treewide: alejandra -> nixfmt-rfc-style

flake.lock

@@ -201,11 +201,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1722181846,
-        "narHash": "sha256-/yyqi39qr7Z+Bkv8gVVqB5q/gu1cLna3TtzbADLzEbc=",
+        "lastModified": 1724599287,
+        "narHash": "sha256-M4OllWFNDcvgY2rgx/9uWn9jpunSb2CzmqPDcuS27SQ=",
         "ref": "refs/heads/master",
-        "rev": "214725ef364950e5b086f0cd3f7978f38655a58b",
-        "revCount": 70,
+        "rev": "a2f4145923cbbabb63e7749a49c86052a17389f7",
+        "revCount": 72,
         "type": "git",
         "url": "https://git.ny4.dev/nyancat/nvim"
       },

flake.nix

@@ -83,11 +83,15 @@
     };
   };
 
-  outputs = inputs:
-    inputs.flake-utils.lib.eachDefaultSystem (system: let
+  outputs =
+    inputs:
+    inputs.flake-utils.lib.eachDefaultSystem (
+      system:
+      let
         pkgs = inputs.nixpkgs.legacyPackages.${system};
         treefmtEval = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
-    in {
+      in
+      {
         ### nix fmt
         formatter = treefmtEval.config.build.wrapper;
 
@@ -104,7 +108,8 @@
             sops
           ];
         };
-    })
+      }
+    )
     // {
       ### imports = [];
       nixosModules.default = ./nixos/modules;
@@ -120,12 +125,16 @@
           ./nixos/profiles/core
           ./hosts/dust
         ];
-        specialArgs = {inherit inputs;};
+        specialArgs = {
+          inherit inputs;
+        };
       };
 
       colmena = {
         meta = {
-          specialArgs = {inherit inputs;};
+          specialArgs = {
+            inherit inputs;
+          };
           nixpkgs = import inputs.nixpkgs {
             system = "x86_64-linux"; # How does this work?
           };

home/applications/atuin/default.nix

@@ -9,9 +9,26 @@
 
       stats = {
         common_subcommands =
-          ["nix" "nom" "nh" "podman" "docker" "atuin" "hugo" "adb"]
+          [
+            "nix"
+            "nom"
+            "nh"
+            "podman"
+            "docker"
+            "atuin"
+            "hugo"
+            "adb"
+          ]
           # default
-          ++ ["cargo" "go" "git" "npm" "yarn" "pnpm" "kubectl"];
+          ++ [
+            "cargo"
+            "go"
+            "git"
+            "npm"
+            "yarn"
+            "pnpm"
+            "kubectl"
+          ];
       };
     };
   };

home/applications/bash/default.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   programs.bash = {
     enable = true;
     historyFile = "${config.xdg.configHome}/bash/.bash_history";

home/applications/fcitx5/default.nix

@@ -2,7 +2,8 @@
   lib,
   pkgs,
   ...
-}: let
+}:
+let
   package = pkgs.qt6Packages.fcitx5-with-addons.override {
     addons = with pkgs; [
       qt6Packages.fcitx5-chinese-addons
@@ -11,7 +12,8 @@
       fcitx5-pinyin-zhwiki
     ];
   };
-in {
+in
+{
   home.packages = [
     package
   ];

home/applications/firefox/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.firefox = {
     enable = true;
     package = pkgs.firefox.override {

home/applications/fish/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.fish = {
     enable = true;
     interactiveShellInit = ''

home/applications/git/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.git = rec {
     enable = true;
     package = pkgs.gitFull; # overriding takes forever to compile

home/applications/go/default.nix

@@ -2,7 +2,8 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   programs.go.enable = true;
   home.packages = with pkgs; [
     gopls

home/applications/gpg/default.nix

@@ -3,7 +3,8 @@
   lib,
   pkgs,
   ...
-}: {
+}:
+{
   programs.gpg = {
     enable = true;
     homedir = "${config.xdg.dataHome}/gnupg";

home/applications/mpv/default.nix

@@ -2,7 +2,8 @@
   pkgs,
   lib,
   ...
-}: {
+}:
+{
   programs.mpv = {
     enable = true;
     config = {
@@ -22,14 +23,21 @@
         modernx-zydezu
         thumbfast
       ])
-      ++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (with pkgs.mpvScripts; [
+      ++ lib.optionals pkgs.stdenv.hostPlatform.isLinux (
+        with pkgs.mpvScripts;
+        [
           mpris
-      ]);
+        ]
+      );
 
