From 757ab7f6d3399cae3c76e1b744eae692db6c8559 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Sat, 6 Oct 2012 20:58:46 -0400
Subject: [PATCH] Generate nsswitch.conf properly

---
 modules/config/nsswitch-mdns.conf | 11 -----------
 modules/config/nsswitch.conf      | 10 ----------
 modules/config/nsswitch.nix       | 33 ++++++++++++++++++++-----------
 3 files changed, 22 insertions(+), 32 deletions(-)
 delete mode 100644 modules/config/nsswitch-mdns.conf
 delete mode 100644 modules/config/nsswitch.conf

diff --git a/modules/config/nsswitch-mdns.conf b/modules/config/nsswitch-mdns.conf
deleted file mode 100644
index 61dd436682d..00000000000
--- a/modules/config/nsswitch-mdns.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-# NSS configuration files with mDNS enabled (requires running Avahi daemon).
-
-passwd:         ldap files
-group:          ldap files
-shadow:         ldap files
-
-hosts:          files mdns_minimal [NOTFOUND=return] dns mdns
-networks:       files dns
-
-services:       files
-protocols:      files
diff --git a/modules/config/nsswitch.conf b/modules/config/nsswitch.conf
deleted file mode 100644
index 44beaf5b44c..00000000000
--- a/modules/config/nsswitch.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-passwd:         files ldap
-group:          files ldap
-shadow:         files ldap
-
-hosts:          files dns
-networks:       files dns
-ethers:         files
-
-services:       files
-protocols:      files
diff --git a/modules/config/nsswitch.nix b/modules/config/nsswitch.nix
index cac6ff382a4..7c969320b3d 100644
--- a/modules/config/nsswitch.nix
+++ b/modules/config/nsswitch.nix
@@ -1,13 +1,15 @@
 # Configuration for the Name Service Switch (/etc/nsswitch.conf).
 
-{config, pkgs, ...}:
+{ config, pkgs, ... }:
+
+with pkgs.lib;
 
 let
 
   options = {
 
     # NSS modules.  Hacky!
-    system.nssModules = pkgs.lib.mkOption {
+    system.nssModules = mkOption {
       internal = true;
       default = [];
       description = "
@@ -15,34 +17,43 @@ let
         several DNS resolution methods to be specified via
         <filename>/etc/nsswitch.conf</filename>.
       ";
-      merge = pkgs.lib.mergeListOption;
+      merge = mergeListOption;
       apply = list:
         let
           list2 =
             list
             # !!! this should be in the LDAP module
-            ++ pkgs.lib.optional config.users.ldap.enable pkgs.nss_ldap;
+            ++ optional config.users.ldap.enable pkgs.nss_ldap;
         in {
           list = list2;
-          path = pkgs.lib.makeLibraryPath list2;
+          path = makeLibraryPath list2;
         };
     };
 
   };
 
+  inherit (config.services.avahi) nssmdns;
+
 in
 
 {
-  require = [options];
+  require = [ options ];
 
   environment.etc =
     [ # Name Service Switch configuration file.  Required by the C library.
       # !!! Factor out the mdns stuff.  The avahi module should define
       # an option used by this module.
-      { source =
-          if config.services.avahi.nssmdns
-          then ./nsswitch-mdns.conf
-          else ./nsswitch.conf;
+      { source = pkgs.writeText "nsswitch.conf"
+          ''
+            passwd:    files ldap
+            group:     files ldap
+            shadow:    files ldap
+            hosts:     files ${optionalString nssmdns "mdns_minimal [NOTFOUND=return]"} dns ${optionalString nssmdns "mdns"}
+            networks:  files dns
+            ethers:    files
+            services:  files
+            protocols: files
+          '';
         target = "nsswitch.conf";
       }
     ];
@@ -58,5 +69,5 @@ in
   # chroot gets to seem them, and (ii) applications can benefit from
   # changes in the list of NSS modules at run-time, without requiring
   # a reboot.
-  environment.systemPackages = [config.system.nssModules.list];
+  environment.systemPackages = [ config.system.nssModules.list ];
 }