feat: provide package definition for kanidm-secret-manipulator

modules/meta/kanidm.nix

@@ -19,6 +19,7 @@
 in {
   options.services.kanidm.provision = {
     enable = mkEnableOption "provisioning of systems, groups and users";
+
     systems = {
     };
   };

pkgs/default.nix

@@ -1,4 +1,7 @@
 [
   (import ./caddy.nix)
   (import ./oauth2-proxy)
+  (self: super: {
+    kanidm-secret-manipulator = self.callPackage ./kanidm-secret-manipulator {};
+  })
 ]

pkgs/kanidm-secret-manipulator/Cargo.toml

@@ -2,6 +2,9 @@
 name = "kanidm-secret-manipulator"
 version = "1.0.0"
 edition = "2021"
+authors = ["oddlama <oddlama@oddlama.org>"]
+description = "A helper utility that modifies the kanidm database to allow provisioning declarative secrets with NixOS"
+license = "MIT"
 
 [dependencies]
 anyhow = "1.0.75"

pkgs/kanidm-secret-manipulator/default.nix

@@ -0,0 +1,23 @@
+{
+  lib,
+  rustPlatform,
+  fetchFromGitHub,
+  pkg-config,
+  sqlite,
+}:
+rustPlatform.buildRustPackage rec {
+  pname = "kanidm-secret-manipulator";
+  version = "1.0.0";
+  src = ./.;
+  cargoHash = "sha256-EAPlI5wZ6ZByafWnCJ199SShtOppErjKyrNHAQIqr/Y=";
+
+  nativeBuildInputs = [pkg-config];
+  buildInputs = [sqlite];
+
+  meta = with lib; {
+    description = "A helper utility that modifies the kanidm database to allow provisioning declarative secrets with NixOS";
+    license = licenses.mit;
+    maintainers = with maintainers; [oddlama];
+    mainProgram = "kanidm-secret-manipulator";
+  };
+}