about summary refs log tree commit diff
path: root/nixos/modules/config/nsswitch.nix
diff options
context:
space:
mode:
authorPeter Hoeg <peter@speartail.com>2016-09-01 17:00:20 +0800
committerJörg Thalheim <joerg@higgsboson.tk>2016-12-17 16:01:35 +0100
commit987aac77945e2bee070723c9758f8173e9e7e974 (patch)
tree2f58c618f6e9ead6c7686e0e1941e2e6b02d681c /nixos/modules/config/nsswitch.nix
parent8bfe3d784655083c5c7e73d0f09bb6a2239d359e (diff)
downloadnixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar.gz
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar.bz2
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar.lz
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar.xz
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.tar.zst
nixlib-987aac77945e2bee070723c9758f8173e9e7e974.zip
/etc/hosts and /etc/nsswitch.conf cleanups
fixes #18183
Diffstat (limited to 'nixos/modules/config/nsswitch.nix')
-rw-r--r--nixos/modules/config/nsswitch.nix40
1 files changed, 27 insertions, 13 deletions
diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix
index 45553ec05663..3f96cea22706 100644
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@@ -10,9 +10,21 @@ let
   inherit (config.services.samba) nsswins;
   ldap = (config.users.ldap.enable && config.users.ldap.nsswitch);
 
-in
+  hostArray = [ "files" "mymachines" ]
+    ++ optionals nssmdns [ "mdns_minimal [!UNAVAIL=return]" ]
+    ++ optionals nsswins [ "wins" ]
+    ++ [ "dns" ]
+    ++ optionals nssmdns [ "mdns" ]
+    ++ ["myhostname" ];
 
-{
+  passwdArray = [ "files" ]
+    ++ optionals ldap [ "ldap" ]
+    ++ [ "mymachines" ];
+
+  shadowArray = [ "files" ]
+    ++ optionals ldap [ "ldap" ];
+
+in {
   options = {
 
     # NSS modules.  Hacky!
@@ -39,17 +51,19 @@ in
     # Name Service Switch configuration file.  Required by the C
     # library.  !!! Factor out the mdns stuff.  The avahi module
     # should define an option used by this module.
-    environment.etc."nsswitch.conf".text =
-      ''
-        passwd:    files ${optionalString ldap "ldap"}
-        group:     files ${optionalString ldap "ldap"}
-        shadow:    files ${optionalString ldap "ldap"}
-        hosts:     files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"} ${optionalString nsswins "wins"} myhostname mymachines
-        networks:  files dns
-        ethers:    files
-        services:  files
-        protocols: files
-      '';
+    environment.etc."nsswitch.conf".text = ''
+      passwd:    ${concatStringsSep " " passwdArray}
+      group:     ${concatStringsSep " " passwdArray}
+      shadow:    ${concatStringsSep " " shadowArray}
+
+      hosts:     ${concatStringsSep " " hostArray}
+      networks:  files
+
+      ethers:    files
+      services:  files
+      protocols: files
+      rpc:       files
+    '';
 
     # Systemd provides nss-myhostname to ensure that our hostname
     # always resolves to a valid IP address.  It returns all locally
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-06 11:26:34 +0000