diff --git a/.envrc b/.envrc
old mode 100755
new mode 100644
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index af20ce5680c931cdf05139e46a6c28e11360ae78..ebed5dbb79b4427b45cae4a1993ac6768d7b73fc 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -2,6 +2,10 @@
variables:
GIT_SUBMODULE_STRATEGY: recursive
+include:
+ - project: shore/ci-templates
+ file: templates/pre-commit.yml
+
build:
tags: ["host01.shore.co.il"]
script:
@@ -15,4 +19,5 @@ build:
--volume "/var/www/www.shore.co.il/blog:/builds/nimrod/blog/output"
--workdir "$PWD"
adarnimrod/ci-images:python3
- /bin/sh -xc "pipenv --python=python3 install && pipenv run clean && pipenv run build"
+ /bin/sh -xc
+ "pipenv --python=python3 install && pipenv run clean && pipenv run build"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..942ae710cbdd79cd817d103d9edc85a0b572c529
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,89 @@
+---
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v3.4.0
+ hooks:
+ - id: check-executables-have-shebangs
+ - id: check-merge-conflict
+ - id: check-toml
+ files: Pipfile
+ - id: trailing-whitespace
+
+ - repo: https://github.com/Yelp/detect-secrets
+ rev: v0.14.3
+ hooks:
+ - id: detect-secrets
+ exclude: Pipfile\.lock
+
+ - repo: https://github.com/adrienverge/yamllint
+ rev: v1.25.0
+ hooks:
+ - id: yamllint
+
+ - repo: https://github.com/amperser/proselint/
+ rev: 0.10.2
+ hooks:
+ - id: proselint
+ types: [plain-text]
+ exclude: LICENSE
+
+ - repo: https://github.com/ambv/black
+ rev: 20.8b1
+ hooks:
+ - id: black
+ args:
+ - |
+ --line-length=79
+
+ - repo: https://github.com/Lucas-C/pre-commit-hooks-markup
+ rev: v1.0.1
+ hooks:
+ - id: rst-linter
+ exclude: spam\.rst
+
+ - repo: https://github.com/myint/rstcheck.git
+ rev: master
+ hooks:
+ - id: rstcheck
+
+ - repo: https://github.com/PyCQA/prospector
+ rev: 1.3.1
+ hooks:
+ - id: prospector
+ args:
+ - |-
+ --max-line-length=79
+ - |-
+ --with-tool=pyroma
+ - |-
+ --with-tool=bandit
+ - |-
+ --without-tool=pep257
+ - |-
+ --doc-warnings
+ - |-
+ --test-warnings
+ - |-
+ --full-pep8
+ - |-
+ --strictness=high
+ - |-
+ --no-autodetect
+ additional_dependencies:
+ - bandit
+ - pyroma
+
+ - repo: https://gitlab.com/pycqa/flake8.git
+ rev: 3.8.4
+ hooks:
+ - id: flake8
+ args:
+ - |-
+ --doctests
+ additional_dependencies:
+ - flake8-bugbear
+
+ - repo: https://github.com/executablebooks/mdformat.git
+ rev: 0.5.3
+ hooks:
+ - id: mdformat
diff --git a/README.md b/README.md
index 45f114de1bf613877e40a180714b87eec099bdea..3c15961c8b32b1e2e9e4945e6cf9107b082c44bc 100644
--- a/README.md
+++ b/README.md
@@ -40,11 +40,11 @@ pipenv run clean
This software and content are licensed under the
[Creative Commons - Attribution-NonCommercial-NoDerivatives 4.0 International license](https://creativecommons.org/licenses/by/4.0/)
-(see `LICENSE.txt).
+(see `LICENSE.txt`).
## Author Information
-Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my [website](
-https://www.shore.co.il/). Patches are welcome via [`git send-email`](
-http://git-scm.com/book/en/v2/Git-Commands-Email). The repository is located
-at: <https://git.shore.co.il/explore>.
