From 7e27f6f2250bd4e0faa5d5e626dce541a8bb22e4 Mon Sep 17 00:00:00 2001
From: Linnnus <linnnus@users.noreply.github.com>
Date: Sun, 1 Oct 2023 22:43:58 +0200
Subject: Use alejandra formatter

---
 modules/nixos/cloudflare-proxy/default.nix | 47 +++++++++++++++---------------
 1 file changed, 23 insertions(+), 24 deletions(-)

(limited to 'modules/nixos/cloudflare-proxy')

diff --git a/modules/nixos/cloudflare-proxy/default.nix b/modules/nixos/cloudflare-proxy/default.nix
index 87d3857..216a31d 100644
--- a/modules/nixos/cloudflare-proxy/default.nix
+++ b/modules/nixos/cloudflare-proxy/default.nix
@@ -1,38 +1,37 @@
 # This module adds some extra configuration useful when running behid a Cloudflare Proxy.
 #
-
-{ config, lib, pkgs, ... }:
-
-let
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
   inherit (lib) mkEnableOption mkIf;
 
   cfg = config.modules.cloudflare-proxy;
-in
-{
+in {
   options.modules.cloudflare-proxy.enable = mkEnableOption "Cloudflare proxy IP extraction for NGINX";
 
   config = mkIf cfg.enable {
     # Teach NGINX how to extract the proxied IP from proxied requests.
     #
     # See: https://nixos.wiki/wiki/Nginx#Using_realIP_when_behind_CloudFlare_or_other_CDN
-    services.nginx.commonHttpConfig =
-      let
-        realIpsFromList = lib.strings.concatMapStringsSep "\n" (x: "set_real_ip_from  ${x};");
-        fileToList = x: lib.strings.splitString "\n" (builtins.readFile x);
-        cfipv4 = fileToList (pkgs.fetchurl {
-          url = "https://www.cloudflare.com/ips-v4";
-          sha256 = "0ywy9sg7spafi3gm9q5wb59lbiq0swvf0q3iazl0maq1pj1nsb7h";
-        });
-        cfipv6 = fileToList (pkgs.fetchurl {
-          url = "https://www.cloudflare.com/ips-v6";
-          sha256 = "1ad09hijignj6zlqvdjxv7rjj8567z357zfavv201b9vx3ikk7cy";
-        });
-      in
-      ''
-        ${realIpsFromList cfipv4}
-        ${realIpsFromList cfipv6}
-        real_ip_header CF-Connecting-IP;
-      '';
+    services.nginx.commonHttpConfig = let
+      realIpsFromList = lib.strings.concatMapStringsSep "\n" (x: "set_real_ip_from  ${x};");
+      fileToList = x: lib.strings.splitString "\n" (builtins.readFile x);
+      cfipv4 = fileToList (pkgs.fetchurl {
+        url = "https://www.cloudflare.com/ips-v4";
+        sha256 = "0ywy9sg7spafi3gm9q5wb59lbiq0swvf0q3iazl0maq1pj1nsb7h";
+      });
+      cfipv6 = fileToList (pkgs.fetchurl {
+        url = "https://www.cloudflare.com/ips-v6";
+        sha256 = "1ad09hijignj6zlqvdjxv7rjj8567z357zfavv201b9vx3ikk7cy";
+      });
+    in ''
+      ${realIpsFromList cfipv4}
+      ${realIpsFromList cfipv6}
+      real_ip_header CF-Connecting-IP;
+    '';
 
     # TODO: Only allow incomming HTTP{,S} requests from non-Cloudflare IPs.
   };
-- 
cgit v1.2.3