pass: Add pass-audit extension

2 files changed, 45 insertions, 0 deletions

diff --git a/pkgs/tools/security/pass/extensions/audit.nix b/pkgs/tools/security/pass/extensions/audit.nix
new file mode 100644
index 000000000000..79dd1fadb01c
--- /dev/null
+++ b/pkgs/tools/security/pass/extensions/audit.nix
@@ -0,0 +1,42 @@
+{ stdenv, pass, fetchFromGitHub, pythonPackages, makeWrapper }:
+
+let
+  pythonEnv = pythonPackages.python.withPackages (p: [ p.requests ]);
+
+in stdenv.mkDerivation rec {
+  name = "pass-audit-${version}";
+  version = "0.1";
+
+  src = fetchFromGitHub {
+    owner = "roddhjav";
+    repo = "pass-audit";
+    rev = "v${version}";
+    sha256 = "0v0db8bzpcaa7zqz17syn3c78mgvw4mpg8qg1gh5rmbjsjfxw6sm";
+  };
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  buildInputs = [ pythonEnv ];
+
+  patchPhase = ''
+    sed -i -e "s|/usr/lib|$out/lib|" audit.bash
+    sed -i -e 's|$0|${pass}/bin/pass|' audit.bash
+  '';
+
+  dontBuild = true;
+
+  installFlags = [ "PREFIX=$(out)" ];
+
+  postFixup = ''
+    wrapProgram $out/lib/password-store/extensions/audit.bash \
+      --prefix PATH : "${pythonEnv}/bin" \
+      --run "export PREFIX"
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Pass extension for auditing your password repository.";
+    homepage = https://github.com/roddhjav/pass-audit;
+    license = licenses.gpl3Plus;
+    platforms = platforms.unix;
+  };
+}
diff --git a/pkgs/tools/security/pass/extensions/default.nix b/pkgs/tools/security/pass/extensions/default.nix
index dfb853c0a0bf..f69687e512b8 100644
--- a/pkgs/tools/security/pass/extensions/default.nix
+++ b/pkgs/tools/security/pass/extensions/default.nix
@@ -3,6 +3,9 @@
 with pkgs;
 
 {
+  pass-audit = callPackage ./audit.nix {
+    pythonPackages = python3Packages;
+  };
   pass-import = callPackage ./import.nix {
     pythonPackages = python3Packages;
   };