diff options
Diffstat (limited to 'nixos/doc/manual')
-rw-r--r-- | nixos/doc/manual/configuration/wireless.xml | 11 | ||||
-rw-r--r-- | nixos/doc/manual/default.nix | 3 | ||||
-rw-r--r-- | nixos/doc/manual/development/sources.xml | 19 | ||||
-rw-r--r-- | nixos/doc/manual/installation/installing.xml | 8 | ||||
-rw-r--r-- | nixos/doc/manual/installation/upgrading.xml | 16 | ||||
-rw-r--r-- | nixos/doc/manual/man-configuration.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-build-vms.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-enter.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-generate-config.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-install.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-option.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-rebuild.xml | 44 | ||||
-rw-r--r-- | nixos/doc/manual/man-nixos-version.xml | 4 | ||||
-rw-r--r-- | nixos/doc/manual/manual.xml | 27 | ||||
-rw-r--r-- | nixos/doc/manual/preface.xml | 37 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1909.xml | 132 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2003.xml | 76 |
17 files changed, 325 insertions, 76 deletions
diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml index 9c0e3a8d7aa4..247d29d58314 100644 --- a/nixos/doc/manual/configuration/wireless.xml +++ b/nixos/doc/manual/configuration/wireless.xml @@ -19,10 +19,17 @@ NixOS lets you specify networks for wpa_supplicant declaratively: <programlisting> <xref linkend="opt-networking.wireless.networks"/> = { - echelon = { + echelon = { # SSID with no spaces or special characters psk = "abcdefgh"; }; - "free.wifi" = {}; + "echelon's AP" = { # SSID with spaces and/or special characters + psk = "ijklmnop"; + }; + echelon = { # Hidden SSID + hidden = true; + psk = "qrstuvwx"; + }; + free.wifi = {}; # Public wireless network }; </programlisting> Be aware that keys will be written to the nix store in plaintext! When no diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index f9de2db1a084..6ca75f869f45 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -62,14 +62,13 @@ let "--stringparam html.stylesheet 'style.css overrides.css highlightjs/mono-blue.css'" "--stringparam html.script './highlightjs/highlight.pack.js ./highlightjs/loader.js'" "--param xref.with.number.and.title 1" - "--param toc.section.depth 3" + "--param toc.section.depth 0" "--stringparam admon.style ''" "--stringparam callout.graphics.extension .svg" "--stringparam current.docid manual" "--param chunk.section.depth 0" "--param chunk.first.sections 1" "--param use.id.as.filename 1" - "--stringparam generate.toc 'book toc appendix toc'" "--stringparam chunk.toc ${toc}" ]; diff --git a/nixos/doc/manual/development/sources.xml b/nixos/doc/manual/development/sources.xml index 3c30c782746d..b333ccabb420 100644 --- a/nixos/doc/manual/development/sources.xml +++ b/nixos/doc/manual/development/sources.xml @@ -13,17 +13,16 @@ <screen> <prompt>$ </prompt>git clone https://github.com/NixOS/nixpkgs <prompt>$ </prompt>cd nixpkgs -<prompt>$ </prompt>git remote add channels https://github.com/NixOS/nixpkgs-channels -<prompt>$ </prompt>git remote update channels +<prompt>$ </prompt>git remote update origin </screen> This will check out the latest Nixpkgs sources to <filename>./nixpkgs</filename> the NixOS sources to <filename>./nixpkgs/nixos</filename>. (The NixOS source tree lives in a - subdirectory of the Nixpkgs repository.) The remote - <literal>channels</literal> refers to a read-only repository that tracks the - Nixpkgs/NixOS channels (see <xref linkend="sec-upgrading"/> for more + subdirectory of the Nixpkgs repository.) The + <literal>nixpkgs</literal> repository has branches that correspond + to each Nixpkgs/NixOS channel (see <xref linkend="sec-upgrading"/> for more information about channels). Thus, the Git branch - <literal>channels/nixos-17.03</literal> will contain the latest built and + <literal>origin/nixos-17.03</literal> will contain the latest built and tested version available in the <literal>nixos-17.03</literal> channel. </para> <para> @@ -40,15 +39,15 @@ Or, to base your local branch on the latest version available in a NixOS channel: <screen> -<prompt>$ </prompt>git remote update channels -<prompt>$ </prompt>git checkout -b local channels/nixos-17.03 +<prompt>$ </prompt>git remote update origin +<prompt>$ </prompt>git checkout -b local origin/nixos-17.03 </screen> (Replace <literal>nixos-17.03</literal> with the name of the channel you want to use.) You can use <command>git merge</command> or <command>git rebase</command> to keep your local branch in sync with the channel, e.g. <screen> -<prompt>$ </prompt>git remote update channels -<prompt>$ </prompt>git merge channels/nixos-17.03 +<prompt>$ </prompt>git remote update origin +<prompt>$ </prompt>git merge origin/nixos-17.03 </screen> You can use <command>git cherry-pick</command> to copy commits from your local branch to the upstream branch. diff --git a/nixos/doc/manual/installation/installing.xml b/nixos/doc/manual/installation/installing.xml index 9cea2db610e0..8ff920eb5a88 100644 --- a/nixos/doc/manual/installation/installing.xml +++ b/nixos/doc/manual/installation/installing.xml @@ -68,7 +68,7 @@ If you would like to continue the installation from a different machine you need to activate the SSH daemon via <command>systemctl start sshd</command>. You then must set a password for either <literal>root</literal> or - <literal>nixos</literal> with <command>passwd></command> to be able to login. + <literal>nixos</literal> with <command>passwd</command> to be able to login. </para> </section> </section> @@ -392,7 +392,11 @@ <filename>hardware-configuration.nix</filename> is included from <filename>configuration.nix</filename> and will be overwritten by future invocations of <command>nixos-generate-config</command>; thus, you - generally should not modify it.) + generally should not modify it.) Additionally, you may want to look at + <link xlink:href="https://github.com/NixOS/nixos-hardware">Hardware + configuration for known-hardware</link> at this point or after + installation. + </para> <note> <para> diff --git a/nixos/doc/manual/installation/upgrading.xml b/nixos/doc/manual/installation/upgrading.xml index 35b4d266e12e..8d3f35b7c26f 100644 --- a/nixos/doc/manual/installation/upgrading.xml +++ b/nixos/doc/manual/installation/upgrading.xml @@ -14,7 +14,7 @@ <para> <emphasis>Stable channels</emphasis>, such as <literal - xlink:href="https://nixos.org/channels/nixos-19.03">nixos-19.03</literal>. + xlink:href="https://nixos.org/channels/nixos-19.09">nixos-19.09</literal>. These only get conservative bug fixes and package upgrades. For instance, a channel update may cause the Linux kernel on your system to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix), but not from @@ -38,7 +38,7 @@ <para> <emphasis>Small channels</emphasis>, such as <literal - xlink:href="https://nixos.org/channels/nixos-19.03-small">nixos-19.03-small</literal> + xlink:href="https://nixos.org/channels/nixos-19.09-small">nixos-19.09-small</literal> or <literal xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>. @@ -63,8 +63,8 @@ <para> When you first install NixOS, you’re automatically subscribed to the NixOS channel that corresponds to your installation source. For instance, if you - installed from a 19.03 ISO, you will be subscribed to the - <literal>nixos-19.03</literal> channel. To see which NixOS channel you’re + installed from a 19.09 ISO, you will be subscribed to the + <literal>nixos-19.09</literal> channel. To see which NixOS channel you’re subscribed to, run the following as root: <screen> # nix-channel --list | grep nixos @@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable # nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos </screen> (Be sure to include the <literal>nixos</literal> parameter at the end.) For - instance, to use the NixOS 19.03 stable channel: + instance, to use the NixOS 19.09 stable channel: <screen> -# nix-channel --add https://nixos.org/channels/nixos-19.03 nixos +# nix-channel --add https://nixos.org/channels/nixos-19.09 nixos </screen> If you have a server, you may