From 35071eeb107c982925fda3fcef6bbd44940cbb21 Mon Sep 17 00:00:00 2001
From: Benedikt Peetz <benedikt.peetz@b-peetz.de>
Date: Wed, 25 Dec 2024 18:23:05 +0100
Subject: fix(treewide): Add constant uids and gids to each user and group

This allows us to avoid persisting `/var/lib/nixos`.
---
 modules/by-name/ns/nscd/module.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 modules/by-name/ns/nscd/module.nix

(limited to 'modules/by-name/ns/nscd/module.nix')

diff --git a/modules/by-name/ns/nscd/module.nix b/modules/by-name/ns/nscd/module.nix
new file mode 100644
index 0000000..428ae3b
--- /dev/null
+++ b/modules/by-name/ns/nscd/module.nix
@@ -0,0 +1,25 @@
+{
+  config,
+  lib,
+  ...
+}: let
+  cfg = config.vhack.nscd;
+in {
+  options.vhack.nscd = {
+    # NOTE(@bpeetz): This is enabled by default in NixOS.
+    # Because of this reason:
+    # > Whether to enable the Name Service Cache Daemon. Disabling this is
+    # > strongly discouraged, as this effectively disables NSS Lookups from
+    # > all non-glibc NSS modules, including the ones provided by systemd.
+    #
+    # As such we should also always enable it. <2024-12-25>
+    enable = (lib.mkEnableOption "nscd") // {default = true;};
+  };
+
+  config = lib.mkIf cfg.enable {
+    users = {
+      users.nscd.uid = config.vhack.constants.ids.uids.nscd;
+      groups.nscd.gid = config.vhack.constants.ids.gids.nscd;
+    };
+  };
+}
-- 
cgit 1.4.1