style(treewide): Switch to nixfmt

flake.nix

@@ -14,19 +14,22 @@
     };
   };
 
-  outputs = {
+  outputs =
+    {
       self,
       nixpkgs,
       dream2nix,
       fenix,
-  }: let
+    }:
+    let
       # At the moment, we only deploy to x86_64-linux. Update when we
       # care about another platform.
       system = "x86_64-linux";
       pkgs = nixpkgs.legacyPackages.${system};
       fenixPkgs = fenix.packages.${system};
       ownPkgs = self.packages.${system};
-  in {
+    in
+    {
       packages.${system} = dream2nix.lib.importPackages {
         projectRoot = ./.;
         projectRootFile = "flake.nix";
@@ -38,19 +41,25 @@
       };
 
       apps.${system} = {
-      default = let
+        default =
+          let
             inherit (ownPkgs) server templates;
             inherit (pkgs) writeShellScript;
-      in {
+          in
+          {
             type = "app";
-        program = builtins.toString (writeShellScript "tlaternet-webserver" ''
+            program = builtins.toString (
+              writeShellScript "tlaternet-webserver" ''
                 ${server}/bin/tlaternet-webserver --template-directory ${templates}
-        '');
+              ''
+            );
           };
 
-      update = let
+        update =
+          let
             update-script = pkgs.callPackage ./nix/update.nix { inherit self; };
-      in {
+          in
+          {
             type = "app";
             program = "${update-script}/bin/update";
           };
@@ -76,8 +85,6 @@
         };
       };
 
-    checks.${system} = import ./nix/checks {
+      checks.${system} = import ./nix/checks { inherit self pkgs; };
-      inherit self pkgs;
-    };
     };
 }

nix/checks/default.nix

@@ -1,9 +1,8 @@
-{
+{ pkgs, self }:
-  pkgs,
+let
-  self,
-}: let
   callPackage = pkgs.lib.callPackageWith (pkgs // { inherit self; });
-in {
+in
+{
   lintNix = callPackage ./lint-nix.nix { };
   openHomepage = callPackage ./open-homepage.nix { };
 }

nix/checks/lint-nix.nix

@@ -2,10 +2,11 @@
   self,
   lib,
   stdenv,
-  alejandra,
+  nixfmt-rfc-style,
   deadnix,
   statix,
-}: let
+}:
+let
   inherit (lib) sourceFilesBySuffices;
 in
 stdenv.mkDerivation {
@@ -17,10 +18,14 @@ in
 
   name = "lint-nix";
   src = sourceFilesBySuffices self [ ".nix" ];
-    checkInputs = [alejandra deadnix statix];
+  checkInputs = [
+    nixfmt-rfc-style
+    deadnix
+    statix
+  ];
   checkPhase = ''
     mkdir -p $out
-      alejandra --check . | tee $out/alejandra.log
+    nixfmt --strict --check . | tee $out/nixfmt.log
     deadnix --fail | tee $out/deadnix.log
     statix check | tee $out/statix.log
   '';

nix/checks/open-homepage.nix

@@ -1,7 +1,4 @@
-{
+{ self, nixosTest }:
-  self,
-  nixosTest,
-}:
 nixosTest {
   name = "open-homepage";
 

nix/module.nix

@@ -1,18 +1,14 @@
-{
+{ self, system }:
-  self,
+{ config, lib, ... }:
-  system,
+let
-}: {
-  config,
-  lib,
-  ...
-}: let
   inherit (lib) mkEnableOption mkIf mkOption;
   inherit (lib.types) str int;
   inherit (lib.strings) escapeShellArgs;
   inherit (self.packages.${system}) server templates;
 
   cfg = config.services.tlaternet-webserver;
-in {
+in
+{
   options = {
     services.tlaternet-webserver = {
       enable = mkEnableOption "tlaternet web server";
@@ -60,14 +56,21 @@ in {
         ProtectKernelModules = true;
         ProtectKernelLogs = true;
         ProtectControlGroups = true;
-        RestrictAddressFamilies = ["AF_UNIX" "AF_INET" "AF_INET6"];
+        RestrictAddressFamilies = [
+          "AF_UNIX"
+          "AF_INET"
+          "AF_INET6"
+        ];
         RestrictNamespaces = true;
         LockPersonality = true;
         MemoryDenyWriteExecute = true;
         RestrictRealtime = true;
         RestrictSUIDSGID = true;
         SystemCallArchitectures = "native";
-        SystemCallFilter = ["@system-service" "~@privileged @resources @setuid @keyring"];
+        SystemCallFilter = [
+          "@system-service"
+          "~@privileged @resources @setuid @keyring"
+        ];
       };
     };
   };

nix/update.nix

@@ -6,20 +6,25 @@
   git,
   nix,
   yq-go,
-}: let
+}:
+let
   selfPackages = self.packages.${system};
   inherit (selfPackages.server.config.deps) cargo;
   inherit (selfPackages.templates.config.deps) npm;
 
   npm-check-updates =
-    (builtins.elemAt (lib.attrValues
+    (builtins.elemAt (lib.attrValues selfPackages.templates.config.nodejs-granular-v3.deps.npm-check-updates) 0)
-      selfPackages.templates.config.nodejs-granular-v3.deps.npm-check-updates)
+    .package-func.result;
-    0)
-    .package-func
-    .result;
 in
 writeShellApplication {
   name = "update";
-    runtimeInputs = [cargo git nix npm npm-check-updates yq-go];
+  runtimeInputs = [
+    cargo
+    git
+    nix
+    npm
+    npm-check-updates
+    yq-go
+  ];
   text = builtins.readFile ./scripts/update.sh;
 }

packages/server/default.nix

@@ -1,11 +1,14 @@
-{ dream2nix, lib, ... }: {
+{ dream2nix, lib, ... }:
+{
   imports = [
     dream2nix.modules.dream2nix.rust-cargo-lock
     dream2nix.modules.dream2nix.rust-cargo-vendor
     dream2nix.modules.dream2nix.rust-crane
   ];
 
-  deps = {fenix, ...}: {
+  deps =
+    { fenix, ... }:
+    {
       deps.cargo = fenix.stable.minimalToolchain;
     };
 

packages/templates/default.nix

@@ -3,15 +3,24 @@
   config,
   lib,
   ...
-}: {
+}:
+{
   imports = [
     dream2nix.modules.dream2nix.nodejs-package-json-v3
     dream2nix.modules.dream2nix.nodejs-granular-v3
     dream2nix.modules.dream2nix.nodejs-devshell-v3
   ];
 
-  deps = {nixpkgs, ...}: {
+  deps =
-    inherit (nixpkgs) pkg-config runCommandLocal rsync vips yj;
+    { nixpkgs, ... }:
+    {
+      inherit (nixpkgs)
+        pkg-config
+        runCommandLocal
+        rsync
+        vips
+        yj
+        ;
     };
 
   name = "tlaternet-templates";