diff options
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2305.section.xml | 10 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/avahi-daemon.nix | 5 |
3 files changed, 3 insertions, 14 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml index cc330e2f88706..944ea12f7df68 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml @@ -90,16 +90,6 @@ <listitem> <para> The - <link linkend="opt-services.avahi.openFirewall">services.avahi.openFirewall</link> - module option default value has been changed from - <literal>true</literal> to <literal>false</literal>. You will - need to explicitely set this option to - <literal>true</literal>, or configure your firewall. - </para> - </listitem> - <listitem> - <para> - The <link linkend="opt-services.tmate-ssh-server.openFirewall">services.tmate-ssh-server.openFirewall</link> module option default value has been changed from <literal>true</literal> to <literal>false</literal>. You will diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 886db43c68eb6..2dd632fa7b92d 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -31,8 +31,6 @@ In addition to numerous new and upgraded packages, this release has the followin - The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. -- The [services.avahi.openFirewall](#opt-services.avahi.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. - - The [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. - The [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall. diff --git a/nixos/modules/services/networking/avahi-daemon.nix b/nixos/modules/services/networking/avahi-daemon.nix index 0875d8a85140a..3933ed5a2315a 100644 --- a/nixos/modules/services/networking/avahi-daemon.nix +++ b/nixos/modules/services/networking/avahi-daemon.nix @@ -103,16 +103,17 @@ in openFirewall = mkOption { type = types.bool; - default = false; + default = true; description = lib.mdDoc '' Whether to open the firewall for UDP port 5353. + Disabling this setting also disables discovering of network devices. ''; }; allowPointToPoint = mkOption { type = types.bool; default = false; - description= lib.mdDoc '' + description = lib.mdDoc '' Whether to use POINTTOPOINT interfaces. Might make mDNS unreliable due to usually large latencies with such links and opens a potential security hole by allowing mDNS access from Internet connections. |