diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1909.section.md')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1909.section.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1909.section.md b/nixos/doc/manual/release-notes/rl-1909.section.md index 42835238819..22cef05d4fa 100644 --- a/nixos/doc/manual/release-notes/rl-1909.section.md +++ b/nixos/doc/manual/release-notes/rl-1909.section.md @@ -194,7 +194,7 @@ When upgrading from a previous release, please be aware of the following incompa `security.acme.preDelay` and `security.acme.activationDelay` options have been removed. To execute a service before certificates are provisioned or renewed add a `RequiredBy=acme-${cert}.service` to any service. - Furthermore, the acme module will not automatically add a dependency on `lighttpd.service` anymore. If you are using certficates provided by letsencrypt for lighttpd, then you should depend on the certificate service `acme-${cert}.service>` manually. + Furthermore, the acme module will not automatically add a dependency on `lighttpd.service` anymore. If you are using certificates provided by letsencrypt for lighttpd, then you should depend on the certificate service `acme-${cert}.service>` manually. For nginx, the dependencies are still automatically managed when `services.nginx.virtualhosts.<name>.enableACME` is enabled just like before. What changed is that nginx now directly depends on the specific certificates that it needs, instead of depending on the catch-all `acme-certificates.target`. This target unit was also removed from the codebase. This will mean nginx will no longer depend on certificates it isn't explicitly managing and fixes a bug with certificate renewal ordering racing with nginx restarting which could lead to nginx getting in a broken state as described at [NixOS/nixpkgs\#60180](https://github.com/NixOS/nixpkgs/issues/60180). |