mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-06-11 20:25:32 +03:00
309 lines
12 KiB
XML
309 lines
12 KiB
XML
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-23.05">
|
||
<title>Release 23.05 (“Stoat”, 2023.05/??)</title>
|
||
<para>
|
||
Support is planned until the end of December 2023, handing over to
|
||
23.11.
|
||
</para>
|
||
<section xml:id="sec-release-23.05-highlights">
|
||
<title>Highlights</title>
|
||
<para>
|
||
In addition to numerous new and upgraded packages, this release
|
||
has the following highlights:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Cinnamon has been updated to 5.6, see
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/201328#issue-1449910204">the
|
||
pull request</link> for what is changed.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-23.05-new-services">
|
||
<title>New Services</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/akinomyoga/ble.sh">blesh</link>,
|
||
a line editor written in pure bash. Available as
|
||
<link linkend="opt-programs.bash.blesh.enable">programs.bash.blesh</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/junegunn/fzf">fzf</link>,
|
||
a command line fuzzyfinder. Available as
|
||
<link linkend="opt-programs.fzf.fuzzyCompletion">programs.fzf</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/ellie/atuin">atuin</link>,
|
||
a sync server for shell history. Available as
|
||
<link linkend="opt-services.atuin.enable">services.atuin</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://gitlab.com/kop316/mmsd">mmsd</link>,
|
||
a lower level daemon that transmits and recieves MMSes.
|
||
Available as
|
||
<link linkend="opt-services.mmsd.enable">services.mmsd</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://v2raya.org">v2rayA</link>, a Linux
|
||
web GUI client of Project V which supports V2Ray, Xray, SS,
|
||
SSR, Trojan and Pingtunnel. Available as
|
||
<link xlink:href="options.html#opt-services.v2raya.enable">services.v2raya</link>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-23.05-incompatibilities">
|
||
<title>Backward Incompatibilities</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<literal>carnix</literal> and <literal>cratesIO</literal> has
|
||
been removed due to being unmaintained, use alternatives such
|
||
as
|
||
<link xlink:href="https://github.com/nix-community/naersk">naersk</link>
|
||
and
|
||
<link xlink:href="https://github.com/kolloch/crate2nix">crate2nix</link>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>borgbackup</literal> module now has an option for
|
||
inhibiting system sleep while backups are running, defaulting
|
||
to off (not inhibiting sleep), available as
|
||
<link linkend="opt-services.borgbackup.jobs._name_.inhibitsSleep"><literal>services.borgbackup.jobs.<name>.inhibitsSleep</literal></link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The EC2 image module no longer fetches instance metadata in
|
||
stage-1. This results in a significantly smaller initramfs,
|
||
since network drivers no longer need to be included, and
|
||
faster boots, since metadata fetching can happen in parallel
|
||
with startup of other services. This breaks services which
|
||
rely on metadata being present by the time stage-2 is entered.
|
||
Anything which reads EC2 metadata from
|
||
<literal>/etc/ec2-metadata</literal> should now have an
|
||
<literal>after</literal> dependency on
|
||
<literal>fetch-ec2-metadata.service</literal>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>services.sourcehut.dispatch</literal> and the
|
||
corresponding package
|
||
(<literal>sourcehut.dispatchsrht</literal>) have been removed
|
||
due to
|
||
<link xlink:href="https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/">upstream
|
||
deprecation</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link linkend="opt-services.snapserver.openFirewall">services.snapserver.openFirewall</link>
|
||
module option default value has been changed from
|
||
<literal>true</literal> to <literal>false</literal>. You will
|
||
need to explicitely set this option to
|
||
<literal>true</literal>, or configure your firewall.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link linkend="opt-services.tmate-ssh-server.openFirewall">services.tmate-ssh-server.openFirewall</link>
|
||
module option default value has been changed from
|
||
<literal>true</literal> to <literal>false</literal>. You will
|
||
need to explicitely set this option to
|
||
<literal>true</literal>, or configure your firewall.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link linkend="opt-services.unifi-video.openFirewall">services.unifi-video.openFirewall</link>
|
||
module option default value has been changed from
|
||
<literal>true</literal> to <literal>false</literal>. You will
|
||
need to explicitely set this option to
|
||
<literal>true</literal>, or configure your firewall.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The EC2 image module previously detected and automatically
|
||
mounted ext3-formatted instance store devices and partitions
|
||
in stage-1 (initramfs), storing <literal>/tmp</literal> on the
|
||
first discovered device. This behaviour, which only catered to
|
||
very specific use cases and could not be disabled, has been
|
||
removed. Users relying on this should provide their own
|
||
implementation, and probably use ext4 and perform the mount in
