Loading nixos/doc/manual/release-notes/rl-2511.section.md +4 −0 Original line number Diff line number Diff line Loading @@ -202,6 +202,10 @@ - Linux 5.4 and all its variants have been removed since mainline will reach its end of life within the support-span of 25.11. - The `services.nginx.sso` module has switched to generating its configuration file in `/run`. You should manually delete `/var/lib/nginx-sso/config.yaml` to avoid storing secret values to disk. - The `services.polipo` module has been removed as `polipo` is unmaintained and archived upstream. - `boot.enableContainers` is only turned on when a declarative NixOS container is defined in `containers`. Loading nixos/modules/services/security/nginx-sso.nix +3 −6 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ let cfg = config.services.nginx.sso; format = pkgs.formats.yaml { }; configPath = "/var/lib/nginx-sso/config.yaml"; configPath = "/run/nginx-sso/config.yaml"; secretsReplacement = utils.genJqSecretsReplacement { loadCredential = true; } cfg.configuration configPath; Loading Loading @@ -60,14 +60,11 @@ in description = "Nginx SSO Backend"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = secretsReplacement.script; serviceConfig = { StateDirectory = "nginx-sso"; WorkingDirectory = "/var/lib/nginx-sso"; ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' rm -f '${configPath}' # Relies on YAML being a superset of JSON ${secretsReplacement.script} ''; RuntimeDirectory = "nginx-sso"; ExecStart = '' ${lib.getExe cfg.package} \ --config ${configPath} \ Loading Loading
nixos/doc/manual/release-notes/rl-2511.section.md +4 −0 Original line number Diff line number Diff line Loading @@ -202,6 +202,10 @@ - Linux 5.4 and all its variants have been removed since mainline will reach its end of life within the support-span of 25.11. - The `services.nginx.sso` module has switched to generating its configuration file in `/run`. You should manually delete `/var/lib/nginx-sso/config.yaml` to avoid storing secret values to disk. - The `services.polipo` module has been removed as `polipo` is unmaintained and archived upstream. - `boot.enableContainers` is only turned on when a declarative NixOS container is defined in `containers`. Loading
nixos/modules/services/security/nginx-sso.nix +3 −6 Original line number Diff line number Diff line Loading @@ -8,7 +8,7 @@ let cfg = config.services.nginx.sso; format = pkgs.formats.yaml { }; configPath = "/var/lib/nginx-sso/config.yaml"; configPath = "/run/nginx-sso/config.yaml"; secretsReplacement = utils.genJqSecretsReplacement { loadCredential = true; } cfg.configuration configPath; Loading Loading @@ -60,14 +60,11 @@ in description = "Nginx SSO Backend"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = secretsReplacement.script; serviceConfig = { StateDirectory = "nginx-sso"; WorkingDirectory = "/var/lib/nginx-sso"; ExecStartPre = pkgs.writeShellScript "merge-nginx-sso-config" '' rm -f '${configPath}' # Relies on YAML being a superset of JSON ${secretsReplacement.script} ''; RuntimeDirectory = "nginx-sso"; ExecStart = '' ${lib.getExe cfg.package} \ --config ${configPath} \ Loading
