feat(radius): Init config

2023-12-03 17:35:07 +01:00 · 2023-12-03 17:35:07 +01:00 · f173138848
commit f173138848
parent 3e763f419a
14 changed files with 426 additions and 0 deletions
--- a/machines/compute01/k-radius/packages/pykanidm.nix
+++ b/machines/compute01/k-radius/packages/pykanidm.nix
@ -0,0 +1,34 @@
+{ lib, fetchFromGitHub, python3 }:
+
+let
+  pname = "kanidm";
+  version = "0.0.3";
+in python3.pkgs.buildPythonPackage {
+  inherit pname version;
+  format = "pyproject";
+
+  disabled = python3.pythonOlder "3.8";
+
+  src = (fetchFromGitHub {
+    owner = pname;
+    repo = pname;
+    # Latest 1.1.0-rc.15 tip
+    rev = "a5ca8018e3a636dbb0a79b3fd869db059d92979d";
+    hash = "sha256-PFGoeGn7a/lVR6rOmOKA3ydAoo3/+9RlkwBAKS22Psg=";
+  }) + "/pykanidm";
+
+  nativeBuildInputs = with python3.pkgs; [ poetry-core ];
+
+  propagatedBuildInputs = with python3.pkgs; [ aiohttp pydantic toml (authlib.overridePythonAttrs (_: { doCheck = false; })) ];
+
+  doCheck = false;
+
+  pythonImportsCheck = [ "kanidm" ];
+
+  meta = with lib; {
+    description = "Kanidm client library";
+    homepage = "https://github.com/kanidm/kanidm/tree/master/pykanidm";
+    license = licenses.mpl20;
+    maintainers = with maintainers; [ arianvp hexa ];
+  };
+}
--- a/machines/compute01/k-radius/packages/python_path.patch
+++ b/machines/compute01/k-radius/packages/python_path.patch
@ -0,0 +1,13 @@
+diff --git a/rlm_python/mods-available/python3 b/rlm_python/mods-available/python3
+index 978536f8a..90c71fca0 100644
+--- a/rlm_python/mods-available/python3
+++ b/rlm_python/mods-available/python3
+@@ -13,7 +13,7 @@ python3 {
+ 	#  item is GLOBAL TO THE SERVER.  That is, you cannot have two
+ 	#  instances of the python module, each with a different path.
+ 	#
+-	python_path="/usr/lib64/python3.8:/usr/lib/python3.8:/usr/lib/python3.8/site-packages:/usr/lib64/python3.8/site-packages:/usr/lib64/python3.8/lib-dynload:/usr/local/lib/python3.8/site-packages:/etc/raddb/mods-config/python3/"
+	python_path="@kanidm_python@:/etc/raddb/mods-config/python3/"
+ 
+ 	module = "kanidm.radius"
+ 	# python_path = ${modconfdir}/${.:name}
--- a/machines/compute01/k-radius/packages/rlm_python.nix
+++ b/machines/compute01/k-radius/packages/rlm_python.nix
@ -0,0 +1,33 @@
+{ stdenv, fetchFromGitHub, python3, pykanidm }:
+
+let pythonPath = with python3.pkgs; makePythonPath [ pykanidm ];
+
+in stdenv.mkDerivation rec {
+  pname = "rlm_python";
+  version = "1.1.0-rc.15";
+
+  src = fetchFromGitHub {
+    owner = "kanidm";
+    repo = "kanidm";
+    rev = "v${version}";
+    hash = "sha256-0y8juXS61Z9zxOdsWAQ6lJurP+n855Nela6egYRecok=";
+  };
+
+  patches = [ ./python_path.patch ];
+
+  postPatch = ''
+    substituteInPlace rlm_python/mods-available/python3 \
+      --replace "@kanidm_python@" "${pythonPath}"
+  '';
+
+  installPhase = ''
+    mkdir -p $out/etc/raddb/
+    cp -R rlm_python/{mods-available,sites-available} $out/etc/raddb/
+  '';
+
+  phases = [ "unpackPhase" "patchPhase" "installPhase" ];
+
+  passthru = { inherit pythonPath; };
+
+  preferLocalBuild = true;
+}