nixos/samba: move nss database configuration into samba module

2020-05-06 00:20:30 +02:00 · 2020-05-06 00:20:30 +02:00 · 1fb6c37597
commit 1fb6c37597
parent fd21793de6
2 changed files with 7 additions and 16 deletions
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@ -4,20 +4,7 @@
 with lib;
-let
+{
  # only with nscd up and running we can load NSS modules that are not integrated in NSS
  canLoadExternalModules = config.services.nscd.enable;
  # XXX Move these to their respective modules
  nsswins = canLoadExternalModules && config.services.samba.nsswins;
  hostArray = mkMerge [
    (mkBefore [ "files" ])
    (mkIf nsswins [ "wins" ])
    (mkAfter [ "dns" ])
  ];
 in {
  options = {
    # NSS modules.  Hacky!
@ -109,7 +96,7 @@ in {
    assertions = [
      {
        # generic catch if the NixOS module adding to nssModules does not prevent it with specific message.
-        assertion = config.system.nssModules.path != "" -> canLoadExternalModules;
+        assertion = config.system.nssModules.path != "" -> config.services.nscd.enable;
        message = "Loading NSS modules from path ${config.system.nssModules.path} requires nscd being enabled.";
      }
    ];
@ -134,7 +121,10 @@ in {
      passwd = mkBefore [ "files" ];
      group = mkBefore [ "files" ];
      shadow = mkBefore [ "files" ];
-      hosts = hostArray;
+      hosts = mkMerge [
        (mkBefore [ "files" ])
        (mkAfter [ "dns" ])
      ];
      services = mkBefore [ "files" ];
    };
  };
--- a/nixos/modules/services/network-filesystems/samba.nix
+++ b/nixos/modules/services/network-filesystems/samba.nix
@ -224,6 +224,7 @@ in
      (mkIf cfg.enable {
        system.nssModules = optional cfg.nsswins samba;
        system.nssDatabases.hosts = optional cfg.nsswins "wins";
        systemd = {
          targets.samba = {