want to use the “small” channel instead: <screen> -# nix-channel --add https://nixos.org/channels/nixos-19.03-small nixos +# nix-channel --add https://nixos.org/channels/nixos-19.09-small nixos </screen> And if you want to live on the bleeding edge: <screen> @@ -127,7 +127,7 @@ nixos https://nixos.org/channels/nixos-unstable current channel. (To see when the service runs, see <command>systemctl list-timers</command>.) You can also specify a channel explicitly, e.g. <programlisting> -<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.03; +<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.09; </programlisting> </para> </section> diff --git a/nixos/doc/manual/man-configuration.xml b/nixos/doc/manual/man-configuration.xml index 9f30b7925101..ddb1408fdcf5 100644 --- a/nixos/doc/manual/man-configuration.xml +++ b/nixos/doc/manual/man-configuration.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><filename>configuration.nix</filename> - </refname><refpurpose>NixOS system configuration specification</refpurpose> + <refname><filename>configuration.nix</filename></refname> + <refpurpose>NixOS system configuration specification</refpurpose> </refnamediv> <refsection> <title>Description</title> diff --git a/nixos/doc/manual/man-nixos-build-vms.xml b/nixos/doc/manual/man-nixos-build-vms.xml index 7d6e04e0dd90..d114261f53be 100644 --- a/nixos/doc/manual/man-nixos-build-vms.xml +++ b/nixos/doc/manual/man-nixos-build-vms.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><command>nixos-build-vms</command> - </refname><refpurpose>build a network of virtual machines from a network of NixOS configurations</refpurpose> + <refname><command>nixos-build-vms</command></refname> + <refpurpose>build a network of virtual machines from a network of NixOS configurations</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/man-nixos-enter.xml b/nixos/doc/manual/man-nixos-enter.xml index 1481db467122..fe560d3efdd8 100644 --- a/nixos/doc/manual/man-nixos-enter.xml +++ b/nixos/doc/manual/man-nixos-enter.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><command>nixos-enter</command> - </refname><refpurpose>run a command in a NixOS chroot environment</refpurpose> + <refname><command>nixos-enter</command></refname> + <refpurpose>run a command in a NixOS chroot environment</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/man-nixos-generate-config.xml b/nixos/doc/manual/man-nixos-generate-config.xml index 61531a8f01ca..9ac3b918ff69 100644 --- a/nixos/doc/manual/man-nixos-generate-config.xml +++ b/nixos/doc/manual/man-nixos-generate-config.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><command>nixos-generate-config</command> - </refname><refpurpose>generate NixOS configuration modules</refpurpose> + <refname><command>nixos-generate-config</command></refname> + <refpurpose>generate NixOS configuration modules</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/man-nixos-install.xml b/nixos/doc/manual/man-nixos-install.xml index 4fb94ee7494c..45bbd5d81ff0 100644 --- a/nixos/doc/manual/man-nixos-install.xml +++ b/nixos/doc/manual/man-nixos-install.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><command>nixos-install</command> - </refname><refpurpose>install bootloader and NixOS</refpurpose> + <refname><command>nixos-install</command></refname> + <refpurpose>install bootloader and NixOS</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/man-nixos-option.xml b/nixos/doc/manual/man-nixos-option.xml index 3e316e10d4eb..81e3739b3be5 100644 --- a/nixos/doc/manual/man-nixos-option.xml +++ b/nixos/doc/manual/man-nixos-option.xml @@ -8,8 +8,8 @@ <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> <refnamediv> - <refname><command>nixos-option</command> - </refname><refpurpose>inspect a NixOS configuration</refpurpose> + <refname><command>nixos-option</command></refname> + <refpurpose>inspect a NixOS configuration</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index 4c20cfcdd7d2..c697b7ee0472 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -7,10 +7,12 @@ <refmiscinfo class="source">NixOS</refmiscinfo> <!