treewide: apply the new rfc nixfmt

2024-08-25 17:45:58 +08:00 · 2024-08-25 17:45:58 +08:00 · 7a795e5ed9
commit 7a795e5ed9
parent e702d503b9
53 changed files with 1371 additions and 888 deletions
--- a/modules/nixos/inbounds.nix
+++ b/modules/nixos/inbounds.nix
@ -1,19 +1,16 @@
-{ config
-, lib
-, ... }:
+{ config, lib, ... }:
 let
  cfg = config.custom.sing-box-server;

-  secretFileType = lib.types.submodule {
-    _secret = lib.types.path;
-  };
+  secretFileType = lib.types.submodule { _secret = lib.types.path; };
  singTls = {
    enabled = true;
    server_name = config.deployment.targetHost;
    key_path = config.security.acme.certs.${config.deployment.targetHost}.directory + "/key.pem";
-    certificate_path = config.security.acme.certs.${config.deployment.targetHost}.directory + "/cert.pem";
+    certificate_path =
+      config.security.acme.certs.${config.deployment.targetHost}.directory + "/cert.pem";
  };
-in 
+in
 {
  options = {
    enable = lib.mkEnableOption "sing-box proxy server";
@ -22,17 +19,11 @@ in
        type = lib.types.str;
        default = "proxy";
      };
-      password = lib.mkOption {
-        type = secretFileType;
-      };
-      uuid = lib.mkOption {
-        type = secretFileType;
-      };
+      password = lib.mkOption { type = secretFileType; };
+      uuid = lib.mkOption { type = secretFileType; };
    };
    wgOut = {
-      privKeyFile = lib.mkOption {
-        type = lib.types.path;
-      };
+      privKeyFile = lib.mkOption { type = lib.types.path; };
      pubkey = lib.mkOption {
        type = lib.types.str;
        default = "bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=";
@ -73,17 +64,19 @@ in
            }
          ];
        };
-        inbounds = [
-          # TODO: Trojan and tuic enable
-          {
-            tag = "trojan-in";
-            type = "trojan";
-            listen = "::";
-            listen_port = 8080;
-            users = map (u: removeAttrs u [ "uuid" ]) cfg.users;
-            tls = singTls;
-          }
-        ] ++ lib.forEach (cfg.tuic.ports ++ cfg.tuic.directPorts) (port: {
+        inbounds =
+          [
+            # TODO: Trojan and tuic enable
+            {
+              tag = "trojan-in";
+              type = "trojan";
+              listen = "::";
+              listen_port = 8080;
+              users = map (u: removeAttrs u [ "uuid" ]) cfg.users;
+              tls = singTls;
+            }
+          ]
+          ++ lib.forEach (cfg.tuic.ports ++ cfg.tuic.directPorts) (port: {
            tag = "tuic-in" + toString port;
            type = "tuic";
            listen = "::";
@ -102,25 +95,40 @@ in
              "2606:4700:110:82ed:a443:3c62:6cbc:b59b/128"
            ];
            peers = [
-              { public_key= cfg.wgOut.pubkey;
-                allowed_ips = [ "0.0.0.0/0" "::/0" ];
+              {
+                public_key = cfg.wgOut.pubkey;
+                allowed_ips = [
+                  "0.0.0.0/0"
+                  "::/0"
+                ];
                server = "162.159.192.1";
                server_port = 500;
              }
            ];
          }
-          { type = "direct"; tag = "direct-out"; }
-          { type = "dns"; tag = "dns-out"; }
+          {
+            type = "direct";
+            tag = "direct-out";
+          }
+          {
+            type = "dns";
+            tag = "dns-out";
+          }
        ];
        route = {
-          rules = [
-            { outbound = "dns-out"; protocol = "dns"; }
-          ] ++ lib.forEach cfg.tuic.directPorts (port: {
-            inbound = "tuic-in" + toString port;
-            outbound = "direct-out";
-          });
+          rules =
+            [
+              {
+                outbound = "dns-out";
+                protocol = "dns";
+              }
+            ]
+            ++ lib.forEach cfg.tuic.directPorts (port: {
+              inbound = "tuic-in" + toString port;
+              outbound = "direct-out";
+            });
        };
      };
    };
  };
-}
+}