release-notes: don't encourage people to copy secrets to the store

This commit is contained in:
Guillaume Girol 2022-05-27 12:00:00 +00:00
parent 03eb4fd7ae
commit 2fdd23c154
2 changed files with 6 additions and 4 deletions

View File

@ -1006,7 +1006,7 @@
};
extraConfigFiles = [
/run/keys/matrix-synapse/secrets.yaml
"/run/keys/matrix-synapse/secrets.yaml"
];
};
}
@ -1014,7 +1014,9 @@
<para>
The secrets in your original config should be migrated into a
YAML file that is included via
<literal>extraConfigFiles</literal>.
<literal>extraConfigFiles</literal>. The filename must be
quoted to prevent nix from copying it to the (world readable)
store.
</para>
<para>
Additionally a few option defaults have been synced up with

View File

@ -388,13 +388,13 @@ In addition to numerous new and upgraded packages, this release has the followin
};
extraConfigFiles = [
/run/keys/matrix-synapse/secrets.yaml
"/run/keys/matrix-synapse/secrets.yaml"
];
};
}
```
The secrets in your original config should be migrated into a YAML file that is included via `extraConfigFiles`.
The secrets in your original config should be migrated into a YAML file that is included via `extraConfigFiles`. The filename must be quoted to prevent nix from copying it to the (world readable) store.
Additionally a few option defaults have been synced up with upstream default values, for example the `max_upload_size` grew from `10M` to `50M`. For the same reason, the default
`media_store_path` was changed from `${dataDir}/media` to `${dataDir}/media_store` if `system.stateVersion` is at least `22.05`. Files will need to be manually moved to the new