fmt

services/gitea.nix

@@ -68,7 +68,7 @@
       # defaults: maxretry=5, findtime=10m, bantime=10m
     };
     filter.Definition = {
-      failregex = ''^.*Failed authentication attempt for .* from <HOST>:.*$'';
+      failregex = "^.*Failed authentication attempt for .* from <HOST>:.*$";
       ignoreregex = "";
       journalmatch = "_SYSTEMD_UNIT=gitea.service";
     };

services/immich.nix

@@ -52,7 +52,7 @@
       # defaults: maxretry=5, findtime=10m, bantime=10m
     };
     filter.Definition = {
-      failregex = ''^.*Failed login attempt for user .* from ip address <HOST>.*$'';
+      failregex = "^.*Failed login attempt for user .* from ip address <HOST>.*$";
       ignoreregex = "";
       journalmatch = "_SYSTEMD_UNIT=immich-server.service";
     };

tests/fail2ban-caddy.nix

@@ -9,7 +9,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, pkgs, lib, ... }:
+      {
+        config,
+        pkgs,
+        lib,
+        ...
+      }:
       {
         imports = [
           ../modules/security.nix

tests/fail2ban-gitea.nix

@@ -21,7 +21,10 @@ let
 
   testLib = lib.extend (
     final: prev: {
-      serviceMountWithZpool = serviceName: zpool: dirs: { ... }: { };
+      serviceMountWithZpool =
+        serviceName: zpool: dirs:
+        { ... }:
+        { };
     }
   );
 
@@ -42,7 +45,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, lib, pkgs, ... }:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }:
       {
         imports = [
           ../modules/security.nix

tests/fail2ban-immich.nix

@@ -20,7 +20,10 @@ let
 
   testLib = lib.extend (
     final: prev: {
-      serviceMountWithZpool = serviceName: zpool: dirs: { ... }: { };
+      serviceMountWithZpool =
+        serviceName: zpool: dirs:
+        { ... }:
+        { };
     }
   );
 
@@ -41,7 +44,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, lib, pkgs, ... }:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }:
       {
         imports = [
           ../modules/security.nix

tests/fail2ban-jellyfin.nix

@@ -22,7 +22,10 @@ let
 
   testLib = lib.extend (
     final: prev: {
-      serviceMountWithZpool = serviceName: zpool: dirs: { ... }: { };
+      serviceMountWithZpool =
+        serviceName: zpool: dirs:
+        { ... }:
+        { };
       optimizePackage = pkg: pkg; # No-op for testing
     }
   );
@@ -44,7 +47,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, lib, pkgs, ... }:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }:
       {
         imports = [
           ../modules/security.nix

tests/fail2ban-ssh.nix

@@ -13,7 +13,12 @@ let
   securityModule = import ../modules/security.nix;
 
   sshModule =
-    { config, lib, pkgs, ... }:
+    {
+      config,
+      lib,
+      pkgs,
+      ...
+    }:
     {
       imports = [
         (import ../services/ssh.nix {
@@ -28,7 +33,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, lib, pkgs, ... }:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }:
       {
         imports = [
           securityModule
@@ -47,7 +57,10 @@ pkgs.testers.runNixOSTest {
       };
 
     client = {
-      environment.systemPackages = with pkgs; [ sshpass openssh ];
+      environment.systemPackages = with pkgs; [
+        sshpass
+        openssh
+      ];
     };
   };
 

tests/fail2ban-vaultwarden.nix

@@ -20,7 +20,10 @@ let
 
   testLib = lib.extend (
     final: prev: {
-      serviceMountWithZpool = serviceName: zpool: dirs: { ... }: { };
+      serviceMountWithZpool =
+        serviceName: zpool: dirs:
+        { ... }:
+        { };
     }
   );
 
@@ -41,7 +44,12 @@ pkgs.testers.runNixOSTest {
 
   nodes = {
     server =
-      { config, lib, pkgs, ... }:
+      {
+        config,
+        lib,
+        pkgs,
+        ...
+      }:
       {
         imports = [
           ../modules/security.nix