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> --> </refmeta> + <refnamediv> - <refname><command>nixos-rebuild</command> - </refname><refpurpose>reconfigure a NixOS machine</refpurpose> + <refname><command>nixos-rebuild</command></refname> + <refpurpose>reconfigure a NixOS machine</refpurpose> </refnamediv> + <refsynopsisdiv> <cmdsynopsis> <command>nixos-rebuild</command><group choice='req'> @@ -74,6 +76,7 @@ <arg> <option>--builders</option> <replaceable>builder-spec</replaceable> </arg> + <sbr /> <arg> <group choice='req'> @@ -121,8 +124,10 @@ </arg> </cmdsynopsis> </refsynopsisdiv> + <refsection> <title>Description</title> + <para> This command updates the system so that it corresponds to the configuration specified in <filename>/etc/nixos/configuration.nix</filename>. Thus, every @@ -133,9 +138,11 @@ (re)starts any system services if needed. Please note that user services need to be started manually as they aren't detected by the activation script at the moment. </para> + <para> This command has one required argument, which specifies the desired operation. It must be one of the following: + <variablelist> <varlistentry> <term> @@ -152,6 +159,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>boot</option> @@ -165,6 +173,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>test</option> @@ -179,6 +188,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>build</option> @@ -197,6 +207,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>dry-build</option> @@ -208,6 +219,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>dry-activate</option> @@ -222,6 +234,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>edit</option> @@ -232,6 +245,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>build-vm</option> @@ -249,12 +263,14 @@ <prompt>$ </prompt>./result/bin/run-*-vm </screen> </para> + <para> The VM is implemented using the <literal>qemu</literal> package. For best performance, you should load the <literal>kvm-intel</literal> or <literal>kvm-amd</literal> kernel modules to get hardware virtualisation. </para> + <para> The VM mounts the Nix store of the host through the 9P file system. The host Nix store is read-only, so Nix commands that modify the Nix store @@ -262,6 +278,7 @@ <command>nixos-rebuild</command>; to change the VM’s configuration, you must halt the VM and re-run the commands above. </para> + <para> The VM has its own <literal>ext3</literal> root file system, which is automatically created when the VM is first started, and is persistent @@ -272,6 +289,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>build-vm-with-bootloader</option> @@ -294,11 +312,13 @@ </variablelist> </para> </refsection> + <refsection> <title>Options</title> <para> This command accepts the following options: </para> + <variablelist> <varlistentry> <term> @@ -310,6 +330,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--install-bootloader</option> @@ -321,6 +342,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--no-build-nix</option> @@ -336,6 +358,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--fast</option> @@ -349,6 +372,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--rollback</option> @@ -363,6 +387,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--builders</option> <replaceable>builder-spec</replaceable> @@ -382,6 +407,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--profile-name</option> @@ -412,6 +438,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--build-host</option> @@ -437,6 +464,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <option>--target-host</option> @@ -449,6 +477,7 @@ be accessible over ssh, and for the commands <option>switch</option>, <option>boot</option> and <option>test</option> you need root access. </para> + <para> If <option>--build-host</option> is not explicitly specified, <option>--build-host</option> will implicitly be set to the same value as @@ -457,6 +486,7 @@ place remotely (and no build artifacts will be copied to the local machine). </para> + <para> You can include a remote user name in the host name (<replaceable>user@host</replaceable>). You can also set ssh options by @@ -465,6 +495,7 @@ </listitem> </varlistentry> </variablelist> + <para> In addition, <command>nixos-rebuild</command> accepts various Nix-related flags, including <option>--max-jobs</option> / <option>-j</option>, @@ -473,8 +504,10 @@ <option>-v</option>. See the Nix manual for details. </para> </refsection> + <refsection> <title>Environment</title> + <variablelist> <varlistentry> <term> @@ -487,6 +520,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <envar>NIX_SSHOPTS</envar> @@ -500,9 +534,12 @@ </varlistentry> </variablelist> </refsection> + <refsection> <title>Files</title> + <variablelist> + <varlistentry> <term> <filename>/run/current-system</filename> @@ -513,6 +550,7 @@ </para> </listitem> </varlistentry> + <varlistentry> <term> <filename>/nix/var/nix/profiles/system</filename> @@ -524,8 +562,10 @@ </para> </listitem> </varlistentry> + </variablelist> </refsection> + <refsection> <title>Bugs</title> <para> diff --git a/nixos/doc/manual/man-nixos-version.xml b/nixos/doc/manual/man-nixos-version.xml index 931c4a5ad029..e9ad8bddcace 100644 --- a/nixos/doc/manual/man-nixos-version.xml +++ b/nixos/doc/manual/man-nixos-version.xml @@ -7,8 +7,8 @@ <refmiscinfo class="source">NixOS</refmiscinfo> </refmeta> <refnamediv> - <refname><command>nixos-version</command> - </refname><refpurpose>show the NixOS version</refpurpose> + <refname><command>nixos-version</command></refname> + <refpurpose>show the NixOS version</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> diff --git a/nixos/doc/manual/manual.xml b/nixos/doc/manual/manual.xml index 12f52e1997c8..18a67a2dd941 100644 --- a/nixos/doc/manual/manual.xml +++ b/nixos/doc/manual/manual.xml @@ -8,32 +8,7 @@ <subtitle>Version <xi:include href="./generated/version" parse="text" /> </subtitle> </info> - <preface xml:id="preface"> - <title>Preface</title> - <para> - This manual describes how to install, use and extend NixOS, a Linux - distribution based on the purely functional package management system Nix. - </para> - <para> - If you encounter problems, please report them on the - <literal - xlink:href="https://discourse.nixos.org">Discourse</literal> or - on the <link - xlink:href="irc://irc.freenode.net/#nixos"> - <literal>#nixos</literal> channel on Freenode</link>. Bugs should be - reported in - <link - xlink:href="https://github.com/NixOS/nixpkgs/issues">NixOS’ - GitHub issue tracker</link>. - </para> - <note> - <para> - Commands prefixed with <literal>#</literal> have to be run as root, either - requiring to login as root user or temporarily switching to it using - <literal>sudo</literal> for example. - </para> - </note> - </preface> + <xi:include href="preface.xml" /> <xi:include href="installation/installation.xml" /> <xi:include href="configuration/configuration.xml" /> <xi:include href="administration/running.xml" /> diff --git a/nixos/doc/manual/preface.xml b/nixos/doc/manual/preface.xml new file mode 100644 index 000000000000..6ac9ae7e7861 --- /dev/null +++ b/nixos/doc/manual/preface.xml @@ -0,0 +1,37 @@ +<preface xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xml:id="preface"> + <title>Preface</title> + <para> + This manual describes how to install, use and extend NixOS, a Linux + distribution based on the purely functional package management system + <link xlink:href="https://nixos.org/nix">Nix</link>, that is composed + using modules and packages defined in the + <link xlink:href="https://nixos.org/nixpkgs">Nixpkgs</link> project. + </para> + <para> + Additional information regarding the Nix package manager and the Nixpkgs + project can be found in respectively the + <link xlink:href="https://nixos.org/nix/manual">Nix manual</link> and the + <link xlink:href="https://nixos.org/nixpkgs/manual">Nixpkgs manual</link>. + </para> + <para> + If you encounter problems, please report them on the + <literal + xlink:href="https://discourse.nixos.org">Discourse</literal> or + on the <link + xlink:href="irc://irc.freenode.net/#nixos"> + <literal>#nixos</literal> channel on