-    bindings = let
+    bindings =
+      let
         inherit (pkgs) anime4k;
-      setShader = message: files: ''no-osd change-list glsl-shaders set "${lib.concatStringsSep ":" files}"; show-text "${message}"'';
-    in {
+        setShader =
+          message: files:
+          ''no-osd change-list glsl-shaders set "${lib.concatStringsSep ":" files}"; show-text "${message}"'';
+      in
+      {
         "CTRL+1" = setShader "Anime4K: Mode A (Fast)" [
           "${anime4k}/Anime4K_Clamp_Highlights.glsl"
           "${anime4k}/Anime4K_Restore_CNN_M.glsl"

home/applications/nautilus/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   home.packages = [ pkgs.nautilus ];
   dconf.settings = {
     "org/gnome/nautilus/list-view".default-zoom-level = "small";

home/applications/neovim/default.nix

@@ -2,7 +2,8 @@
   pkgs,
   inputs,
   ...
-}: {
+}:
+{
   home.packages = [
     (inputs.neovim.packages.${pkgs.stdenv.hostPlatform.system}.default.override {
       viAlias = true;

home/applications/nix/default.nix

@@ -1,6 +1,6 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   home.packages = with pkgs; [
-    alejandra
     colmena
     deadnix
     nh

home/applications/ssh/default.nix

@@ -1,9 +1,12 @@
-{config, ...}: {
+{ config, ... }:
+{
   programs.ssh = {
     enable = true;
-    matchBlocks = let
+    matchBlocks =
+      let
         inherit (config.home) homeDirectory;
-    in {
+      in
+      {
         "blacksteel".identityFile = "${homeDirectory}/.ssh/id_github_signing";
         "tyo0.ny4.dev".identityFile = "${homeDirectory}/.ssh/id_github_signing";
       };

home/applications/starship/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.starship = {
     enable = true;
   };

home/applications/sway/default.nix

@@ -4,7 +4,8 @@
   inputs,
   pkgs,
   ...
-}: {
+}:
+{
   imports = [
     ../i3status-rust
     ../kanshi
@@ -67,7 +68,8 @@
 
       ### Keybinds
       modifier = "Mod4";
-      keybindings = let
+      keybindings =
+        let
           inherit (config.wayland.windowManager.sway.config) modifier;
         in
         {
@@ -117,7 +119,8 @@
         }
         //
           # workspace binds
-        lib.listToAttrs (lib.concatMap (x: [
+          lib.listToAttrs (
+            lib.concatMap (x: [
               {
                 name = "${modifier}+${x}";
                 value = "workspace ${x}";
@@ -126,7 +129,8 @@
                 name = "${modifier}+Shift+${x}";
                 value = "move container to workspace ${x}";
               }
-        ]) (lib.genList (x: toString (x + 1)) 9));
+            ]) (lib.genList (x: toString (x + 1)) 9)
+          );
     };
   };
 }

home/applications/swayidle/default.nix

@@ -3,15 +3,18 @@
   lib,
   config,
   ...
-}: {
+}:
+{
   imports = [
     ../swaylock
   ];
 
-  services.swayidle = let
+  services.swayidle =
+    let
       lock = lib.getExe config.programs.swaylock.package;
       brightness = lib.getExe pkgs.brightnessctl;
-  in {
+    in
+    {
       enable = true;
       timeouts = [
         {

home/applications/swaylock/default.nix

@@ -2,7 +2,8 @@
   inputs,
   pkgs,
   ...
-}: {
+}:
+{
   programs.swaylock = {
     enable = true;
     settings = {

