Add rngd service.

Inspired by http://pkgs.fedoraproject.org/cgit/rng-tools.git/tree/rngd.service?id=27b1912b2d9659b6934fd4c887e46c13958e7e3c

modules/module-list.nix

@@ -48,6 +48,7 @@
   ./security/pam.nix
   ./security/pam_usb.nix
   ./security/polkit.nix
+  ./security/rngd.nix
   ./security/rtkit.nix
   ./security/setuid-wrappers.nix
   ./security/sudo.nix

modules/security/rngd.nix

@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+{
+  options = {
+    security.rngd.enable = mkOption {
+      default = true;
+      description = ''
+        Whether tho enable the rng daemon, which adds entropy from
+        hardware sources of randomness to the kernel entropy pool when
+        available. It is strongly recommended to keep this enabled!
+      '';
+    };
+  };
+
+  config = mkIf config.security.rngd.enable {
+    boot.systemd.services.rngd = {
+      wantedBy = [ config.boot.systemd.defaultUnit ];
+
+      description = "Hardware RNG Entropy Gatherer Daemon";
+
+      serviceConfig.ExecStart = "${pkgs.rng_tools}/sbin/rngd -f";
+    };
+  };
+}