34 lines
794 B
Nix
34 lines
794 B
Nix
{ pkgs, lib, config, inputs, ... }:
|
|
|
|
{
|
|
languages.ansible.enable = true;
|
|
languages.opentofu.enable = true;
|
|
languages.python.enable = true;
|
|
languages.python.uv.enable = true;
|
|
languages.python.uv.sync.enable = true;
|
|
languages.python.venv.enable = true;
|
|
|
|
packages = [
|
|
pkgs.d2
|
|
pkgs.dnscontrol
|
|
pkgs.minio-client
|
|
];
|
|
|
|
enterShell = ''
|
|
set -a
|
|
eval "$(ansible-vault view .env)"
|
|
set +a
|
|
'';
|
|
|
|
git-hooks.hooks.ansible-lint.enable = true;
|
|
git-hooks.hooks.ansible-lint.verbose = true;
|
|
|
|
git-hooks.hooks.gitleaks = {
|
|
enable = true;
|
|
name = "Detect hardcoded secrets";
|
|
package = pkgs.gitleaks;
|
|
description = "Detect hardcoded secrets using Gitleaks";
|
|
entry = "gitleaks git --pre-commit --redact --staged --verbose";
|
|
pass_filenames = false;
|
|
};
|
|
}
|