mirrors/nixpkgs
1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-02 02:24:27 +00:00
Code Issues Wiki Activity
nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml
aszlig a8b7372380
nixos: Add release notes about dhparams changes 
This is not only to make users aware of the changes but also to give a
heads up to developers which are using the module. Specifically if they
rely on security.dhparams.path only.

Signed-off-by: aszlig <aszlig@nix.build>
2018-05-07 05:02:41 +02:00

136 lines
3.9 KiB
XML
Raw Blame History

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.09">
<title>Release 18.09 (“Jellyfish”, 2018/09/??)</title>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.09-highlights">
<title>Highlights</title>
<para>In addition to numerous new and upgraded packages, this release
has the following highlights: </para>
<itemizedlist>
<listitem>
<para>
TODO
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.09-new-services">
<title>New Services</title>
<para>The following new services were added since the last release:</para>
<itemizedlist>
<listitem>
<para></para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.09-incompatibilities">
<title>Backward Incompatibilities</title>
<para>When upgrading from a previous release, please be aware of the
following incompatible changes:</para>
<itemizedlist>
<listitem>
<para>
The <literal>clementine</literal> package points now to the free derivation.
<literal>clementineFree</literal> is removed now and <literal>clementineUnfree</literal>
points to the package which is bundled with the unfree <literal>libspotify</literal> package.
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.09-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
<listitem>
<para>
The module for <option>security.dhparams</option> has two new options
now:
</para>
<variablelist>
<varlistentry>
<term><option>security.dhparams.stateless</option></term>
<listitem><para>
Puts the generated Diffie-Hellman parameters into the Nix store
instead of managing them in a stateful manner in
<filename class="directory">/var/lib/dhparams</filename>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>security.dhparams.defaultBitSize</option></term>
<listitem><para>
The default bit size to use for the generated Diffie-Hellman
parameters.
</para></listitem>
</varlistentry>
</variablelist>
<note><para>
The path to the actual generated parameter files should now be queried
using
<literal>config.security.dhparams.params.<replaceable>name</replaceable>.path</literal>
because it might be either in the Nix store or in a directory configured
by <option>security.dhparams.path</option>.
</para></note>
<note>
<title>For developers:</title>
<para>
Module implementers should not set a specific bit size in order to let
users configure it by themselves if they want to have a different bit
size than the default (2048).
</para>
<para>
An example usage of this would be:
<programlisting>
{ config, ... }:
{
security.dhparams.params.myservice = {};
environment.etc."myservice.conf".text = ''
dhparams = ${config.security.dhparams.params.myservice.path}
'';
}
</programlisting>
</para>
</note>
</listitem>
</itemizedlist>
</section>
</section>
View git blame Copy permalink