diff options
| author | Lucas Savva <lucas@m1cr0man.com> | 2021-12-04 17:32:17 +0000 |
|---|---|---|
| committer | Lucas Savva <lucas@m1cr0man.com> | 2021-12-26 16:49:52 +0000 |
| commit | 07c15833093b9db5dacb3829afda03d7c71cc077 (patch) | |
| tree | dc322453edf2904d737e9ff5c711c5544de0e9d5 /nixos | |
| parent | 377c6bcefce8e8ccd471892a1b24621d5a909457 (diff) | |
nixos/acme: Update release notes
Diffstat (limited to 'nixos')
| -rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2205.section.xml | 26 | ||||
| -rw-r--r-- | nixos/doc/manual/release-notes/rl-2205.section.md | 11 |
2 files changed, 36 insertions, 1 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index d5e3190bf288..acafdcafa1b6 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -14,7 +14,17 @@ </itemizedlist> <section xml:id="sec-release-22.05-highlights"> <title>Highlights</title> - <itemizedlist spacing="compact"> + <itemizedlist> + <listitem> + <para> + <literal>security.acme.defaults</literal> has been added to + simplify configuring settings for many certificates at once. + This also opens up the the option to use DNS-01 validation + when using <literal>enableACME</literal> on web server virtual + hosts (e.g. + <literal>services.nginx.virtualHosts.*.enableACME</literal>). + </para> + </listitem> <listitem> <para> PHP 8.1 is now available @@ -182,6 +192,20 @@ </listitem> <listitem> <para> + <literal>security.acme</literal> certificates will now + correctly check for CA revokation before reaching their + minimum age. + </para> + </listitem> + <listitem> + <para> + Removing domains from + <literal>security.acme.certs._name_.extraDomainNames</literal> + will now correctly remove those domains during rebuild/renew. + </para> + </listitem> + <listitem> + <para> The option <link linkend="opt-services.ssh.enableAskPassword">services.ssh.enableAskPassword</link> was added, decoupling the setting of diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 98709455ae74..7258d90bdb2a 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -6,6 +6,11 @@ In addition to numerous new and upgraded packages, this release has the followin ## Highlights {#sec-release-22.05-highlights} +- `security.acme.defaults` has been added to simplify configuring + settings for many certificates at once. This also opens up the + the option to use DNS-01 validation when using `enableACME` on + web server virtual hosts (e.g. `services.nginx.virtualHosts.*.enableACME`). + - PHP 8.1 is now available ## New Services {#sec-release-22.05-new-services} @@ -73,6 +78,12 @@ In addition to numerous new and upgraded packages, this release has the followin - The `services.unifi.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11. Configurations using this default will print a warning when rebuilt. +- `security.acme` certificates will now correctly check for CA + revokation before reaching their minimum age. + +- Removing domains from `security.acme.certs._name_.extraDomainNames` + will now correctly remove those domains during rebuild/renew. + - The option [services.ssh.enableAskPassword](#opt-services.ssh.enableAskPassword) was added, decoupling the setting of `SSH_ASKPASS` from |