diff --git a/nixos/doc/manual/release-notes/rl-1709.xml b/nixos/doc/manual/release-notes/rl-1709.xml
index 3ae2d260c992..72dfd60bedd9 100644
--- a/nixos/doc/manual/release-notes/rl-1709.xml
+++ b/nixos/doc/manual/release-notes/rl-1709.xml
@@ -120,6 +120,16 @@ rmdir /var/lib/ipfs/.ipfs
also serve as a SSH agent if enableSSHSupport is set.
+
+
+ The services.tinc.networks.<name>.listenAddress
+ option had a misleading name that did not correspond to its behavior. It
+ now correctly defines the ip to listen for incoming connections on. To
+ keep the previous behaviour, use
+ services.tinc.networks.<name>.bindToAddress
+ instead. Refer to the description of the options for more details.
+
+
Other notable improvements:
diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix
index 79a0aa953feb..7376d2d24a0b 100644
--- a/nixos/modules/services/networking/tinc.nix
+++ b/nixos/modules/services/networking/tinc.nix
@@ -79,7 +79,15 @@ in
default = null;
type = types.nullOr types.str;
description = ''
- The ip adress to bind to.
+ The ip address to listen on for incoming connections.
+ '';
+ };
+
+ bindToAddress = mkOption {
+ default = null;
+ type = types.nullOr types.str;
+ description = ''
+ The ip address to bind to (both listen on and send packets from).
'';
};
@@ -131,7 +139,8 @@ in
Name = ${if data.name == null then "$HOST" else data.name}
DeviceType = ${data.interfaceType}
${optionalString (data.ed25519PrivateKeyFile != null) "Ed25519PrivateKeyFile = ${data.ed25519PrivateKeyFile}"}
- ${optionalString (data.listenAddress != null) "BindToAddress = ${data.listenAddress}"}
+ ${optionalString (data.listenAddress != null) "ListenAddress = ${data.listenAddress}"}
+ ${optionalString (data.bindToAddress != null) "BindToAddress = ${data.bindToAddress}"}
Device = /dev/net/tun
Interface = tinc.${network}
${data.extraConfig}