summary refs log tree commit diff
path: root/nixos/doc/manual/release-notes/rl-2103.xml
diff options
context:
space:
mode:
authorJulien Moutinho <julm+nixpkgs@sourcephile.fr>2020-09-11 07:46:59 +0200
committerJulien Moutinho <julm+nixpkgs@sourcephile.fr>2021-01-04 01:02:26 +0100
commit0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94 (patch)
tree139e7cdab4edd8a3e849dcdb3c508439d1f7b545 /nixos/doc/manual/release-notes/rl-2103.xml
parent6b342809b1b66dce758364f763b64c6a1a9e6211 (diff)
downloadnixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar.gz
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar.bz2
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar.lz
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar.xz
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.tar.zst
nixpkgs-0ccdd6f2b043e5123ffd1f76cd2187c39ce19b94.zip
nixos/tor: improve type-checking and hardening
Fixes #77395.
Fixes #82790.
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2103.xml')
-rw-r--r--nixos/doc/manual/release-notes/rl-2103.xml10
1 files changed, 10 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2103.xml b/nixos/doc/manual/release-notes/rl-2103.xml
index 38262b50899..1e3ae23b9b3 100644
--- a/nixos/doc/manual/release-notes/rl-2103.xml
+++ b/nixos/doc/manual/release-notes/rl-2103.xml
@@ -279,6 +279,16 @@
     </programlisting>
    </listitem>
    <listitem>
+    <para>
+      The <literal>services.tor</literal> module has a new exhaustively typed <xref linkend="opt-services.tor.settings" /> option following RFC 0042; backward compatibility with old options has been preserved when aliasing was possible.
+      The corresponding systemd service has been hardened,
+      but there is a chance that the service still requires more permissions,
+      so please report any related trouble on the bugtracker.
+      Onion services v3 are now supported in <xref linkend="opt-services.tor.relay.onionServices" />.
+      A new <xref linkend="opt-services.tor.openFirewall" /> option as been introduced for allowing connections on all the TCP ports configured.
+    </para>
+   </listitem>
+   <listitem>
      <para>
        The options <literal>services.slurm.dbdserver.storagePass</literal>
        and <literal>services.slurm.dbdserver.configFile</literal> have been removed.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-21 05:59:50 +0000