diff --git a/nixos/lib/eval-config.nix b/nixos/lib/eval-config.nix
index e082b174454..0fa00637a93 100644
--- a/nixos/lib/eval-config.nix
+++ b/nixos/lib/eval-config.nix
@@ -58,7 +58,7 @@ rec {
           inherit system extraArgs modules prefix;
           # For efficiency, leave out most NixOS modules; they don't
           # define nixpkgs.config, so it's pointless to evaluate them.
-          baseModules = [ ../modules/misc/nixpkgs.nix ];
+          baseModules = [ ../modules/misc/nixpkgs.nix ../modules/config/no-x-libs.nix ];
           pkgs = import ./nixpkgs.nix { system = system_; config = {}; };
           check = false;
         }).config.nixpkgs;
diff --git a/nixos/modules/config/no-x-libs.nix b/nixos/modules/config/no-x-libs.nix
index 4b791c109d7..f91dbb4cc28 100644
--- a/nixos/modules/config/no-x-libs.nix
+++ b/nixos/modules/config/no-x-libs.nix
@@ -1,3 +1,6 @@
+# This module gets rid of all dependencies on X11 client libraries
+# (including fontconfig).
+
 { config, lib, pkgs, ... }:
 
 with lib;
@@ -8,18 +11,22 @@ with lib;
       type = types.bool;
       default = false;
       description = ''
-        Switch off the options in the default configuration that require X libraries.
-        Currently this includes: ssh X11 forwarding, dbus, fonts.enableCoreFonts,
-        fonts.enableFontConfig
+        Switch off the options in the default configuration that
+        require X11 libraries. This includes client-side font
+        configuration and SSH forwarding of X11 authentication
+        in. Thus, you probably do not want to enable this option if
+        you want to run X11 programs on this machine via SSH.
       '';
     };
   };
 
   config = mkIf config.environment.noXlibs {
     programs.ssh.setXAuthLocation = false;
-    fonts = {
-      enableCoreFonts = false;
-      enableFontConfig = false;
-    };
+    security.pam.services.su.forwardXAuth = lib.mkForce false;
+
+    fonts.enableFontConfig = false;
+
+    nixpkgs.config.packageOverrides = pkgs:
+      { dbus = pkgs.dbus.override { useX11 = false; }; };
   };
 }
diff --git a/nixos/modules/profiles/minimal.nix b/nixos/modules/profiles/minimal.nix
index 821b9f93465..5067622aaf1 100644
--- a/nixos/modules/profiles/minimal.nix
+++ b/nixos/modules/profiles/minimal.nix
@@ -1,11 +1,8 @@
 # This module defines a small NixOS configuration.  It does not
 # contain any graphical stuff.
 
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 {
-  # Don't include X libraries.
-  programs.ssh.setXAuthLocation = false;
-  fonts.enableFontConfig = false;
-  fonts.enableCoreFonts = false;
+  environment.noXlibs = true;
 }