+Nimrod Adar, [contact me](mailto:nimrod@shore.co.il) or visit my
+[website](https://www.shore.co.il/). Patches are welcome via
+[`git send-email`](http://git-scm.com/book/en/v2/Git-Commands-Email). The repository
+is located at: <https://git.shore.co.il/expore/>.
diff --git a/content/ansible-example-role.rst b/content/ansible-example-role.rst
index bde1d31bd12b1194427c2459fa29f888e4436448..72aeb59144cd2859d3306a4fd0762c9e41109d96 100644
--- a/content/ansible-example-role.rst
+++ b/content/ansible-example-role.rst
@@ -12,7 +12,7 @@ inspired by Test-kitchen and the tests can be written using `Testinfra
<http://testinfra.readthedocs.io/>`_ which in turn is using `pytest
<http://pytest.org/>`_. The reasons for me to choose this combination is that
the tools are written in Python and that they're focused on Ansible. However I
-quickly grew tired of copying files from role to role or making the same
+quickly grew tired of copying files from role to role or making the same
changes to files again and again. So in that spirit I created a new Git repo
with an empty Ansible role (no tasks, variables, handlers etc.) but has all of
my changes and tweaks already applied and working tests out of the box.
diff --git a/content/ansible-modules.rst b/content/ansible-modules.rst
index 43e30b2441eb27195392ea3d7b0d6c8c64e9cb56..9004026151955d3dac7b732746568af1ea5223c6 100644
--- a/content/ansible-modules.rst
+++ b/content/ansible-modules.rst
@@ -44,7 +44,7 @@ example
git push
Really, not that complicated. The only magic (undocumented) bit is creating a
-:code:`__init__.py` file inside the :code:`library` directory, which is a
+:code:`__init__.py` file inside the :code:`library` directory, which is a
shame that the Ansible documentation doesn't cover that. If you want to see a
real-life example, checkout my `ansible-playbooks
<https://git.shore.co.il/ansible/ansible-playbooks.git>`_ and `ansible-modules
diff --git a/content/ansible-python.rst b/content/ansible-python.rst
index fbcc1d696d0641682ccb82d71742a067c07b013e..75d4ef21e3910b24dfdc3a3b3f217ca7f17a8216 100644
--- a/content/ansible-python.rst
+++ b/content/ansible-python.rst
@@ -50,7 +50,7 @@ a list of all of our server's ip addresses.
Putting that information to good use
------------------------------------
-
+
Now that we have a list of the ip addresses, we can start running Ansible
commands right from with Python (just like we did) or build a playbook by
outputting a YAML file. I chose the latter.
diff --git a/content/bundle_certs.rst b/content/bundle_certs.rst
index 11d51a255a822b0453c3c912dfd5d5beecad07b7..cda7df6395a0bbd1783d96aed96c35f3bb7ff6cd 100644
--- a/content/bundle_certs.rst
+++ b/content/bundle_certs.rst
@@ -1,4 +1,4 @@
-bundle_certs
+bundle certs
############
:date: 2016-03-02
@@ -42,7 +42,7 @@ One solution I thought of is creating a base template repository that all
others are forked from. The upside is if I change something in the base
repository I can fetch it in all other repositories. The downside is not all
repositories are the same (different license, programming language, pre-commit
-and git hooks).
+and git hooks).
Another option I know of are tools that manage a specific aspect of the repo,
for example the license, or :code:`.gitignore`.
diff --git a/content/docker_tcp_socket.rst b/content/docker_tcp_socket.rst
index b7436ae7eee2301a36d46c747c9f3d3ebde89e5a..4857ca0666e95bbc6ae65a762c3b8566bfbfbb23 100644
--- a/content/docker_tcp_socket.rst
+++ b/content/docker_tcp_socket.rst
@@ -19,4 +19,4 @@ is to override Systemd' socket activation config. Here's how (all command are as
echo '[Socket]' > /etc/systemd/system/docker.socket.d/tcp.conf
echo 'ListenStream=2375' >> /etc/systemd/system/docker.socket.d/tcp.conf
systemctl daemon-reload
- systemctl restart docker
+ systemctl restart docker
diff --git a/content/pelican.rst b/content/pelican.rst
index 3cd15d209f925f4530325c89bef1ea758c81e9fe..b107dcefa7a8f33f9002764167b5c60a16aa400f 100644
--- a/content/pelican.rst
+++ b/content/pelican.rst
@@ -37,28 +37,28 @@ Create a blog directory and an empty blog ::
This script will help you create a new Pelican-based website.
