From 09b5bae6b3fdcc9251833220b8fc1dda0f9647b3 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Mon, 29 Jul 2024 20:14:30 -0500
Subject: [PATCH] some management and task files

---
 .envrc                                   |  1 +
 .forgejo/actions/precommit/Taskfile.yaml | 16 +++++++
 .gitignore                               | 23 +++++++++-
 .pre-commit-config.yaml                  | 53 ++++++++++++++++++++++++
 .taskfiles/act/Taskfile.yaml             |  8 ++++
 .taskfiles/precommit/Taskfile.yaml       | 16 +++++++
 .vscode/settings.json                    | 32 ++++++++++----
 .yamllint.yaml                           | 29 +++++++++++++
 Taskfile.yaml                            | 10 +++++
 renovate.json                            |  1 -
 shell.nix                                | 15 +++++++
 11 files changed, 193 insertions(+), 11 deletions(-)
 create mode 100644 .envrc
 create mode 100644 .forgejo/actions/precommit/Taskfile.yaml
 create mode 100644 .pre-commit-config.yaml
 create mode 100644 .taskfiles/act/Taskfile.yaml
 create mode 100644 .taskfiles/precommit/Taskfile.yaml
 create mode 100644 .yamllint.yaml
 create mode 100644 Taskfile.yaml
 create mode 100644 shell.nix

diff --git a/.envrc b/.envrc
new file mode 100644
index 0000000..1d953f4
--- /dev/null
+++ b/.envrc
@@ -0,0 +1 @@
+use nix
diff --git a/.forgejo/actions/precommit/Taskfile.yaml b/.forgejo/actions/precommit/Taskfile.yaml
new file mode 100644
index 0000000..e708a01
--- /dev/null
+++ b/.forgejo/actions/precommit/Taskfile.yaml
@@ -0,0 +1,16 @@
+---
+version: "3"
+
+tasks:
+  init:
+    desc: Initialize pre-commit hooks
+    cmds:
+      - pre-commit install --install-hooks
+  run:
+    desc: Run pre-commit
+    cmds:
+      - pre-commit run --all-files
+  update:
+    desc: Update pre-commit hooks
+    cmds:
+      - pre-commit autoupdate
diff --git a/.gitignore b/.gitignore
index c709af0..5091499 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,22 @@
-/.tmp
\ No newline at end of file
+.tmp
+.DS_Store
+Thumbs.db
+.direnv
+.private/
+.venv/
+.terraform
+.direnv
+*.tfvars
+.decrypted~*
+*.agekey
+*.pub
+*.key
+*.pem
+kubeconfig*
+*talosconfig.yaml
+omniconfig.yaml
+config.xml
+.idea/
+.env
+.secrets
+.github
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..28d5065
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,53 @@
+---
+fail_fast: false
+
+exclude: |
+  (?x)^(
+      docs/_assets/.*
+    | .*\.sops\.toml
+  )$
+
+repos:
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
+        args:
+          - -c
+          - ".yamllint.yaml"
+
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.6.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: fix-byte-order-marker
+      - id: mixed-line-ending
+      - id: check-added-large-files
+        args: [--maxkb=2048]
+      - id: check-merge-conflict
+      - id: check-executables-have-shebangs
+
+  - repo: https://github.com/Lucas-C/pre-commit-hooks
+    rev: v1.5.5
+    hooks:
+      - id: forbid-crlf
+      - id: forbid-tabs
+
+  - repo: https://github.com/sirosen/fix-smartquotes
+    rev: 0.2.0
+    hooks:
+      - id: fix-smartquotes
+
+  - repo: https://github.com/jumanjihouse/pre-commit-hooks
+    rev: 3.0.0
+    hooks:
+      - id: shellcheck
+        language: script
+        args: [--severity=error]
+        additional_dependencies: []
+
+  - repo: https://github.com/onedr0p/sops-pre-commit
