pyrox.dev
1{
2 config,
3 lib,
4 pkgs,
5 ...
6}:
7
8with lib;
9
10{
11
12 ###### interface
13
14 options = {
15
16 services.rpcbind = {
17
18 enable = mkOption {
19 type = types.bool;
20 default = false;
21 description = ''
22 Whether to enable `rpcbind`, an ONC RPC directory service
23 notably used by NFS and NIS, and which can be queried
24 using the {manpage}`rpcinfo(1)` command. `rpcbind` is a replacement for
25 `portmap`.
26 '';
27 };
28
29 };
30
31 };
32
33 ###### implementation
34
35 config = mkIf config.services.rpcbind.enable {
36 environment.systemPackages = [ pkgs.rpcbind ];
37
38 systemd.packages = [ pkgs.rpcbind ];
39
40 systemd.services.rpcbind = {
41 wantedBy = [ "multi-user.target" ];
42 # rpcbind performs a check for /var/run/rpcbind.lock at startup
43 # and will crash if /var/run isn't present. In the stock NixOS
44 # var.conf tmpfiles configuration file, /var/run is symlinked to
45 # /run, so rpcbind can enter a race condition in which /var/run
46 # isn't symlinked yet but tries to interact with the path, so
47 # controlling the order explicitly here ensures that rpcbind can
48 # start successfully. The `wants` instead of `requires` should
49 # avoid creating a strict/brittle dependency.
50 wants = [ "systemd-tmpfiles-setup.service" ];
51 after = [ "systemd-tmpfiles-setup.service" ];
52 };
53
54 users.users.rpc = {
55 group = "nogroup";
56 uid = config.ids.uids.rpc;
57 };
58 };
59
60}