sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: update kanidm provisioning to v1.1.0-rc.15

Browse source
This commit is contained in:
oddlama 2023-12-20 02:37:49 +01:00
parent 9496d8eb3f
commit a7883a7508
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
2 changed files with 11 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/kanidm.nix
View file

@ -149,15 +149,15 @@
# Wait for the kanidm server to come online # Wait for the kanidm server to come online
count=0 count=0
while ! test -e /run/kanidmd/sock; do while ! test -e /run/kanidmd/sock; do
sleep 0.1
if [ "$count" -eq 600 ]; then if [ "$count" -eq 600 ]; then
echo "Tried for 60 seconds, giving up..." echo "Tried for 60 seconds, giving up..."
exit 1 exit 1
fi fi
if ! kill -0 "$MAINPID"; then if [[ ! -d "/proc/$MAINPID" ]]; then
echo "Main server died, giving up..." echo "Main server died, giving up..."
exit 1 exit 1
fi fi
sleep 0.1
count=$((count++)) count=$((count++))
done done
@ -195,11 +195,14 @@
KANIDM_PASSWORD_IDM="$(< ${escapeShellArg cfg.provision.idmAdminPasswordFile})" KANIDM_PASSWORD_IDM="$(< ${escapeShellArg cfg.provision.idmAdminPasswordFile})"
fi fi
# Login to admin and idm_admin
export TMPDIR=$(mktemp -d)
trap 'rm -rf $TMPDIR' EXIT
# Set $HOME so kanidm can save the token temporarily # Set $HOME so kanidm can save the token temporarily
export TMPDIR=$(mktemp -d)
mkdir -p "$TMPDIR"/{.config,.cache}
touch "$TMPDIR/.config/kanidm"
trap 'rm -rf $TMPDIR' EXIT
export HOME=$TMPDIR export HOME=$TMPDIR
# Login to admin and idm_admin
KANIDM_PASSWORD=$KANIDM_PASSWORD_ADMIN ${cfg.package}/bin/kanidm login --name admin \ KANIDM_PASSWORD=$KANIDM_PASSWORD_ADMIN ${cfg.package}/bin/kanidm login --name admin \
|| { echo "kanidm provision: Failed to login as admin, see kanidm logs." >&2; exit 1; } || { echo "kanidm provision: Failed to login as admin, see kanidm logs." >&2; exit 1; }
KANIDM_PASSWORD=$KANIDM_PASSWORD_IDM ${cfg.package}/bin/kanidm login --name idm_admin \ KANIDM_PASSWORD=$KANIDM_PASSWORD_IDM ${cfg.package}/bin/kanidm login --name idm_admin \

6
pkgs/kanidm-secret-manipulator.nix
View file

@ -7,16 +7,16 @@
}: }:
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "kanidm-secret-manipulator"; pname = "kanidm-secret-manipulator";
version = "1.0.0"; version = "1.0.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "oddlama"; owner = "oddlama";
repo = "kanidm-secret-manipulator"; repo = "kanidm-secret-manipulator";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-Hn/143YJ0rn9AihuI/wsDlqtnGi/LBzbfdMNTukc34c="; hash = "sha256-Vv5edTBz5MWHHCWYN5z4KnqPpLZIDTzTcWXnrLBqdgM=";
}; };
cargoHash = "sha256-L//ZtfbOxV6Hf5x5tLAQ52MChSclzJlhI7sZKqvByMo="; cargoHash = "sha256-x/oTiaI4RHdt8pndPhsYQn8PclM0q6RDqTaQ0ODCrh4=";
nativeBuildInputs = [pkg-config]; nativeBuildInputs = [pkg-config];
buildInputs = [sqlite]; buildInputs = [sqlite];