home/applications/thunderbird/default.nix

@@ -1,14 +1,17 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   programs.thunderbird = {
     enable = true;
     package = pkgs.thunderbird-128;
     profiles.default = {
       isDefault = true;
       extraConfig = ''
-        ${builtins.readFile (builtins.fetchurl {
+        ${builtins.readFile (
+          builtins.fetchurl {
             url = "https://raw.githubusercontent.com/HorlogeSkynet/thunderbird-user.js/824edabe6303d6b85a32fcba96901706ed4c5922/user.js";
             sha256 = "0jg7i39yp21r66azlzk7978qj57rgb8c09d1hccpcw058isgymq6";
-        })}
+          }
+        )}
         ${builtins.readFile ./user-overrides.js}
       '';
     };

home/applications/tmux/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   home.packages = [ pkgs.tmux ];
 
   xdg.configFile."tmux/tmux.conf".text = ''

home/applications/ydict/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   home.packages = [ pkgs.ydict ];
   home.shellAliases = {
     "yd" = "ydict -c";

home/default.nix

@@ -2,7 +2,8 @@
   lib,
   pkgs,
   ...
-}: {
+}:
+{
   home = {
     username = "guanranwang";
     homeDirectory = "/home/guanranwang";
@@ -33,11 +34,13 @@
     fd
   ];
 
-  programs.fish.functions = let
+  programs.fish.functions =
+    let
       jq = lib.getExe pkgs.jq;
       nix = lib.getExe pkgs.nix;
       curl = lib.getExe pkgs.curl;
-  in {
+    in
+    {
       "pb" = ''
         ${jq} -Rns '{text: inputs}' | \
           ${curl} -s -H 'Content-Type: application/json' --data-binary @- https://pb.ny4.dev | \

hosts/blacksteel/anti-feature.nix

@@ -1,7 +1,9 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   nixpkgs.config = {
     allowNonSource = false;
-    allowNonSourcePredicate = pkg:
+    allowNonSourcePredicate =
+      pkg:
       lib.elem (lib.getName pkg) [
         "adoptopenjdk-hotspot-bin"
         "cargo-bootstrap"
@@ -13,7 +15,8 @@
       ];
 
     allowUnfree = false;
-    allowUnfreePredicate = pkg:
+    allowUnfreePredicate =
+      pkg:
       lib.elem (lib.getName pkg) [
         "broadcom-sta"
         "minecraft-server"

hosts/blacksteel/default.nix

@@ -3,7 +3,8 @@
   config,
   pkgs,
   ...
-}: {
+}:
+{
   imports = [
     # OS
     ../../nixos/profiles/sing-box
@@ -44,7 +45,8 @@
     };
     "cloudflared/secret" = {
       restartUnits = [ "cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41.service" ];
-      owner = config.systemd.services."cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41".serviceConfig.User;
+      owner =
+        config.systemd.services."cloudflared-tunnel-6222a3e0-98da-4325-be19-0f86a7318a41".serviceConfig.User;
     };
   };
 
@@ -77,7 +79,10 @@
   };
 
   systemd.services.caddy.serviceConfig = {
-    SupplementaryGroups = ["mastodon" "matrix-synapse"];
+    SupplementaryGroups = [
+      "mastodon"
+      "matrix-synapse"
+    ];
   };
 
   services.postgresql = {

hosts/blacksteel/hardware-configuration.nix

@@ -2,7 +2,8 @@
   inputs,
   config,
   ...
-}: {
+}:
+{
   imports = [
     inputs.nixpkgs.nixosModules.notDetected
     inputs.nixos-hardware.nixosModules.apple-macbook-pro
@@ -14,8 +15,17 @@
 
   services.thermald.enable = true;
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
-  boot.kernelModules = ["kvm-intel" "wl"];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
+  boot.kernelModules = [
+    "kvm-intel"
+    "wl"
+  ];
   boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
 
   nixpkgs.hostPlatform = "x86_64-linux";

hosts/blacksteel/services/mastodon.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   services.mastodon = {
     enable = true;
     localDomain = "ny4.dev";

hosts/blacksteel/services/matrix.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   services.matrix-synapse = {
     enable = true;
     withJemalloc = true;
@@ -14,7 +15,10 @@
           type = "http";
           resources = [
             {
-              names = ["client" "federation"];
+              names = [
+                "client"
+                "federation"
+              ];
               compress = true;
             }
           ];
@@ -29,7 +33,10 @@
           issuer = "https://id.ny4.dev/realms/ny4";
           client_id = "synapse";
           client_secret_path = config.sops.secrets."synapse/oidc".path;
-          scopes = ["openid" "profile"];
+          scopes = [
+            "openid"
+            "profile"
+          ];
           user_mapping_provider.config = {
             localpart_template = "{{ user.preferred_username }}";
             display_name_template = "{{ user.name }}";