+    rev: v2.1.1
+    hooks:
+      - id: forbid-secrets
diff --git a/.taskfiles/act/Taskfile.yaml b/.taskfiles/act/Taskfile.yaml
new file mode 100644
index 0000000..4830c09
--- /dev/null
+++ b/.taskfiles/act/Taskfile.yaml
@@ -0,0 +1,8 @@
+---
+version: "3"
+
+tasks:
+  run:
+    desc: Run ACT with custom image
+    cmds:
+      - act -P docker=catthehacker/ubuntu:act-latest
diff --git a/.taskfiles/precommit/Taskfile.yaml b/.taskfiles/precommit/Taskfile.yaml
new file mode 100644
index 0000000..e708a01
--- /dev/null
+++ b/.taskfiles/precommit/Taskfile.yaml
@@ -0,0 +1,16 @@
+---
+version: "3"
+
+tasks:
+  init:
+    desc: Initialize pre-commit hooks
+    cmds:
+      - pre-commit install --install-hooks
+  run:
+    desc: Run pre-commit
+    cmds:
+      - pre-commit run --all-files
+  update:
+    desc: Update pre-commit hooks
+    cmds:
+      - pre-commit autoupdate
diff --git a/.vscode/settings.json b/.vscode/settings.json
index 60f68e9..dc892f7 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,10 +1,24 @@
 {
-    "yaml.schemas": {
-      "https://json.schemastore.org/github-workflow.json": [
-        ".github/workflows/*",
-        ".forgejo/workflows/*"
-      ]
-    },
-    "yaml.schemaStore.enable": true
-  }
-  
\ No newline at end of file
+  "yaml.schemas": {
+    "https://json.schemastore.org/github-workflow.json": [
+      ".github/workflows/*",
+      ".forgejo/workflows/*"
+    ]
+  },
+  "yaml.schemaStore.enable": true,
+  "files.associations": {
+    ".secrets": "dotenv"
+  },
+  "material-icon-theme.folders.associations": {
+    ".taskfiles": "utils",
+    "bootstrap": "import",
+    "charts": "kubernetes",
+    "hack": "scripts",
+    "repositories": "database",
+    "vars": "other"
+  },
+  "[jsonc]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "editor.fontFamily": "FiraCode Nerd Font",
+}
diff --git a/.yamllint.yaml b/.yamllint.yaml
new file mode 100644
index 0000000..bb7b058
--- /dev/null
+++ b/.yamllint.yaml
@@ -0,0 +1,29 @@
+---
+ignore: |
+  .ansible/
+  .direnv/
+  .private/
+  .vscode/
+  *.sops.*
+  ansible/roles/xanmanning.k3s/
+
+extends: default
+
+rules:
+  truthy:
+    allowed-values: ["true", "false", "on"]
+
+  comments:
+    min-spaces-from-content: 1
+
+  line-length: disable
+
+  braces:
+    min-spaces-inside: 0
+    max-spaces-inside: 1
+
+  brackets:
+    min-spaces-inside: 0
+    max-spaces-inside: 0
+
+  indentation: enable
diff --git a/Taskfile.yaml b/Taskfile.yaml
new file mode 100644
index 0000000..6d3968a
--- /dev/null
+++ b/Taskfile.yaml
@@ -0,0 +1,10 @@
+---
+version: "3"
+
+includes:
+  act: .taskfiles/act
+  precommit: .taskfiles/precommit
+
+tasks:
+  default:
+    cmds: ["task -l"]
diff --git a/renovate.json b/renovate.json
index 4043cd8..d2d46fb 100644
--- a/renovate.json
+++ b/renovate.json
@@ -23,4 +23,3 @@
       }
     ]
   }
-  
\ No newline at end of file
diff --git a/shell.nix b/shell.nix
new file mode 100644
index 0000000..53260a4
--- /dev/null
+++ b/shell.nix
@@ -0,0 +1,15 @@
+# Shell for bootstrapping flake-enabled nix and home-manager
+{pkgs ? import <nixpkgs> {}}:
+pkgs.mkShell {
+  # Enable experimental features without having to specify the argument
+  NIX_CONFIG = "experimental-features = nix-command flakes";
+
+  nativeBuildInputs = with pkgs; [
+    gitleaks
+    go-task
+    pre-commit
+    sops
+    age
+    go-task
+  ];
+}