diff --git a/docs/changelogs/v0.34.md b/docs/changelogs/v0.34.md index 28b6ecd259b..1a4ae59ff5a 100644 --- a/docs/changelogs/v0.34.md +++ b/docs/changelogs/v0.34.md @@ -6,17 +6,39 @@ - [Overview](#overview) - [๐Ÿ”ฆ Highlights](#-highlights) + - [AutoTLS now enabled by default for nodes with 1 hour uptime](#autotls-now-enabled-by-default-for-nodes-with-1-hour-uptime) - [RPC and CLI command changes](#rpc-and-cli-command-changes) - [Bitswap improvements from Boxo](#bitswap-improvements-from-boxo) - - [IPFS_LOG_LEVEL deprecated](#ipfs_log_level-deprecated) - - [Pebble datastore format upgrade](#pebble_datastore_format_update) - - [Badger datastore update](#badger_datastore_update) + - [`IPFS_LOG_LEVEL` deprecated](#ipfs_log_level-deprecated) + - [Pebble datastore format update](#pebble-datastore-format-update) + - [Badger datastore update](#badger-datastore-update) - [๐Ÿ‘จโ€๐Ÿ‘ฉโ€๐Ÿ‘งโ€๐Ÿ‘ฆ Contributors](#-contributors) ### Overview ### ๐Ÿ”ฆ Highlights +#### AutoTLS now enabled by default for nodes with 1 hour uptime + +Starting now, any publicly dialable Kubo node with a `/tcp` listener that remains online for at least one hour will automatically receive a TLS certificate through the [`AutoTLS`](https://github.com/ipfs/kubo/blob/master/docs/config.md#autotls) feature. This hapens by default, without requiring manual intervention. + +To bypass the 1-hour delay and enable AutoTLS immediately, users can explicitly opt-in by running the following commands: + +```console +$ ipfs config --json AutoTLS.Enabled true +$ ipfs config --json AutoTLS.RegistrationDelay 0 +``` + +AutoTLS will remain disabled under the following conditions: + +- The node already has a manually configured `/ws` (WebSocket) listener +- A private network is in use with a `swarm.key` +- TCP or WebSocket transports are disabled, or there is no `/tcp` listener + +To troubleshoot, use `GOLOG_LOG_LEVEL="error,autotls=info`. + +For more details, check out the [`AutoTLS` configuration documentation](https://github.com/ipfs/kubo/blob/master/docs/config.md#autotls) or dive deeper with [AutoTLS libp2p blog post](https://blog.libp2p.io/autotls/). + #### RPC and CLI command changes - `ipfs config` is now validating json fields ([#10679](https://github.com/ipfs/kubo/pull/10679)).