diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-06-05 00:13:17 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-05 00:13:17 +0000 |
| commit | daadd0b7779bd5df13880b28886b1b32d2dc0bba (patch) | |
| tree | 287a7a798dc0f3b36dfa9b140f4ae6632b034751 /nixos/doc/manual | |
| parent | bd6942679cd7b7d8e2069d7efff37c23a12bdc9e (diff) | |
| parent | fa603de2526591447dcd8b4471279aeeab978a97 (diff) | |
Merge master into haskell-updates
Diffstat (limited to 'nixos/doc/manual')
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2405.section.md | 10 | ||||
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2411.section.md | 3 |
2 files changed, 13 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 072d4d7f779a8..165e3e13a78ef 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -429,6 +429,16 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi - `screen`'s module has been cleaned, and will now require you to set `programs.screen.enable` in order to populate `screenrc` and add the program to the environment. +- `security.acme.defaults.server` now has a default value instead of `null`. + This effectively uses the same server, the Let's Encrypt production server, + but makes the default explicit, instead of relying on the Lego default. + + A side effect of this is that the directory in which account data is stored + changes and the ACME module will request a new account and new certificates + for all domains. This may cause issues if you pin an `acccounturl` in a CAA + DNS record. To avoid this, you + may set `security.acme.defaults.server = null` to keep the old hashes. + - `security.pam.sshAgentAuth.enable` now requires `services.openssh.authorizedKeysFiles` to be non-empty, which is the case when `services.openssh.enable` is true. Previously, `pam_ssh_agent_auth` silently failed to work. diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index e6bd6b2a92c5a..9ff4fa8ff68db 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -38,6 +38,9 @@ for `stateVersion` ≥ 24.11. (It was previously using SQLite for structured data and the filesystem for blobs). +- `zx` was updated to v8, which introduces several breaking changes. + See the [v8 changelog](https://github.com/google/zx/releases/tag/8.0.0) for more information. + - The `portunus` package and service do not support weak password hashes anymore. If you installed Portunus on NixOS 23.11 or earlier, upgrade to NixOS 24.05 first to get support for strong password hashing. Then, follow the instructions on the [upstream release notes](https://github.com/majewsky/portunus/releases/tag/v2.0.0) to upgrade all existing user accounts to strong password hashes. |