{ pkgs, lib, config, inputs, ... }:

{
  languages.ansible.enable = true;
  languages.opentofu.enable = true;
  languages.python.enable = true;
  languages.python.uv.enable = true;
  languages.python.uv.sync.enable = true;
  languages.python.venv.enable = true;

  packages = [
		pkgs.d2
		pkgs.dnscontrol
		pkgs.minio-client
  ];

  enterShell = ''
    set -a
    eval "$(ansible-vault view .env)"
    set +a
  '';

  git-hooks.hooks.ansible-lint.enable = true;
  git-hooks.hooks.ansible-lint.verbose = true;

  git-hooks.hooks.gitleaks = {
    enable = true;
    name = "Detect hardcoded secrets";
    package = pkgs.gitleaks;
    description = "Detect hardcoded secrets using Gitleaks";
    entry = "gitleaks git --pre-commit --redact --staged --verbose";
    pass_filenames = false;
  };
}