pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5{
6
7 ###### interface
8
9 options = {
10
11 services.rpcbind = {
12
13 enable = mkOption {
14 type = types.bool;
15 default = false;
16 description = lib.mdDoc ''
17 Whether to enable `rpcbind`, an ONC RPC directory service
18 notably used by NFS and NIS, and which can be queried
19 using the rpcinfo(1) command. `rpcbind` is a replacement for
20 `portmap`.
21 '';
22 };
23
24 };
25
26 };
27
28
29 ###### implementation
30
31 config = mkIf config.services.rpcbind.enable {
32 environment.systemPackages = [ pkgs.rpcbind ];
33
34 systemd.packages = [ pkgs.rpcbind ];
35
36 systemd.services.rpcbind = {
37 wantedBy = [ "multi-user.target" ];
38 # rpcbind performs a check for /var/run/rpcbind.lock at startup
39 # and will crash if /var/run isn't present. In the stock NixOS
40 # var.conf tmpfiles configuration file, /var/run is symlinked to
41 # /run, so rpcbind can enter a race condition in which /var/run
42 # isn't symlinked yet but tries to interact with the path, so
43 # controlling the order explicitly here ensures that rpcbind can
44 # start successfully. The `wants` instead of `requires` should
45 # avoid creating a strict/brittle dependency.
46 wants = [ "systemd-tmpfiles-setup.service" ];
47 after = [ "systemd-tmpfiles-setup.service" ];
48 };
49
50 users.users.rpc = {
51 group = "nogroup";
52 uid = config.ids.uids.rpc;
53 };
54 };
55
56}