format nix files

hosts/hetzner-vm/services/nginx.nix

@@ -1,8 +1,6 @@
 { ... }: {
   security.acme = {
-    defaults = {
-      email = "chaoticryptidz@owo.monster";
-    };
+    defaults = { email = "chaoticryptidz@owo.monster"; };
     acceptTerms = true;
   };
   services.nginx = {

hosts/hetzner-vm/services/restic.nix

@@ -1,13 +1,11 @@
 { ... }:
-let 
+let
   backupUser = "root";
-  backupPaths = [
-    "/var/lib/postgresql" "/var/lib/vault"
-  ];
-  timerConfig =  {
-      OnBootSec = "1m";
-      OnCalendar = "daily";
-    };
+  backupPaths = [ "/var/lib/postgresql" "/var/lib/vault" ];
+  timerConfig = {
+    OnBootSec = "1m";
+    OnCalendar = "daily";
+  };
 in {
   services.restic.backups.hetzner-vm = {
     user = backupUser;

profiles/hardening/hardening.nix

@@ -15,7 +15,8 @@
   security.forcePageTableIsolation = true;
 
   # This is required by podman to run containers in rootless mode.
-  security.unprivilegedUsernsClone = lib.mkDefault config.virtualisation.containers.enable;
+  security.unprivilegedUsernsClone =
+    lib.mkDefault config.virtualisation.containers.enable;
 
   security.virtualisation.flushL1DataCache = "always";
 

users/chaoticryptidz.nix

@@ -1,8 +1,16 @@
 { config, ... }: {
   users.users.chaoticryptidz = {
     isNormalUser = true;
-    extraGroups =
-      [ "wheel" "disk" "video" "systemd-journal" "plugdev" "vfio" "input" "uinput" ];
+    extraGroups = [
+      "wheel"
+      "disk"
+      "video"
+      "systemd-journal"
+      "plugdev"
+      "vfio"
+      "input"
+      "uinput"
+    ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL4L1eBZzYXZNGBucTn/eOFp48el9JPiYt9iXQDpBSg/ chaoticryptidz@owo.monster"
     ];