hosts/blacksteel/services/minecraft.nix

@@ -2,7 +2,8 @@
   lib,
   pkgs,
   ...
-}: {
+}:
+{
   services.minecraft-server = {
     enable = true;
     eula = true;

hosts/blacksteel/services/qbittorrent.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   # TODO: https://github.com/NixOS/nixpkgs/pull/287923
   # currently running qbittorrent-nox with tmux :c
   environment.systemPackages = with pkgs; [

hosts/dust/anti-feature.nix

@@ -1,9 +1,11 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   nixpkgs.config = {
     allowAliases = false;
 
     allowNonSource = false;
-    allowNonSourcePredicate = pkg:
+    allowNonSourcePredicate =
+      pkg:
       lib.elem (lib.getName pkg) [
         "cargo-bootstrap"
         "cef-binary"
@@ -15,7 +17,8 @@
       ];
 
     allowUnfree = false;
-    allowUnfreePredicate = pkg:
+    allowUnfreePredicate =
+      pkg:
       lib.elem (lib.getName pkg) [
         "fcitx5-pinyin-minecraft"
         "fcitx5-pinyin-moegirl"

hosts/dust/default.nix

@@ -2,7 +2,8 @@
   lib,
   pkgs,
   ...
-}: {
+}:
+{
   imports = [
     ../../nixos/profiles/sing-box
     ../../nixos/profiles/wireless

hosts/dust/disko.nix

@@ -1,11 +1,15 @@
 let
   # compress-force: https://t.me/archlinuxcn_group/3054167
-  mountOptions = ["compress-force=zstd" "noatime"];
+  mountOptions = [
+    "compress-force=zstd"
+    "noatime"
+  ];
   cryptSettings = {
     allowDiscards = true;
     bypassWorkqueues = true;
   };
-in {
+in
+{
   disko.devices = {
     disk = {
       "one" = {
@@ -22,7 +26,10 @@ in {
                 type = "filesystem";
                 format = "vfat";
                 mountpoint = "/boot";
-                mountOptions = ["defaults" "umask=007"];
+                mountOptions = [
+                  "defaults"
+                  "umask=007"
+                ];
               };
             };
             "cryptroot" = {

hosts/dust/hardware-configuration.nix

@@ -1,4 +1,5 @@
-{inputs, ...}: {
+{ inputs, ... }:
+{
   imports = [
     inputs.nixpkgs.nixosModules.notDetected
     inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-12th-gen
@@ -23,7 +24,13 @@
 
   boot.kernelParams = [ "ia32_emulation=0" ];
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "thunderbolt"
+    "nvme"
+    "usb_storage"
+    "sd_mod"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];

hosts/dust/home/default.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   imports =
     [
       ./theme.nix

hosts/dust/home/theme.nix

@@ -3,7 +3,8 @@
   config,
   lib,
   ...
-}: {
+}:
+{
   home.pointerCursor = {
     name = "Adwaita";
     package = pkgs.adwaita-icon-theme;

hosts/dust/home/xdg-mime.nix

@@ -1,4 +1,5 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   # https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types
   xdg.mimeApps = {
     enable = true;

hosts/dust/impermanence.nix

@@ -1,4 +1,5 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
   fileSystems."/persist".neededForBoot = true;
   environment.persistence."/persist" = {

hosts/dust/lanzaboote.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   environment.systemPackages = [ pkgs.sbctl ];
   boot.lanzaboote = {
     enable = true;

hosts/tyo0/anti-feature.nix

@@ -1,7 +1,9 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   nixpkgs.config = {
     allowNonSource = false;
-    allowNonSourcePredicate = pkg:
+    allowNonSourcePredicate =
+      pkg:
       lib.elem (lib.getName pkg) [
         "adoptopenjdk-hotspot-bin"
         "cargo-bootstrap"
@@ -12,8 +14,10 @@
       ];
 
     allowUnfree = false;
-    allowUnfreePredicate = pkg:
-      lib.elem (lib.getName pkg) [
+    allowUnfreePredicate =
+      pkg:
+      lib.elem (lib.getName pkg)
+        [
         ];
 
     permittedInsecurePackages = [

hosts/tyo0/default.nix

@@ -3,7 +3,8 @@
   modulesPath,
   pkgs,
   ...
-}: {
+}:
+{
   imports = [
     "${modulesPath}/virtualisation/amazon-image.nix"
     ./anti-feature.nix
@@ -53,7 +54,10 @@
 
