diff --git a/flake.nix b/flake.nix index 6a50f8b..4fee7ca 100644 --- a/flake.nix +++ b/flake.nix @@ -37,7 +37,7 @@ "aarch64-linux" "aarch64-darwin" ]; - forAllSystems = f: nixlib.genAttrs systems (system: f system); + forAllSystems = f: nixlib.genAttrs systems f; allMachines = nixlib.mapAttrsToList (name: _: name) self.nixosConfigurations; importantMachines = [ "bekkalokk" diff --git a/hosts/bekkalokk/services/kerberos/pam.nix b/hosts/bekkalokk/services/kerberos/pam.nix index b5e5dcb..91e3181 100644 --- a/hosts/bekkalokk/services/kerberos/pam.nix +++ b/hosts/bekkalokk/services/kerberos/pam.nix @@ -879,7 +879,7 @@ let inherit (pkgs) pam_krb5 pam_ccreds; - use_ldap = (config.users.ldap.enable && config.users.ldap.loginPam); + use_ldap = config.users.ldap.enable && config.users.ldap.loginPam; pam_ldap = if config.users.ldap.daemon.enable then pkgs.nss_pam_ldapd else pkgs.pam_ldap; # Create a limits.conf(5) file. @@ -1510,7 +1510,7 @@ in it complains "Cannot create session: Already running in a session". */ runuser-l = { rootOK = true; unixAuth = false; }; - } // optionalAttrs (config.security.pam.enableFscrypt) { + } // optionalAttrs config.security.pam.enableFscrypt { # Allow fscrypt to verify login passphrase fscrypt = {}; }; diff --git a/hosts/bicep/services/matrix/mjolnir.nix b/hosts/bicep/services/matrix/mjolnir.nix index 21dd04d..270a2e9 100644 --- a/hosts/bicep/services/matrix/mjolnir.nix +++ b/hosts/bicep/services/matrix/mjolnir.nix @@ -11,7 +11,7 @@ services.mjolnir = { enable = true; pantalaimon.enable = false; - homeserverUrl = http://127.0.0.1:8008; + homeserverUrl = "http://127.0.0.1:8008"; accessTokenFile = config.sops.secrets."matrix/mjolnir/access_token".path; managementRoom = "!gsdeCoWjvYRBrzuiRq:pvv.ntnu.no"; protectedRooms = map (a: "https://matrix.to/#/${a}") [ diff --git a/hosts/bicep/services/matrix/synapse.nix b/hosts/bicep/services/matrix/synapse.nix index f24b6da..0906cf5 100644 --- a/hosts/bicep/services/matrix/synapse.nix +++ b/hosts/bicep/services/matrix/synapse.nix @@ -143,10 +143,10 @@ in { services.redis.servers."".enable = true; services.nginx.virtualHosts."matrix.pvv.ntnu.no" = lib.mkMerge [ - ({ + { kTLS = true; - }) - ({ + } + { locations."/.well-known/matrix/server" = { return = '' 200 '{"m.server": "matrix.pvv.ntnu.no:443"}' @@ -156,16 +156,16 @@ in { add_header Access-Control-Allow-Origin *; ''; }; - }) - ({ + } + { locations = let connectionInfo = w: matrix-lib.workerConnectionResource "metrics" w; - socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString (c.port)}"; + socketAddress = w: let c = connectionInfo w; in "${c.host}:${toString c.port}"; metricsPath = w: "/metrics/${w.type}/${toString w.index}"; proxyPath = w: "http://${socketAddress w}/_synapse/metrics"; in lib.mapAttrs' (n: v: lib.nameValuePair - (metricsPath v) ({ + (metricsPath v) { proxyPass = proxyPath v; extraConfig = '' allow ${values.hosts.ildkule.ipv4}; @@ -174,10 +174,10 @@ in { allow ${values.hosts.ildkule.ipv6_global}; deny all; ''; - })) + }) cfg.workers.instances; - }) - ({ + } + { locations."/metrics/master/1" = { proxyPass = "http://127.0.0.1:9000/_synapse/metrics"; extraConfig = '' @@ -202,5 +202,5 @@ in { labels = { }; }]) + "/"; }; - })]; + }]; } diff --git a/hosts/ildkule/services/monitoring/grafana.nix b/hosts/ildkule/services/monitoring/grafana.nix index a4d022f..f1190dc 100644 --- a/hosts/ildkule/services/monitoring/grafana.nix +++ b/hosts/ildkule/services/monitoring/grafana.nix @@ -34,13 +34,13 @@ in { { name = "Ildkule Prometheus"; type = "prometheus"; - url = ("http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}"); + url = "http://${config.services.prometheus.listenAddress}:${toString config.services.prometheus.port}"; isDefault = true; } { name = "Ildkule loki"; type = "loki"; - url = ("http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}"); + url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}"; } ]; dashboards.settings.providers = [