From 10f532f8ee22f90fc27346ad00019b43474857b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Fri, 15 Sep 2023 22:50:59 +0200
Subject: [PATCH] dn42: format

---
 hosts/dn42/default.nix | 58 ++++++++++++++++++------------------------
 1 file changed, 25 insertions(+), 33 deletions(-)

diff --git a/hosts/dn42/default.nix b/hosts/dn42/default.nix
index 058a4c81..889d9a46 100644
--- a/hosts/dn42/default.nix
+++ b/hosts/dn42/default.nix
@@ -65,12 +65,13 @@ in
     "net.ipv6.conf.default.forwarding" = true;
   };
 
-  boot.postBootCommands = ''
+  boot.postBootCommands = /* bash */''
     if [ ! -c /dev/net/tun ]; then
       mkdir -p /dev/net
       mknod -m 666 /dev/net/tun c 10 200
     fi
   '';
+
   services.openvpn =
     let
       openvpnNeighbors = lib.filterAttrs (_: conf: conf ? openvpn) neighbors;
@@ -97,38 +98,34 @@ in
       };
     in
     {
-      servers =
-        builtins.mapAttrs mkServer openvpnNeighbors;
+      servers = builtins.mapAttrs mkServer openvpnNeighbors;
     };
 
   networking.wireguard = {
     enable = true;
     interfaces =
       let
-        wireguardNeighbors =
-          lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
+        wireguardNeighbors = lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
       in
-      builtins.mapAttrs
-        (name: conf: {
-          inherit (conf.wireguard) listenPort;
-          privateKeyFile = config.sops.secrets."neighbors/${name}/wireguard/privateKey".path;
-          ips = [ "${address4}/32" "${address6}/64" ];
-          allowedIPsAsRoutes = false;
-          postSetup = ''
-            ${pkgs.iproute}/bin/ip addr del ${address4}/32 dev ${name}
-            ${pkgs.iproute}/bin/ip addr add ${address4} dev ${name}${if conf ? address4 then " peer ${conf.address4}/32" else ""}
-          '';
-          peers = [
-            ({
-              inherit (conf.wireguard) publicKey;
-              allowedIPs = [ "0.0.0.0/0" "::0/0" ];
-              persistentKeepalive = 30;
-            } // (lib.optionalAttrs (conf.wireguard ? endpoint) {
-              inherit (conf.wireguard) endpoint;
-            }))
-          ];
-        })
-        wireguardNeighbors;
+      builtins.mapAttrs (name: conf: {
+        inherit (conf.wireguard) listenPort;
+        privateKeyFile = config.sops.secrets."neighbors/${name}/wireguard/privateKey".path;
+        ips = [ "${address4}/32" "${address6}/64" ];
+        allowedIPsAsRoutes = false;
+        postSetup = ''
+          ${pkgs.iproute}/bin/ip addr del ${address4}/32 dev ${name}
+          ${pkgs.iproute}/bin/ip addr add ${address4} dev ${name}${if conf ? address4 then " peer ${conf.address4}/32" else ""}
+        '';
+        peers = [
+          ({
+            inherit (conf.wireguard) publicKey;
+            allowedIPs = [ "0.0.0.0/0" "::0/0" ];
+            persistentKeepalive = 30;
+          } // (lib.optionalAttrs (conf.wireguard ? endpoint) {
+            inherit (conf.wireguard) endpoint;
+          }))
+        ];
+      }) wireguardNeighbors;
   };
 
   services.bird2 = {
@@ -157,8 +154,7 @@ in
                     "";
                 interface = conf.interface or name;
               in
-              "${neighbor4}${neighbor6}")
-            neighbors));
+              "${neighbor4}${neighbor6}") neighbors));
       in
       ''
         protocol kernel {
@@ -230,9 +226,5 @@ in
       '';
   };
 
-  # This value determines the NixOS release with which your system is to be
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "19.09"; # Did you read the comment?
+  system.stateVersion = "19.09";
 }