From 49a3e57d4378f6a0e94b62a3b1e6b14d3853d124 Mon Sep 17 00:00:00 2001
From: Peter Simons <simons@cryp.to>
Date: Mon, 6 Feb 2012 19:14:37 +0000
Subject: [PATCH] frandom: very fast kernel random number generator

svn path=/nixos/trunk/; revision=32084
---
 modules/module-list.nix               |  1 +
 modules/services/security/frandom.nix | 31 +++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 modules/services/security/frandom.nix

diff --git a/modules/module-list.nix b/modules/module-list.nix
index 182bc6688f7..2a4829f4186 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -149,6 +149,7 @@
   ./services/scheduling/atd.nix
   ./services/scheduling/cron.nix
   ./services/scheduling/fcron.nix
+  ./services/security/frandom.nix
   ./services/security/tor.nix
   ./services/security/torsocks.nix
   ./services/system/cgroups.nix
diff --git a/modules/services/security/frandom.nix b/modules/services/security/frandom.nix
new file mode 100644
index 00000000000..9aae7b33a43
--- /dev/null
+++ b/modules/services/security/frandom.nix
@@ -0,0 +1,31 @@
+{pkgs, config, ...}:
+
+let kernel = config.boot.kernelPackages;
+in
+
+{
+
+  ###### interface
+
+  options = {
+
+    services.frandom.enable = pkgs.lib.mkOption {
+      default = false;
+      type = pkgs.lib.types.bool;
+      description = ''
+        enable the /dev/frandom device (a very fast random number generator)
+      '';
+    };
+
+  };
+
+
+  ###### implementation
+
+  config = pkgs.lib.mkIf config.services.frandom.enable {
+    boot.kernelModules = [ "frandom" ];
+    boot.extraModulePackages = [ kernel.frandom ];
+    services.udev.packages = [ kernel.frandom ];
+  };
+
+}