lldap: init at 0.4.3; nixos/lldap: init; nixosTests.lldap: init

[emilylange]

Description of changes

https://github.com/lldap/lldap

Package request: #142275
Supersedes previous attempt: #197362

Unfortunately, we have to grab the wasm frontend from the upstream release tarball, as the wasm32-unknown-unknown rustc target isn't available in nixpkgs yet.
Tracking issue: #89426

I made sure the frontend works and looks as expected, and successfully ran the following very simple ldap query:

❯ ldapsearch -H ldap://localhost:3890 -D uid=admin,ou=people,dc=example,dc=com -b "ou=people,dc=example,dc=com" -W

(default admin password is password)

Not sure if I will actually end up replacing openldap setups with this.
I just saw this project, checked if it's packaged, noticed it isn't, saw the package request and past attempts and then wanted to try packaging it myself :)

If anyone wants to be added to meta.maintainers, let me know!

PS: There is also https://github.com/kanidm/kanidm (in nixpkgs) which provides a ldap read-only interface, if that's all one needs.

resolves #142275, closes #197362

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 23.05 Release Notes (or backporting 22.11 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

[LongerHV]

Very nice. Extractig frontend from amd64 package seems a little hacky,
but I didn't find a better way as well...
(maybe we should request including a pre-built frontend as a separate artifact in the upstream releases?)

I have implemented a basic nixos module for lldap for my own use, so maybe we can add it together with the package?

[emilylange]

For what it's worth,

nixpkgs/pkgs/servers/kanidm/default.nix

Lines 65 to 70 in 6577af6

	postBuild = ''
	# We don't compile the wasm-part form source, as there isn't a rustc for
	# wasm32-unknown-unknown in nixpkgs yet.
	mkdir $out
	cp -r kanidmd_web_ui/pkg $out/ui
	'';

doesn't build its frontend from source because of #89426 either 🤷‍♀️

Regarding your nixos module:
I can give you write access to https://github.com/IndeedNotJames/nixpkgs, so you can push directly to this branch, if you wish.

There are a few things I would do different at first glance (e.g. mkPackageOptionMD) but nothing deal breaking :)
You can also reach me at https://matrix.to/#/@me:indeednotjames.com if you want to chat about it

I guess we could also build a simple VM test 🤔

[emilylange]

@LongerHV I added you in Co-authored-by in the nixos/lldap: init commit, because I copied most of it from your nixos module you shared. Thank you!

@ofborg test lldap

[nixos-discourse]

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/prs-ready-for-review/3032/2135

[emilylange]

I added services.lldap to the 23.05 release notes.
Something I forget when committing the module initially :)

[aanderse]

This looks great. Thanks to everyone for doing this.

[emilylange]

@ofborg test lldap

[kira-bruneau]

Result of nixpkgs-review pr 227916 run on x86_64-linux 1

2 packages blacklisted:

• nixos-install-tools
• tests.nixos-functions.nixos-test

1 package built:

• lldap