Use alejandra formatter

author: Linnnus <[email protected]> 2023-10-01 22:43:58 +0200
committer: Linnnus <[email protected]> 2023-10-01 23:08:32 +0200
commit: 7e27f6f2250bd4e0faa5d5e626dce541a8bb22e4 (patch)
tree: 11eb68ec0ae6e1f9cd1f4d7b645cc55e582b1873 /modules/nixos/cloudflare-proxy/default.nix
parent: 241bbaf27ad990d0630b7b48f3e9858e8f42b88f (diff)
1 files changed, 23 insertions, 24 deletions
diff --git a/modules/nixos/cloudflare-proxy/default.nix b/modules/nixos/cloudflare-proxy/default.nix
index 87d3857..216a31d 100644
--- a/modules/nixos/cloudflare-proxy/default.nix
+++ b/modules/nixos/cloudflare-proxy/default.nix
@@ -1,38 +1,37 @@
 # This module adds some extra configuration useful when running behid a Cloudflare Proxy.
 #
-
-{ config, lib, pkgs, ... }:
-
-let
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
   inherit (lib) mkEnableOption mkIf;
 
   cfg = config.modules.cloudflare-proxy;
-in
-{
+in {
   options.modules.cloudflare-proxy.enable = mkEnableOption "Cloudflare proxy IP extraction for NGINX";
 
   config = mkIf cfg.enable {
     # Teach NGINX how to extract the proxied IP from proxied requests.
     #
     # See: https://nixos.wiki/wiki/Nginx#Using_realIP_when_behind_CloudFlare_or_other_CDN
-    services.nginx.commonHttpConfig =
-      let
-        realIpsFromList = lib.strings.concatMapStringsSep "\n" (x: "set_real_ip_from  ${x};");
-        fileToList = x: lib.strings.splitString "\n" (builtins.readFile x);
-        cfipv4 = fileToList (pkgs.fetchurl {
-          url = "https://www.cloudflare.com/ips-v4";
-          sha256 = "0ywy9sg7spafi3gm9q5wb59lbiq0swvf0q3iazl0maq1pj1nsb7h";
-        });
-        cfipv6 = fileToList (pkgs.fetchurl {
-          url = "https://www.cloudflare.com/ips-v6";
-          sha256 = "1ad09hijignj6zlqvdjxv7rjj8567z357zfavv201b9vx3ikk7cy";
-        });
-      in
-      ''
-        ${realIpsFromList cfipv4}
-        ${realIpsFromList cfipv6}
-        real_ip_header CF-Connecting-IP;
-      '';
+    services.nginx.commonHttpConfig = let
+      realIpsFromList = lib.strings.concatMapStringsSep "\n" (x: "set_real_ip_from  ${x};");
+      fileToList = x: lib.strings.splitString "\n" (builtins.readFile x);
+      cfipv4 = fileToList (pkgs.fetchurl {
+        url = "https://www.cloudflare.com/ips-v4";
+        sha256 = "0ywy9sg7spafi3gm9q5wb59lbiq0swvf0q3iazl0maq1pj1nsb7h";
+      });
+      cfipv6 = fileToList (pkgs.fetchurl {
+        url = "https://www.cloudflare.com/ips-v6";
+        sha256 = "1ad09hijignj6zlqvdjxv7rjj8567z357zfavv201b9vx3ikk7cy";
+      });
+    in ''
+      ${realIpsFromList cfipv4}
+      ${realIpsFromList cfipv6}
+      real_ip_header CF-Connecting-IP;
+    '';
 
     # TODO: Only allow incomming HTTP{,S} requests from non-Cloudflare IPs.
   };
author	Linnnus <[email protected]>	2023-10-01 22:43:58 +0200
committer	Linnnus <[email protected]>	2023-10-01 23:08:32 +0200
commit	7e27f6f2250bd4e0faa5d5e626dce541a8bb22e4 (patch)
tree	11eb68ec0ae6e1f9cd1f4d7b645cc55e582b1873 /modules/nixos/cloudflare-proxy/default.nix
parent	241bbaf27ad990d0630b7b48f3e9858e8f42b88f (diff)