   ### Services
   networking.firewall.allowedUDPPorts = [ 443 ]; # hysteria
-  networking.firewall.allowedTCPPorts = [80 443]; # caddy
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+  ]; # caddy
 
   systemd.tmpfiles.settings = {
     "10-www" = {
@@ -122,7 +126,12 @@
   services.vnstat.enable = true;
   systemd.services."no-bankrupt" = {
     serviceConfig.Type = "oneshot";
-    path = with pkgs; [coreutils gawk vnstat systemd];
+    path = with pkgs; [
+      coreutils
+      gawk
+      vnstat
+      systemd
+    ];
     script = ''
       TRAFF_TOTAL=1900
       TRAFF_USED=$(vnstat --oneline b | awk -F ';' '{print $11}')

hosts/tyo0/services/forgejo.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   services.forgejo = {
     enable = true;
     package = pkgs.forgejo;

hosts/tyo0/services/hysteria.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   services.hysteria = {
     enable = true;
     settings = {

hosts/tyo0/services/keycloak.nix

@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
+{
   services.keycloak = {
     enable = true;
     settings = {

hosts/tyo0/services/miniflux.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   services.miniflux = {
     enable = true;
     adminCredentialsFile = config.sops.secrets."miniflux/environment".path;

hosts/tyo0/services/pixivfe.nix

@@ -2,7 +2,8 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   services.pixivfe = {
     enable = true;
     EnvironmentFile = config.sops.secrets."pixivfe/environment".path;

hosts/tyo0/services/searx.nix

@@ -2,7 +2,8 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   services.searx = {
     enable = true;
     package = pkgs.searxng;

hosts/tyo0/services/vaultwarden.nix

@@ -1,4 +1,5 @@
-{config, ...}: {
+{ config, ... }:
+{
   services.vaultwarden = {
     enable = true;
     environmentFile = config.sops.secrets."vaultwarden/environment".path;

nixos/modules/default.nix

@@ -1,4 +1,5 @@
-{...}: {
+{ ... }:
+{
   imports = [
     ./services/hysteria.nix
     ./services/pixivfe.nix

nixos/modules/services/hysteria.nix

@@ -4,17 +4,22 @@
   pkgs,
   utils,
   ...
-}: let
+}:
+let
   cfg = config.services.hysteria;
   settingsFormat = pkgs.formats.json { };
-in {
+in
+{
   options.services.hysteria = {
     enable = lib.mkEnableOption "Hysteria, a powerful, lightning fast and censorship resistant proxy";
 
     package = lib.mkPackageOption pkgs "hysteria" { };
 
     mode = lib.mkOption {
-      type = lib.types.enum ["server" "client"];
+      type = lib.types.enum [
+        "server"
+        "client"
+      ];
       default = "server";
       description = "Whether to use Hysteria as a client or a server.";
     };
@@ -54,8 +59,16 @@ in {
         StateDirectory = "hysteria";
 
         ### Hardening
-        AmbientCapabilities = ["CAP_NET_ADMIN" "CAP_NET_BIND_SERVICE" "CAP_NET_RAW"];
-        CapabilityBoundingSet = ["CAP_NET_ADMIN" "CAP_NET_BIND_SERVICE" "CAP_NET_RAW"];
+        AmbientCapabilities = [
+          "CAP_NET_ADMIN"
+          "CAP_NET_BIND_SERVICE"
+          "CAP_NET_RAW"
+        ];
+        CapabilityBoundingSet = [
+          "CAP_NET_ADMIN"
+          "CAP_NET_BIND_SERVICE"
+          "CAP_NET_RAW"
+        ];
         NoNewPrivileges = true;
         PrivateMounts = true;
         PrivateTmp = true;

nixos/modules/services/pixivfe.nix

@@ -4,13 +4,17 @@
   inputs,
   pkgs,
   ...
-}: let
+}:
+let
   cfg = config.services.pixivfe;
-in {
+in
+{
   options.services.pixivfe = {
     enable = lib.mkEnableOption "PixivFE, a privacy respecting frontend for Pixiv";
 
