nixos/kavita: document new `tokenKeyFile` requirements
This commit is contained in:
parent
c4451cc34f
commit
2bde9aa8f8
|
@ -468,7 +468,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
|||
|
||||
- `services.kavita` now uses the freeform option `services.kavita.settings` for the application settings file.
|
||||
The options `services.kavita.ipAdresses` and `services.kavita.port` now exist at `services.kavita.settings.IpAddresses`
|
||||
and `services.kavita.settings.IpAddresses`.
|
||||
and `services.kavita.settings.IpAddresses`. The file at `services.kavita.tokenKeyFile` now needs to contain a secret with
|
||||
512+ bits instead of 128+ bits.
|
||||
|
||||
- The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
|
||||
|
||||
|
|
|
@ -34,8 +34,8 @@ in
|
|||
tokenKeyFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = lib.mdDoc ''
|
||||
A file containing the TokenKey, a secret with at 128+ bits.
|
||||
It can be generated with `head -c 32 /dev/urandom | base64`.
|
||||
A file containing the TokenKey, a secret with at 512+ bits.
|
||||
It can be generated with `head -c 64 /dev/urandom | base64 --wrap=0`.
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in New Issue