From 393e92fe144d84599595cba47e5dd4846c1006b3 Mon Sep 17 00:00:00 2001
From: nyanloutre <paul@nyanlout.re>
Date: Wed, 23 Apr 2025 11:15:31 +0200
Subject: [PATCH] global reformat with treefmt

---
 flake.nix                                     | 143 +++---
 pkgs/watcharr/default.nix                     |  21 +-
 systems/ASUS-G46VW/configuration.nix          |  18 +-
 systems/ASUS-G46VW/hardware-configuration.nix |  43 +-
 systems/LoutreOS/configuration.nix            |  12 +-
 systems/LoutreOS/hardware-configuration.nix   | 294 ++++++------
 systems/LoutreOS/medias.nix                   |   8 +-
 systems/LoutreOS/monitoring.nix               |  62 ++-
 systems/LoutreOS/network.nix                  | 426 ++++++++++--------
 systems/LoutreOS/services.nix                 |  63 ++-
 systems/LoutreOS/users.nix                    |  24 +-
 systems/LoutreOS/web.nix                      | 409 +++++++++--------
 systems/PC-Fixe/configuration.nix             |  31 +-
 systems/PC-Fixe/hardware-configuration.nix    |  75 +--
 systems/common-cli.nix                        |  39 +-
 systems/common-gui.nix                        |  34 +-
 treefmt.toml                                  |   3 +
 17 files changed, 979 insertions(+), 726 deletions(-)
 create mode 100644 treefmt.toml

diff --git a/flake.nix b/flake.nix
index 3654010..4efa9e8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -21,81 +21,88 @@
     };
   };
 
-  outputs = {
-    self,
-    nixpkgs,
-    nixpkgs-unstable,
-    nixpkgs-4a3fc4cf7,
-    simple-nixos-mailserver,
-    dogetipbot-telegram,
-    ipmihddtemp
-  }@inputs: {
+  outputs =
+    {
+      self,
+      nixpkgs,
+      nixpkgs-unstable,
+      nixpkgs-4a3fc4cf7,
+      simple-nixos-mailserver,
+      dogetipbot-telegram,
+      ipmihddtemp,
+    }@inputs:
+    {
 
-    packages.x86_64-linux = (import ./pkgs nixpkgs.legacyPackages.x86_64-linux);
+      packages.x86_64-linux = (import ./pkgs nixpkgs.legacyPackages.x86_64-linux);
 
-    nixosConfigurations.paul-fixe = nixpkgs-unstable.lib.nixosSystem {
-      system = "x86_64-linux";
-      modules = [
-        nixpkgs-unstable.nixosModules.notDetected
-        {
-          nixpkgs.config.allowUnfree = true;
-          nix = {
-            settings.experimental-features = [ "nix-command" "flakes" ];
-            registry = {
-              nixpkgs.to = {
-                type = "path";
-                path = nixpkgs-unstable.legacyPackages.x86_64-linux.path;
+      nixosConfigurations.paul-fixe = nixpkgs-unstable.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          nixpkgs-unstable.nixosModules.notDetected
+          {
+            nixpkgs.config.allowUnfree = true;
+            nix = {
+              settings.experimental-features = [
+                "nix-command"
+                "flakes"
+              ];
+              registry = {
+                nixpkgs.to = {
+                  type = "path";
+                  path = nixpkgs-unstable.legacyPackages.x86_64-linux.path;
+                };
               };
             };
-          };
-        }
-        ./systems/PC-Fixe/configuration.nix
-      ];
-    };
-
-    nixosConfigurations.loutreos = nixpkgs.lib.nixosSystem rec {
-      system = "x86_64-linux";
-      specialArgs = {
-        inputs = inputs;
-        pkgs-4a3fc4cf7 = import nixpkgs-4a3fc4cf7 {
-          inherit system;
-        };
+          }
+          ./systems/PC-Fixe/configuration.nix
+        ];
       };
-      modules = [
-        nixpkgs-unstable.nixosModules.notDetected
-        simple-nixos-mailserver.nixosModule
-        dogetipbot-telegram.nixosModule
-        ipmihddtemp.nixosModule
-        {
-          nix = {
-            settings.experimental-features = [ "nix-command" "flakes" ];
-            registry = {
-              nixpkgs.to = {
-                type = "path";
-                path = nixpkgs.legacyPackages.x86_64-linux.path;
+
+      nixosConfigurations.loutreos = nixpkgs.lib.nixosSystem rec {
+        system = "x86_64-linux";
+        specialArgs = {
+          inputs = inputs;
+          pkgs-4a3fc4cf7 = import nixpkgs-4a3fc4cf7 {
+            inherit system;
+          };
+        };
+        modules = [
+          nixpkgs-unstable.nixosModules.notDetected
+          simple-nixos-mailserver.nixosModule
+          dogetipbot-telegram.nixosModule
+          ipmihddtemp.nixosModule
+          {
+            nix = {
+              settings.experimental-features = [
+                "nix-command"
+                "flakes"
+              ];
+              registry = {
+                nixpkgs.to = {
+                  type = "path";
+                  path = nixpkgs.legacyPackages.x86_64-linux.path;
+                };
               };
             };
-          };
-          systemd.services.watcharr = {
-            description = "Watcharr";
-            after = [ "network.target" ];
-            environment = {
-              PORT = "3005";
-              WATCHARR_DATA = "/var/lib/watcharr";
+            systemd.services.watcharr = {
+              description = "Watcharr";
+              after = [ "network.target" ];
+              environment = {
+                PORT = "3005";
+                WATCHARR_DATA = "/var/lib/watcharr";
+              };
+              serviceConfig = {
+                DynamicUser = true;
+                StateDirectory = "watcharr";
+                ExecStart = "${self.packages.x86_64-linux.watcharr}/bin/Watcharr";
+                PrivateTmp = true;
+              };
+              wantedBy = [ "multi-user.target" ];
             };
-            serviceConfig = {
-              DynamicUser = true;
-              StateDirectory = "watcharr";
-              ExecStart = "${self.packages.x86_64-linux.watcharr}/bin/Watcharr";
-              PrivateTmp = true;
-            };
-            wantedBy = [ "multi-user.target" ];
-          };
-        }
-        ./systems/LoutreOS/configuration.nix
-      ];
+          }
+          ./systems/LoutreOS/configuration.nix
+        ];
+      };
+
     };
-
-  };
 }
-
diff --git a/pkgs/watcharr/default.nix b/pkgs/watcharr/default.nix
index 23422d7..dc3cbd0 100644
--- a/pkgs/watcharr/default.nix
+++ b/pkgs/watcharr/default.nix
@@ -1,13 +1,14 @@
-{ lib
-, pkgs
-, buildGoModule
-, fetchFromGitHub
-, buildNpmPackage
-, nixosTests
-, caddy
-, testers
-, installShellFiles
-, stdenv
+{
+  lib,
+  pkgs,
+  buildGoModule,
+  fetchFromGitHub,
+  buildNpmPackage,
+  nixosTests,
+  caddy,
+  testers,
+  installShellFiles,
+  stdenv,
 }:
 
 let
diff --git a/systems/ASUS-G46VW/configuration.nix b/systems/ASUS-G46VW/configuration.nix
index 3f30d96..4ae46d8 100644
--- a/systems/ASUS-G46VW/configuration.nix
+++ b/systems/ASUS-G46VW/configuration.nix
@@ -5,12 +5,11 @@
 { config, pkgs, ... }:
 
 {
-  imports =
-    [
-      ../common-cli.nix
-      ../common-gui.nix
-      ./hardware-configuration.nix
-    ];
+  imports = [
+    ../common-cli.nix
+    ../common-gui.nix
+    ./hardware-configuration.nix
+  ];
 
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -56,7 +55,12 @@
   users.extraUsers.paul = {
     isNormalUser = true;
     uid = 1000;
-    extraGroups = [ "wheel" "networkmanager" "wireshark" "dialout" ];
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "wireshark"
+      "dialout"
+    ];
   };
 
   services.syncthing.enable = true;
diff --git a/systems/ASUS-G46VW/hardware-configuration.nix b/systems/ASUS-G46VW/hardware-configuration.nix
index 19c994e..e1590ef 100644
--- a/systems/ASUS-G46VW/hardware-configuration.nix
+++ b/systems/ASUS-G46VW/hardware-configuration.nix
@@ -1,14 +1,25 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 {
-  imports =
-    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
-    ];
+  imports = [
+    <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+  ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ehci_pci"
+    "ahci"
+    "usb_storage"
+    "sd_mod"
+  ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
@@ -19,19 +30,19 @@
   hardware.nvidia.optimus_prime.nvidiaBusId = "PCI:1:0:0";
   hardware.nvidia.optimus_prime.intelBusId = "PCI:0:2:0";
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/7bd3a09b-b188-4ce7-bdcc-d5c5087edc86";
-      fsType = "ext4";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/7bd3a09b-b188-4ce7-bdcc-d5c5087edc86";
+    fsType = "ext4";
+  };
 