-    package = lib.mkPackageOption inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system} "pixivfe" {};
+    package =
+      lib.mkPackageOption inputs.self.legacyPackages.${pkgs.stdenv.hostPlatform.system} "pixivfe"
+        { };
 
     openFirewall = lib.mkEnableOption "open ports in the firewall needed for the daemon to function";
 
@@ -46,10 +50,7 @@ in {
   config = lib.mkIf cfg.enable {
     assertions = [
       {
-        assertion =
-          if cfg.openFirewall
-          then (cfg.settings ? PIXIVFE_PORT)
-          else true;
+        assertion = if cfg.openFirewall then (cfg.settings ? PIXIVFE_PORT) else true;
         message = ''
           PIXIVFE_PORT must be specified for NixOS to open a port.
 
@@ -58,9 +59,10 @@ in {
       }
       {
         assertion =
-          if (cfg.EnvironmentFile == null)
-          then (cfg.settings ? PIXIVFE_UNIXSOCKET) || (cfg.settings ? PIXIVFE_PORT)
-          else true;
+          if (cfg.EnvironmentFile == null) then
+            (cfg.settings ? PIXIVFE_UNIXSOCKET) || (cfg.settings ? PIXIVFE_PORT)
+          else
+            true;
         message = ''
           PIXIVFE_PORT or PIXIVFE_UNIXSOCKET must be set for PixivFE to run.
 
@@ -68,10 +70,7 @@ in {
         '';
       }
       {
-        assertion =
-          if (cfg.EnvironmentFile == null)
-          then cfg.settings ? PIXIVFE_TOKEN
-          else true;
+        assertion = if (cfg.EnvironmentFile == null) then cfg.settings ? PIXIVFE_TOKEN else true;
         message = ''
           PIXIVFE_TOKEN must be set for PixivFE to run.
 
@@ -86,11 +85,9 @@ in {
       wantedBy = [ "multi-user.target" ];
       after = [ "network-online.target" ];
       wants = [ "network-online.target" ];
-      environment = lib.mkIf (cfg.settings != null) (lib.mapAttrs (_: v:
-        if lib.isBool v
-        then lib.boolToString v
-        else toString v)
-      cfg.settings);
+      environment = lib.mkIf (cfg.settings != null) (
+        lib.mapAttrs (_: v: if lib.isBool v then lib.boolToString v else toString v) cfg.settings
+      );
       serviceConfig = {
         inherit (cfg) EnvironmentFile;
         ExecStart = lib.getExe cfg.package;

nixos/profiles/core/default.nix

@@ -4,7 +4,8 @@
   inputs,
   pkgs,
   ...
-}: {
+}:
+{
   imports =
     [
       ./hardening.nix
@@ -29,7 +30,9 @@
     users.guanranwang = import ../../../home;
     useGlobalPkgs = true;
     useUserPackages = true;
-    extraSpecialArgs = {inherit inputs;};
+    extraSpecialArgs = {
+      inherit inputs;
+    };
   };
 
   boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;

nixos/profiles/core/nix.nix

@@ -3,7 +3,8 @@
   config,
   inputs,
   ...
-}: {
+}:
+{
   nix.settings = {
     substituters =
       (lib.optionals (config.time.timeZone == "Asia/Shanghai") [

nixos/profiles/core/zram.nix

@@ -1,4 +1,5 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   services.zram-generator = {
     enable = true;
     settings.zram0 = {

nixos/profiles/server/default.nix

@@ -2,14 +2,16 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   environment.systemPackages = with pkgs; [
     foot.terminfo
   ];
 
