diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-1603.xml')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1603.xml | 840 |
1 files changed, 529 insertions, 311 deletions
diff --git a/nixos/doc/manual/release-notes/rl-1603.xml b/nixos/doc/manual/release-notes/rl-1603.xml index 7279dd058270..9b512c4b1e58 100644 --- a/nixos/doc/manual/release-notes/rl-1603.xml +++ b/nixos/doc/manual/release-notes/rl-1603.xml @@ -3,250 +3,471 @@ xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="sec-release-16.03"> + <title>Release 16.03 (“Emu”, 2016/03/31)</title> -<title>Release 16.03 (“Emu”, 2016/03/31)</title> - -<para>In addition to numerous new and upgraded packages, this release -has the following highlights:</para> - -<itemizedlist> + <para> + In addition to numerous new and upgraded packages, this release has the + following highlights: + </para> + <itemizedlist> <listitem> - <para>Systemd 229, bringing <link + <para> + Systemd 229, bringing + <link xlink:href="https://github.com/systemd/systemd/blob/v229/NEWS">numerous - improvements</link> over 217.</para> + improvements</link> over 217. + </para> </listitem> - <listitem> - <para>Linux 4.4 (was 3.18).</para> + <para> + Linux 4.4 (was 3.18). + </para> </listitem> - <listitem> - <para>GCC 5.3 (was 4.9). Note that GCC 5 <link + <para> + GCC 5.3 (was 4.9). Note that GCC 5 + <link xlink:href="https://gcc.gnu.org/onlinedocs/libstdc++/manual/using_dual_abi.html">changes - the C++ ABI in an incompatible way</link>; this may cause problems - if you try to link objects compiled with different versions of - GCC.</para> + the C++ ABI in an incompatible way</link>; this may cause problems if you + try to link objects compiled with different versions of GCC. + </para> </listitem> - <listitem> - <para>Glibc 2.23 (was 2.21).</para> + <para> + Glibc 2.23 (was 2.21). + </para> </listitem> - <listitem> - <para>Binutils 2.26 (was 2.23.1). See #909</para> + <para> + Binutils 2.26 (was 2.23.1). See #909 + </para> </listitem> - <listitem> - <para>Improved support for ensuring <link - xlink:href="https://reproducible-builds.org/">bitwise reproducible - builds</link>. For example, <literal>stdenv</literal> now sets the - environment variable <envar + <para> + Improved support for ensuring + <link + xlink:href="https://reproducible-builds.org/">bitwise + reproducible builds</link>. For example, <literal>stdenv</literal> now sets + the environment variable + <envar xlink:href="https://reproducible-builds.org/specs/source-date-epoch/">SOURCE_DATE_EPOCH</envar> - to a deterministic value, and Nix has <link + to a deterministic value, and Nix has + <link xlink:href="http://nixos.org/nix/manual/#ssec-relnotes-1.11">gained - an option</link> to repeat a build a number of times to test - determinism. An ongoing project, the goal of exact reproducibility - is to allow binaries to be verified independently (e.g., a user - might only trust binaries that appear in three independent binary - caches).</para> + an option</link> to repeat a build a number of times to test determinism. + An ongoing project, the goal of exact reproducibility is to allow binaries + to be verified independently (e.g., a user might only trust binaries that + appear in three independent binary caches). + </para> </listitem> - <listitem> - <para>Perl 5.22.</para> + <para> + Perl 5.22. + </para> </listitem> + </itemizedlist> -</itemizedlist> - -<para>The following new services were added since the last release: - + <para> + The following new services were added since the last release: <itemizedlist> - <listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem> - <listitem><para><literal>hardware/video/webcam/facetimehd.nix</literal></para></listitem> - <listitem><para><literal>i18n/input-method/default.nix</literal></para></listitem> - <listitem><para><literal>i18n/input-method/fcitx.nix</literal></para></listitem> - <listitem><para><literal>i18n/input-method/ibus.nix</literal></para></listitem> - <listitem><para><literal>i18n/input-method/nabi.nix</literal></para></listitem> - <listitem><para><literal>i18n/input-method/uim.nix</literal></para></listitem> - <listitem><para><literal>programs/fish.nix</literal></para></listitem> - <listitem><para><literal>security/acme.nix</literal></para></listitem> - <listitem><para><literal>security/audit.nix</literal></para></listitem> - <listitem><para><literal>security/oath.nix</literal></para></listitem> - <listitem><para><literal>services/hardware/irqbalance.nix</literal></para></listitem> - <listitem><para><literal>services/mail/dspam.nix</literal></para></listitem> - <listitem><para><literal>services/mail/opendkim.nix</literal></para></listitem> - <listitem><para><literal>services/mail/postsrsd.nix</literal></para></listitem> - <listitem><para><literal>services/mail/rspamd.nix</literal></para></listitem> - <listitem><para><literal>services/mail/rmilter.nix</literal></para></listitem> - <listitem><para><literal>services/misc/autofs.nix</literal></para></listitem> - <listitem><para><literal>services/misc/bepasty.nix</literal></para></listitem> - <listitem><para><literal>services/misc/calibre-server.nix</literal></para></listitem> - <listitem><para><literal>services/misc/cfdyndns.nix</literal></para></listitem> - <listitem><para><literal>services/misc/gammu-smsd.nix</literal></para></listitem> - <listitem><para><literal>services/misc/mathics.nix</literal></para></listitem> - <listitem><para><literal>services/misc/matrix-synapse.nix</literal></para></listitem> - <listitem><para><literal>services/misc/octoprint.nix</literal></para></listitem> - <listitem><para><literal>services/monitoring/hdaps.nix</literal></para></listitem> - <listitem><para><literal>services/monitoring/heapster.nix</literal></para></listitem> - <listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem> - <listitem><para><literal>services/network-filesystems/netatalk.nix</literal></para></listitem> - <listitem><para><literal>services/network-filesystems/xtreemfs.nix</literal></para></listitem> - <listitem><para><literal>services/networking/autossh.nix</literal></para></listitem> - <listitem><para><literal>services/networking/dnschain.nix</literal></para></listitem> - <listitem><para><literal>services/networking/gale.nix</literal></para></listitem> - <listitem><para><literal>services/networking/miniupnpd.nix</literal></para></listitem> - <listitem><para><literal>services/networking/namecoind.nix</literal></para></listitem> - <listitem><para><literal>services/networking/ostinato.nix</literal></para></listitem> - <listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem> - <listitem><para><literal>services/networking/shairport-sync.nix</literal></para></listitem> - <listitem><para><literal>services/networking/supplicant.nix</literal></para></listitem> - <listitem><para><literal>services/search/kibana.nix</literal></para></listitem> - <listitem><para><literal>services/security/haka.nix</literal></para></listitem> - <listitem><para><literal>services/security/physlock.nix</literal></para></listitem> - <listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem> - <listitem><para><literal>services/x11/hardware/libinput.nix</literal></para></listitem> - <listitem><para><literal>services/x11/window-managers/windowlab.nix</literal></para></listitem> - <listitem><para><literal>system/boot/initrd-network.nix</literal></para></listitem> - <listitem><para><literal>system/boot/initrd-ssh.nix</literal></para></listitem> - <listitem><para><literal>system/boot/loader/loader.nix</literal></para></listitem> - <listitem><para><literal>system/boot/networkd.nix</literal></para></listitem> - <listitem><para><literal>system/boot/resolved.nix</literal></para></listitem> - <listitem><para><literal>virtualisation/lxd.nix</literal></para></listitem> - <listitem><para><literal>virtualisation/rkt.nix</literal></para></listitem> + <listitem> + <para> + <literal>services/monitoring/longview.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>hardware/video/webcam/facetimehd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>i18n/input-method/default.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>i18n/input-method/fcitx.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>i18n/input-method/ibus.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>i18n/input-method/nabi.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>i18n/input-method/uim.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>programs/fish.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>security/acme.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>security/audit.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>security/oath.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/hardware/irqbalance.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/mail/dspam.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/mail/opendkim.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/mail/postsrsd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/mail/rspamd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/mail/rmilter.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/autofs.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/bepasty.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/calibre-server.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/cfdyndns.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/gammu-smsd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/mathics.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/matrix-synapse.