From a7883a75089779cf7373c3cb24cad0ae871774ee Mon Sep 17 00:00:00 2001
From: oddlama <oddlama@oddlama.org>
Date: Wed, 20 Dec 2023 02:37:49 +0100
Subject: [PATCH] feat: update kanidm provisioning to v1.1.0-rc.15

---
 modules/kanidm.nix                 | 13 ++++++++-----
 pkgs/kanidm-secret-manipulator.nix |  6 +++---
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/modules/kanidm.nix b/modules/kanidm.nix
index 0174dbf..2791e86 100644
--- a/modules/kanidm.nix
+++ b/modules/kanidm.nix
@@ -149,15 +149,15 @@
     # Wait for the kanidm server to come online
     count=0
     while ! test -e /run/kanidmd/sock; do
+      sleep 0.1
       if [ "$count" -eq 600 ]; then
         echo "Tried for 60 seconds, giving up..."
         exit 1
       fi
-      if ! kill -0 "$MAINPID"; then
+      if [[ ! -d "/proc/$MAINPID" ]]; then
         echo "Main server died, giving up..."
         exit 1
       fi
-      sleep 0.1
       count=$((count++))
     done
 
@@ -195,11 +195,14 @@
       KANIDM_PASSWORD_IDM="$(< ${escapeShellArg cfg.provision.idmAdminPasswordFile})"
     fi
 
-    # Login to admin and idm_admin
-    export TMPDIR=$(mktemp -d)
-    trap 'rm -rf $TMPDIR' EXIT
     # Set $HOME so kanidm can save the token temporarily
+    export TMPDIR=$(mktemp -d)
+    mkdir -p "$TMPDIR"/{.config,.cache}
+    touch "$TMPDIR/.config/kanidm"
+    trap 'rm -rf $TMPDIR' EXIT
     export HOME=$TMPDIR
+
+    # Login to admin and idm_admin
     KANIDM_PASSWORD=$KANIDM_PASSWORD_ADMIN ${cfg.package}/bin/kanidm login --name admin \
       || { echo "kanidm provision: Failed to login as admin, see kanidm logs." >&2; exit 1; }
     KANIDM_PASSWORD=$KANIDM_PASSWORD_IDM ${cfg.package}/bin/kanidm login --name idm_admin \
diff --git a/pkgs/kanidm-secret-manipulator.nix b/pkgs/kanidm-secret-manipulator.nix
index d0b7be8..30d2d36 100644
--- a/pkgs/kanidm-secret-manipulator.nix
+++ b/pkgs/kanidm-secret-manipulator.nix
@@ -7,16 +7,16 @@
 }:
 rustPlatform.buildRustPackage rec {
   pname = "kanidm-secret-manipulator";
-  version = "1.0.0";
+  version = "1.0.1";
 
   src = fetchFromGitHub {
     owner = "oddlama";
     repo = "kanidm-secret-manipulator";
     rev = "v${version}";
-    hash = "sha256-Hn/143YJ0rn9AihuI/wsDlqtnGi/LBzbfdMNTukc34c=";
+    hash = "sha256-Vv5edTBz5MWHHCWYN5z4KnqPpLZIDTzTcWXnrLBqdgM=";
   };
 
-  cargoHash = "sha256-L//ZtfbOxV6Hf5x5tLAQ52MChSclzJlhI7sZKqvByMo=";
+  cargoHash = "sha256-x/oTiaI4RHdt8pndPhsYQn8PclM0q6RDqTaQ0ODCrh4=";
 
   nativeBuildInputs = [pkg-config];
   buildInputs = [sqlite];