diff options
| author | Peter Hoeg <peter@speartail.com> | 2016-09-01 17:00:20 +0800 |
|---|---|---|
| committer | Jörg Thalheim <joerg@higgsboson.tk> | 2016-12-17 16:01:35 +0100 |
| commit | 987aac77945e2bee070723c9758f8173e9e7e974 (patch) | |
| tree | 2f58c618f6e9ead6c7686e0e1941e2e6b02d681c /nixos/modules/config/nsswitch.nix | |
| parent | 8bfe3d784655083c5c7e73d0f09bb6a2239d359e (diff) | |
/etc/hosts and /etc/nsswitch.conf cleanups
fixes #18183
Diffstat (limited to 'nixos/modules/config/nsswitch.nix')
| -rw-r--r-- | nixos/modules/config/nsswitch.nix | 40 |
1 files changed, 27 insertions, 13 deletions
diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix index 45553ec05663..3f96cea22706 100644 --- a/nixos/modules/config/nsswitch.nix +++ b/nixos/modules/config/nsswitch.nix @@ -10,9 +10,21 @@ let inherit (config.services.samba) nsswins; ldap = (config.users.ldap.enable && config.users.ldap.nsswitch); -in + hostArray = [ "files" "mymachines" ] + ++ optionals nssmdns [ "mdns_minimal [!UNAVAIL=return]" ] + ++ optionals nsswins [ "wins" ] + ++ [ "dns" ] + ++ optionals nssmdns [ "mdns" ] + ++ ["myhostname" ]; -{ + passwdArray = [ "files" ] + ++ optionals ldap [ "ldap" ] + ++ [ "mymachines" ]; + + shadowArray = [ "files" ] + ++ optionals ldap [ "ldap" ]; + +in { options = { # NSS modules. Hacky! @@ -39,17 +51,19 @@ in # Name Service Switch configuration file. Required by the C # library. !!! Factor out the mdns stuff. The avahi module # should define an option used by this module. - environment.etc."nsswitch.conf".text = - '' - passwd: files ${optionalString ldap "ldap"} - group: files ${optionalString ldap "ldap"} - shadow: files ${optionalString ldap "ldap"} - hosts: files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines - networks: files dns - ethers: files - services: files - protocols: files - ''; + environment.etc."nsswitch.conf".text = '' + passwd: ${concatStringsSep " " passwdArray} + group: ${concatStringsSep " " passwdArray} + shadow: ${concatStringsSep " " shadowArray} + + hosts: ${concatStringsSep " " hostArray} + networks: files + + ethers: files + services: files + protocols: files + rpc: files + ''; # Systemd provides nss-myhostname to ensure that our hostname # always resolves to a valid IP address. It returns all locally |