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/A25A-1786";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/A25A-1786";
+    fsType = "vfat";
+  };
 
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/156cd5e8-715c-48a5-9df4-14565227a6c9"; }
-    ];
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/156cd5e8-715c-48a5-9df4-14565227a6c9"; }
+  ];
 
   nix.maxJobs = lib.mkDefault 8;
   powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix
index 001dfb7..2e49dde 100644
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@@ -1,4 +1,9 @@
-{ config, pkgs, inputs, ... }:
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}:
 
 {
   imports = [
@@ -9,7 +14,10 @@
     ./services.nix
   ];
 
-  nix.settings.trusted-users = [ "root" "paul" ];
+  nix.settings.trusted-users = [
+    "root"
+    "paul"
+  ];
 
   boot = {
     loader = {
diff --git a/systems/LoutreOS/hardware-configuration.nix b/systems/LoutreOS/hardware-configuration.nix
index 720b883..5421ad0 100644
--- a/systems/LoutreOS/hardware-configuration.nix
+++ b/systems/LoutreOS/hardware-configuration.nix
@@ -1,190 +1,202 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 {
-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [
+    "ahci"
+    "xhci_pci"
+    "nvme"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+    "sr_mod"
+  ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/fec13566-5528-4859-b185-ce37ac2665eb";
-      fsType = "ext4";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/fec13566-5528-4859-b185-ce37ac2665eb";
+    fsType = "ext4";
+  };
 
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/5306-AD9A";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/5306-AD9A";
+    fsType = "vfat";
+  };
 
-  fileSystems."/var/lib/acme" =
-    { device = "loutrepool/var/acme";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/acme" = {
+    device = "loutrepool/var/acme";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/certs" =
-    { device = "loutrepool/var/certs";
-      fsType = "zfs";
-    };
+  fileSystems."/var/certs" = {
+    device = "loutrepool/var/certs";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/transmission" =
-    { device = "loutrepool/var/transmission";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/transmission" = {
+    device = "loutrepool/var/transmission";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/matrix-synapse" =
-    { device = "loutrepool/var/matrix-synapse";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/matrix-synapse" = {
+    device = "loutrepool/var/matrix-synapse";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/radarr" =
-    { device = "loutrepool/var/radarr";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/radarr" = {
+    device = "loutrepool/var/radarr";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/grafana" =
-    { device = "loutrepool/var/grafana";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/grafana" = {
+    device = "loutrepool/var/grafana";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/slimserver" =
-    { device = "loutrepool/var/slimserver";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/slimserver" = {
+    device = "loutrepool/var/slimserver";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/db/influxdb" =
-    { device = "loutrepool/var/influxdb";
-      fsType = "zfs";
-    };
+  fileSystems."/var/db/influxdb" = {
+    device = "loutrepool/var/influxdb";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/postgresql" =
-    { device = "loutrepool/var/postgresql";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/postgresql" = {
+    device = "loutrepool/var/postgresql";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/syncthing" =
-    { device = "loutrepool/var/syncthing";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/syncthing" = {
+    device = "loutrepool/var/syncthing";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/medias/incomplete" =
-    { device = "loutrepool/torrent-dl";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/medias/incomplete" = {
+    device = "loutrepool/torrent-dl";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/medias" =
-    { device = "loutrepool/medias";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/medias" = {
+    device = "loutrepool/medias";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/sieve" =
-    { device = "loutrepool/var/sieve";
-      fsType = "zfs";
-    };
+  fileSystems."/var/sieve" = {
+    device = "loutrepool/var/sieve";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/vmail" =
-    { device = "loutrepool/var/vmail";
-      fsType = "zfs";
-    };
+  fileSystems."/var/vmail" = {
+    device = "loutrepool/var/vmail";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/sonarr" =
-    { device = "loutrepool/var/sonarr";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/sonarr" = {
+    device = "loutrepool/var/sonarr";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/jackett" =
-    { device = "loutrepool/var/jackett";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/jackett" = {
+    device = "loutrepool/var/jackett";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/gitea" =
-    { device = "loutrepool/var/gitea";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/gitea" = {
+    device = "loutrepool/var/gitea";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/private/sdtdserver" =
-    { device = "loutrepool/var/sdtdserver";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/private/sdtdserver" = {
+    device = "loutrepool/var/sdtdserver";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/private/factorio" =
-    { device = "loutrepool/var/factorio";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/private/factorio" = {
+    device = "loutrepool/var/factorio";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/dkim" =
-    { device = "loutrepool/var/dkim";
-      fsType = "zfs";
-    };
+  fileSystems."/var/dkim" = {
+    device = "loutrepool/var/dkim";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/vsftpd" =
-    { device = "loutrepool/var/vsftpd";
-      fsType = "zfs";
-    };
+  fileSystems."/var/vsftpd" = {
+    device = "loutrepool/var/vsftpd";
+    fsType = "zfs";
+  };
 
   # fileSystems."/mnt/backup" =
   #   { device = "backup";
   #     fsType = "zfs";
   #   };
 
-  fileSystems."/mnt/backup_loutre" =
-    { device = "loutrepool/backup";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/backup_loutre" = {
+    device = "loutrepool/backup";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/secrets" =
-    { device = "loutrepool/secrets";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/secrets" = {
+    device = "loutrepool/secrets";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/minecraft" =
-    { device = "loutrepool/var/minecraft";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/minecraft" = {
+    device = "loutrepool/var/minecraft";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/www" =
-    { device = "loutrepool/var/www";
-      fsType = "zfs";
-    };
+  fileSystems."/var/www" = {
+    device = "loutrepool/var/www";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/mastodon" =
-    { device = "loutrepool/var/mastodon";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/mastodon" = {
+    device = "loutrepool/var/mastodon";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/hass" =
-    { device = "loutrepool/var/hass";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/hass" = {
+    device = "loutrepool/var/hass";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/nextcloud" =
-    { device = "loutrepool/var/nextcloud";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/nextcloud" = {
+    device = "loutrepool/var/nextcloud";
+    fsType = "zfs";
+  };
 
-  fileSystems."/var/lib/private/photoprism" =
-    { device = "loutrepool/var/photoprism";
-      fsType = "zfs";
-    };
+  fileSystems."/var/lib/private/photoprism" = {
+    device = "loutrepool/var/photoprism";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/paul-home" =
-    { device = "loutrepool/zfs-replicate/paul-fixe/fastaf/home";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/paul-home" = {
+    device = "loutrepool/zfs-replicate/paul-fixe/fastaf/home";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/webdav" =
-    { device = "loutrepool/webdav";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/webdav" = {
+    device = "loutrepool/webdav";
+    fsType = "zfs";
+  };
 
-  swapDevices =
-    [
-      {
-        device = "/var/swapfile";
-        size = 8096;
-      }
-    ];
+  swapDevices = [
+    {
+      device = "/var/swapfile";
+      size = 8096;
+    }
+  ];
 
   nix.settings.max-jobs = lib.mkDefault 4;
   powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
diff --git a/systems/LoutreOS/medias.nix b/systems/LoutreOS/medias.nix
index fdd6518..f8a5a55 100644
--- a/systems/LoutreOS/medias.nix
+++ b/systems/LoutreOS/medias.nix
@@ -1,4 +1,10 @@
-{ config, lib, pkgs, pkgs-4a3fc4cf7, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  pkgs-4a3fc4cf7,
+  ...
+}:
 
 {
   services = {
diff --git a/systems/LoutreOS/monitoring.nix b/systems/LoutreOS/monitoring.nix
index e02a4fa..27b721e 100644
--- a/systems/LoutreOS/monitoring.nix
+++ b/systems/LoutreOS/monitoring.nix
@@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 let
   domaine = "nyanlout.re";
@@ -23,28 +28,44 @@ in
       enable = true;
       extraConfig = {
         inputs = {
-          zfs = { poolMetrics = true; };
-          net = { interfaces = [ "eno1" "eno2" "eno3" "eno4" ]; };
-          netstat = {};
-          cpu = { totalcpu = true; };
-          kernel = {};
-          mem = {};
-          processes = {};
-          system = {};
-          disk = {};
+          zfs = {
+            poolMetrics = true;
+          };
+          net = {
+            interfaces = [
+              "eno1"
+              "eno2"
+              "eno3"
+              "eno4"
+            ];
+          };
+          netstat = { };
+          cpu = {
+            totalcpu = true;
+          };
+          kernel = { };
+          mem = { };
+          processes = { };
+          system = { };
+          disk = { };
           cgroup = [
             {
               paths = [
                 "/sys/fs/cgroup/system.slice/*"
               ];
-              files = ["memory.current" "cpu.stat"];
+              files = [
+                "memory.current"
+                "cpu.stat"
+              ];
             }
           ];
-          ipmi_sensor = { path = "${pkgs.ipmitool}/bin/ipmitool"; };
+          ipmi_sensor = {
+            path = "${pkgs.ipmitool}/bin/ipmitool";
+          };
           smart = {
             path = "${pkgs.writeShellScriptBin "smartctl" "/run/wrappers/bin/sudo ${pkgs.smartmontools}/bin/smartctl $@"}/bin/smartctl";
           };
-          exec= [
+          exec = [
             {
               commands = [
                 "${pkgs.python3}/bin/python ${pkgs.writeText "zpool.py" ''
@@ -76,7 +97,10 @@ in
           ];
         };
         outputs = {
-          influxdb = { database = "telegraf"; urls = [ "http://localhost:8086" ]; };
+          influxdb = {
+            database = "telegraf";
+            urls = [ "http://localhost:8086" ];
+          };
         };
       };
     };
@@ -122,6 +146,14 @@ in
   };
 
   security.sudo.extraRules = [
-    { commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; }
+    {
+      commands = [
+        {
+          command = "${pkgs.smartmontools}/bin/smartctl";
+          options = [ "NOPASSWD" ];
+        }
+      ];
+      users = [ "telegraf" ];
+    }
   ];
 }
diff --git a/systems/LoutreOS/network.nix b/systems/LoutreOS/network.nix
index 1545a79..80ae72a 100644
--- a/systems/LoutreOS/network.nix
+++ b/systems/LoutreOS/network.nix
@@ -1,4 +1,9 @@
-{ config, pkgs, inputs, ... }:
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}:
 
