/pull/322537). Merge conflicts caused by this commit can now automatically be resolved while rebasing using the [auto-rebase script](8616af08d9/maintainers/scripts/auto-rebase). If you run into any problems regarding any of this, please reach out to the [formatting team](https://nixos.org/community/teams/formatting/) by pinging @NixOS/nix-formatting.
2025-07-14 14:10:33 +03:00 · 2025-04-01 20:10:43 +02:00 · 2025-04-01 20:10:43 +02:00 · 374e6bcc40
commit 374e6bcc40
parent 2140bf39e4
1523 changed files with 986047 additions and 513621 deletions
--- a/nixos/modules/services/networking/spiped.nix
+++ b/nixos/modules/services/networking/spiped.nix
@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:

 with lib;

@ -9,17 +14,17 @@ in
  options = {
    services.spiped = {
      enable = mkOption {
-        type        = types.bool;
-        default     = false;
+        type = types.bool;
+        default = false;
        description = "Enable the spiped service module.";
      };

      config = mkOption {
-        type = types.attrsOf (types.submodule (
-          {
+        type = types.attrsOf (
+          types.submodule ({
            options = {
              encrypt = mkOption {
-                type    = types.bool;
+                type = types.bool;
                default = false;
                description = ''
                  Take unencrypted connections from the
@ -29,7 +34,7 @@ in
              };

              decrypt = mkOption {
-                type    = types.bool;
+                type = types.bool;
                default = false;
                description = ''
                  Take encrypted connections from the
@ -39,7 +44,7 @@ in
              };

              source = mkOption {
-                type    = types.str;
+                type = types.str;
                description = ''
                  Address on which spiped should listen for incoming
                  connections.  Must be in one of the following formats:
@ -55,12 +60,12 @@ in
              };

              target = mkOption {
-                type    = types.str;
+                type = types.str;
                description = "Address to which spiped should connect.";
              };

              keyfile = mkOption {
-                type    = types.path;
+                type = types.path;
                description = ''
                  Name of a file containing the spiped key.
                  As the daemon runs as the `spiped` user,
@ -133,10 +138,10 @@ in
                description = "Disable target address re-resolution.";
              };
            };
-          }
-        ));
+          })
+        );

-        default = {};
+        default = { };

        example = literalExpression ''
          {
@ -168,23 +173,23 @@ in
  config = mkIf cfg.enable {
    assertions = mapAttrsToList (name: c: {
      assertion = (c.encrypt -> !c.decrypt) || (c.decrypt -> c.encrypt);
-      message   = "A pipe must either encrypt or decrypt";
+      message = "A pipe must either encrypt or decrypt";
    }) cfg.config;

    users.groups.spiped.gid = config.ids.gids.spiped;
    users.users.spiped = {
      description = "Secure Pipe Service user";
-      group       = "spiped";
-      uid         = config.ids.uids.spiped;
+      group = "spiped";
+      uid = config.ids.uids.spiped;
    };

    systemd.services."spiped@" = {
      description = "Secure pipe '%i'";
-      after       = [ "network.target" ];
+      after = [ "network.target" ];

      serviceConfig = {
-        Restart   = "always";
-        User      = "spiped";
+        Restart = "always";
+        User = "spiped";
      };
      stopIfChanged = false;

@ -193,20 +198,22 @@ in
    };

    # Setup spiped config files
-    environment.etc = mapAttrs' (name: cfg: nameValuePair "spiped/${name}.spec"
-      { text = concatStringsSep " "
-          [ (if cfg.encrypt then "-e" else "-d")        # Mode
-            "-s ${cfg.source}"                          # Source
-            "-t ${cfg.target}"                          # Target
-            "-k ${cfg.keyfile}"                         # Keyfile
-            "-n ${toString cfg.maxConns}"               # Max number of conns
-            "-o ${toString cfg.timeout}"                # Timeout
-            (optionalString cfg.waitForDNS "-D")        # Wait for DNS
-            (optionalString cfg.weakHandshake "-f")     # No PFS
-            (optionalString cfg.disableKeepalives "-j") # Keepalives
-            (if cfg.disableReresolution then "-R"
-              else "-r ${toString cfg.resolveRefresh}")
-          ];
-      }) cfg.config;
+    environment.etc = mapAttrs' (
+      name: cfg:
+      nameValuePair "spiped/${name}.spec" {
+        text = concatStringsSep " " [
+          (if cfg.encrypt then "-e" else "-d") # Mode
+          "-s ${cfg.source}" # Source
+          "-t ${cfg.target}" # Target
+          "-k ${cfg.keyfile}" # Keyfile
+          "-n ${toString cfg.maxConns}" # Max number of conns
+          "-o ${toString cfg.timeout}" # Timeout
+          (optionalString cfg.waitForDNS "-D") # Wait for DNS
+          (optionalString cfg.weakHandshake "-f") # No PFS
+          (optionalString cfg.disableKeepalives "-j") # Keepalives
+          (if cfg.disableReresolution then "-R" else "-r ${toString cfg.resolveRefresh}")
+        ];
+      }
+    ) cfg.config;
  };
 }