Please answer the following questions so this script can generate the files
needed by Pelican.
-
-
- > Where do you want to create your new web site? [.]
+
+
+ > Where do you want to create your new web site? [.]
> What will be the title of this web site? My Blog
> Who will be the author of this web site? <Insert you name here>
- > What will be the default language of this web site? [en]
- > Do you want to specify a URL prefix? e.g., http://example.com (Y/n)
+ > What will be the default language of this web site? [en]
+ > Do you want to specify a URL prefix? e.g., http://example.com (Y/n)
> What is your URL prefix? (see above example; no trailing slash) <Insert blog URL without trailing slash>
- > Do you want to enable article pagination? (Y/n)
- > How many articles per page do you want? [10]
- > Do you want to generate a Fabfile/Makefile to automate generation and publishing? (Y/n)
- > Do you want an auto-reload & simpleHTTP script to assist with theme and site development? (Y/n)
- > Do you want to upload your website using FTP? (y/N)
+ > Do you want to enable article pagination? (Y/n)
+ > How many articles per page do you want? [10]
+ > Do you want to generate a Fabfile/Makefile to automate generation and publishing? (Y/n)
+ > Do you want an auto-reload & simpleHTTP script to assist with theme and site development? (Y/n)
+ > Do you want to upload your website using FTP? (y/N)
> Do you want to upload your website using SSH? (y/N) y
> What is the hostname of your SSH server? [localhost] <Insert SSH server address>
- > What is the port of your SSH server? [22]
+ > What is the port of your SSH server? [22]
> What is your username on that server? [root] <Insert SSH username>
> Where do you want to put your web site on that server? [/var/www] <Insert full path to your blog's directory>
- > Do you want to upload your website using Dropbox? (y/N)
- > Do you want to upload your website using S3? (y/N)
- > Do you want to upload your website using Rackspace Cloud Files? (y/N)
- > Do you want to upload your website using GitHub Pages? (y/N)
+ > Do you want to upload your website using Dropbox? (y/N)
+ > Do you want to upload your website using S3? (y/N)
+ > Do you want to upload your website using Rackspace Cloud Files? (y/N)
+ > Do you want to upload your website using GitHub Pages? (y/N)
Done. Your new project is available at blog
Since Pelican uses OpenSSH, you can use servers defined in your SSH preferences. Now, lets configure the blog to our liking.
@@ -80,8 +80,8 @@ In the blog directory there are the 2 configuration files: pelicanconf.py for co
And to publishconf.py: ::
CATEGORY_FEED_ATOM = None
-
-I've set the timezone to mine (so that the time of published articles is correct), add everything under contents/static as static contents to be uploaded to the server, disabled showing of categories of articles and creating feeds for them, disabled saving of articles by tags and set pages (which are simple web pages unlike articles which are blog entries) to show on the menu. Next, themes.
+
+I've set the timezone to mine (so that the time of published articles is correct), add everything under contents/static as static contents to be uploaded to the server, disabled showing of categories of articles and creating feeds for them, disabled saving of articles by tags and set pages (which are simple web pages unlike articles which are blog entries) to show on the menu. Next, themes.
Themes
------
@@ -107,13 +107,13 @@ Create a ReStructuredText file inside of contents. The filename is for personal
:slug: this-will-the-filename
:author: <Insert your name here>
:summary: <Insert summary here>
-
+
After we added the content we want to upload it to our web server (I use fabric)
.. code:: shell
fab publish
-
+
If you don't have keys set for the server it will ask you for your password to the server.