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/misc/octoprint.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/monitoring/hdaps.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/monitoring/heapster.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/monitoring/longview.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/network-filesystems/netatalk.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/network-filesystems/xtreemfs.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/autossh.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/dnschain.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/gale.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/miniupnpd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/namecoind.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/ostinato.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/pdnsd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/shairport-sync.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/networking/supplicant.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/search/kibana.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/security/haka.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/security/physlock.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/web-apps/pump.io.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/x11/hardware/libinput.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>services/x11/window-managers/windowlab.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>system/boot/initrd-network.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>system/boot/initrd-ssh.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>system/boot/loader/loader.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>system/boot/networkd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>system/boot/resolved.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>virtualisation/lxd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>virtualisation/rkt.nix</literal> + </para> + </listitem> </itemizedlist> -</para> - -<para>When upgrading from a previous release, please be aware of the -following incompatible changes:</para> + </para> -<itemizedlist> + <para> + When upgrading from a previous release, please be aware of the following + incompatible changes: + </para> + <itemizedlist> <listitem> - <para>We no longer produce graphical ISO images and VirtualBox - images for <literal>i686-linux</literal>. A minimal ISO image is - still provided.</para> + <para> + We no longer produce graphical ISO images and VirtualBox images for + <literal>i686-linux</literal>. A minimal ISO image is still provided. + </para> </listitem> - <listitem> - <para>Firefox and similar browsers are now <emphasis>wrapped by default</emphasis>. - The package and attribute names are plain <literal>firefox</literal> - or <literal>midori</literal>, etc. Backward-compatibility attributes were set up, - but note that <command>nix-env -u</command> will <emphasis>not</emphasis> update - your current <literal>firefox-with-plugins</literal>; - you have to uninstall it and install <literal>firefox</literal> instead.</para> + <para> + Firefox and similar browsers are now <emphasis>wrapped by + default</emphasis>. The package and attribute names are plain + <literal>firefox</literal> or <literal>midori</literal>, etc. + Backward-compatibility attributes were set up, but note that + <command>nix-env -u</command> will <emphasis>not</emphasis> update your + current <literal>firefox-with-plugins</literal>; you have to uninstall it + and install <literal>firefox</literal> instead. + </para> </listitem> - <listitem> - <para><command>wmiiSnap</command> has been replaced with + <para> + <command>wmiiSnap</command> has been replaced with <command>wmii_hg</command>, but - <command>services.xserver.windowManager.wmii.enable</command> has - been updated respectively so this only affects you if you have - explicitly installed <command>wmiiSnap</command>. - </para> + <command>services.xserver.windowManager.wmii.enable</command> has been + updated respectively so this only affects you if you have explicitly + installed <command>wmiiSnap</command>. + </para> </listitem> - <listitem> - <para><literal>jobs</literal> NixOS option has been removed. It served as + <para> + <literal>jobs</literal> NixOS option has been removed. It served as compatibility layer between Upstart jobs and SystemD services. All services - have been rewritten to use <literal>systemd.services</literal></para> + have been rewritten to use <literal>systemd.services</literal> + </para> </listitem> - <listitem> - <para><command>wmiimenu</command> is removed, as it has been - removed by the developers upstream. Use <command>wimenu</command> - from the <command>wmii-hg</command> package.