From d8e697b4fcfd929d05221ac3e67b9c04ac69df86 Mon Sep 17 00:00:00 2001 From: Lucas Savva Date: Sun, 9 Feb 2020 15:59:03 +0000 Subject: [PATCH] nixos/acme: update release notes for 20.03 --- nixos/doc/manual/release-notes/rl-2003.xml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index 51f91268eff06..37ac4ec028810 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -441,6 +441,22 @@ users.users.me = now uses the short rather than full version string. + + + The ACME module has switched from simp-le to lego + which allows us to support DNS-01 challenges and wildcard certificates. The following options have been added: + security.acme.acceptTerms, + security.acme.certs.<name>.dnsProvider, + security.acme.certs.<name>.credentialsFile, + security.acme.certs.<name>.dnsPropagationCheck. + As well as this, the options security.acme.acceptTerms and either + security.acme.email or security.acme.certs.<name>.email + must be set in order to use the ACME module. + Certificates will be regenerated from new on the next renewal date. The credentials for simp-le are + preserved and thus it is possible to roll back to previous versions without breaking certificate + generation. + +