nixos/modules/security/rngd: Disable by default

`rngd` seems to be the root cause for slow boot issues, and its functionality is
redundant since kernel v3.17 (2014), which introduced a `krngd` task (in kernel
space) that takes care of pulling in data from hardware RNGs:

> commit be4000bc4644d027c519b6361f5ae3bbfc52c347
> Author: Torsten Duwe <duwe@lst.de>
> Date:   Sat Jun 14 23:46:03 2014 -0400
>
>     hwrng: create filler thread
>
>     This can be viewed as the in-kernel equivalent of hwrngd;
>     like FUSE it is a good thing to have a mechanism in user land,
>     but for some reasons (simplicity, secrecy, integrity, speed)
>     it may be better to have it in kernel space.
>
>     This patch creates a thread once a hwrng registers, and uses
>     the previously established add_hwgenerator_randomness() to feed
>     its data to the input pool as long as needed. A derating factor
>     is used to bias the entropy estimation and to disable this
>     mechanism entirely when set to zero.

Closes: #96067

nixos/modules/security/rngd.nix

@@ -10,11 +10,10 @@ in
     security.rngd = {
       enable = mkOption {
         type = types.bool;
-        default = true;
+        default = false;
         description = ''
-          Whether to enable the rng daemon, which adds entropy from
-          hardware sources of randomness to the kernel entropy pool when
-          available.
+          Whether to enable the rng daemon.  Devices that the kernel recognises
+          as entropy sources are handled automatically by krngd.
         '';
       };
       debug = mkOption {
@@ -26,12 +25,6 @@ in
   };
 
   config = mkIf cfg.enable {
-    services.udev.extraRules = ''
-      KERNEL=="random", TAG+="systemd"
-      SUBSYSTEM=="cpu", ENV{MODALIAS}=="cpu:type:x86,*feature:*009E*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="rngd.service"
-      KERNEL=="hw_random", TAG+="systemd", ENV{SYSTEMD_WANTS}+="rngd.service"
-    '';
-
     systemd.services.rngd = {
       bindsTo = [ "dev-random.device" ];