Last thing, you can create pages, create a pages directory inside contents and save the files there. Their format is the same as articles but they'll have a somewhat template applied and they will be shown in the menu. A good example will an 'About Me' page.
diff --git a/content/pre-commit.rst b/content/pre-commit.rst
index 6525fcd620510dc6273f8b6694ef8da5275e1e65..91e2a2dfda8a367510f7bf0e3fe1b1fe4fdb352d 100644
--- a/content/pre-commit.rst
+++ b/content/pre-commit.rst
@@ -15,7 +15,7 @@ My view on testing
------------------
I find that Pre-commit suites my view on proportionate testing. The smaller the
-change, the faster the test (and as a result, more trivial). Personally, I
+change, the faster the test (and as a result, more trivial). Personally, I
prefer to structure my work as small commits that are easier to revert, these
deserve fast (and more trivial) tests which Pre-commit provides. The bigger the
change, the more rigorous (and thus longer) the test. In my opinion this helps
diff --git a/content/resolver.rst b/content/resolver.rst
index f28bd59bc0556f03155fc2de7a6e965639bd0883..1a2ec0952b72dd6345736c6429fa1eec15cbb0b1 100644
--- a/content/resolver.rst
+++ b/content/resolver.rst
@@ -23,7 +23,7 @@ To create a new container:
docker run -it adarnimrod/resolver
-Inside the container you have access to :code:`nslookup`, :code:`dig` and
+Inside the container you have access to :code:`nslookup`, :code:`dig` and
:code:`mail` for testing purposes. If you need to test new changes,
:code:`exit` the container and create a new one with no cache.
diff --git a/content/shell_binary_bundle.rst b/content/shell_binary_bundle.rst
index 421967205d3f0c618c2867d9cd12b5f4019f4c0b..c03b435d3a415129fc16b4b585336441a75ae152 100644
--- a/content/shell_binary_bundle.rst
+++ b/content/shell_binary_bundle.rst
@@ -6,9 +6,9 @@ Bundling a binary file into a shell script
When creating an auto-scaling group in EC2 I often try to package the deployment
script into the user data. Installing some packaged software is easy to do but
-bundling configuration files that are needed is less straightforward.
+bundling configuration files that are needed is less straightforward.
If the files are not confidential in any way, I either clone a Git repository
-or download a tarball from our static assets domain. But this leads to a
+or download a tarball from our static assets domain. But this leads to a
dependency on external services and a slightly more complex deployment
procedure. A few days ago I was faced with the same options again but it didn't
sit right with me to do all this for a couple of files that are a few K's in
@@ -21,7 +21,7 @@ First version
I searched and found an article in the `Linux Journal
<http://www.linuxjournal.com/content/add-binary-payload-your-shell-scripts>`_
that seemed to show what I wanted to (and seems to be copied everywhere). You
-could download a single file that was a shell script with the binary blob
+could download a single file that was a shell script with the binary blob
inside. Your usage will be close to this
.. code:: shell
@@ -46,7 +46,7 @@ to what I wanted. The code I wrote is available on my `GitLab instance
The implementation works as follows. The bundle has the script at the start of
the file with the encoded binary at the end. The shell executes the script part
-(which ends with exit as to not continue any further, causing errors) and
+(which ends with exit as to not continue any further, causing errors) and
:code:`uudecode` only starts processing after it sees the relevant header. The
script feeds itself to :code:`uudecode` (:code:`uudecode "$0"`) which decodes
the binary and outputs it to disk which the script can then use. The code has
diff --git a/content/ssl.rst b/content/ssl.rst
index 18365d5434f64e6aaf9e7b3e3ee12bb3b26e4b82..cca0cff89af88ca0bd356b418d5d4aa6ae99f10c 100644
--- a/content/ssl.rst
+++ b/content/ssl.rst
@@ -27,7 +27,7 @@ What are we left with?
