nixos/ipa: Make ipa_hostname configurable (#321588)

Some sites put hosts in domains outside of the IPA server's default domain, so this needs to be user-configurable. The default is to use the system's FQDN if it is configured, otherwise fallback to the previous default behaviour of assuming the IPA's server's domain.
author: Benjamin Staffin <benley@gmail.com> 2024-06-22 11:29:54 -0400
committer: GitHub <noreply@github.com> 2024-06-22 11:29:54 -0400
commit: e93ccda88728ca2269cd937cfeab127f0b69faee (patch)
tree: 3295e0f2fcbc42b1551ad8f15949cd41db500ef3 /nixos/doc/manual
parent: 7546a9d9de65c30f164e25501cab096a25237ac2 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md
index 2cbcf3a7e5727..2de4cf4d08af2 100644
--- a/nixos/doc/manual/release-notes/rl-2411.section.md
+++ b/nixos/doc/manual/release-notes/rl-2411.section.md
@@ -40,6 +40,10 @@
 - `openssh` and `openssh_hpn` are now compiled without Kerberos 5 / GSSAPI support in an effort to reduce the attack surface of the components for the majority of users. Users needing this support can
   use the new `opensshWithKerberos` and `openssh_hpnWithKerberos` flavors (e.g. `programs.ssh.package = pkgs.openssh_gssapi`).
 
+- `security.ipa.ipaHostname` now defaults to the value of `networking.fqdn` if
+  it is set, instead of the previous hardcoded default of
+  `${networking.hostName}.${security.ipa.domain}`.
+
 - `nvimpager` was updated to version 0.13.0, which changes the order of user and
   nvimpager settings: user commands in `-c` and `--cmd` now override the
   respective default settings because they are executed later.
author	Benjamin Staffin <benley@gmail.com>	2024-06-22 11:29:54 -0400
committer	GitHub <noreply@github.com>	2024-06-22 11:29:54 -0400
commit	e93ccda88728ca2269cd937cfeab127f0b69faee (patch)
tree	3295e0f2fcbc42b1551ad8f15949cd41db500ef3 /nixos/doc/manual
parent	7546a9d9de65c30f164e25501cab096a25237ac2 (diff)