</para> + <para> + <command>wmiimenu</command> is removed, as it has been removed by the + developers upstream. Use <command>wimenu</command> from the + <command>wmii-hg</command> package. + </para> </listitem> - <listitem> - <para>Gitit is no longer automatically added to the module list in - NixOS and as such there will not be any manual entries for it. You - will need to add an import statement to your NixOS configuration - in order to use it, e.g. - + <para> + Gitit is no longer automatically added to the module list in NixOS and as + such there will not be any manual entries for it. You will need to add an + import statement to your NixOS configuration in order to use it, e.g. <programlisting><![CDATA[ { imports = [ <nixpkgs/nixos/modules/services/misc/gitit.nix> ]; } ]]></programlisting> - - will include the Gitit service configuration options.</para> + will include the Gitit service configuration options. + </para> </listitem> - <listitem> - <para><command>nginx</command> does not accept flags for enabling and - disabling modules anymore. Instead it accepts <literal>modules</literal> - argument, which is a list of modules to be built in. All modules now - reside in <literal>nginxModules</literal> set. Example configuration: - + <para> + <command>nginx</command> does not accept flags for enabling and disabling + modules anymore. Instead it accepts <literal>modules</literal> argument, + which is a list of modules to be built in. All modules now reside in + <literal>nginxModules</literal> set. Example configuration: <programlisting><![CDATA[ nginx.override { modules = [ nginxModules.rtmp nginxModules.dav nginxModules.moreheaders ]; } ]]></programlisting> - </para> + </para> </listitem> - <listitem> - <para><command>s3sync</command> is removed, as it hasn't been - developed by upstream for 4 years and only runs with ruby 1.8. - For an actively-developer alternative look at - <command>tarsnap</command> and others. - </para> + <para> + <command>s3sync</command> is removed, as it hasn't been developed by + upstream for 4 years and only runs with ruby 1.8. For an actively-developer + alternative look at <command>tarsnap</command> and others. + </para> </listitem> - <listitem> - <para><command>ruby_1_8</command> has been removed as it's not - supported from upstream anymore and probably contains security - issues. - </para> + <para> + <command>ruby_1_8</command> has been removed as it's not supported from + upstream anymore and probably contains security issues. + </para> </listitem> - <listitem> - <para><literal>tidy-html5</literal> package is removed. - Upstream only provided <literal>(lib)tidy5</literal> during development, - and now they went back to <literal>(lib)tidy</literal> to work as a drop-in - replacement of the original package that has been unmaintained for years. - You can (still) use the <literal>html-tidy</literal> package, which got updated - to a stable release from this new upstream.</para> + <para> + <literal>tidy-html5</literal> package is removed. Upstream only provided + <literal>(lib)tidy5</literal> during development, and now they went back to + <literal>(lib)tidy</literal> to work as a drop-in replacement of the + original package that has been unmaintained for years. You can (still) use + the <literal>html-tidy</literal> package, which got updated to a stable + release from this new upstream. + </para> </listitem> - <listitem> - <para><literal>extraDeviceOptions</literal> argument is removed - from <literal>bumblebee</literal> package. Instead there are - now two separate arguments: <literal>extraNvidiaDeviceOptions</literal> - and <literal>extraNouveauDeviceOptions</literal> for setting - extra X11 options for nvidia and nouveau drivers, respectively. - </para> + <para> + <literal>extraDeviceOptions</literal> argument is removed from + <literal>bumblebee</literal> package. Instead there are now two separate + arguments: <literal>extraNvidiaDeviceOptions</literal> and + <literal>extraNouveauDeviceOptions</literal> for setting extra X11 options + for nvidia and nouveau drivers, respectively. + </para> </listitem> - <listitem> - <para>The <literal>Ctrl+Alt+Backspace</literal> key combination - no longer kills the X server by default. - There's a new option <option>services.xserver.enableCtrlAltBackspace</option> - allowing to enable the combination again. - </para> + <para> + The <literal>Ctrl+Alt+Backspace</literal> key combination no longer kills + the X server by default. There's a new option + <option>services.xserver.enableCtrlAltBackspace</option> allowing to enable + the combination again. + </para> </listitem> - <listitem> - <para><literal>emacsPackagesNg</literal> now