colin
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/kavita: document new `tokenKeyFile` requirements

This commit is contained in:
David Knaack 2024-03-31 16:11:40 +02:00
parent c4451cc34f
commit 2bde9aa8f8
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/doc/manual/release-notes/rl-2405.section.md
View File

@ -468,7 +468,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `services.kavita` now uses the freeform option `services.kavita.settings` for the application settings file.
The options `services.kavita.ipAdresses` and `services.kavita.port` now exist at `services.kavita.settings.IpAddresses`
and `services.kavita.settings.IpAddresses`.
and `services.kavita.settings.IpAddresses`. The file at `services.kavita.tokenKeyFile` now needs to contain a secret with
512+ bits instead of 128+ bits.
- The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.

4
nixos/modules/services/web-apps/kavita.nix
View File

@ -34,8 +34,8 @@ in
tokenKeyFile = lib.mkOption {
type = lib.types.path;
description = lib.mdDoc ''
A file containing the TokenKey, a secret with at 128+ bits.
It can be generated with `head -c 32 /dev/urandom | base64`.
A file containing the TokenKey, a secret with at 512+ bits.
It can be generated with `head -c 64 /dev/urandom | base64 --wrap=0`.
'';
};