dn42: format

hosts/dn42/default.nix

@@ -65,12 +65,13 @@ in
     "net.ipv6.conf.default.forwarding" = true;
   };
 
-  boot.postBootCommands = ''
+  boot.postBootCommands = /* bash */''
     if [ ! -c /dev/net/tun ]; then
       mkdir -p /dev/net
       mknod -m 666 /dev/net/tun c 10 200
     fi
   '';
+
   services.openvpn =
     let
       openvpnNeighbors = lib.filterAttrs (_: conf: conf ? openvpn) neighbors;
@@ -97,19 +98,16 @@ in
       };
     in
     {
-      servers =
+      servers = builtins.mapAttrs mkServer openvpnNeighbors;
-        builtins.mapAttrs mkServer openvpnNeighbors;
     };
 
   networking.wireguard = {
     enable = true;
     interfaces =
       let
-        wireguardNeighbors =
+        wireguardNeighbors = lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
-          lib.filterAttrs (_: conf: conf ? wireguard) neighbors;
       in
-      builtins.mapAttrs
+      builtins.mapAttrs (name: conf: {
-        (name: conf: {
         inherit (conf.wireguard) listenPort;
         privateKeyFile = config.sops.secrets."neighbors/${name}/wireguard/privateKey".path;
         ips = [ "${address4}/32" "${address6}/64" ];
@@ -127,8 +125,7 @@ in
             inherit (conf.wireguard) endpoint;
           }))
         ];
-        })
+      }) wireguardNeighbors;
-        wireguardNeighbors;
   };
 
   services.bird2 = {
@@ -157,8 +154,7 @@ in
                     "";
                 interface = conf.interface or name;
               in
-              "${neighbor4}${neighbor6}")
+              "${neighbor4}${neighbor6}") neighbors));
-            neighbors));
       in
       ''
         protocol kernel {
@@ -230,9 +226,5 @@ in
       '';
   };
 
-  # This value determines the NixOS release with which your system is to be
+  system.stateVersion = "19.09";
-  # compatible, in order to avoid breaking some software such as database
-  # servers. You should change this only after NixOS release notes say you
-  # should.
-  system.stateVersion = "19.09"; # Did you read the comment?
 }