2012-11-22 08:07:25 +01:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
with pkgs.lib;
|
|
|
|
|
|
|
|
{
|
|
|
|
options = {
|
|
|
|
security.rngd.enable = mkOption {
|
2012-11-22 16:14:41 +01:00
|
|
|
default = false;
|
2012-11-22 08:07:25 +01:00
|
|
|
description = ''
|
2012-11-22 10:41:54 +01:00
|
|
|
Whether to enable the rng daemon, which adds entropy from
|
2012-11-22 08:07:25 +01:00
|
|
|
hardware sources of randomness to the kernel entropy pool when
|
2012-11-22 16:14:41 +01:00
|
|
|
available.
|
2012-11-22 08:07:25 +01:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = mkIf config.security.rngd.enable {
|
|
|
|
boot.systemd.services.rngd = {
|
2012-11-22 10:41:54 +01:00
|
|
|
wantedBy = [ "multi-user.target" ];
|
2012-11-22 08:07:25 +01:00
|
|
|
|
|
|
|
description = "Hardware RNG Entropy Gatherer Daemon";
|
|
|
|
|
|
|
|
serviceConfig.ExecStart = "${pkgs.rng_tools}/sbin/rngd -f";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|