From 2499b916921adde8a694117bc007efdde8bbd918 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Sun, 27 Feb 2022 02:19:28 +0100 Subject: [PATCH] treewide: apply nixfmt to a few more files --- format | 5 - modules/programs/gpg.nix | 185 +++++++++--------- modules/services/gpg-agent.nix | 77 ++++---- modules/services/mpd.nix | 35 ++-- .../home-environment/session-variables.nix | 3 +- .../programs/gpg/override-defaults.nix | 9 +- 6 files changed, 154 insertions(+), 160 deletions(-) diff --git a/format b/format index 41bbdee4..8bf78064 100755 --- a/format +++ b/format @@ -25,13 +25,8 @@ find . -name '*.nix' \ ! -path ./modules/manual.nix \ ! -path ./modules/misc/news.nix \ ! -path ./modules/programs/bash.nix \ - ! -path ./modules/programs/gpg.nix \ ! -path ./modules/programs/ssh.nix \ ! -path ./modules/programs/zsh.nix \ - ! -path ./modules/services/gpg-agent.nix \ - ! -path ./modules/services/mpd.nix \ ! -path ./nix-darwin/default.nix \ ! -path ./tests/default.nix \ - ! -path ./tests/modules/home-environment/session-variables.nix \ - ! -path ./tests/modules/programs/gpg/override-defaults.nix \ -exec nixfmt $CHECK_ARG {} + diff --git a/modules/programs/gpg.nix b/modules/programs/gpg.nix index 6cb04292..184c2516 100644 --- a/modules/programs/gpg.nix +++ b/modules/programs/gpg.nix @@ -6,9 +6,7 @@ let cfg = config.programs.gpg; mkKeyValue = key: value: - if isString value - then "${key} ${value}" - else optionalString value key; + if isString value then "${key} ${value}" else optionalString value key; cfgText = generators.toKeyValue { inherit mkKeyValue; @@ -22,7 +20,7 @@ let primitiveType = types.oneOf [ types.str types.bool ]; - publicKeyOpts = { config, ...}: { + publicKeyOpts = { config, ... }: { options = { text = mkOption { type = types.nullOr types.str; @@ -40,7 +38,18 @@ let }; trust = mkOption { - type = types.nullOr (types.enum ["unknown" 1 "never" 2 "marginal" 3 "full" 4 "ultimate" 5]); + type = types.nullOr (types.enum [ + "unknown" + 1 + "never" + 2 + "marginal" + 3 + "full" + 4 + "ultimate" + 5 + ]); default = null; apply = v: if isString v then @@ -51,7 +60,8 @@ let full = 4; ultimate = 5; }.${v} - else v; + else + v; description = '' The amount of trust you have in the key ownership and the care the owner puts into signing other keys. The available levels are @@ -85,58 +95,55 @@ let }; config = { - source = mkIf (config.text != null) - (pkgs.writeText "gpg-pubkey" config.text); + source = + mkIf (config.text != null) (pkgs.writeText "gpg-pubkey" config.text); }; }; - importTrustBashFunctions = - let gpg = "${cfg.package}/bin/gpg"; - in '' - function gpgKeyId() { - ${gpg} --show-key --with-colons "$1" \ - | grep ^pub: \ - | cut -d: -f5 - } + importTrustBashFunctions = let gpg = "${cfg.package}/bin/gpg"; + in '' + function gpgKeyId() { + ${gpg} --show-key --with-colons "$1" \ + | grep ^pub: \ + | cut -d: -f5 + } - function importTrust() { - local keyId trust - keyId="$(gpgKeyId "$1")" - trust="$2" - if [[ -n $keyId ]] ; then - { echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \ - | ${gpg} --no-tty --command-fd 0 --edit-key "$keyId" - fi - } + function importTrust() { + local keyId trust + keyId="$(gpgKeyId "$1")" + trust="$2" + if [[ -n $keyId ]] ; then + { echo trust; echo "$trust"; (( trust == 5 )) && echo y; echo quit; } \ + | ${gpg} --no-tty --command-fd 0 --edit-key "$keyId" + fi + } ''; - keyringFiles = - let - gpg = "${cfg.package}/bin/gpg"; + keyringFiles = let + gpg = "${cfg.package}/bin/gpg"; - importKey = { source, trust, ... }: '' - ${gpg} --import ${source} - ${optionalString (trust != null) '' - importTrust "${source}" ${toString trust}''} - ''; - - importKeys = concatMapStringsSep "\n" importKey cfg.publicKeys; - in pkgs.runCommand "gpg-pubring" { buildInputs = [ cfg.package ]; } '' - export GNUPGHOME - GNUPGHOME=$(mktemp -d) - - ${importTrustBashFunctions} - ${importKeys} - - mkdir $out - cp $GNUPGHOME/pubring.kbx $out/pubring.kbx - if [[ -e $GNUPGHOME/trustdb.gpg ]] ; then - cp $GNUPGHOME/trustdb.gpg $out/trustdb.gpg - fi + importKey = { source, trust, ... }: '' + ${gpg} --import ${source} + ${optionalString (trust != null) + ''importTrust "${source}" ${toString trust}''} ''; -in -{ + importKeys = concatMapStringsSep "\n" importKey cfg.publicKeys; + in pkgs.runCommand "gpg-pubring" { buildInputs = [ cfg.package ]; } '' + export GNUPGHOME + GNUPGHOME=$(mktemp -d) + + ${importTrustBashFunctions} + ${importKeys} + + mkdir $out + cp $GNUPGHOME/pubring.kbx $out/pubring.kbx + if [[ -e $GNUPGHOME/trustdb.gpg ]] ; then + cp $GNUPGHOME/trustdb.gpg $out/trustdb.gpg + fi + ''; + +in { options.programs.gpg = { enable = mkEnableOption "GnuPG"; @@ -145,11 +152,13 @@ in default = pkgs.gnupg; defaultText = literalExpression "pkgs.gnupg"; example = literalExpression "pkgs.gnupg23"; - description = "The Gnupg package to use (also used the gpg-agent service)."; + description = + "The Gnupg package to use (also used the gpg-agent service)."; }; settings = mkOption { - type = types.attrsOf (types.either primitiveType (types.listOf types.str)); + type = + types.attrsOf (types.either primitiveType (types.listOf types.str)); example = literalExpression '' { no-comments = false; @@ -167,7 +176,8 @@ in }; scdaemonSettings = mkOption { - type = types.attrsOf (types.either primitiveType (types.listOf types.str)); + type = + types.attrsOf (types.either primitiveType (types.listOf types.str)); example = literalExpression '' { disable-ccid = true; @@ -182,9 +192,10 @@ in homedir = mkOption { type = types.path; - example = literalExpression "\"\${config.xdg.dataHome}/gnupg\""; + example = literalExpression ''"''${config.xdg.dataHome}/gnupg"''; default = "${config.home.homeDirectory}/.gnupg"; - defaultText = literalExpression "\"\${config.home.homeDirectory}/.gnupg\""; + defaultText = + literalExpression ''"''${config.home.homeDirectory}/.gnupg"''; description = "Directory to store keychains and configuration."; }; @@ -236,7 +247,8 @@ in personal-cipher-preferences = mkDefault "AES256 AES192 AES"; personal-digest-preferences = mkDefault "SHA512 SHA384 SHA256"; personal-compress-preferences = mkDefault "ZLIB BZIP2 ZIP Uncompressed"; - default-preference-list = mkDefault "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; + default-preference-list = mkDefault + "SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed"; cert-digest-algo = mkDefault "SHA512"; s2k-digest-algo = mkDefault "SHA512"; s2k-cipher-algo = mkDefault "AES256"; @@ -258,9 +270,7 @@ in }; home.packages = [ cfg.package ]; - home.sessionVariables = { - GNUPGHOME = cfg.homedir; - }; + home.sessionVariables = { GNUPGHOME = cfg.homedir; }; home.file."${cfg.homedir}/gpg.conf".text = cfgText; @@ -268,45 +278,42 @@ in # Link keyring if keys are not mutable home.file."${cfg.homedir}/pubring.kbx" = - mkIf (!cfg.mutableKeys && cfg.publicKeys != []) { + mkIf (!cfg.mutableKeys && cfg.publicKeys != [ ]) { source = "${keyringFiles}/pubring.kbx"; }; - home.activation = mkIf (cfg.publicKeys != []) { - importGpgKeys = - let - gpg = "${cfg.package}/bin/gpg"; + home.activation = mkIf (cfg.publicKeys != [ ]) { + importGpgKeys = let + gpg = "${cfg.package}/bin/gpg"; - importKey = { source, trust, ... }: - # Import mutable keys - optional cfg.mutableKeys '' - $DRY_RUN_CMD ${gpg} $QUIET_ARG --import ${source}'' + importKey = { source, trust, ... }: + # Import