pyrox.dev
1# Configuration for the Name Service Switch (/etc/nsswitch.conf).
2
3{ config, lib, pkgs, ... }:
4
5with lib;
6
7let
8
9 inherit (config.services.avahi) nssmdns;
10 inherit (config.services.samba) nsswins;
11 ldap = (config.users.ldap.enable && config.users.ldap.nsswitch);
12
13in
14
15{
16 options = {
17
18 # NSS modules. Hacky!
19 system.nssModules = mkOption {
20 type = types.listOf types.path;
21 internal = true;
22 default = [];
23 description = ''
24 Search path for NSS (Name Service Switch) modules. This allows
25 several DNS resolution methods to be specified via
26 <filename>/etc/nsswitch.conf</filename>.
27 '';
28 apply = list:
29 {
30 inherit list;
31 path = makeLibraryPath list;
32 };
33 };
34
35 };
36
37 config = {
38
39 # Name Service Switch configuration file. Required by the C
40 # library. !!! Factor out the mdns stuff. The avahi module
41 # should define an option used by this module.
42 environment.etc."nsswitch.conf".text =
43 ''
44 passwd: files ${optionalString ldap "ldap"}
45 group: files ${optionalString ldap "ldap"}
46 shadow: files ${optionalString ldap "ldap"}
47 hosts: files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines
48 networks: files dns
49 ethers: files
50 services: files
51 protocols: files
52 '';
53
54 # Systemd provides nss-myhostname to ensure that our hostname
55 # always resolves to a valid IP address. It returns all locally
56 # configured IP addresses, or ::1 and 127.0.0.2 as
57 # fallbacks. Systemd also provides nss-mymachines to return IP
58 # addresses of local containers.
59 system.nssModules = [ config.systemd.package ];
60
61 };
62}