fixed

flake.nix

@@ -10,15 +10,13 @@
     website-builder.inputs.nixpkgs.follows = "nixpkgs";
   };
 
-  outputs =
-    {
+  outputs = {
     nixpkgs,
     vpnconfinement,
     website-builder,
     self,
     ...
-    }@inputs:
-    let
+  } @ inputs: let
     # Systems supported
     supportedSystems = [
       "x86_64-linux" # 64-bit Intel/AMD Linux
@@ -28,8 +26,7 @@
     ];
 
     # Helper to provide system-specific attributes
-      forAllSystems =
-        f:
+    forAllSystems = f:
       nixpkgs.lib.genAttrs supportedSystems (
         system:
           f {
@@ -39,8 +36,7 @@
             };
           }
       );
-    in
-    {
+  in {
     nixosModules.default.imports = [
       ./nixarr
       vpnconfinement.nixosModules.default
@@ -50,8 +46,7 @@
     # To run interactively run:
     # > nix build .#checks.x86_64-linux.monitoring-test.driver -L
     checks = forAllSystems (
-        { pkgs }:
-        {
+      {pkgs}: {
         permissions-test = pkgs.callPackage ./tests/permissions-test.nix {
           inherit (self) nixosModules;
         };
@@ -65,8 +60,7 @@
     );
 
     devShells = forAllSystems (
-        { pkgs }:
-        {
+      {pkgs}: {
         default = pkgs.mkShell {
           packages = with pkgs; [
             alejandra
@@ -77,8 +71,7 @@
     );
 
     packages = forAllSystems (
-        { pkgs }:
-        let
+      {pkgs}: let
         website = website-builder.lib {
           pkgs = pkgs;
           src = "${self}";
@@ -125,8 +118,7 @@
           };
           nixosModules = ./nixarr;
         };
-        in
-        {
+      in {
         default = website.package;
         debug = website.loop;
       }

tests/permissions-test.nix

@@ -4,7 +4,7 @@
   nixosModules,
   lib ? pkgs.lib,
 }:
-pkgs.nixosTest {
+pkgs.testers.nixosTest {
   name = "nixarr-permissions-test";
 
   nodes.machine = {

tests/simple-test.nix

@@ -3,7 +3,7 @@
   nixosModules,
   lib ? pkgs.lib,
 }:
-pkgs.nixosTest {
+pkgs.testers.nixosTest {
   name = "simple-test";
 
   nodes.machine = {

tests/vpn-confinement-test.nix

@@ -43,17 +43,25 @@ The test ensures that:
   wgGatewayPort = 51820;
 
   # Generate real WireGuard keys
-  wgGatewayPrivateKey = pkgs.runCommand "wg-gateway-private" {buildInputs = [pkgs.wireguard-tools];} ''
+  wgGatewayPrivateKey =
+    pkgs.runCommand "wg-gateway-private" {buildInputs = [pkgs.wireguard-tools];}
+    ''
       wg genkey > $out
     '';
-  wgGatewayPublicKey = pkgs.runCommand "wg-gateway-public" {buildInputs = [pkgs.wireguard-tools];} ''
+  wgGatewayPublicKey =
+    pkgs.runCommand "wg-gateway-public" {buildInputs = [pkgs.wireguard-tools];}
+    ''
       cat ${wgGatewayPrivateKey} | wg pubkey > $out
     '';
 
-  wgClientPrivateKey = pkgs.runCommand "wg-client-private" {buildInputs = [pkgs.wireguard-tools];} ''
+  wgClientPrivateKey =
+    pkgs.runCommand "wg-client-private" {buildInputs = [pkgs.wireguard-tools];}
+    ''
       wg genkey > $out
     '';
-  wgClientPublicKey = pkgs.runCommand "wg-client-public" {buildInputs = [pkgs.wireguard-tools];} ''
+  wgClientPublicKey =
+    pkgs.runCommand "wg-client-public" {buildInputs = [pkgs.wireguard-tools];}
+    ''
       cat ${wgClientPrivateKey} | wg pubkey > $out
     '';
 
@@ -92,7 +100,7 @@ The test ensures that:
     PersistentKeepalive = 25
   '';
 in
-  pkgs.nixosTest {
+  pkgs.testers.nixosTest {
     name = "nixarr-vpn-confinement-test";
 
     # Disable interactive mode to avoid hanging
@@ -128,7 +136,10 @@ in
             "${internetClientIP}/24"
             "${internetClientIPv6}/64"
           ];
-          gateway = ["${internetGatewayIP}" "${internetGatewayIPv6}"];
+          gateway = [
+            "${internetGatewayIP}"
+            "${internetGatewayIPv6}"
+          ];
           routes = [
             {
               Destination = "${wgSubnet}";
@@ -189,7 +200,10 @@ in
         pkgs,
         ...
       }: {
-        virtualisation.vlans = [1 2]; # VLAN 1 for LAN, VLAN 2 for Internet
+        virtualisation.vlans = [
+          1
+          2
+        ]; # VLAN 1 for LAN, VLAN 2 for Internet
 
         networking = {
           interfaces.eth1 = {
@@ -224,19 +238,28 @@ in
 
           firewall = {
             enable = true;
-            allowedUDPPorts = [wgGatewayPort 51413];
+            allowedUDPPorts = [
+              wgGatewayPort
+              51413
+            ];
             allowedTCPPorts = [51413];
           };
 
           wireguard.interfaces.wg0 = {
-            ips = ["${wgGatewayAddr}/24" "${wgGatewayAddrV6}/64"];
+            ips = [
+              "${wgGatewayAddr}/24"
+              "${wgGatewayAddrV6}/64"
+            ];
             listenPort = wgGatewayPort;
             privateKeyFile = "${wgGatewayPrivateKey}";
 
             peers = [
               {
                 publicKey = builtins.readFile wgClientPublicKey;
-                allowedIPs = ["${wgClientAddr}/32" "${wgClientAddrV6}/128"];
+                allowedIPs = [
+                  "${wgClientAddr}/32"
+                  "${wgClientAddrV6}/128"
+                ];
               }
             ];
           };