fmt

module.nix

@@ -1,25 +1,25 @@
-{ config
-, lib
-, pkgs
-, ...
+{
+  config,
+  lib,
+  pkgs,
+  ...
 }:
 with lib; let
   cfg = config.services.mitemp;
-  format = pkgs.formats.toml { };
+  format = pkgs.formats.toml {};
   configFile = format.generate "mitemp-config.toml" {
     inherit (cfg) names;
     listen = {
       inherit (cfg) socket;
     };
   };
-in
-{
+in {
   options.services.mitemp = {
     enable = mkEnableOption "mitemp";
 
     names = mkOption {
       type = types.attrs;
-      default = { };
+      default = {};
       description = "Names for mitemp sensors";
     };
 
@@ -45,8 +45,8 @@ in
 
     services.dbus.packages = [cfg.package];
     systemd.services."mitemp" = {
-      wantedBy = [ "multi-user.target" ];
-      after = [ "dbus.service" ];
+      wantedBy = ["multi-user.target"];
+      after = ["dbus.service"];
 
       serviceConfig = {
         ExecStart = "${cfg.package}/bin/mitemp-prometheus ${configFile}";
@@ -68,18 +68,18 @@ in
         ProtectHostname = true;
         LockPersonality = true;
         ProtectKernelTunables = true;
-        RestrictAddressFamilies = [ "AF_UNIX" ];
+        RestrictAddressFamilies = ["AF_UNIX"];
         RuntimeDirectory = "mitemp";
         RestrictRealtime = true;
         ProtectProc = "invisible";
-        SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
+        SystemCallFilter = ["@system-service" "~@resources" "~@privileged"];
         IPAddressDeny = "any";
         PrivateUsers = true;
         ProcSubset = "pid";
         RemoveIPC = true;
         PrivateDevices = true;
         RestrictSUIDSGID = true;
-        BindPaths = [ "/run/dbus" ];
+        BindPaths = ["/run/dbus"];
       };
 
       confinement = {