mutable keys + optional cfg.mutableKeys + "$DRY_RUN_CMD ${gpg} $QUIET_ARG --import ${source}" - # Import mutable trust - ++ optional (trust != null && cfg.mutableTrust) '' - $DRY_RUN_CMD importTrust "${source}" ${toString trust}''; + # Import mutable trust + ++ optional (trust != null && cfg.mutableTrust) + ''$DRY_RUN_CMD importTrust "${source}" ${toString trust}''; - anyTrust = any (k: k.trust != null) cfg.publicKeys; + anyTrust = any (k: k.trust != null) cfg.publicKeys; - importKeys = concatStringsSep "\n" (concatMap importKey cfg.publicKeys); + importKeys = concatStringsSep "\n" (concatMap importKey cfg.publicKeys); - # If any key/trust should be imported then create the block. Otherwise - # leave it empty. - block = concatStringsSep "\n" ( - optional (importKeys != "") '' - export GNUPGHOME=${escapeShellArg cfg.homedir} - if [[ ! -v VERBOSE ]]; then - QUIET_ARG="--quiet" - else - QUIET_ARG="" - fi - ${importTrustBashFunctions} - ${importKeys} - unset GNUPGHOME QUIET_ARG keyId importTrust - '' ++ optional (!cfg.mutableTrust && anyTrust) '' - install -m 0700 ${keyringFiles}/trustdb.gpg "${cfg.homedir}/trustdb.gpg"'' - ); - in lib.hm.dag.entryAfter ["linkGeneration"] block; + # If any key/trust should be imported then create the block. Otherwise + # leave it empty. + block = concatStringsSep "\n" (optional (importKeys != "") '' + export GNUPGHOME=${escapeShellArg cfg.homedir} + if [[ ! -v VERBOSE ]]; then + QUIET_ARG="--quiet" + else + QUIET_ARG="" + fi + ${importTrustBashFunctions} + ${importKeys} + unset GNUPGHOME QUIET_ARG keyId importTrust + '' ++ optional (!cfg.mutableTrust && anyTrust) '' + install -m 0700 ${keyringFiles}/trustdb.gpg "${cfg.homedir}/trustdb.gpg"''); + in lib.hm.dag.entryAfter [ "linkGeneration" ] block; }; }; } diff --git a/modules/services/gpg-agent.nix b/modules/services/gpg-agent.nix index 175fba42..d4ccef3e 100644 --- a/modules/services/gpg-agent.nix +++ b/modules/services/gpg-agent.nix @@ -12,9 +12,8 @@ let gpgInitStr = '' GPG_TTY="$(tty)" export GPG_TTY - '' - + optionalString cfg.enableSshSupport - "${gpgPkg}/bin/gpg-connect-agent updatestartuptty /bye > /dev/null"; + '' + optionalString cfg.enableSshSupport + "${gpgPkg}/bin/gpg-connect-agent updatestartuptty /bye > /dev/null"; # mimic `gpgconf` output for use in `systemd` unit definitions. # we cannot use `gpgconf` directly because it heavily depends on system @@ -22,7 +21,8 @@ let # https://github.com/gpg/gnupg/blob/c6702d77d936b3e9d91b34d8fdee9599ab94ee1b/common/homedir.c#L672-L681 gpgconf = dir: let - hash = substring 0 24 (hexStringToBase32 (builtins.hashString "sha1" homedir)); + hash = + substring 0 24 (hexStringToBase32 (builtins.hashString "sha1" homedir)); in if homedir == options.programs.gpg.homedir.default then "%t/gnupg/${dir}" else @@ -36,10 +36,18 @@ let splitChars = s: init (tail (splitString "" s)); base32Alphabet = splitChars "ybndrfg8ejkmcpqxot1uwisza345h769"; - hexToIntTable = listToAttrs (genList (x: { name = toLower (toHexString x); value = x; }) 16); + hexToIntTable = listToAttrs (genList (x: { + name = toLower (toHexString x); + value = x; + }) 16); - initState = { ret = ""; buf = 0; bufBits = 0; }; - go = { ret, buf, bufBits }: hex: + initState = { + ret = ""; + buf = 0; + bufBits = 0; + }; + go = { ret, buf, bufBits }: + hex: let buf' = buf * pow2 4 + hexToIntTable.${hex}; bufBits' = bufBits + 4; @@ -55,9 +63,7 @@ let }; in hexString: (foldl' go initState (splitChars hexString)).ret; -in - -{ +in { meta.maintainers = [ maintainers.rycee ]; options = { @@ -196,30 +202,21 @@ in config = mkIf cfg.enable (mkMerge [ { - home.file."