   # TODO: colmena
   services.openssh.settings.PermitRootLogin = "prohibit-password";
-  users.users."root".openssh.authorizedKeys.keys = config.users.users.guanranwang.openssh.authorizedKeys.keys;
+  users.users."root".openssh.authorizedKeys.keys =
+    config.users.users.guanranwang.openssh.authorizedKeys.keys;
 
   time.timeZone = "UTC";
 }

nixos/profiles/sing-box/default.nix

@@ -2,7 +2,8 @@
   pkgs,
   config,
   ...
-}: {
+}:
+{
   services.sing-box = {
     enable = true;
     settings = {
@@ -94,9 +95,11 @@
     httpsProxy = "http://127.0.0.1:1080/";
   };
 
-  environment.shellAliases = let
+  environment.shellAliases =
+    let
       inherit (config.networking.proxy) httpProxy httpsProxy;
-  in {
+    in
+    {
       "setproxy" = "export http_proxy=${httpProxy} https_proxy=${httpsProxy}";
       "unsetproxy" = "set -e http_proxy https_proxy";
     };

nixos/profiles/wireless/default.nix

@@ -1,4 +1,5 @@
-{lib, ...}: {
+{ lib, ... }:
+{
   sops.secrets = lib.mapAttrs (_name: value: value // { sopsFile = ./secrets.yaml; }) {
     "wireless/wangxiaobo".path = "/var/lib/iwd/wangxiaobo.psk";
     "wireless/ImmortalWrt".path = "/var/lib/iwd/ImmortalWrt.psk";

overlays/default.nix

@@ -1,9 +1,11 @@
 let
-  addPatches = pkg: patches:
+  addPatches =
+    pkg: patches:
     pkg.overrideAttrs (old: {
       patches = (old.patches or [ ]) ++ patches;
     });
-in {
+in
+{
   patches = _final: prev: {
     # https://aur.archlinux.org/pkgbase/nautilus-typeahead
     nautilus = prev.nautilus.overrideAttrs {
@@ -21,7 +23,8 @@ in {
       '';
     };
 
-    qt6Packages = prev.qt6Packages.overrideScope (_final': prev': {
+    qt6Packages = prev.qt6Packages.overrideScope (
+      _final': prev': {
         # HACK: no more qt5
         fcitx5-with-addons = prev'.fcitx5-with-addons.override {
           libsForQt5.fcitx5-qt = prev.emptyDirectory;
@@ -33,25 +36,27 @@ in {
             curl = prev.emptyDirectory;
             opencc = prev.emptyDirectory;
             qtwebengine = prev.emptyDirectory;
-        })
-        .overrideAttrs (oldAttrs: {
-          buildInputs = oldAttrs.buildInputs ++ [prev.gettext prev'.qtbase];
-          cmakeFlags =
-            oldAttrs.cmakeFlags
-            ++ [
+          }).overrideAttrs
+            (oldAttrs: {
+              buildInputs = oldAttrs.buildInputs ++ [
+                prev.gettext
+                prev'.qtbase
+              ];
+              cmakeFlags = oldAttrs.cmakeFlags ++ [
                 (prev.lib.cmakeBool "ENABLE_BROWSER" false)
                 (prev.lib.cmakeBool "ENABLE_CLOUDPINYIN" false)
                 (prev.lib.cmakeBool "ENABLE_OPENCC" false)
               ];
             });
-    });
+      }
+    );
 
     # HACK: no more gtk2
     gnome-themes-extra =
       (prev.gnome-themes-extra.override {
         gtk2 = prev.emptyDirectory;
-      })
-      .overrideAttrs {
+      }).overrideAttrs
+        {
           configureFlags = [ "--disable-gtk2-engine" ];
         };
 

pkgs/default.nix

@@ -1,8 +1,10 @@
 # NOTE: 301: All packages are migrated to `github:Guanran928/nur-packages`,
 #       only keeping some packages that only fits for personal use.
-pkgs: let
+pkgs:
+let
   inherit (pkgs) callPackage;
-in {
+in
+{
   # https://github.com/NixOS/nixpkgs/pull/308720
   pixivfe = callPackage ./pixivfe.nix { };
 

treefmt.nix

@@ -2,7 +2,7 @@
   projectRootFile = "flake.nix";
 
   ### nix
-  programs.alejandra.enable = true;
+  programs.nixfmt.enable = true;
   programs.deadnix.enable = true;
   programs.statix.enable = true;