Since modern browser browsers that support SSL 3.0 support TLS 1.0, we'll be using TLS 1.0 or newer. Any AES cipher (AES-GCM preferred) with ECDH key exchange (preferred) or DH key exchange and SHA2 (preferred) or SHA1 hashes and disable compression. On my server (OpenBSD firewall/ load-balancer/ SSL terminator and reverse-proxy) with the included OpenSSL and Nginx the configuration is as followed ::
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers !kRSA:!3DES:!RC4:!DES:!MD5:!aNULL:!NULL:AESGCM+ECDH:AES256+ECDH:AES128:+SHA1;
ssl_prefer_server_ciphers on;
diff --git a/pelicanconf.py b/pelicanconf.py
index 643b2b4d73ff39652511f814799f6cd7564966bb..f809b6d977047041a30a40ccf8243a0b3545e374 100644
--- a/pelicanconf.py
+++ b/pelicanconf.py
@@ -1,18 +1,18 @@
# -*- coding: utf-8 -*- #
from __future__ import unicode_literals
-AUTHOR = 'Nimrod Adar'
-SITENAME = 'My notes and ramblings'
-SITEURL = 'http://localhost:8080'
+AUTHOR = "Nimrod Adar"
+SITENAME = "My notes and ramblings"
+SITEURL = "http://localhost:8080"
-PATH = 'content'
+PATH = "content"
-TIMEZONE = 'Asia/Jerusalem'
+TIMEZONE = "Asia/Jerusalem"
-DEFAULT_LANG = 'en'
+DEFAULT_LANG = "en"
# Feed generation is usually not desired when developing
-FEED_ALL_ATOM = 'feeds/all.atom.xml'
+FEED_ALL_ATOM = "feeds/all.atom.xml"
CATEGORY_FEED_ATOM = None
TRANSLATION_FEED_ATOM = None
AUTHOR_FEED_ATOM = None
@@ -25,18 +25,18 @@ DEFAULT_PAGINATION = 3
# Uncomment following line if you want document-relative URLs when developing
RELATIVE_URLS = True
-DIRECT_TEMPLATES = ('index', 'archives')
+DIRECT_TEMPLATES = ("index", "archives")
DISPLAY_CATEGORIES_ON_MENU = False
DISPLAY_PAGES_ON_MENU = True
-MENUITEMS = (('Code', 'https://git.shore.co.il/explore/'),)
+MENUITEMS = (("Code", "https://git.shore.co.il/explore/"),)
THEME = "./pelican-mockingbird"
-TAGS_SAVE_AS = ''
-TAG_SAVE_AS = ''
-STATIC_PATHS = ['static']
-ARTICLE_URL = '{slug}/'
+TAGS_SAVE_AS = ""
+TAG_SAVE_AS = ""
+STATIC_PATHS = ["static"]
+ARTICLE_URL = "{slug}/"
DELETE_OUTPUT_DIRECTORY = True
-SLUGIFY_SOURCE = 'basename'
-ARTICLE_SAVE_AS = '{slug}/index.html'
+SLUGIFY_SOURCE = "basename"
+ARTICLE_SAVE_AS = "{slug}/index.html"
-LOCALE = ('C.UTF-8')
+LOCALE = "C.UTF-8"
diff --git a/publishconf.py b/publishconf.py
index 7d457ea6deb8c1c5cb848ba6959b4dc431c801eb..962aa0d2790bee2ee4da628f24acbc4c23d2edd9 100644
--- a/publishconf.py
+++ b/publishconf.py
@@ -5,9 +5,10 @@ from __future__ import unicode_literals
import os
import sys
+
sys.path.append(os.curdir)
-from pelicanconf import *
+from pelicanconf import * # noqa: E402,F401,F403
-SITEURL = 'https://www.shore.co.il/blog'
+SITEURL = "https://www.shore.co.il/blog"
RELATIVE_URLS = False
-PLUGINS = ('minification',)
+PLUGINS = ("minification",)