pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / config / nsswitch.nix
at release-16.03-start 1.8 kB view raw
1# Configuration for the Name Service Switch (/etc/nsswitch.conf). 2 3{ config, lib, pkgs, ... }: 4 5with lib; 6 7let 8 9 inherit (config.services.avahi) nssmdns; 10 inherit (config.services.samba) nsswins; 11 ldap = config.users.ldap.enable; 12 13in 14 15{ 16 options = { 17 18 # NSS modules. Hacky! 19 system.nssModules = mkOption { 20 type = types.listOf types.path; 21 internal = true; 22 default = []; 23 description = '' 24 Search path for NSS (Name Service Switch) modules. This allows 25 several DNS resolution methods to be specified via 26 <filename>/etc/nsswitch.conf</filename>. 27 ''; 28 apply = list: 29 { 30 inherit list; 31 path = makeLibraryPath list; 32 }; 33 }; 34 35 }; 36 37 config = { 38 39 # Name Service Switch configuration file. Required by the C 40 # library. !!! Factor out the mdns stuff. The avahi module 41 # should define an option used by this module. 42 environment.etc."nsswitch.conf".text = 43 '' 44 passwd: files ${optionalString ldap "ldap"} 45 group: files ${optionalString ldap "ldap"} 46 shadow: files ${optionalString ldap "ldap"} 47 hosts: files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines 48 networks: files dns 49 ethers: files 50 services: files 51 protocols: files 52 ''; 53 54 # Systemd provides nss-myhostname to ensure that our hostname 55 # always resolves to a valid IP address. It returns all locally 56 # configured IP addresses, or ::1 and 127.0.0.2 as 57 # fallbacks. Systemd also provides nss-mymachines to return IP 58 # addresses of local containers. 59 system.nssModules = [ config.systemd.package ]; 60 61 }; 62}