 {
   boot = {
@@ -52,7 +57,10 @@
       };
       eno2 = {
         ipv4.addresses = [
-          { address = "10.30.0.1"; prefixLength = 16; }
+          {
+            address = "10.30.0.1";
+            prefixLength = 16;
+          }
         ];
       };
       enp0s21u1.useDHCP = true;
@@ -110,18 +118,31 @@
 
     firewall = {
       enable = true;
-      allowedTCPPorts = [ 80 443 ];
+      allowedTCPPorts = [
+        80
+        443
+      ];
       allowedUDPPorts = [ ];
 
       # Open ports on local netwok only
       interfaces.eno2 = {
         allowedTCPPorts = [
-          111 2049 4000 4001 4002 # NFS
-          3483 9000 9090 # Slimserver
+          111
+          2049
+          4000
+          4001
+          4002 # NFS
+          3483
+          9000
+          9090 # Slimserver
           1935 # RTMP
         ];
         allowedUDPPorts = [
-          111 2049 4000 4001 4002 # NFS
+          111
+          2049
+          4000
+          4001
+          4002 # NFS
           3483 # Slimserver
           67 # DHCP
         ];
@@ -142,8 +163,8 @@
     };
     serviceConfig = {
       LoadCredential = [
-          "network.wireguard.private.wg0:/mnt/secrets/wireguard/wireguard.private"
-          "network.wireguard.preshared.wg0:/mnt/secrets/wireguard/wireguard.preshared"
+        "network.wireguard.private.wg0:/mnt/secrets/wireguard/wireguard.private"
+        "network.wireguard.preshared.wg0:/mnt/secrets/wireguard/wireguard.preshared"
       ];
     };
   };
@@ -162,204 +183,209 @@
   # 51000:  from all lookup fiber                # first table encountered with a default route if fiber is up
   # 52000:  from all lookup lte                  # first table encountered with a default route if fiber is down
 
-  systemd.network = let
-    routeTables = {
-      fiber = 1;
-      lte = 2; 
-      vpn = 3;
-    };
-  in {
-    enable = true;
-
-    config = {
-      inherit routeTables;
-      addRouteTablesToIPRoute2 = true;
-    };
-
-    # Wireguard ARN device configuation
-    netdevs = {
-      "10-wg0" = {
-        netdevConfig = {
-          Kind = "wireguard";
-          Name = "wg0";
-          MTUBytes = "1450";
-        };
-        wireguardConfig = {
-          PrivateKey = "@network.wireguard.private.wg0";
-          RouteTable = routeTables.vpn;
-        };
-        wireguardPeers = [
-          {
-            Endpoint = "89.234.141.83:8095";
-            PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
-            PresharedKey = "@network.wireguard.preshared.wg0";
-            AllowedIPs = ["0.0.0.0/0" "::/0"];
-            PersistentKeepalive = 15;
-          }
-        ];
+  systemd.network =
+    let
+      routeTables = {
+        fiber = 1;
+        lte = 2;
+        vpn = 3;
       };
-    };
+    in
+    {
+      enable = true;
 
-    networks = {
-      #########
-      # FIBER #
-      #########
-
-      # Set route metric to highest priority
-      # Set DHCP client magic settings for Bouygues
-      "40-bouygues" = {
-        dhcpV4Config.RouteTable = routeTables.fiber;
-
-        dhcpV6Config = {
-          DUIDRawData = "00:03:00:01:E8:AD:A6:21:73:68";
-          WithoutRA = "solicit";
-        };
-
-        ipv6AcceptRAConfig = {
-          DHCPv6Client = true;
-          RouteTable = routeTables.fiber;
-        };
-
-        networkConfig = {
-          KeepConfiguration = "dhcp-on-stop";
-          IPv6AcceptRA = true;
-          DHCPPrefixDelegation = true;
-        };
-
-        # Static attribution of first IPv6 subnet
-        dhcpPrefixDelegationConfig.SubnetId = "0";
-
-        # Route everything to fiber link with a priority of 40000
-        routingPolicyRules = [
-          {
-            FirewallMark = 1;
-            Table = routeTables.fiber;
-            Priority = 41000;
-            Family = "both";
-          }
-          {
-            Table = routeTables.fiber;
-            Priority = 51000;
-            Family = "both";
-          }
-        ];
+      config = {
+        inherit routeTables;
+        addRouteTablesToIPRoute2 = true;
       };
 
