From a3b9d89b1a10b245417487adf25ce8701e503281 Mon Sep 17 00:00:00 2001
From: Brendan Golden <git@brendan.ie>
Date: Fri, 5 Sep 2025 22:45:32 +0100
Subject: [PATCH] fmt: formatted

---
 applications/itd/splunk/module.nix | 57 +++++++++++++++---------------
 1 file changed, 28 insertions(+), 29 deletions(-)

diff --git a/applications/itd/splunk/module.nix b/applications/itd/splunk/module.nix
index 52d0e4b..304d29e 100644
--- a/applications/itd/splunk/module.nix
+++ b/applications/itd/splunk/module.nix
@@ -49,24 +49,24 @@ in {
 
     # need to set access controls
     systemd.tmpfiles.rules = [
-       "a /var/log                 - - - - u:splunk:rx"
-       "a /var/log/auth.log        - - - - splunk:r"
-       "a /var/log/messages        - - - - u:splunk:r"
-       "a /var/log/secure          - - - - u:splunk:r"
-       "a /var/log/audit           - - - - u:splunk:rx"
-       "a /var/log/audit.log       - - - - u:splunk:r"
-       "a /var/log/audit/audit.log - - - - u:splunk:r"
-       "a /root                    - - - - u:splunk:rx"
-       "a /root/.bash_history      - - - - u:splunk:r"
-       "a /home/*                  - - - - u:splunk:rx"
-       "a /home/*/.bash_history    - - - - u:splunk:r"
+      "a /var/log                 - - - - u:splunk:rx"
+      "a /var/log/auth.log        - - - - u:splunk:r "
+      "a /var/log/messages        - - - - u:splunk:r "
+      "a /var/log/secure          - - - - u:splunk:r "
+      "a /var/log/audit           - - - - u:splunk:rx"
+      "a /var/log/audit.log       - - - - u:splunk:r "
+      "a /var/log/audit/audit.log - - - - u:splunk:r "
+      "a /root                    - - - - u:splunk:rx"
+      "a /root/.bash_history      - - - - u:splunk:r "
+      "a /home/*                  - - - - u:splunk:rx"
+      "a /home/*/.bash_history    - - - - u:splunk:r "
     ];
 
     security.auditd = {
-        enable = true;
-        settings = {
-            log_group = cfg.user.group;
-        };
+      enable = true;
+      settings = {
+        log_group = cfg.user.group;
+      };
     };
 
     # set up the core files
@@ -160,30 +160,29 @@ in {
       path = with pkgs; [util-linux toybox];
       serviceConfig = {
         Type = "simple";
-        Restart="always";
+        Restart = "always";
         Environment = "SPLUNK_HOME=${cfg.user.home}";
         ExecStart = "${package}/bin/splunk  _internal_launch_under_systemd";
-        KillMode="mixed";
-        KillSignal="SIGINT";
-        TimeoutStopSec=360;
-        LimitNOFILE=65536;
-        LimitRTPRIO=99;
-        SuccessExitStatus="51 52";
-        RestartPreventExitStatus=51;
-        RestartForceExitStatus=52;
+        KillMode = "mixed";
+        KillSignal = "SIGINT";
+        TimeoutStopSec = 360;
+        LimitNOFILE = 65536;
+        LimitRTPRIO = 99;
+        SuccessExitStatus = "51 52";
+        RestartPreventExitStatus = 51;
+        RestartForceExitStatus = 52;
         User = cfg.user.user;
         Group = cfg.user.group;
         NoNewPrivileges = "yes";
         AmbientCapabilities = "CAP_DAC_READ_SEARCH";
 
         # ExecStartPre=-/bin/bash -c "chown -R splunk:splunk /opt/splunkforwarder"
-        Delegate="true";
-#         CPUShares=1024;
-#         MemoryLimit=3973632000;
-        PermissionsStartOnly="true";
+        Delegate = "true";
+        #         CPUShares=1024;
+        #         MemoryLimit=3973632000;
+        PermissionsStartOnly = "true";
         # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/cpu/system.slice/%n"
         # ExecStartPost=-/bin/bash -c "chown -R splunk:splunk /sys/fs/cgroup/memory/system.slice/%n"
-        
       };
     };
   };