diff --git a/nixos/doc/manual/release-notes/rl-1809.xml b/nixos/doc/manual/release-notes/rl-1809.xml index 61f9ec8ba99..acf9db8f3e3 100644 --- a/nixos/doc/manual/release-notes/rl-1809.xml +++ b/nixos/doc/manual/release-notes/rl-1809.xml @@ -77,7 +77,57 @@ following incompatible changes: + The module for has two new options + now: + + + + + + Puts the generated Diffie-Hellman parameters into the Nix store + instead of managing them in a stateful manner in + /var/lib/dhparams. + + + + + + The default bit size to use for the generated Diffie-Hellman + parameters. + + + + + + The path to the actual generated parameter files should now be queried + using + config.security.dhparams.params.name.path + because it might be either in the Nix store or in a directory configured + by . + + + + For developers: + + Module implementers should not set a specific bit size in order to let + users configure it by themselves if they want to have a different bit + size than the default (2048). + + + An example usage of this would be: + +{ config, ... }: + +{ + security.dhparams.params.myservice = {}; + environment.etc."myservice.conf".text = '' + dhparams = ${config.security.dhparams.params.myservice.path} + ''; +} + + +