-      # Don't check VLAN physical interface as it is not directly used
-      "40-eno1".linkConfig.RequiredForOnline = "no";
-
-      #######
-      # LTE #
-      #######
-
-      # Set LTE route to lower priority
-      "40-enp0s21u1" = {
-        dhcpV4Config.RouteTable = routeTables.lte;
-
-        # Route all to lte link with a priority of 50000
-        routingPolicyRules = [
-          {
-            FirewallMark = 2;
-            Table = routeTables.lte;
-            Priority = 42000;
-            Family = "both";
-          }
-          {
-            Table = routeTables.lte;
-            Priority = 52000;
-            Family = "both";
-          }
-        ];
-      };
-
-      #######
-      # VPN #
-      #######
-
-      # Wireguard ARN network configuation
-      "10-wg0" = {
-        matchConfig.Name = "wg0";
-        address = [
-          "89.234.141.196/32"
-          "2a00:5881:8119:400::1/128"
-        ];
-        routingPolicyRules = [
-          # Route outgoing emails to VPN table
-          {
-            IncomingInterface = "lo";
-            DestinationPort = "25";
-            Table = routeTables.vpn;
-            Priority = 60;
-            Family = "both";
-          }
-          # Route packets originating from wg0 device to VPN table
-          # Allow server to respond on the wg0 interface requests
-          {
-            FirewallMark = 3;
-            Table = routeTables.vpn;
-            Priority = 43000;
-            Family = "both";
-          }
-        ];
-      };
-
-      #######
-      # LAN #
-      #######
-
-      # LAN DHCP server config
-      "40-eno2" = {
-        networkConfig = {
-          IPv6SendRA = true;
-          DHCPPrefixDelegation = true;
-          DHCPServer = true;
-          IPMasquerade = "ipv4";
-        };
-        dhcpServerConfig = {
-          EmitRouter = true;
-          EmitDNS = true;
-          DNS = [
-            # https://www.dns0.eu/fr
-            "193.110.81.0"
-            "185.253.5.0"
-          ];
-        };
-        dhcpServerStaticLeases = [
-          # IPMI
-          {
-            Address = "10.30.1.1";
-            MACAddress = "ac:1f:6b:4b:01:15";
-          }
-          # paul-fixe
-          {
-            Address = "10.30.50.1";
-            MACAddress = "b4:2e:99:ed:24:26";
-          }
-          # salonled
-          {
-            Address = "10.30.40.1";
-            MACAddress = "e0:98:06:85:e9:ce";
-          }
-          # miroir-bleu
-          {
-            Address = "10.30.40.2";
-            MACAddress = "e0:98:06:86:38:fc";
-          }
-          # miroir-orange
-          {
-            Address = "10.30.40.3";
-            MACAddress = "50:02:91:78:be:be";
-          }
-        ];
-        ipv6SendRAConfig = {
-          EmitDNS = true;
-          DNS = [
-            # https://www.dns0.eu/fr
-            "2a0f:fc80::"
-            "2a0f:fc81::"
+      # Wireguard ARN device configuation
+      netdevs = {
+        "10-wg0" = {
+          netdevConfig = {
+            Kind = "wireguard";
+            Name = "wg0";
+            MTUBytes = "1450";
+          };
+          wireguardConfig = {
+            PrivateKey = "@network.wireguard.private.wg0";
+            RouteTable = routeTables.vpn;
+          };
+          wireguardPeers = [
+            {
+              Endpoint = "89.234.141.83:8095";
+              PublicKey = "t3+JkBfXI1uw8fa9P6JfxXJfTPm9cOHcgIN215UHg2g=";
+              PresharedKey = "@network.wireguard.preshared.wg0";
+              AllowedIPs = [
+                "0.0.0.0/0"
+                "::/0"
+              ];
+              PersistentKeepalive = 15;
+            }
           ];
         };
       };
+
+      networks = {
+        #########
+        # FIBER #
+        #########
+
+        # Set route metric to highest priority
+        # Set DHCP client magic settings for Bouygues
+        "40-bouygues" = {
+          dhcpV4Config.RouteTable = routeTables.fiber;
+
+          dhcpV6Config = {
+            DUIDRawData = "00:03:00:01:E8:AD:A6:21:73:68";
+            WithoutRA = "solicit";
+          };
+
+          ipv6AcceptRAConfig = {
+            DHCPv6Client = true;
+            RouteTable = routeTables.fiber;
+          };
+
+          networkConfig = {
+            KeepConfiguration = "dhcp-on-stop";
+            IPv6AcceptRA = true;
+            DHCPPrefixDelegation = true;
+          };
+
+          # Static attribution of first IPv6 subnet
+          dhcpPrefixDelegationConfig.SubnetId = "0";
+
+          # Route everything to fiber link with a priority of 40000
+          routingPolicyRules = [
+            {
+              FirewallMark = 1;
+              Table = routeTables.fiber;
+              Priority = 41000;
+              Family = "both";
+            }
+            {
+              Table = routeTables.fiber;
+              Priority = 51000;
+              Family = "both";
+            }
+          ];
+        };
+
+        # Don't check VLAN physical interface as it is not directly used
+        "40-eno1".linkConfig.RequiredForOnline = "no";
+
+        #######
+        # LTE #
+        #######
+
+        # Set LTE route to lower priority
+        "40-enp0s21u1" = {
+          dhcpV4Config.RouteTable = routeTables.lte;
+
+          # Route all to lte link with a priority of 50000
+          routingPolicyRules = [
+            {
+              FirewallMark = 2;
+              Table = routeTables.lte;
+              Priority = 42000;
+              Family = "both";
+            }
+            {
+              Table = routeTables.lte;
+              Priority = 52000;
+              Family = "both";
+            }
+          ];
+        };
+
+        #######
+        # VPN #
+        #######
+
+        # Wireguard ARN network configuation
+        "10-wg0" = {
+          matchConfig.Name = "wg0";
+          address = [
+            "89.234.141.196/32"
+            "2a00:5881:8119:400::1/128"
+          ];
+          routingPolicyRules = [
+            # Route outgoing emails to VPN table
+            {
+              IncomingInterface = "lo";
+              DestinationPort = "25";
+              Table = routeTables.vpn;
+              Priority = 60;
+              Family = "both";
+            }
+            # Route packets originating from wg0 device to VPN table
+            # Allow server to respond on the wg0 interface requests
+            {
+              FirewallMark = 3;
+              Table = routeTables.vpn;
+              Priority = 43000;
+              Family = "both";
+            }
+          ];
+        };
+
+        #######
+        # LAN #
+        #######
+
+        # LAN DHCP server config
+        "40-eno2" = {
+          networkConfig = {
+            IPv6SendRA = true;
+            DHCPPrefixDelegation = true;
+            DHCPServer = true;
+            IPMasquerade = "ipv4";
+          };
+          dhcpServerConfig = {
+            EmitRouter = true;
+            EmitDNS = true;
+            DNS = [
+              # https://www.dns0.eu/fr
+              "193.110.81.0"
+              "185.253.5.0"
+            ];
+          };
+          dhcpServerStaticLeases = [
+            # IPMI
+            {
+              Address = "10.30.1.1";
+              MACAddress = "ac:1f:6b:4b:01:15";
+            }
+            # paul-fixe
+            {
+              Address = "10.30.50.1";
+              MACAddress = "b4:2e:99:ed:24:26";
+            }
+            # salonled
+            {
+              Address = "10.30.40.1";
+              MACAddress = "e0:98:06:85:e9:ce";
+            }
+            # miroir-bleu
+            {
+              Address = "10.30.40.2";
+              MACAddress = "e0:98:06:86:38:fc";
+            }
+            # miroir-orange
+            {
+              Address = "10.30.40.3";
+              MACAddress = "50:02:91:78:be:be";
+            }
+          ];
+          ipv6SendRAConfig = {
+            EmitDNS = true;
+            DNS = [
+              # https://www.dns0.eu/fr
+              "2a0f:fc80::"
+              "2a0f:fc81::"
+            ];
+          };
+        };
+      };
     };
-  };
 }
diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix
index 2b49fa9..967130c 100644
--- a/systems/LoutreOS/services.nix
+++ b/systems/LoutreOS/services.nix
@@ -1,17 +1,24 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 with lib;
 
 let
   domaine = "nyanlout.re";
 
-  sendMail = to: subject: message: pkgs.writeShellScriptBin "mail.sh" ''
-    ${pkgs.system-sendmail}/bin/sendmail ${to} <<EOF
-    From: root@nyanlout.re
-    Subject: ${subject}
-    ${message}
-    EOF
-  '';
+  sendMail =
+    to: subject: message:
+    pkgs.writeShellScriptBin "mail.sh" ''
+      ${pkgs.system-sendmail}/bin/sendmail ${to} <<EOF
+      From: root@nyanlout.re
+      Subject: ${subject}
+      ${message}
+      EOF
+    '';
 
   login_mail_alert = pkgs.writeShellScriptBin "mail_alert.sh" ''
     if [ "$PAM_TYPE" != "close_session" ] && [ "$PAM_USER" != "zfspaulfixe" ] && [ "$PAM_USER" != "synology" ] && [ "$PAM_USER" != "rezome" ]; then
@@ -19,7 +26,9 @@ let
     fi
   '';
 
-  backup_mail_alert = sendMail "paul@nyanlout.re" "ERREUR: Sauvegarde Borg" "Impossible de terminer la sauvegarde. Merci de voir les logs";
+  backup_mail_alert =
+    sendMail "paul@nyanlout.re" "ERREUR: Sauvegarde Borg"
+      "Impossible de terminer la sauvegarde. Merci de voir les logs";
 in
 
 {
@@ -128,7 +137,9 @@ in
           "/mnt/paul-home/paul/.cache"
         ];
         repo = "ssh://u306925@u306925.your-storagebox.de:23/./loutreos";
-        environment = { BORG_RSH = "ssh -i /mnt/secrets/hetzner_ssh_key"; };
+        environment = {
+          BORG_RSH = "ssh -i /mnt/secrets/hetzner_ssh_key";
+        };
         encryption = {
           mode = "repokey-blake2";
           passCommand = "cat /mnt/secrets/borgbackup_loutre_encryption_pass";
@@ -154,12 +165,16 @@ in
 
