diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-08-31 11:57:05 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-09-16 22:04:28 +0000 |
commit | a0842e8b20cbe1ed717b72775428d1f8fc047fa4 (patch) | |
tree | b86d0614a477f7e092d626d59b888d085aaca400 /nixpkgs/nixos/doc/manual/release-notes | |
parent | c36b32d476b520ed0d2a37cd0973f98583d6dc7c (diff) | |
parent | 8d1510abfb592339e13ce8f6db6f29c1f8b72924 (diff) | |
download | nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar.gz nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar.bz2 nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar.lz nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar.xz nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.tar.zst nixlib-a0842e8b20cbe1ed717b72775428d1f8fc047fa4.zip |
Merge commit '8d1510abfb592339e13ce8f6db6f29c1f8b72924'
Diffstat (limited to 'nixpkgs/nixos/doc/manual/release-notes')
-rw-r--r-- | nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml b/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml index b780cba357e8..36bea28530be 100644 --- a/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixpkgs/nixos/doc/manual/release-notes/rl-1909.xml @@ -48,6 +48,15 @@ To gain root privileges use <literal>sudo -i</literal> without a password. </para> </listitem> + <listitem> + <para> + We've updated to Xfce 4.14, which brings a new module <option>services.xserver.desktopManager.xfce4-14</option>. + If you'd like to upgrade, please switch from the <option>services.xserver.desktopManager.xfce</option> module as it + will be deprecated in a future release. They're incompatibilities with the current Xfce module; it doesn't support + <option>thunarPlugins</option> and it isn't recommended to use <option>services.xserver.desktopManager.xfce</option> + and <option>services.xserver.desktopManager.xfce4-14</option> simultaneously or to downgrade from Xfce 4.14 after upgrading. + </para> + </listitem> </itemizedlist> </section> @@ -237,6 +246,12 @@ </para> </listitem> <listitem> + <para> + The <literal>shibboleth-sp</literal> package has been updated to version 3. + It is largely backward compatible, for further information refer to the + <link xlink:href="https://wiki.shibboleth.net/confluence/display/SP3/ReleaseNotes">release notes</link> + and <link xlink:href="https://wiki.shibboleth.net/confluence/display/SP3/UpgradingFromV2">upgrade guide</link>. + </para> <para> Nodejs 8 is scheduled EOL under the lifetime of 19.09 and has been dropped. </para> @@ -263,6 +278,48 @@ <literal>false</literal>. </para> </listitem> + <listitem> + <para> + The <option>services.systemhealth</option> module has been removed from nixpkgs due to lack of maintainer. + </para> + </listitem> + <listitem> + <para> + The <option>services.mantisbt</option> module has been removed from nixpkgs due to lack of maintainer. + </para> + </listitem> + <listitem> + <para> + Squid 3 has been removed and the <option>squid</option> derivation now refers to Squid 4. + </para> + </listitem> + <listitem> + <para> + The <option>services.pdns-recursor.extraConfig</option> option has been replaced by + <option>services.pdns-recursor.settings</option>. The new option allows setting extra + configuration while being better type-checked and mergeable. + </para> + </listitem> + <listitem> + <para> + No service depends on <literal>keys.target</literal> anymore which is a systemd + target that indicates if all <link xlink:href="https://nixos.org/nixops/manual/#idm140737322342384">NixOps keys</link> were successfully uploaded. + Instead, <literal><key-name>-key.service</literal> should be used to define + a dependency of a key in a service. The full issue behind the <literal>keys.target</literal> + dependency is described at <link xlink:href="https://github.com/NixOS/nixpkgs/issues/67265">NixOS/nixpkgs#67265</link>. + </para> + <para> + The following services are affected by this: + <itemizedlist> + <listitem><para><link linkend="opt-services.dovecot2.enable"><literal>services.dovecot2</literal></link></para></listitem> + <listitem><para><link linkend="opt-services.nsd.enable"><literal>services.nsd</literal></link></para></listitem> + <listitem><para><link linkend="opt-services.softether.enable"><literal>services.softether</literal></link></para></listitem> + <listitem><para><link linkend="opt-services.strongswan.enable"><literal>services.strongswan</literal></link></para></listitem> + <listitem><para><link linkend="opt-services.strongswan-swanctl.enable"><literal>services.strongswan-swanctl</literal></link></para></listitem> + <listitem><para><link linkend="opt-services.httpd.enable"><literal>services.httpd</literal></link></para></listitem> + </itemizedlist> + </para> + </listitem> </itemizedlist> </section> @@ -435,6 +492,48 @@ idiom or extract that anonymous mapping function to a named one. Both can still be used but <literal>lib.forEach</literal> is preferred over <literal>lib.flip map</literal>. </para> + <para> + The <literal>/etc/sysctl.d/nixos.conf</literal> file containing all the options set via + <link linkend="opt-boot.kernel.sysctl">boot.kernel.sysctl</link> was moved to + <literal>/etc/sysctl.d/60-nixos.conf</literal>, as + <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> + recommends prefixing all filenames in <literal>/etc/sysctl.d</literal> with a + two-digit number and a dash to simplify the ordering of the files. + </para> + </listitem> + <listitem> + <para> + We now install the sysctl snippets shipped with systemd. + <itemizedlist> + <para>This enables:</para> + <listitem> + <para>Loose reverse path filtering</para> + </listitem> + <listitem> + <para>Source route filtering</para> + </listitem> + <listitem> + <para> + <literal>fq_codel</literal> as a packet scheduler (this helps to fight bufferbloat) + </para> + </listitem> + </itemizedlist> + + This also configures the kernel to pass coredumps to <literal>systemd-coredump</literal>. + These sysctl snippets can be found in <literal>/etc/sysctl.d/50-*.conf</literal>, + and overridden via <link linkend="opt-boot.kernel.sysctl">boot.kernel.sysctl</link> + (which will place the parameters in <literal>/etc/sysctl.d/60-nixos.conf</literal>). + </para> + </listitem> + <listitem> + <para> + Coredumps are now acquired by <literal>systemd-coredump</literal> by default. + <literal>systemd-coredump</literal> behaviour can still be modified via + <option>systemd.coredump.extraConfig</option>. + To stick to the old behaviour (having the kernel dump to a file called <literal>core</literal> + in the working directory), without piping it through <literal>systemd-coredump</literal>, set + <option>boot.kernel.sysctl."kernel.core_pattern"</option> to <literal>"core"</literal>. + </para> </listitem> <listitem> <para> @@ -443,6 +542,20 @@ been removed. </para> </listitem> + <listitem> + <para> + The <literal>rmilter</literal> package was removed with associated module and options due deprecation by upstream developer. + Use <literal>rspamd</literal> in proxy mode instead. + </para> + </listitem> + <listitem> + <para> + systemd cgroup accounting via the + <link linkend="opt-systemd.enableCgroupAccounting">systemd.enableCgroupAccounting</link> + option is now enabled by default. It now also enables the more recent Block IO and IP accounting + features. + </para> + </listitem> </itemizedlist> </section> </section> |