diff options
author | Naïm Favier <n@monade.li> | 2022-12-21 21:45:00 +0100 |
---|---|---|
committer | Naïm Favier <n@monade.li> | 2022-12-27 17:13:49 +0100 |
commit | e9e65810aca80e38dbc36f59a4400cfd5defaf82 (patch) | |
tree | da56e050544841ae81b5df01d6c483235b5edbc0 /nixos/doc/manual/release-notes/rl-1909.section.md | |
parent | d11832fd96ec146fc57ad11ec71dda7c0a2dee9c (diff) | |
download | nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar.gz nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar.bz2 nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar.lz nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar.xz nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.tar.zst nixpkgs-e9e65810aca80e38dbc36f59a4400cfd5defaf82.zip |
doc,nixos/doc: unescape double quotes
Leftovers from the CommonMark conversion.
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1909.section.md')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1909.section.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1909.section.md b/nixos/doc/manual/release-notes/rl-1909.section.md index 8be39c0abd8..42835238819 100644 --- a/nixos/doc/manual/release-notes/rl-1909.section.md +++ b/nixos/doc/manual/release-notes/rl-1909.section.md @@ -210,7 +210,7 @@ When upgrading from a previous release, please be aware of the following incompa - Citrix Receiver (`citrix_receiver`) has been dropped in favor of Citrix Workspace (`citrix_workspace`). -- The `services.gitlab` module has had its literal secret options (`services.gitlab.smtp.password`, `services.gitlab.databasePassword`, `services.gitlab.initialRootPassword`, `services.gitlab.secrets.secret`, `services.gitlab.secrets.db`, `services.gitlab.secrets.otp` and `services.gitlab.secrets.jws`) replaced by file-based versions (`services.gitlab.smtp.passwordFile`, `services.gitlab.databasePasswordFile`, `services.gitlab.initialRootPasswordFile`, `services.gitlab.secrets.secretFile`, `services.gitlab.secrets.dbFile`, `services.gitlab.secrets.otpFile` and `services.gitlab.secrets.jwsFile`). This was done so that secrets aren't stored in the world-readable nix store, but means that for each option you'll have to create a file with the same exact string, add \"File\" to the end of the option name, and change the definition to a string pointing to the corresponding file; e.g. `services.gitlab.databasePassword = "supersecurepassword"` becomes `services.gitlab.databasePasswordFile = "/path/to/secret_file"` where the file `secret_file` contains the string `supersecurepassword`. +- The `services.gitlab` module has had its literal secret options (`services.gitlab.smtp.password`, `services.gitlab.databasePassword`, `services.gitlab.initialRootPassword`, `services.gitlab.secrets.secret`, `services.gitlab.secrets.db`, `services.gitlab.secrets.otp` and `services.gitlab.secrets.jws`) replaced by file-based versions (`services.gitlab.smtp.passwordFile`, `services.gitlab.databasePasswordFile`, `services.gitlab.initialRootPasswordFile`, `services.gitlab.secrets.secretFile`, `services.gitlab.secrets.dbFile`, `services.gitlab.secrets.otpFile` and `services.gitlab.secrets.jwsFile`). This was done so that secrets aren't stored in the world-readable nix store, but means that for each option you'll have to create a file with the same exact string, add "File" to the end of the option name, and change the definition to a string pointing to the corresponding file; e.g. `services.gitlab.databasePassword = "supersecurepassword"` becomes `services.gitlab.databasePasswordFile = "/path/to/secret_file"` where the file `secret_file` contains the string `supersecurepassword`. The state path (`services.gitlab.statePath`) now has the following restriction: no parent directory can be owned by any other user than `root` or the user specified in `services.gitlab.user`; i.e. if `services.gitlab.statePath` is set to `/var/lib/gitlab/state`, `gitlab` and all parent directories must be owned by either `root` or the user specified in `services.gitlab.user`. |