     borgbackup.repos = {
       diskstation = {
-        authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDllbxON66dBju7sMnhX8/E0VRo3+PDYvDsHP0/FK+h8JHol4+pouLmI7KIDKYOJmSuom283OqnyZOMqk+RShTwWIFm9hOd2R9aj45Zrd9jPW2APOCec/Epgogj0bwBnc0l2v6qxkxaBMgL5DnAQ+E00uvL1UQpK8c8j4GGiPlkWJD6Kf+pxmnfH1TIm+J2XCwl0oeCkSK/Frd8eM+wCraMSzoaGiEcfMz2jK8hxDWjDxX7epU0ELF22BVCuyN8cYRoFTnV88E38PlaqsOqD5ePkxk425gDh7j/C06f8QKgnasVH2diixo92kYSd7i/RmfeXDDwAD5xqUvODczEuIdt root@DiskStation" ];
+        authorizedKeys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDllbxON66dBju7sMnhX8/E0VRo3+PDYvDsHP0/FK+h8JHol4+pouLmI7KIDKYOJmSuom283OqnyZOMqk+RShTwWIFm9hOd2R9aj45Zrd9jPW2APOCec/Epgogj0bwBnc0l2v6qxkxaBMgL5DnAQ+E00uvL1UQpK8c8j4GGiPlkWJD6Kf+pxmnfH1TIm+J2XCwl0oeCkSK/Frd8eM+wCraMSzoaGiEcfMz2jK8hxDWjDxX7epU0ELF22BVCuyN8cYRoFTnV88E38PlaqsOqD5ePkxk425gDh7j/C06f8QKgnasVH2diixo92kYSd7i/RmfeXDDwAD5xqUvODczEuIdt root@DiskStation"
+        ];
         path = "/mnt/backup_loutre/diskstation_borg";
         user = "synology";
       };
       minecraft-rezome = {
-        authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc1nGsSesW96k0DPMSt/chjvCrYmfgPgHG1hdUYB5x0pZPdOJaVRIlETWdoFlO+ViviC518B3TF7Qc3oJXPZMchJQl684Nukbc312juf+j9z/KT3dqD8YvKX6o5ynx1Dyq52ftrfkBAEAvzE0OfRljUPbwGBOM0dGRD4R1jbiHquTXpITlbgGTZymbwr4Jr9W9atgf5kHMiX7xOqMZcasDtUE8g+AG4ysHdpjOrBOUM9QeRbVP1bxEFP8xjqOOoET5tbkwektP4B2jaf+EHBPUy2lkwjVEKT6MaSlkJx/wMvUWp25kG9mrXgwUw1bgfOeZIsK6ztcki3l92BJQD9ip shame@minecraft.rezom.eu" ];
+        authorizedKeys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc1nGsSesW96k0DPMSt/chjvCrYmfgPgHG1hdUYB5x0pZPdOJaVRIlETWdoFlO+ViviC518B3TF7Qc3oJXPZMchJQl684Nukbc312juf+j9z/KT3dqD8YvKX6o5ynx1Dyq52ftrfkBAEAvzE0OfRljUPbwGBOM0dGRD4R1jbiHquTXpITlbgGTZymbwr4Jr9W9atgf5kHMiX7xOqMZcasDtUE8g+AG4ysHdpjOrBOUM9QeRbVP1bxEFP8xjqOOoET5tbkwektP4B2jaf+EHBPUy2lkwjVEKT6MaSlkJx/wMvUWp25kG9mrXgwUw1bgfOeZIsK6ztcki3l92BJQD9ip shame@minecraft.rezom.eu"
+        ];
         path = "/mnt/backup_loutre/minecraft_rezome";
         user = "rezome";
       };
@@ -241,7 +256,7 @@ in
         "radio_browser"
       ];
       config = {
-        default_config = {};
+        default_config = { };
         homeassistant = {
           country = "FR";
           latitude = 48.60038;
@@ -290,13 +305,13 @@ in
   systemd = {
     timers."lg-devmode-reset" = {
       wantedBy = [ "timers.target" ];
-        timerConfig = {
-          OnBootSec = "5m";
-          OnUnitActiveSec = "1w";
-        };
+      timerConfig = {
+        OnBootSec = "5m";
+        OnUnitActiveSec = "1w";
+      };
     };
     services = {
-      "borgbackup-job-loutre".serviceConfig.TemporaryFileSystem = ["/mnt/borgsnap"];
+      "borgbackup-job-loutre".serviceConfig.TemporaryFileSystem = [ "/mnt/borgsnap" ];
       "lg-devmode-reset" = {
         script = ''
           ${pkgs.curl}/bin/curl https://developer.lge.com/secure/ResetDevModeSession.dev\?sessionToken\=9f94269da0dc14fd924b65d8dca28b076f931ad1ca04fe7a09ac78cdb0e22cb4
@@ -314,7 +329,9 @@ in
 
   users.groups.nginx.members = [ "matrix-synapse" ];
 
-  security.pam.services.sshd.text = pkgs.lib.mkDefault( pkgs.lib.mkAfter "session optional ${pkgs.pam}/lib/security/pam_exec.so seteuid ${login_mail_alert}/bin/mail_alert.sh" );
+  security.pam.services.sshd.text = pkgs.lib.mkDefault (
+    pkgs.lib.mkAfter "session optional ${pkgs.pam}/lib/security/pam_exec.so seteuid ${login_mail_alert}/bin/mail_alert.sh"
+  );
 
   networking = {
     firewall.interfaces.eno2.allowedTCPPorts = [
@@ -322,11 +339,15 @@ in
     ];
 
     firewall.allowedTCPPorts = [
-      20 21 # FTP
+      20
+      21 # FTP
     ];
 
     firewall.allowedTCPPortRanges = [
-      { from = 64000; to = 65535; } # FTP
+      {
+        from = 64000;
+        to = 65535;
+      } # FTP
     ];
   };
 }
diff --git a/systems/LoutreOS/users.nix b/systems/LoutreOS/users.nix
index bbfdc39..c8372e7 100644
--- a/systems/LoutreOS/users.nix
+++ b/systems/LoutreOS/users.nix
@@ -1,4 +1,9 @@
-{ lib, config, pkgs, ... }:
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
 
 {
   users.users = {
@@ -6,14 +11,19 @@
       uid = 1000;
       isNormalUser = true;
       description = "Paul TREHIOU";
-      extraGroups = [ "wheel" "medias" "transmission" "podman" ];
+      extraGroups = [
+        "wheel"
+        "medias"
+        "transmission"
+        "podman"
+      ];
       openssh.authorizedKeys.keys = [
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAF7VlzHzgg70uFbRFtVTS34qNBke/RD36mRENAsa33RxztxrqMsIDscAD/d6CTe6HDy7MCGzJnWCJSXj5iOQFM4RRMvKNEgCKPHqfhmfVvO4YZuMjNB0ufVf6zhJL4Hy43STf7NIWrenGemUP+OvVSwN/ujgl2KKw4KJZt25/h/7JjlCgsZm4lWg4xcjoiKL701W2fbEoU73XKdbRTgTvKoeK1CGxdAPFefFDFcv/mtJ7d+wIxw9xODcLcA66Bu94WGMdpyEAJc4nF8IOy4pW8AzllDi0qNEZGCQ5+94upnLz0knG1ue9qU2ScAkW1/5rIJTHCVtBnmbLNSAOBAstaGQJuSL40TWZ1oPA5i1qUEhunNcJ+Sgtp6XP69qY34T/AeJvHRyw5M5LfN0g+4ka9k06NPBhbpHFASz4M8nabQ0iM63++xcapnw/8gk+EPhYVKW86SsyTa9ur+tt6oDWEKNaOhgscX44LexY7jKdeBRt3GaObtBJtVLBRx3Z2aRXgjgnKGqS40mGRiSkqb2DShspI1l8DV2RrPiuwdBzXVQjWRc0KXmJrcgXX9uoPSxihxwaUQyvmITOV1Y+NEuek4gRkVNOxjoG7RGnaYvYzxEQVoI5TwZC2/DCrAUgCv8DQawkcpEiWnBq7Q5VnpmFx5juVQ/I0G8byOkPXgRUOk9 openpgp:0xAB524BBC"
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCACVI2dL4AmOdcb7RSl3JZpfK33NhqrYFfWfXMYow5SPJ9VPteOp5kVvKUuSbGH3chjpttYC/ueQJJhFagiKmkeftQTslIw6C009wUExGpJwRotHqISXv2ctURGURKy2FF848whd7xZJzdj49ZJ6S+SCbRFZvVWfT2dP/JwTiWW1mbEaWKyOgrixH6wSKt9ECumjX9KjqSWGw+k3yLJxIhdqiZAjNv4soJs1mQYdIlFCXCuznzoZIQBexZPQCx0j9HjczPz1feMLWkrHzEMexNjsBE2uA6yXLbH1wa8xCJ4VOeD7u9JqVY579AsicD62G+qIgw0B2zmyz7xTrdPv+061zmYn6qYr8EXGTk4dVgedZp8M1XzZ1PVoeeftPFcClXC7zCGyCR2uzJbQLzlaTwZrdghAiS9UhMRuKpNgZy2zDWw4MqdojrF5bndPkoijlXWYrPYBFED5OU1mpwzpanYgldowJC/Ixjwi+Hmse2q4XgZ+egfuotBqPfqB+bWsCa5GNiJWGdLP69uBSsXubGnqLwvE0FAQ2GHb+SEoZKFy/QV9GzOLlVrGlgK5YFgKJD+Q1nn1QRycXt1oMVC/AtR/NshOGanhdvIRpPATGmaxLVXSY093vyAOW4MPrS00fPAXzAfJUwIuWcloFfLMo5Jitj5rpE1s6FX8xrl4upQ== paul@nyanlout.re"
         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDstFRwMoTEip5IBSYE4dUj3miO0LsKrnUKQJmp7d5QYo3VhXk43jU6VUU0tVAegkzWLlQ3ohoFns+8bZyf7hj7roftrDfoC9bbbx4ihhWrZTlF0gzoH4t52yetFO5eC/tV2sm/zFoa+3IWLokOEFmAoknAVag1MmVLXTQ6WPoTPD4UsX/D3lyE4dbSKxHpMOIjqIdqSEgO0BeTdnHe5afvGXXO1VYTvPsGDHT9w8EHwQV9JXIPn7KVOp3qin7OwvFFrrB3QbiEVTJvGiH2hrfxcARTN/+TxGtf+aOFeuQykURG9Wz/aBK60EWE0wGrzuIymxtNdOR1NhmnNrUZ976Tb9WdR7FC+yM6+/kdfICy+sGQmmn8TLsGvcJTT/pl4Pa9uRAKjRJuLIEgYY6W/ms9lCRyf484yRkDlq+V0BPuN9Jy6Eb7x+tmZNkpEtkqso7wfXD8sf5BIwv2K69SVMpfTswydHGmDwHZ0zaDKGlyCiyJ1QGqUhCTXqtYVq+kQ3AcjKcysMwVEmwx/ySu0XFuV8oUkl9XK/RUoc++sMEd0EbHcn8uwCmBARNX+GLQ03vxwyMW3HyneP8EAxoqtSepZXbTdVP/0i+l7EUUeA7zsaWfU2a82ktZWpVPFGfxkuo0l3zLF19EsXPKZNqlRfkOWjSgp+qWihAkQIQk3GoduQ== openpgp:0x75EE3375"
       ];
     };
-  
+
     victor = {
       uid = 1111;
       isNormalUser = true;
@@ -56,6 +66,12 @@
 
   users.extraGroups.medias = {
     gid = 498;
-    members = [ "slimserver" "radarr" "sonarr" "jellyfin" "transmission" ];
+    members = [
+      "slimserver"
+      "radarr"
+      "sonarr"
+      "jellyfin"
+      "transmission"
+    ];
   };
 }
diff --git a/systems/LoutreOS/web.nix b/systems/LoutreOS/web.nix
index e33ea21..7108cd6 100644
--- a/systems/LoutreOS/web.nix
+++ b/systems/LoutreOS/web.nix
@@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 with lib;
 