|
||
stage-2.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The EC2 image module previously detected and activated
|
||
swap-formatted instance store devices and partitions in
|
||
stage-1 (initramfs). This behaviour has been removed. Users
|
||
relying on this should provide their own implementation.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Qt 5.12 and 5.14 have been removed, as the corresponding
|
||
branches have been EOL upstream for a long time. This affected
|
||
under 10 packages in nixpkgs, largely unmaintained upstream as
|
||
well, however, out-of-tree package expressions may need to be
|
||
updated manually.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
In <literal>mastodon</literal> it is now necessary to specify
|
||
location of file with <literal>PostgreSQL</literal> database
|
||
password. In
|
||
<literal>services.mastodon.database.passwordFile</literal>
|
||
parameter default value
|
||
<literal>/var/lib/mastodon/secrets/db-password</literal> has
|
||
been changed to <literal>null</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>nix.readOnlyStore</literal> option has been
|
||
renamed to <literal>boot.readOnlyNixStore</literal> to clarify
|
||
that it configures the NixOS boot process, not the Nix daemon.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-23.05-notable-changes">
|
||
<title>Other Notable Changes</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<literal>vim_configurable</literal> has been renamed to
|
||
<literal>vim-full</literal> to avoid confusion:
|
||
<literal>vim-full</literal>’s build-time features are
|
||
configurable, but both <literal>vim</literal> and
|
||
<literal>vim-full</literal> are
|
||
<emphasis>customizable</emphasis> (in the sense of user
|
||
configuration, like vimrc).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The module for the application firewall
|
||
<literal>opensnitch</literal> got the ability to configure
|
||
rules. Available as
|
||
<link linkend="opt-services.opensnitch.rules">services.opensnitch.rules</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>services.mastodon</literal> gained a tootctl wrapped
|
||
named <literal>mastodon-tootctl</literal> similar to
|
||
<literal>nextcloud-occ</literal> which can be executed from
|
||
any user and switches to the configured mastodon user with
|
||
sudo and sources the environment variables.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>dnsmasq</literal> service now takes configuration
|
||
via the <literal>services.dnsmasq.settings</literal> attribute
|
||
set. The option
|
||
<literal>services.dnsmasq.extraConfig</literal> will be
|
||
deprecated when NixOS 22.11 reaches end of life.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
To reduce closure size in
|
||
<literal>nixos/modules/profiles/minimal.nix</literal> profile
|
||
disabled installation documentations and manuals. Also
|
||
disabled <literal>logrotate</literal> and
|
||
<literal>udisks2</literal> services.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The minimal ISO image now uses the
|
||
<literal>nixos/modules/profiles/minimal.nix</literal> profile.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>mastodon</literal> now supports connection to a
|
||
remote <literal>PostgreSQL</literal> database.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
A new <literal>virtualisation.rosetta</literal> module was
|
||
added to allow running <literal>x86_64</literal> binaries
|
||
through
|
||
<link xlink:href="https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment">Rosetta</link>
|
||
inside virtualised NixOS guests on Apple silicon. This feature
|
||
works by default with the
|
||
<link xlink:href="https://docs.getutm.app/">UTM</link>
|
||
virtualisation
|
||
<link xlink:href="https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm">package</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The new option <literal>users.motdFile</literal> allows
|
||
configuring a Message Of The Day that can be updated
|
||
dynamically.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Resilio sync secret keys can now be provided using a secrets
|
||
file at runtime, preventing these secrets from ending up in
|
||
the Nix store.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>services.fwupd</literal> module now allows
|
||
arbitrary daemon settings to be configured in a structured
|
||
manner
|
||
(<link linkend="opt-services.fwupd.daemonSettings"><literal>services.fwupd.daemonSettings</literal></link>).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>unifi-poller</literal> package and corresponding
|
||
NixOS module have been renamed to <literal>unpoller</literal>
|
||
to match upstream.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The new option
|
||
<literal>services.tailscale.useRoutingFeatures</literal>
|
||
controls various settings for using Tailscale features like
|
||
exit nodes and subnet routers. If you wish to use your machine
|
||
as an exit node, you can set this setting to
|
||
<literal>server</literal>, otherwise if you wish to use an
|
||
exit node you can set this setting to
|
||
<literal>client</literal>. The strict RPF warning has been
|
||
removed as the RPF will be loosened automatically based on the
|
||
value of this setting.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
</section>
|