Freenode</link>. Bugs should be + reported in + <link + xlink:href="https://github.com/NixOS/nixpkgs/issues">NixOS’ + GitHub issue tracker</link>. + </para> + <note> + <para> + Commands prefixed with <literal>#</literal> have to be run as root, either + requiring to login as root user or temporarily switching to it using + <literal>sudo</literal> for example. + </para> + </note> +</preface> diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index f9cea242c153..8bd353a34304 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -3,7 +3,7 @@ xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="sec-release-19.09"> - <title>Release 19.09 (“Loris”, 2019/09/??)</title> + <title>Release 19.09 (“Loris”, 2019/10/09)</title> <section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" @@ -25,6 +25,26 @@ </listitem> <listitem> <para> + Nix has been updated to 2.3; see its + <link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-2.3">release + notes</link>. + </para> + </listitem> + <listitem> + <para>Core version changes:</para> + <para>systemd: 239 -> 243</para> + <para>gcc: 7 -> 8</para> + <para>glibc: 2.27 (unchanged)</para> + <para>linux: 4.19 LTS (unchanged)</para> + <para>openssl: 1.0 -> 1.1</para> + </listitem> + <listitem> + <para>Desktop version changes:</para> + <para>plasma5: 5.14 -> 5.16</para> + <para>gnome3: 3.30 -> 3.32</para> + </listitem> + <listitem> + <para> PHP now defaults to PHP 7.3, updated from 7.2. </para> </listitem> @@ -170,6 +190,13 @@ </listitem> </itemizedlist> </listitem> + <listitem> + <para> + <xref linkend="opt-services.blueman.enable"/> has been added. + If you previously had blueman installed via <option>environment.systemPackages</option> please + migrate to using the NixOS module, as this would result in an insufficiently configured blueman. + </para> + </listitem> </itemizedlist> </section> @@ -478,6 +505,92 @@ Prometheus 2 is now configured with <literal>services.prometheus</literal>. </para> </listitem> + <listitem> + <para> + Citrix Receiver (<literal>citrix_receiver</literal>) has been dropped in favor of Citrix Workspace + (<literal>citrix_workspace</literal>). + </para> + </listitem> + <listitem> + <para> + The <literal>services.gitlab</literal> module has had its literal secret options (<option>services.gitlab.smtp.password</option>, + <option>services.gitlab.databasePassword</option>, + <option>services.gitlab.initialRootPassword</option>, + <option>services.gitlab.secrets.secret</option>, + <option>services.gitlab.secrets.db</option>, + <option>services.gitlab.secrets.otp</option> and + <option>services.gitlab.secrets.jws</option>) replaced by file-based versions (<option>services.gitlab.smtp.passwordFile</option>, + <option>services.gitlab.databasePasswordFile</option>, + <option>services.gitlab.initialRootPasswordFile</option>, + <option>services.gitlab.secrets.secretFile</option>, + <option>services.gitlab.secrets.dbFile</option>, + <option>services.gitlab.secrets.otpFile</option> and + <option>services.gitlab.secrets.jwsFile</option>). This was done so that secrets aren't stored + in the world-readable nix store, but means that for each option you'll have to create a file with + the same exact string, add "File" to the end of the option name, and change the definition to a + string pointing to the corresponding file; e.g. <literal>services.gitlab.databasePassword = "supersecurepassword"</literal> + becomes <literal>services.gitlab.databasePasswordFile = "/path/to/secret_file"</literal> where the + file <literal>secret_file</literal> contains the string <literal>supersecurepassword</literal>. + </para> + <para> + The state path (<option>services.gitlab.statePath</option>) now has the following restriction: + no parent directory can be owned by any other user than <literal>root</literal> or the user + specified in <option>services.gitlab.user</option>; i.e. if <option>services.gitlab.statePath</option> + is set to <literal>/var/lib/gitlab/state</literal>, <literal>gitlab</literal> and all parent directories + must be owned by either <literal>root</literal> or the user specified in <option>services.gitlab.user</option>. + </para> + </listitem> + <listitem> + <para> + The <option>networking.useDHCP</option> option is unsupported in combination with + <option>networking.useNetworkd</option> in anticipation of defaulting to it by default. + It has to be set to <literal>false</literal> and enabled per + interface with <option>networking.interfaces.