@@ -15,7 +20,7 @@ let
         internal;
 
         # Access /auth endpoint to query login state
-        proxy_pass http://127.0.0.1:${toString(config.services.nginx.sso.configuration.listen.port)}/auth;
+        proxy_pass http://127.0.0.1:${toString (config.services.nginx.sso.configuration.listen.port)}/auth;
 
         # Do not forward the request body (nginx-sso does not care about it)
         proxy_pass_request_body off;
@@ -53,7 +58,7 @@ in
   };
 
   users.groups = {
-    webdav = {};
+    webdav = { };
   };
   users.users = {
     webdav = {
@@ -83,7 +88,10 @@ in
     nginx = {
       enable = true;
       package = pkgs.nginx.override {
-        modules = with pkgs.nginxModules; [ dav moreheaders ];
+        modules = with pkgs.nginxModules; [
+          dav
+          moreheaders
+        ];
       };
       recommendedGzipSettings = true;
       recommendedOptimisation = true;
@@ -115,7 +123,12 @@ in
           };
           audit_log = {
             targets = [ "fd://stdout" ];
-            events = [ "access_denied" "login_success" "login_failure" "logout" ];
+            events = [
+              "access_denied"
+              "login_success"
+              "login_failure"
+              "logout"
+            ];
           };
           providers.simple = {
             enable_basic_auth = true;
@@ -129,165 +142,188 @@ in
           acl = {
             rule_sets = [
               {
-                rules = [ { field = "x-host"; regexp = ".*"; } ];
+                rules = [
+                  {
+                    field = "x-host";
+                    regexp = ".*";
+                  }
+                ];
                 allow = [ "@admins" ];
               }
             ];
           };
         };
       };
-      virtualHosts = let
-        base = locations: {
-          locations = locations // {
-            "@maintenance" = {
-              root = "/var/www/errorpages/";
-              extraConfig = ''
-                rewrite ^(.*)$ /50x.html break;
-              '';
+      virtualHosts =
+        let
+          base = locations: {
+            locations = locations // {
+              "@maintenance" = {
+                root = "/var/www/errorpages/";
+                extraConfig = ''
+                  rewrite ^(.*)$ /50x.html break;
+                '';
+              };
             };
+            forceSSL = true;
+            enableACME = true;
+            extraConfig = ''
+              error_page 500 502 503 504 = @maintenance;
+            '';
           };
-          forceSSL = true;
-          enableACME = true;
-          extraConfig = ''
-            error_page 500 502 503 504 = @maintenance;
-          '';
-        };
-        simpleReverse = rport: base {
-          "/" = {
-            proxyPass = "http://127.0.0.1:${toString(rport)}/";
-          };
-        };
-        authReverse = rport: zipAttrsWith (name: vs: if name == "extraConfig" then (concatStrings vs) else elemAt vs 0) [
-          (base {
+          simpleReverse =
+            rport:
+            base {
+              "/" = {
+                proxyPass = "http://127.0.0.1:${toString (rport)}/";
+              };
+            };
+          authReverse =
+            rport:
+            zipAttrsWith (name: vs: if name == "extraConfig" then (concatStrings vs) else elemAt vs 0) [
+              (base {
+                "/" = {
+                  proxyPass = "http://127.0.0.1:${toString (rport)}/";
+                  extraConfig = ''
+                    auth_request_set $cookie $upstream_http_set_cookie;
+                    auth_request_set $username $upstream_http_x_username;
+                    proxy_set_header X-WEBAUTH-USER $username;
+                    add_header Set-Cookie $cookie;
+                  '';
+                };
+              })
+              {
+                extraConfig = ''
+                  include ${nginxSsoAuth};
+                '';
+              }
+            ];
+        in
+        {
+          "nyanlout.re" =
+            base {
+              "/" = {
+                alias = "/var/www/site-perso/";
+              };
+              "/maintenance/" = {
+                alias = "/var/www/errorpages/";
+              };
+              "/.well-known/openpgpkey/" = {
+                alias = "/var/lib/gnupg/wks/nyanlout.re";
+                extraConfig = ''
+                  add_header Access-Control-Allow-Origin * always;
+                '';
+              };
+            }
+            // {
+              default = true;
+            };
+          "musique-meyenheim.fr" = base {
             "/" = {
-              proxyPass = "http://127.0.0.1:${toString(rport)}/";
-              extraConfig = ''
-                auth_request_set $cookie $upstream_http_set_cookie;
-                auth_request_set $username $upstream_http_x_username;
-                proxy_set_header X-WEBAUTH-USER $username;
-                add_header Set-Cookie $cookie;
-              '';
+              proxyPass = "http://unix:/run/site-musique.sock";
             };
-          })
-          {
-            extraConfig = ''
-              include ${nginxSsoAuth};
-            '';
-          }
-        ];
-      in {
-        "nyanlout.re" = base {
-          "/" = {
-            alias = "/var/www/site-perso/";
-          };
-          "/maintenance/" = {
-            alias = "/var/www/errorpages/";
-          };
-          "/.well-known/openpgpkey/" = {
-            alias = "/var/lib/gnupg/wks/nyanlout.re";
-            extraConfig = ''
-              add_header Access-Control-Allow-Origin * always;
-            '';
-          };
-        } // { default = true; };
-        "musique-meyenheim.fr" = base {
-          "/" = {
-            proxyPass = "http://unix:/run/site-musique.sock";
-          };
-          "/static/" = {
-            alias = "/var/www/site-musique/staticfiles/";
-          };
-          "/media/" = {
-            alias = "/var/www/site-musique/media/";
-          };
-        };
-        "www.musique-meyenheim.fr" = {
-          enableACME = true;
-          forceSSL = true;
-          globalRedirect = "musique-meyenheim.fr";
-        };
-        "login.nyanlout.re" = simpleReverse config.services.nginx.sso.configuration.listen.port;
-        "grafana.nyanlout.re" = authReverse config.services.grafana.settings.server.http_port;
-        "transmission.nyanlout.re" = authReverse config.services.transmission.settings.rpc-port;
-        "radarr.nyanlout.re" = authReverse 7878;
-        "sonarr.nyanlout.re" = authReverse 8989;
-        "syncthing.nyanlout.re" = authReverse 8384;
-        "prowlarr.nyanlout.re" = authReverse 9696;
-        "watcharr.nyanlout.re" = simpleReverse 3080;
-        "emby.nyanlout.re" = recursiveUpdate (simpleReverse 8096) {
-          locations."/" = {
-            proxyWebsockets = true;
-          };
-        };
-        "gitea.nyanlout.re" = simpleReverse config.services.forgejo.settings.server.HTTP_PORT;
-        "photo.nyanlout.re" = recursiveUpdate (simpleReverse config.services.photoprism.port) {
-          locations."/" = {
-            proxyWebsockets = true;
-          };
-        };
-        "zigbee.nyanlout.re" = recursiveUpdate (authReverse config.services.zigbee2mqtt.settings.frontend.port) {
-          locations."/" = {
-            proxyWebsockets = true;
-          };
-        };
-        "apart.nyanlout.re" = recursiveUpdate (simpleReverse config.services.home-assistant.config.http.server_port) {
-          locations."/" = {
-            proxyWebsockets = true;
-          };
-        };
-        "drive.nyanlout.re" = base {
-          "/" = {
-            extraConfig = ''
-              fastcgi_split_path_info ^(.+\.php)(/.+)$;
-              fastcgi_pass unix:${config.services.phpfpm.pools.drive.socket};
-              include ${pkgs.nginx}/conf/fastcgi_params;
-              include ${pkgs.nginx}/conf/fastcgi.conf;
-              fastcgi_param SCRIPT_FILENAME $document_root/index.php;
-              fastcgi_intercept_errors on;
-              fastcgi_buffers 64 4K;
-              client_body_temp_path /mnt/webdav/tmp_upload;
-              client_max_body_size 0;
-              proxy_request_buffering off;
-            '';
-          };
-        } // {
-          root = "/mnt/webdav";
-        };
-        "rspamd.nyanlout.re" = zipAttrsWith (name: vs: if name == "extraConfig" then (concatStrings vs) else elemAt vs 0) [
-          (base {
-            "/" = {
-              proxyPass = "http://unix:/run/rspamd/worker-controller.sock";
-              extraConfig = ''
-                auth_request_set $cookie $upstream_http_set_cookie;
-                add_header Set-Cookie $cookie;
-              '';
+            "/static/" = {
+              alias = "/var/www/site-musique/staticfiles/";
             };
-          })
-          {
-            extraConfig = ''
-              include ${nginxSsoAuth};
-            '';
-          }
-        ];
-        "designyourfuture.amandoline-creations.fr" = base {
-          "/".alias = "/var/www/amandoline-designyourfuture/";
+            "/media/" = {
+              alias = "/var/www/site-musique/media/";
+            };
+          };
+          "www.musique-meyenheim.fr" = {
+            enableACME = true;
+            forceSSL = true;
+            globalRedirect = "musique-meyenheim.fr";
+          };
+          "login.nyanlout.re" = simpleReverse config.services.nginx.sso.configuration.listen.port;
+          "grafana.nyanlout.re" = authReverse config.services.grafana.settings.server.http_port;
+          "transmission.nyanlout.re" = authReverse config.services.transmission.settings.rpc-port;
+          "radarr.nyanlout.re" = authReverse 7878;
+          "sonarr.nyanlout.re" = authReverse 8989;
+          "syncthing.nyanlout.re" = authReverse 8384;
+          "prowlarr.nyanlout.re" = authReverse 9696;
+          "watcharr.nyanlout.re" = simpleReverse 3080;
+          "emby.nyanlout.re" = recursiveUpdate (simpleReverse 8096) {
+            locations."/" = {
+              proxyWebsockets = true;
+            };
+          };
+          "gitea.nyanlout.re" = simpleReverse config.services.forgejo.settings.server.HTTP_PORT;
+          "photo.nyanlout.re" = recursiveUpdate (simpleReverse config.services.photoprism.port) {
+            locations."/" = {
+              proxyWebsockets = true;
+            };
+          };
+          "zigbee.nyanlout.re" =
+            recursiveUpdate (authReverse config.services.zigbee2mqtt.settings.frontend.port)
+              {
+                locations."/" = {
+                  proxyWebsockets = true;
+                };
+              };
+          "apart.nyanlout.re" =
+            recursiveUpdate (simpleReverse config.services.home-assistant.config.http.server_port)
+              {
+                locations."/" = {
+                  proxyWebsockets = true;
+                };
+              };
+          "drive.nyanlout.re" =
+            base {
+              "/" = {
+                extraConfig = ''
+                  fastcgi_split_path_info ^(.+\.php)(/.+)$;
+                  fastcgi_pass unix:${config.services.phpfpm.pools.drive.socket};
+                  include ${pkgs.nginx}/conf/fastcgi_params;
+                  include ${pkgs.nginx}/conf/fastcgi.conf;
+                  fastcgi_param SCRIPT_FILENAME $document_root/index.php;
+                  fastcgi_intercept_errors on;
+                  fastcgi_buffers 64 4K;
+                  client_body_temp_path /mnt/webdav/tmp_upload;
+                  client_max_body_size 0;
+                  proxy_request_buffering off;
+                '';
+              };
+            }
+            // {
+              root = "/mnt/webdav";
+            };
+          "rspamd.nyanlout.re" =
+            zipAttrsWith (name: vs: if name == "extraConfig" then (concatStrings vs) else elemAt vs 0)
+              [
+                (base {
+                  "/" = {
+                    proxyPass = "http://unix:/run/rspamd/worker-controller.sock";
+                    extraConfig = ''
+                      auth_request_set $cookie $upstream_http_set_cookie;
+                      add_header Set-Cookie $cookie;
+                    '';
+                  };
+                })
+                {
+                  extraConfig = ''
+                    include ${nginxSsoAuth};
+                  '';
+                }
+              ];
+          "designyourfuture.amandoline-creations.fr" = base {
+            "/".alias = "/var/www/amandoline-designyourfuture/";
+          };
+          "amandoline-creations.fr" = base {
+            "/".alias = "/var/www/amandoline-portfolio/";
+          };
+          "www.amandoline-creations.fr" = {
+            enableACME = true;
+            forceSSL = true;
+            globalRedirect = "amandoline-creations.fr";
+          };
+          "challenge.amandoline-creations.fr" = base {
+            "/".alias = "/var/www/amandoline-challenge/";
+          };
+          ${config.services.nextcloud.hostName} = {
+            forceSSL = true;
+            enableACME = true;
+          };
         };
-        "amandoline-creations.fr" = base {
-          "/".alias = "/var/www/amandoline-portfolio/";
-        };
-        "www.amandoline-creations.fr" = {
-          enableACME = true;
-          forceSSL = true;
-          globalRedirect = "amandoline-creations.fr";
-        };
-        "challenge.amandoline-creations.fr" = base {
-          "/".alias = "/var/www/amandoline-challenge/";
-        };
-        ${config.services.nextcloud.hostName} = {
-          forceSSL = true;
-          enableACME = true;
-        };
-      };
     };
 
