Don't let rngd read /dev/tpm0.

Only one process can interact with the TPM module and
that process should be tcsd.  The tpm_rng kernel module
should instead be loaded and /dev/hwrnd be used to
read the TPM random generator.
Also, log which random generator devices are used by
rngd on startup.

nixos/modules/security/rngd.nix

@@ -30,7 +30,7 @@ with lib;
 
       description = "Hardware RNG Entropy Gatherer Daemon";
 
-      serviceConfig.ExecStart = "${pkgs.rng_tools}/sbin/rngd -f";
+      serviceConfig.ExecStart = "${pkgs.rng_tools}/sbin/rngd -f -v --no-tpm=1";
 
       restartTriggers = [ pkgs.rng_tools ];
     };