<name>.useDHCP = true;</option> + </para> + </listitem> + <listitem> + <para> + The Twitter client <literal>corebird</literal> has been dropped as <link xlink:href="https://www.patreon.com/posts/corebirds-future-18921328">it is discontinued and does not work against the new Twitter API</link>. + Please use the fork <literal>cawbird</literal> instead which has been adapted to the API changes and is still maintained. + </para> + </listitem> + <listitem> + <para> + The <literal>nodejs-11_x</literal> package has been removed as it's EOLed by upstream. + </para> + </listitem> + <listitem> + <para> + Because of the systemd upgrade, + <application>systemd-timesyncd</application> will no longer work if + <option>system.stateVersion</option> is not set correctly. When + upgrading from NixOS 19.03, please make sure that + <option>system.stateVersion</option> is set to + <literal>"19.03"</literal>, or lower if the installation dates back to an + earlier version of NixOS. + </para> + </listitem> + <listitem> + <para> + Due to the short lifetime of non-LTS kernel releases package attributes like <literal>linux_5_1</literal>, + <literal>linux_5_2</literal> and <literal>linux_5_3</literal> have been removed to discourage dependence + on specific non-LTS kernel versions in stable NixOS releases. + + Going forward, versioned attributes like <literal>linux_4_9</literal> will exist for LTS versions only. + Please use <literal>linux_latest</literal> or <literal>linux_testing</literal> if you depend on non-LTS + releases. Keep in mind that <literal>linux_latest</literal> and <literal>linux_testing</literal> will + change versions under the hood during the lifetime of a stable release and might include breaking changes. + </para> + </listitem> + <listitem> + <para> + Because of the systemd upgrade, + some network interfaces might change their name. For details see + <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.net-naming-scheme.html#History"> + upstream docs</link> or <link xlink:href="https://github.com/NixOS/nixpkgs/issues/71086"> + our ticket</link>. + </para> + </listitem> </itemizedlist> </section> @@ -676,7 +789,7 @@ </para> </listitem> </itemizedlist> - This also configures the kernel to pass coredumps to <literal>systemd-coredump</literal>, + This also configures the kernel to pass core dumps to <literal>systemd-coredump</literal>, and restricts the SysRq key combinations to the sync command only. These sysctl snippets can be found in <literal>/etc/sysctl.d/50-*.conf</literal>, and overridden via <link linkend="opt-boot.kernel.sysctl">boot.kernel.sysctl</link> @@ -685,12 +798,15 @@ </listitem> <listitem> <para> - Coredumps are now acquired by <literal>systemd-coredump</literal> by default. - <literal>systemd-coredump</literal> behaviour can still be modified via - <option>systemd.coredump.extraConfig</option>. - To stick to the old behaviour (having the kernel dump to a file called <literal>core</literal> - in the working directory), without piping it through <literal>systemd-coredump</literal>, set - <option>boot.kernel.sysctl."kernel.core_pattern"</option> to <literal>"core"</literal>. + Core dumps are now processed by <literal>systemd-coredump</literal> + by default. <literal>systemd-coredump</literal> behaviour can + still be modified via + <option>systemd.coredump.extraConfig</option>. To stick to the + old behaviour (having the kernel dump to a file called + <literal>core</literal> in the working directory), without piping + it through <literal>systemd-coredump</literal>, set + <option>systemd.coredump.enable</option> to + <literal>false</literal>. </para> </listitem> <listitem> diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml index c84bc8dbb379..f001a18b1c1f 100644 --- a/nixos/doc/manual/release-notes/rl-2003.xml +++ b/nixos/doc/manual/release-notes/rl-2003.xml @@ -23,6 +23,32 @@ Support is planned until the end of October 2020, handing over to 20.09. </para> </listitem> + <listitem> + <para> + Postgresql for NixOS service now defaults to v11. + </para> + </listitem> + <listitem> + <para> + The graphical installer image starts the graphical session automatically. + Before you'd be greeted by a tty and asked to enter <command>systemctl start display-manager</command>. + It is now possible to disable the display-manager from running by selecting the <literal>Disable display-manager</literal> + quirk in the boot menu. + </para> + </listitem> + <listitem> + <para> + By default zfs pools will now be trimmed on a weekly basis. + Trimming is only done on supported devices (i.e. NVME or SSDs) + and should improve throughput and lifetime of these devices. + It is controlled by the <varname>services.zfs.trim.enable</varname> varname. + The zfs scrub service (<varname>services.zfs.autoScrub.enable</varname>) + and the zfs autosnapshot service (<varname>services.zfs.autoSnapshot.enable</varname>) + are now only enabled if zfs is set in <varname>config.boot.initrd.supportedFilesystems</varname> or + <varname>config.boot.supportedFilesystems</varname>. These lists will automatically contain + zfs as soon as any zfs mountpoint is configured in <varname>fileSystems</varname>. + </para> + </listitem> </itemizedlist> </section> @@ -59,7 +85,45 @@ <itemizedlist> <listitem> - <para /> + <para> + GnuPG is now built without support for a graphical passphrase entry + by default. Please enable the <literal>gpg-agent</literal> user service + via the NixOS option <literal>programs.gnupg.agent.enable</literal>. + Note that upstream recommends using <literal>gpg-agent</literal> and + will spawn a <literal>gpg-agent</literal> on the first invocation of + GnuPG anyway. + </para> + </listitem> + <listitem> + <para> + The <literal>dynamicHosts</literal> option has been removed from the + <link linkend="opt-networking.networkmanager.enable">networkd</link> + module. Allowing (multiple) regular users to override host entries + affecting the whole system opens up a huge attack vector. + There seem to be very rare cases where this might be useful. + Consider setting system-wide host entries using + <link linkend="opt-networking.hosts">networking.hosts</link>, provide + them via the DNS server in your network, or use + <link linkend="opt-environment.etc">environment.etc</link> + to add a file into <literal>/etc/NetworkManager/dnsmasq.d</literal> + reconfiguring <literal>hostsdir</literal>. + </para> + </listitem> + <listitem> + <para> + The <literal>99-main.network</literal> file was removed. Maching all + network interfaces caused many breakages, see + <link xlink:href="https://github.com/NixOS/nixpkgs/pull/18962">#18962</link> + and <link xlink:href="https://github.com/NixOS/nixpkgs/pull/71106">#71106</link>. + </para> + <para> + We already don't support the global <link linkend="opt-networking.useDHCP">networking.useDHCP</link>, + <link linkend="opt-networking.defaultGateway">networking.defaultGateway</link> and + <link linkend="opt-networking.defaultGateway6">networking.defaultGateway6</link> options + if <link linkend="opt-networking.useNetworkd">networking.useNetworkd</link> is enabled, + but direct users to configure the per-device + <link linkend="opt-networking.interfaces">networking.interfaces.<name>.…</link> options. + </para> </listitem> </itemizedlist> </section> @@ -73,7 +137,15 @@ <itemizedlist> <listitem> - <para /> + <para>SD images are now compressed by default using <literal>bzip2</literal>.</para> + </listitem> + <listitem> + <para> + OpenSSH has been upgraded from 7.9 to 8.1, improving security and adding features + but with potential incompatibilities. Consult the + <link xlink:href="https://www.openssh.com/txt/release-8.1"> + release announcement</link> for more information. + </para> </listitem> </itemizedlist> </section> |