     postgresql = {
@@ -382,35 +418,50 @@ in
     LoadCredential = "nextcloud_admin.pass:/mnt/secrets/nextcloud_admin.pass";
   };
 
-  systemd.services.site-musique = let
-    djangoEnv =(pkgs.python3.withPackages (ps: with ps; [ gunicorn django_4 pillow setuptools ]));
-  in {
-    description = "Site Django de la musique de Meyenheim";
-    after = [ "network.target" ];
-    requires = [ "site-musique.socket" ];
-    preStart = ''
-      ${djangoEnv}/bin/python manage.py migrate;
-      ${djangoEnv}/bin/python manage.py collectstatic --no-input;
-    '';
-    environment = {
-      DJANGO_SETTINGS_MODULE = "site_musique.settings.prod";
-      NGINX_DIRECTORY = "/var/www/site-musique";
-    };
-    serviceConfig = {
-      DynamicUser = true;
-      Group = "nginx";
-      StateDirectory = "site-musique";
-      WorkingDirectory = "/var/www/site-musique/";
-      ReadWritePaths = [ "/var/www/site-musique/staticfiles" "/var/www/site-musique/media" ];
-      EnvironmentFile = "/mnt/secrets/site-musique.env";
-      ExecStart = ''${djangoEnv}/bin/gunicorn \
-        --access-logfile - \
-        --bind unix:/run/site-musique.sock \
-        site_musique.wsgi:application
+  systemd.services.site-musique =
+    let
+      djangoEnv = (
+        pkgs.python3.withPackages (
+          ps: with ps; [
+            gunicorn
+            django_4
+            pillow
+            setuptools
+          ]
+        )
+      );
+    in
+    {
+      description = "Site Django de la musique de Meyenheim";
+      after = [ "network.target" ];
+      requires = [ "site-musique.socket" ];
+      preStart = ''
+        ${djangoEnv}/bin/python manage.py migrate;
+        ${djangoEnv}/bin/python manage.py collectstatic --no-input;
       '';
-      PrivateTmp = true;
+      environment = {
+        DJANGO_SETTINGS_MODULE = "site_musique.settings.prod";
+        NGINX_DIRECTORY = "/var/www/site-musique";
+      };
+      serviceConfig = {
+        DynamicUser = true;
+        Group = "nginx";
+        StateDirectory = "site-musique";
+        WorkingDirectory = "/var/www/site-musique/";
+        ReadWritePaths = [
+          "/var/www/site-musique/staticfiles"
+          "/var/www/site-musique/media"
+        ];
+        EnvironmentFile = "/mnt/secrets/site-musique.env";
+        ExecStart = ''
+          ${djangoEnv}/bin/gunicorn \
+                  --access-logfile - \
+                  --bind unix:/run/site-musique.sock \
+                  site_musique.wsgi:application
+        '';
+        PrivateTmp = true;
+      };
     };
-  };
 
   systemd.sockets.site-musique = {
     description = "Site Musique socket";
diff --git a/systems/PC-Fixe/configuration.nix b/systems/PC-Fixe/configuration.nix
index e6031f8..e1044d8 100644
--- a/systems/PC-Fixe/configuration.nix
+++ b/systems/PC-Fixe/configuration.nix
@@ -5,14 +5,16 @@
 { config, pkgs, ... }:
 
 {
-  imports =
-    [
-      ./hardware-configuration.nix
-      ../common-cli.nix
-      ../common-gui.nix
-    ];
+  imports = [
+    ./hardware-configuration.nix
+    ../common-cli.nix
+    ../common-gui.nix
+  ];
 
