From 1fb6c37597d12e209798ded07f8c122839b8db67 Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Wed, 6 May 2020 00:20:30 +0200
Subject: [PATCH] nixos/samba: move nss database configuration into samba
 module

---
 nixos/modules/config/nsswitch.nix             | 22 +++++--------------
 .../services/network-filesystems/samba.nix    |  1 +
 2 files changed, 7 insertions(+), 16 deletions(-)

diff --git a/nixos/modules/config/nsswitch.nix b/nixos/modules/config/nsswitch.nix
index 556ae3951f74..fd8425bfa2ee 100644
--- a/nixos/modules/config/nsswitch.nix
+++ b/nixos/modules/config/nsswitch.nix
@@ -4,20 +4,7 @@
 
 with lib;
 
-let
-
-  # only with nscd up and running we can load NSS modules that are not integrated in NSS
-  canLoadExternalModules = config.services.nscd.enable;
-  # XXX Move these to their respective modules
-  nsswins = canLoadExternalModules && config.services.samba.nsswins;
-
-  hostArray = mkMerge [
-    (mkBefore [ "files" ])
-    (mkIf nsswins [ "wins" ])
-    (mkAfter [ "dns" ])
-  ];
-
-in {
+{
   options = {
 
     # NSS modules.  Hacky!
@@ -109,7 +96,7 @@ in {
     assertions = [
       {
         # generic catch if the NixOS module adding to nssModules does not prevent it with specific message.
-        assertion = config.system.nssModules.path != "" -> canLoadExternalModules;
+        assertion = config.system.nssModules.path != "" -> config.services.nscd.enable;
         message = "Loading NSS modules from path ${config.system.nssModules.path} requires nscd being enabled.";
       }
     ];
@@ -134,7 +121,10 @@ in {
       passwd = mkBefore [ "files" ];
       group = mkBefore [ "files" ];
       shadow = mkBefore [ "files" ];
-      hosts = hostArray;
+      hosts = mkMerge [
+        (mkBefore [ "files" ])
+        (mkAfter [ "dns" ])
+      ];
       services = mkBefore [ "files" ];
     };
   };
diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix
index a115590ccaa0..08c912e0fcd4 100644
--- a/nixos/modules/services/network-filesystems/samba.nix
+++ b/nixos/modules/services/network-filesystems/samba.nix
@@ -224,6 +224,7 @@ in
       (mkIf cfg.enable {
 
         system.nssModules = optional cfg.nsswins samba;
+        system.nssDatabases.hosts = optional cfg.nsswins "wins";
 
         systemd = {
           targets.samba = {