nixos/tailscale: add glibc to PATH.

For some features, tailscaled uses getent(1) to get the shell
of OS users. getent(1) is in the glibc derivation. Without this
derivation in the path, tailscale falls back to /bin/sh for all
users.

Signed-off-by: David Anderson <dave@natulte.net>

1 files changed, 6 insertions, 2 deletions

diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix
index 1f64113950a79..c61af0d18b890 100644
--- a/nixos/modules/services/networking/tailscale.nix
+++ b/nixos/modules/services/networking/tailscale.nix
@@ -4,7 +4,7 @@ with lib;
 
 let cfg = config.services.tailscale;
 in {
-  meta.maintainers = with maintainers; [ danderson mbaillie ];
+  meta.maintainers = with maintainers; [ danderson mbaillie twitchyliquid64 ];
 
   options.services.tailscale = {
     enable = mkEnableOption "Tailscale client daemon";
@@ -40,7 +40,11 @@ in {
     systemd.packages = [ cfg.package ];
     systemd.services.tailscaled = {
       wantedBy = [ "multi-user.target" ];
-      path = [ pkgs.openresolv pkgs.procps ];
+      path = [
+        pkgs.openresolv # for configuring DNS in some configs
+        pkgs.procps     # for collecting running services (opt-in feature)
+        pkgs.glibc      # for `getent` to look up user shells
+      ];
       serviceConfig.Environment = [
         "PORT=${toString cfg.port}"
         ''"FLAGS=--tun ${lib.escapeShellArg cfg.interfaceName}"''