-  nix.settings.trusted-users = [ "root" "paul" ];
+  nix.settings.trusted-users = [
+    "root"
+    "paul"
+  ];
 
   boot.loader.efi.canTouchEfiVariables = true;
   boot.loader.grub = {
@@ -76,7 +78,10 @@
   networking.hostId = "3a1f739e";
 
   networking.hosts = {
-    "10.30.0.1" = ["emby.nyanlout.re" "nyanlout.re"];
+    "10.30.0.1" = [
+      "emby.nyanlout.re"
+      "nyanlout.re"
+    ];
   };
 
   environment.systemPackages = with pkgs; [
@@ -95,7 +100,15 @@
 
   users.users.paul = {
     isNormalUser = true;
-    extraGroups = [ "wheel" "networkmanager" "wireshark" "input" "dialout" "libvirtd" "vboxusers" ];
+    extraGroups = [
+      "wheel"
+      "networkmanager"
+      "wireshark"
+      "input"
+      "dialout"
+      "libvirtd"
+      "vboxusers"
+    ];
     uid = 1000;
     openssh.authorizedKeys.keys = [
       "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDstFRwMoTEip5IBSYE4dUj3miO0LsKrnUKQJmp7d5QYo3VhXk43jU6VUU0tVAegkzWLlQ3ohoFns+8bZyf7hj7roftrDfoC9bbbx4ihhWrZTlF0gzoH4t52yetFO5eC/tV2sm/zFoa+3IWLokOEFmAoknAVag1MmVLXTQ6WPoTPD4UsX/D3lyE4dbSKxHpMOIjqIdqSEgO0BeTdnHe5afvGXXO1VYTvPsGDHT9w8EHwQV9JXIPn7KVOp3qin7OwvFFrrB3QbiEVTJvGiH2hrfxcARTN/+TxGtf+aOFeuQykURG9Wz/aBK60EWE0wGrzuIymxtNdOR1NhmnNrUZ976Tb9WdR7FC+yM6+/kdfICy+sGQmmn8TLsGvcJTT/pl4Pa9uRAKjRJuLIEgYY6W/ms9lCRyf484yRkDlq+V0BPuN9Jy6Eb7x+tmZNkpEtkqso7wfXD8sf5BIwv2K69SVMpfTswydHGmDwHZ0zaDKGlyCiyJ1QGqUhCTXqtYVq+kQ3AcjKcysMwVEmwx/ySu0XFuV8oUkl9XK/RUoc++sMEd0EbHcn8uwCmBARNX+GLQ03vxwyMW3HyneP8EAxoqtSepZXbTdVP/0i+l7EUUeA7zsaWfU2a82ktZWpVPFGfxkuo0l3zLF19EsXPKZNqlRfkOWjSgp+qWihAkQIQk3GoduQ== openpgp:0x75EE3375"
diff --git a/systems/PC-Fixe/hardware-configuration.nix b/systems/PC-Fixe/hardware-configuration.nix
index 253a6ae..4768bab 100644
--- a/systems/PC-Fixe/hardware-configuration.nix
+++ b/systems/PC-Fixe/hardware-configuration.nix
@@ -1,12 +1,28 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 
 {
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    "ahci"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
   boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.kernelModules = [ "kvm-amd" "coretemp" "it87" ];
+  boot.kernelModules = [
+    "kvm-amd"
+    "coretemp"
+    "it87"
+  ];
   boot.extraModulePackages = [ ];
 
   services.xserver.videoDrivers = [ "nvidia" ];
@@ -17,41 +33,44 @@
     package = config.boot.kernelPackages.nvidiaPackages.latest;
   };
 
-  fileSystems."/" =
-    { device = "rpool/root/nixos";
-      fsType = "zfs";
-    };
+  fileSystems."/" = {
+    device = "rpool/root/nixos";
+    fsType = "zfs";
+  };
 
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/F4EC-57DF";
-      fsType = "vfat";
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/F4EC-57DF";
+    fsType = "vfat";
+  };
 
-  fileSystems."/home" =
-    { device = "fastaf/home";
-      fsType = "zfs";
-    };
+  fileSystems."/home" = {
+    device = "fastaf/home";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/steam" =
-    { device = "fastaf/steam";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/steam" = {
+    device = "fastaf/steam";
+    fsType = "zfs";
+  };
 
-  fileSystems."/mnt/games" =
-    { device = "fastaf/games";
-      fsType = "zfs";
-    };
+  fileSystems."/mnt/games" = {
+    device = "fastaf/games";
+    fsType = "zfs";
+  };
 
   # fileSystems."/mnt/hdd" =
   #   { device = "/dev/mapper/ManjaroVG-ManjaroRoot";
   #     fsType = "ext4";
   #   };
 
-  fileSystems."/mnt/medias" =
-    { device = "10.30.0.1:/mnt/medias";
-      fsType = "nfs";
-      options = ["x-systemd.automount" "noauto"];
-    };
+  fileSystems."/mnt/medias" = {
+    device = "10.30.0.1:/mnt/medias";
+    fsType = "nfs";
+    options = [
+      "x-systemd.automount"
+      "noauto"
+    ];
+  };
 
   swapDevices = [ ];
 
diff --git a/systems/common-cli.nix b/systems/common-cli.nix
index 3b5e1af..c075abe 100644
--- a/systems/common-cli.nix
+++ b/systems/common-cli.nix
@@ -11,18 +11,22 @@
       vimAlias = true;
       configure = {
         customRC = ''
-	        set tabstop=8
+          set tabstop=8
           set shiftwidth=4
           set softtabstop=0
           set expandtab
-	        set smarttab
+          set smarttab
           set background=dark
           set mouse=
         '';
         packages.myVimPackage = with pkgs.vimPlugins; {
           start = [
-            vim-startify  airline             sensible
-            polyglot      ale                 fugitive
+            vim-startify
+            airline
+            sensible
+            polyglot
+            ale
+            fugitive
           ];
           opt = [ ];
         };
@@ -73,6 +77,8 @@
 
     # Développement
     openssl
+    treefmt
+    nixfmt-rfc-style
   ];
 
   users.defaultUserShell = pkgs.zsh;
@@ -93,8 +99,14 @@
       '';
       ohMyZsh = {
         enable = true;
-        plugins = [ "git" "colored-man-pages" "command-not-found" "extract" "nix" ];
-        customPkgs = with pkgs;[
+        plugins = [
+          "git"
+          "colored-man-pages"
+          "command-not-found"
+          "extract"
+          "nix"
+        ];
+        customPkgs = with pkgs; [
           nix-zsh-completions
         ];
       };
@@ -107,16 +119,17 @@
     git.enable = true;
   };
 
-  environment.variables = let
-    starshipConfToml =
-      pkgs.writeText "starship.toml" ''
+  environment.variables =
+    let
+      starshipConfToml = pkgs.writeText "starship.toml" ''
         [[battery.display]]
         threshold = 50
       '';
-  in {
-    EDITOR = "nvim";
-    STARSHIP_CONFIG = "${starshipConfToml}";
-  };
+    in
+    {
+      EDITOR = "nvim";
+      STARSHIP_CONFIG = "${starshipConfToml}";
+    };
 
   nix.gc.automatic = true;
   nix.gc.options = "--delete-older-than 15d";
diff --git a/systems/common-gui.nix b/systems/common-gui.nix
index 3c24d4c..ff42da7 100644
--- a/systems/common-gui.nix
+++ b/systems/common-gui.nix
@@ -45,7 +45,12 @@
     kdePackages.kinfocenter
     kile
     (texlive.combine {
-      inherit (texlive) scheme-small titling collection-langfrench cm-super;
+      inherit (texlive)
+        scheme-small
+        titling
+        collection-langfrench
+        cm-super
+        ;
     })
 
     libsForQt5.breeze-gtk
@@ -75,17 +80,22 @@
   systemd.extraConfig = "DefaultLimitNOFILE=1048576";
 
   security = {
-    pam.loginLimits = [{
-      domain = "*";
-      type = "hard";
-      item = "nofile";
-      value = "1048576";
-    }];
+    pam.loginLimits = [
+      {
+        domain = "*";
+        type = "hard";
+        item = "nofile";
+        value = "1048576";
+      }
+    ];
     rtkit.enable = true;
   };
 
   programs = {
-    gnupg.agent = { enable = true; enableSSHSupport = true; };
+    gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
     browserpass.enable = true;
     steam.enable = true;
     firefox.enable = true;
@@ -113,13 +123,13 @@
       alsa.support32Bit = true;
       pulse.enable = true;
       extraConfig.pipewire = {
-      "10-clock-rate" = {
-        "context.properties" = {
-          "default.clock.allowed-rates"  = [ 48000 ];
+        "10-clock-rate" = {
+          "context.properties" = {
+            "default.clock.allowed-rates" = [ 48000 ];
+          };
         };
       };
     };
-    };
     udev.packages = with pkgs; [ ledger-udev-rules ];
     pcscd.enable = true;
   };
diff --git a/treefmt.toml b/treefmt.toml
new file mode 100644
index 0000000..d8118ce
--- /dev/null
+++ b/treefmt.toml
@@ -0,0 +1,3 @@
+[formatter.nixfmt-rfc-style]
+command = "nixfmt"
+includes = ["*.nix"]