pyrox.dev / nixpkgs
lol
fork atom

nixos/acme: Update release notes

Lucas Savva 07c15833 377c6bce

options
unified split
Changed files
+36 -1
nixos
doc
manual
from_md
release-notes
rl-2205.section.xml
release-notes
rl-2205.section.md
+25 -1
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml 
···

       
14

       
 

       
  </itemizedlist>


     

       
15

       
 

       
  <section xml:id="sec-release-22.05-highlights">


     

       
16

       
 

       
    <title>Highlights</title>


     

       
17

       
-

       
    <itemizedlist spacing="compact">


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
18

       
 

       
      <listitem>


     

       
19

       
 

       
        <para>


     

       
20

       
 

       
          PHP 8.1 is now available


     
···

       
178

       
 

       
          value of <literal>true</literal> is now deprecated and will be


     

       
179

       
 

       
          changed to <literal>false</literal> in 22.11. Configurations


     

       
180

       
 

       
          using this default will print a warning when rebuilt.


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
181

       
 

       
        </para>


     

       
182

       
 

       
      </listitem>


     

       
183

       
 

       
      <listitem>


     
···

       
14

       
 

       
  </itemizedlist>


     

       
15

       
 

       
  <section xml:id="sec-release-22.05-highlights">


     

       
16

       
 

       
    <title>Highlights</title>


     

       
17

       
+

       
    <itemizedlist>


     

       
18

       
+

       
      <listitem>


     

       
19

       
+

       
        <para>


     

       
20

       
+

       
          <literal>security.acme.defaults</literal> has been added to


     

       
21

       
+

       
          simplify configuring settings for many certificates at once.


     

       
22

       
+

       
          This also opens up the the option to use DNS-01 validation


     

       
23

       
+

       
          when using <literal>enableACME</literal> on web server virtual


     

       
24

       
+

       
          hosts (e.g.


     

       
25

       
+

       
          <literal>services.nginx.virtualHosts.*.enableACME</literal>).


     

       
26

       
+

       
        </para>


     

       
27

       
+

       
      </listitem>


     

       
28

       
 

       
      <listitem>


     

       
29

       
 

       
        <para>


     

       
30

       
 

       
          PHP 8.1 is now available


     
···

       
188

       
 

       
          value of <literal>true</literal> is now deprecated and will be


     

       
189

       
 

       
          changed to <literal>false</literal> in 22.11. Configurations


     

       
190

       
 

       
          using this default will print a warning when rebuilt.


     

       
191

       
+

       
        </para>


     

       
192

       
+

       
      </listitem>


     

       
193

       
+

       
      <listitem>


     

       
194

       
+

       
        <para>


     

       
195

       
+

       
          <literal>security.acme</literal> certificates will now


     

       
196

       
+

       
          correctly check for CA revokation before reaching their


     

       
197

       
+

       
          minimum age.


     

       
198

       
+

       
        </para>


     

       
199

       
+

       
      </listitem>


     

       
200

       
+

       
      <listitem>


     

       
201

       
+

       
        <para>


     

       
202

       
+

       
          Removing domains from


     

       
203

       
+

       
          <literal>security.acme.certs._name_.extraDomainNames</literal>


     

       
204

       
+

       
          will now correctly remove those domains during rebuild/renew.


     

       
205

       
 

       
        </para>


     

       
206

       
 

       
      </listitem>


     

       
207

       
 

       
      <listitem>
+11
nixos/doc/manual/release-notes/rl-2205.section.md 
···

       
6

       
 

       



     

       
7

       
 

       
## Highlights {#sec-release-22.05-highlights}


     

       
8

       
 

       



     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
9

       
 

       
- PHP 8.1 is now available


     

       
10

       
 

       



     

       
11

       
 

       
## New Services {#sec-release-22.05-new-services}


     
···

       
72

       
 

       



     

       
73

       
 

       
- The `services.unifi.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11.


     

       
74

       
 

       
  Configurations using this default will print a warning when rebuilt.


     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       

       

       
     

       
75

       
 

       



     

       
76

       
 

       
- The option


     

       
77

       
 

       
  [services.ssh.enableAskPassword](#opt-services.ssh.enableAskPassword) was


     
···

       
6

       
 

       



     

       
7

       
 

       
## Highlights {#sec-release-22.05-highlights}


     

       
8

       
 

       



     

       
9

       
+

       
- `security.acme.defaults` has been added to simplify configuring


     

       
10

       
+

       
  settings for many certificates at once. This also opens up the


     

       
11

       
+

       
  the option to use DNS-01 validation when using `enableACME` on


     

       
12

       
+

       
  web server virtual hosts (e.g. `services.nginx.virtualHosts.*.enableACME`).


     

       
13

       
+

       



     

       
14

       
 

       
- PHP 8.1 is now available


     

       
15

       
 

       



     

       
16

       
 

       
## New Services {#sec-release-22.05-new-services}


     
···

       
77

       
 

       



     

       
78

       
 

       
- The `services.unifi.openPorts` option default value of `true` is now deprecated and will be changed to `false` in 22.11.


     

       
79

       
 

       
  Configurations using this default will print a warning when rebuilt.


     

       
80

       
+

       



     

       
81

       
+

       
- `security.acme` certificates will now correctly check for CA


     

       
82

       
+

       
  revokation before reaching their minimum age.


     

       
83

       
+

       



     

       
84

       
+

       
- Removing domains from `security.acme.certs._name_.extraDomainNames`


     

       
85

       
+

       
  will now correctly remove those domains during rebuild/renew.


     

       
86

       
 

       



     

       
87

       
 

       
- The option


     

       
88

       
 

       
  [services.ssh.enableAskPassword](#opt-services.ssh.enableAskPassword) was