contains all packages - from the ELPA, MELPA, and MELPA Stable repositories. - </para> + <para> + <literal>emacsPackagesNg</literal> now contains all packages from the ELPA, + MELPA, and MELPA Stable repositories. + </para> </listitem> - <listitem> - <para>Data directory for Postfix MTA server is moved from + <para> + Data directory for Postfix MTA server is moved from <filename>/var/postfix</filename> to <filename>/var/lib/postfix</filename>. - Old configurations are migrated automatically. <literal>service.postfix</literal> - module has also received many improvements, such as correct directories' access - rights, new <literal>aliasFiles</literal> and <literal>mapFiles</literal> - options and more.</para> + Old configurations are migrated automatically. + <literal>service.postfix</literal> module has also received many + improvements, such as correct directories' access rights, new + <literal>aliasFiles</literal> and <literal>mapFiles</literal> options and + more. + </para> </listitem> - <listitem> - <para>Filesystem options should now be configured as a list of strings, not - a comma-separated string. The old style will continue to work, but print a + <para> + Filesystem options should now be configured as a list of strings, not a + comma-separated string. The old style will continue to work, but print a warning, until the 16.09 release. An example of the new style: - <programlisting> fileSystems."/example" = { device = "/dev/sdc"; @@ -254,103 +475,103 @@ fileSystems."/example" = { options = [ "noatime" "compress=lzo" "space_cache" "autodefrag" ]; }; </programlisting> - </para> + </para> </listitem> - <listitem> - <para>CUPS, installed by <literal>services.printing</literal> module, now - has its data directory in <filename>/var/lib/cups</filename>. Old - configurations from <filename>/etc/cups</filename> are moved there - automatically, but there might be problems. Also configuration options + <para> + CUPS, installed by <literal>services.printing</literal> module, now has its + data directory in <filename>/var/lib/cups</filename>. Old configurations + from <filename>/etc/cups</filename> are moved there automatically, but + there might be problems. Also configuration options <literal>services.printing.cupsdConf</literal> and - <literal>services.printing.cupsdFilesConf</literal> were removed - because they had been allowing one to override configuration variables - required for CUPS to work at all on NixOS. For most use cases, + <literal>services.printing.cupsdFilesConf</literal> were removed because + they had been allowing one to override configuration variables required for + CUPS to work at all on NixOS. For most use cases, <literal>services.printing.extraConf</literal> and new option - <literal>services.printing.extraFilesConf</literal> should be enough; - if you encounter a situation when they are not, please file a bug.</para> - - <para>There are also Gutenprint improvements; in particular, a new option - <literal>services.printing.gutenprint</literal> is added to enable automatic - updating of Gutenprint PPMs; it's greatly recommended to enable it instead - of adding <literal>gutenprint</literal> to the <literal>drivers</literal> list. - </para> - </listitem> - - <listitem> - <para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use - <literal>hardware.opengl.extraPackages{,32}</literal> instead. You can - also specify VDPAU drivers there.</para> - </listitem> - - <listitem> - <para> - <literal>programs.ibus</literal> moved to <literal>i18n.inputMethod.ibus</literal>. - The option <literal>programs.ibus.plugins</literal> changed to <literal>i18n.inputMethod.ibus.engines</literal> - and the option to enable ibus changed from <literal>programs.ibus.enable</literal> to + <literal>services.printing.extraFilesConf</literal> should be enough; if + you encounter a situation when they are not, please file a bug. + </para> + <para> + There are also Gutenprint improvements; in particular, a new option + <literal>services.printing.gutenprint</literal> is added to enable + automatic updating of Gutenprint PPMs; it's greatly recommended to enable + it instead of adding <literal>gutenprint</literal> to the + <literal>drivers</literal> list. + </para> + </listitem> + <listitem> + <para> + <literal>services.xserver.vaapiDrivers</literal> has been removed. Use + <literal>hardware.opengl.extraPackages{,32}</literal> instead. You can also + specify VDPAU drivers there. + </para> + </listitem> + <listitem> + <para> + <literal>programs.ibus</literal> moved to + <literal>i18n.inputMethod.ibus</literal>. The option + <literal>programs.ibus.plugins</literal> changed to + <literal>i18n.inputMethod.ibus.engines</literal> and the option to enable + ibus changed from <literal>programs.ibus.enable</literal> to <literal>i18n.inputMethod.enabled</literal>. - <literal>i18n.inputMethod.enabled</literal> should be set to the used input method name, - <literal>"ibus"</literal> for ibus. - An example of the new style: - + <literal>i18n.inputMethod.enabled</literal> should be set to the used input + method name, <literal>"ibus"</literal> for ibus. An example of the new + style: <programlisting> i18n.inputMethod.enabled = "ibus"; i18n.inputMethod.ibus.engines = with pkgs.ibus-engines; [ anthy mozc ]; </programlisting> - -That is equivalent to the old version: - + That is equivalent to the old version: <programlisting> programs.ibus.enable = true; programs.ibus.plugins = with pkgs; [ ibus-anthy mozc ]; </programlisting> - - </para> + </para> </listitem> - <listitem> - <para><literal>services.udev.extraRules</literal> option now writes rules - to <filename>99-local.rules</filename> instead of <filename>10-local.rules</filename>. - This makes all the user rules apply after others, so their results wouldn't be - overriden by anything else.</para> + <para> + <literal>services.udev.extraRules</literal> option now writes rules to + <filename>99-local.rules</filename> instead of + <filename>10-local.rules</filename>. This makes all the user rules apply + after others, so their results wouldn't be overriden by anything else. + </para> </listitem> - <listitem> - <para>Large parts of the <literal>services.gitlab</literal> module has been - been rewritten. There are new configuration options available. The + <para> + Large parts of the <literal>services.gitlab</literal> module has been been + rewritten. There are new configuration options available. The <literal>stateDir</literal> option was renamned to - <literal>statePath</literal> and the <literal>satellitesDir</literal> option - was removed. Please review the currently available options.</para> + <literal>statePath</literal> and the <literal>satellitesDir</literal> + option was removed. Please review the currently available options. + </para> </listitem> - <listitem> - <para> - The option <option>services.nsd.zones.<name>.data</option> no - longer interpret the dollar sign ($) as a shell variable, as such it - should not be escaped anymore. Thus the following zone data: - </para> - <programlisting> + <para> + The option <option>services.nsd.zones.<name>.data</option> no longer + interpret the dollar sign ($) as a shell variable, as such it should not be + escaped anymore. Thus the following zone data: + </para> +<programlisting> \$ORIGIN example.com. \$TTL 1800 @ IN SOA ns1.vpn.nbp.name. admin.example.com. ( </programlisting> - <para> + <para> Should modified to look like the actual file expected by nsd: - </para> - <programlisting> + </para> +<programlisting> $ORIGIN example.com. $TTL 1800 @ IN SOA ns1.vpn.nbp.name. admin.example.com. ( </programlisting> </listitem> - <listitem> - <para> - <literal>service.syncthing.dataDir</literal> options now has to point - to exact folder where syncthing is writing to. Example configuration should + <para> + <literal>service.syncthing.dataDir</literal> options now has to point to + exact folder where syncthing is writing to. Example configuration should look something like: - </para> - <programlisting> + </para> +<programlisting> services.syncthing = { enable = true; dataDir = "/home/somebody/.syncthing"; @@ -358,76 +579,73 @@ services.syncthing = { }; </programlisting> </listitem> - - <listitem> - <para> - <literal>networking.firewall.allowPing</literal> is now enabled by - default. Users are encouraged to configure an appropriate rate limit for - their machines using the Kernel interface at - <filename>/proc/sys/net/ipv4/icmp_ratelimit</filename> and - <filename>/proc/sys/net/ipv6/icmp/ratelimit</filename> or using the - firewall itself, i.e. by setting the NixOS option - <literal>networking.firewall.pingLimit</literal>. - </para> - </listitem> - - <listitem> - <para> - Systems with some broadcom cards used to result into a generated config - that is no longer accepted. If you get errors like - <screen>error: path ‘/nix/store/*-broadcom-sta-*’ does not exist and cannot be created</screen> - you should either re-run <command>nixos-generate-config</command> or manually replace - <literal>"${config.boot.kernelPackages.broadcom_sta}"</literal> - by - <literal>config.boot.kernelPackages.broadcom_sta</literal> - in your <filename>/etc/nixos/hardware-configuration.nix</filename>. - More discussion is on <link xlink:href="https://github.com/NixOS/nixpkgs/pull/12595"> - the github issue</link>. - </para> - </listitem> - <listitem> - <para> - The <literal>services.xserver.startGnuPGAgent</literal> option has been removed. - GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no - longer requires (or even supports) the "start everything as a child of the - agent" scheme we've implemented in NixOS for older versions. - To configure the gpg-agent for your X session, add the following code to - <filename>~/.bashrc</filename> or some file that’s sourced when your shell is started: - <programlisting> + <para> + <literal>networking.firewall.allowPing</literal> is now enabled by default. + Users are encouraged to configure an appropriate rate limit for their + machines using the Kernel interface at + <filename>/proc/sys/net/ipv4/icmp_ratelimit</filename> and + <filename>/proc/sys/net/ipv6/icmp/ratelimit</filename> or using the + firewall itself, i.e. by setting the NixOS option + <literal>networking.firewall.pingLimit</literal>. + </para> + </listitem> + <listitem> + <para> + Systems with some broadcom cards used to result into a generated config + that is no longer accepted. If you get errors like +<screen>error: path ‘/nix/store/*-broadcom-sta-*’ does not exist and cannot be created</screen> + you should either re-run <command>nixos-generate-config</command> or + manually replace + <literal>"${config.boot.kernelPackages.broadcom_sta}"</literal> by + <literal>config.boot.kernelPackages.broadcom_sta</literal> in your + <filename>/etc/nixos/hardware-configuration.nix</filename>. More discussion + is on <link xlink:href="https://github.com/NixOS/nixpkgs/pull/12595"> the + github issue</link>. + </para> + </listitem> + <listitem> + <para> + The <literal>services.xserver.startGnuPGAgent</literal> option has been + removed. GnuPG 2.1.x changed the way the gpg-agent works, and that new + approach no longer requires (or even supports) the "start everything as a + child of the agent" scheme we've implemented in NixOS for older versions. + To configure the gpg-agent for your X session, add the following code to + <filename>~/.bashrc</filename> or some file that’s sourced when your + shell is started: +<programlisting> GPG_TTY=$(tty) export GPG_TTY </programlisting> - If you want to use gpg-agent for SSH, too, add the following to your session - initialization (e.g. <literal>displayManager.sessionCommands</literal>) - <programlisting> + If you want to use gpg-agent for SSH, too, add the following to your + session initialization (e.g. + <literal>displayManager.sessionCommands</literal>) +<programlisting> gpg-connect-agent /bye unset SSH_AGENT_PID export SSH_AUTH_SOCK="''${HOME}/.gnupg/S.gpg-agent.ssh" </programlisting> - and make sure that - <programlisting> + and make sure that +<programlisting> enable-ssh-support </programlisting> - is included in your <filename>~/.gnupg/gpg-agent.conf</filename>. - You will need to use <command>ssh-add</command> to re-add your ssh keys. - If gpg’s automatic transformation of the private keys to the new format fails, - you will need to re-import your private keyring as well: - <programlisting> + is included in your <filename>~/.gnupg/gpg-agent.conf</filename>. You will + need to use <command>ssh-add</command> to re-add your ssh keys. If gpg’s + automatic transformation of the private keys to the new format fails, you + will need to re-import your private keyring as well: +<programlisting> gpg --import ~/.gnupg/secring.gpg </programlisting> - The <command>gpg-agent(1)</command> man page has more details about this subject, - i.e. in the "EXAMPLES" section. - </para> + The <command>gpg-agent(1)</command> man page has more details about this + subject, i.e. in the "EXAMPLES" section. + </para> </listitem> -</itemizedlist> - - -<para>Other notable improvements: + </itemizedlist> -<itemizedlist> - - <!-- + <para> + Other notable improvements: + <itemizedlist> +<!-- <listitem> <para>The <command>command-not-found</command> hook was extended. Apart from <literal>$NIX_AUTO_INSTALL</literal> variable, @@ -436,18 +654,18 @@ gpg --import ~/.gnupg/secring.gpg <command>nix-shell</command> (without installing anything).</para> </listitem> --> - - <listitem> - <para><literal>ejabberd</literal> module is brought back and now works on - NixOS.</para> - </listitem> - - <listitem> - <para>Input method support was improved. New NixOS modules (fcitx, nabi and uim), - fcitx engines (chewing, hangul, m17n, mozc and table-other) and ibus engines (hangul and m17n) - have been added.</para> - </listitem> - -</itemizedlist></para> - + <listitem> + <para> + <literal>ejabberd</literal> module is brought back and now works on NixOS. + </para> + </listitem> + <listitem> + <para> + Input method support was improved. New NixOS modules (fcitx, nabi and + uim), fcitx engines (chewing, hangul, m17n, mozc and table-other) and ibus + engines (hangul and m17n) have been added. + </para> + </listitem> + </itemizedlist> + </para> </section> |