From 2fdd23c154e28d3d735c84585914fb9f2277eac6 Mon Sep 17 00:00:00 2001 From: Guillaume Girol Date: Fri, 27 May 2022 12:00:00 +0000 Subject: release-notes: don't encourage people to copy secrets to the store --- nixos/doc/manual/from_md/release-notes/rl-2205.section.xml | 6 ++++-- nixos/doc/manual/release-notes/rl-2205.section.md | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'nixos/doc/manual') diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index 5f4e9940d2f71..810b8e12ac660 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -1006,7 +1006,7 @@ }; extraConfigFiles = [ - /run/keys/matrix-synapse/secrets.yaml + "/run/keys/matrix-synapse/secrets.yaml" ]; }; } @@ -1014,7 +1014,9 @@ The secrets in your original config should be migrated into a YAML file that is included via - extraConfigFiles. + extraConfigFiles. The filename must be + quoted to prevent nix from copying it to the (world readable) + store. Additionally a few option defaults have been synced up with diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 1583140a61627..2ae454fe0133a 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -388,13 +388,13 @@ In addition to numerous new and upgraded packages, this release has the followin }; extraConfigFiles = [ - /run/keys/matrix-synapse/secrets.yaml + "/run/keys/matrix-synapse/secrets.yaml" ]; }; } ``` - The secrets in your original config should be migrated into a YAML file that is included via `extraConfigFiles`. + The secrets in your original config should be migrated into a YAML file that is included via `extraConfigFiles`. The filename must be quoted to prevent nix from copying it to the (world readable) store. Additionally a few option defaults have been synced up with upstream default values, for example the `max_upload_size` grew from `10M` to `50M`. For the same reason, the default `media_store_path` was changed from `${dataDir}/media` to `${dataDir}/media_store` if `system.stateVersion` is at least `22.05`. Files will need to be manually moved to the new -- cgit 1.4.1