${homedir}/gpg-agent.conf".text = concatStringsSep "\n" ( - optional (cfg.enableSshSupport) "enable-ssh-support" - ++ - optional (!cfg.grabKeyboardAndMouse) "no-grab" - ++ - optional (!cfg.enableScDaemon) "disable-scdaemon" - ++ - optional (cfg.defaultCacheTtl != null) + home.file."${homedir}/gpg-agent.conf".text = concatStringsSep "\n" + (optional (cfg.enableSshSupport) "enable-ssh-support" + ++ optional (!cfg.grabKeyboardAndMouse) "no-grab" + ++ optional (!cfg.enableScDaemon) "disable-scdaemon" + ++ optional (cfg.defaultCacheTtl != null) "default-cache-ttl ${toString cfg.defaultCacheTtl}" - ++ - optional (cfg.defaultCacheTtlSsh != null) + ++ optional (cfg.defaultCacheTtlSsh != null) "default-cache-ttl-ssh ${toString cfg.defaultCacheTtlSsh}" - ++ - optional (cfg.maxCacheTtl != null) + ++ optional (cfg.maxCacheTtl != null) "max-cache-ttl ${toString cfg.maxCacheTtl}" - ++ - optional (cfg.maxCacheTtlSsh != null) + ++ optional (cfg.maxCacheTtlSsh != null) "max-cache-ttl-ssh ${toString cfg.maxCacheTtlSsh}" - ++ - optional (cfg.pinentryFlavor != null) + ++ optional (cfg.pinentryFlavor != null) "pinentry-program ${pkgs.pinentry.${cfg.pinentryFlavor}}/bin/pinentry" - ++ - [ cfg.extraConfig ] - ); + ++ [ cfg.extraConfig ]); home.sessionVariablesExtra = optionalString cfg.enableSshSupport '' if [[ -z "$SSH_AUTH_SOCK" ]]; then @@ -236,7 +233,9 @@ in (mkIf (cfg.sshKeys != null) { # Trailing newlines are important - home.file."${homedir}/sshcontrol".text = concatMapStrings (s: "${s}\n") cfg.sshKeys; + home.file."${homedir}/sshcontrol".text = concatMapStrings (s: '' + ${s} + '') cfg.sshKeys; }) # The systemd units below are direct translations of the @@ -277,9 +276,7 @@ in DirectoryMode = "0700"; }; - Install = { - WantedBy = [ "sockets.target" ]; - }; + Install = { WantedBy = [ "sockets.target" ]; }; }; } @@ -287,7 +284,8 @@ in systemd.user.sockets.gpg-agent-ssh = { Unit = { Description = "GnuPG cryptographic agent (ssh-agent emulation)"; - Documentation = "man:gpg-agent(1) man:ssh-add(1) man:ssh-agent(1) man:ssh(1)"; + Documentation = + "man:gpg-agent(1) man:ssh-add(1) man:ssh-agent(1) man:ssh(1)"; }; Socket = { @@ -298,16 +296,15 @@ in DirectoryMode = "0700"; }; - Install = { - WantedBy = [ "sockets.target" ]; - }; + Install = { WantedBy = [ "sockets.target" ]; }; }; }) (mkIf cfg.enableExtraSocket { systemd.user.sockets.gpg-agent-extra = { Unit = { - Description = "GnuPG cryptographic agent and passphrase cache (restricted)"; + Description = + "GnuPG cryptographic agent and passphrase cache (restricted)"; Documentation = "man:gpg-agent(1) man:ssh(1)"; }; @@ -319,9 +316,7 @@ in DirectoryMode = "0700"; }; - Install = { - WantedBy = [ "sockets.target" ]; - }; + Install = { WantedBy = [ "sockets.target" ]; }; }; }) ]); diff --git a/modules/services/mpd.nix b/modules/services/mpd.nix index 5800a18c..f71d96a4 100644 --- a/modules/services/mpd.nix +++ b/modules/services/mpd.nix @@ -18,9 +18,9 @@ let sticker_file "${cfg.dataDir}/sticker.sql" ${optionalString (cfg.network.listenAddress != "any") - ''bind_to_address "${cfg.network.listenAddress}"''} + ''bind_to_address "${cfg.network.listenAddress}"''} ${optionalString (cfg.network.port != 6600) - ''port "${toString cfg.network.port}"''} + ''port "${toString cfg.network.port}"''} ${cfg.extraConfig} ''; @@ -54,7 +54,7 @@ in { type = with types; either path str; default = "${config.home.homeDirectory}/music"; defaultText = "$HOME/music"; - apply = toString; # Prevent copies to Nix store. + apply = toString; # Prevent copies to Nix store. description = '' The directory where mpd reads music from. ''; @@ -63,8 +63,8 @@ in { playlistDirectory = mkOption { type = types.path; default = "${cfg.dataDir}/playlists"; - defaultText = ''''${dataDir}/playlists''; - apply = toString; # Prevent copies to Nix store. + defaultText = "\${dataDir}/playlists"; + apply = toString; # Prevent copies to Nix store. description = '' The directory where mpd stores playlists. ''; @@ -89,7 +89,7 @@ in { type = types.path; default = "${config.xdg.dataHome}/${name}"; defaultText = "$XDG_DATA_HOME/mpd"; - apply = toString; # Prevent copies to Nix store. + apply = toString; # Prevent copies to Nix store. description = '' The directory where MPD stores its state, tag cache, playlists etc. @@ -101,7 +101,7 @@ in { type = types.bool; default = false; description = '' - Enable systemd socket activation. + Enable systemd socket activation. ''; }; @@ -128,7 +128,7 @@ in { dbFile = mkOption { type = types.nullOr types.str; default = "${cfg.dataDir}/tag_cache"; - defaultText = ''''${dataDir}/tag_cache''; + defaultText = "\${dataDir}/tag_cache"; description = '' The path to MPD's database. If set to null the parameter is omitted from the @@ -139,13 +139,11 @@ in { }; - ###### implementation config = mkIf cfg.enable { assertions = [ - (lib.hm.assertions.assertPlatform "services.mpd" pkgs - lib.platforms.linux) + (lib.hm.assertions.assertPlatform "services.mpd" pkgs lib.platforms.linux) ]; systemd.user.services.mpd = { @@ -162,25 +160,24 @@ in { Environment = "PATH=${config.home.profileDirectory}/bin"; ExecStart = "${cfg.package}/bin/mpd --no-daemon ${mpdConf}"; Type = "notify"; - ExecStartPre = ''${pkgs.bash}/bin/bash -c "${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}' '${cfg.playlistDirectory}'"''; + ExecStartPre = '' + ${pkgs.bash}/bin/bash -c "${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}' '${cfg.playlistDirectory}'"''; }; }; systemd.user.sockets.mpd = mkIf cfg.network.startWhenNeeded { Socket = { ListenStream = let - listen = - if cfg.network.listenAddress == "any" - then toString cfg.network.port - else "${cfg.network.listenAddress}:${toString cfg.network.port}"; + listen = if cfg.network.listenAddress == "any" then + toString cfg.network.port + else + "${cfg.network.listenAddress}:${toString cfg.network.port}"; in [ listen "%t/mpd/socket" ]; Backlog = 5; KeepAlive = true; }; - Install = { - WantedBy = [ "sockets.target" ]; - }; + Install = { WantedBy = [ "sockets.target" ]; }; }; }; diff --git a/tests/modules/home-environment/session-variables.nix b/tests/modules/home-environment/session-variables.nix index eae7830f..08c988d2 100644 --- a/tests/modules/home-environment/session-variables.nix +++ b/tests/modules/home-environment/session-variables.nix @@ -31,7 +31,8 @@ let export XDG_STATE_HOME="/home/hm-user/.local/state" ''; - expected = pkgs.writeText "expected" (if isDarwin then darwinExpected else linuxExpected); + expected = pkgs.writeText "expected" + (if isDarwin then darwinExpected else linuxExpected); in { config = { diff --git a/tests/modules/programs/gpg/override-defaults.nix b/tests/modules/programs/gpg/override-defaults.nix index 62fe50dc..e4104339 100644 --- a/tests/modules/programs/gpg/override-defaults.nix +++ b/tests/modules/programs/gpg/override-defaults.nix @@ -11,10 +11,7 @@ with lib; no-comments = false; s2k-cipher-algo = "AES128"; throw-keyids = true; - trusted-key = [ - "0xXXXXXXXXXXXXX" - "0xYYYYYYYYYYYYY" - ]; + trusted-key = [ "0xXXXXXXXXXXXXX" "0xYYYYYYYYYYYYY" ]; }; homedir = "${config.home.homeDirectory}/bar/foopg"; @@ -22,7 +19,9 @@ with lib; nmt.script = '' assertFileExists home-files/bar/foopg/gpg.conf - assertFileContent home-files/bar/foopg/gpg.conf ${./override-defaults-expected.conf} + assertFileContent home-files/bar/foopg/gpg.conf ${ + ./override-defaults-expected.conf + } assertFileNotRegex activate "^unset GNUPGHOME keyId importTrust$" '';