diff options
author | Ryan Lahfa <masterancpp@gmail.com> | 2023-05-14 19:01:56 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-14 19:01:56 +0200 |
commit | 285330f081169c7a5735465fe640095355896650 (patch) | |
tree | f4892b53873d5afc00d594686c254048821f7db5 /nixos/doc | |
parent | 1ee11b8a31ceb765460c9692cd5b4fa445f71b47 (diff) | |
parent | 445d7cae2aebeabe4f9ba6ecd2f2177ac1be4bcb (diff) | |
download | nixlib-285330f081169c7a5735465fe640095355896650.tar nixlib-285330f081169c7a5735465fe640095355896650.tar.gz nixlib-285330f081169c7a5735465fe640095355896650.tar.bz2 nixlib-285330f081169c7a5735465fe640095355896650.tar.lz nixlib-285330f081169c7a5735465fe640095355896650.tar.xz nixlib-285330f081169c7a5735465fe640095355896650.tar.zst nixlib-285330f081169c7a5735465fe640095355896650.zip |
Merge pull request #230153 from mklca/swap-encrypt-enhancement
nixos/config/swap: improve randomEncrytion
Diffstat (limited to 'nixos/doc')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2305.section.md | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index c6a264a1b037..e0f18cca17a1 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -385,6 +385,26 @@ In addition to numerous new and upgraded packages, this release has the followin - `nextcloud` has an option to enable SSE-C in S3. +- NixOS swap partitions with random encryption can now control the sector size, cipher, and key size used to setup the plain encryption device over the + underlying block device rather than allowing them to be determined by `cryptsetup(8)`. One can use these features like so: + + ```nix + { + swapDevices = [ + { + device = "/dev/disk/by-partlabel/swapspace"; + + randomEncryption = { + enable = true; + cipher = "aes-xts-plain64"; + keySize = 512; + sectorSize = 4096; + }; + } + ]; + } + ``` + - `services.peertube` now requires you to specify the secret file `secrets.secretsFile`. It can be generated by running `openssl rand -hex 32`. Before upgrading, read the release notes for PeerTube: - [Release v5.0.0](https://github.com/Chocobozzz/PeerTube/releases/tag/v5.0.0) |