diff options
Diffstat (limited to 'nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml')
-rw-r--r-- | nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml | 933 |
1 files changed, 933 insertions, 0 deletions
diff --git a/nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml b/nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml new file mode 100644 index 000000000000..3f10b26223dd --- /dev/null +++ b/nixpkgs/nixos/doc/manual/release-notes/rl-1809.xml @@ -0,0 +1,933 @@ +<section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-18.09"> + <title>Release 18.09 (“Jellyfish”, 2018/10/05)</title> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-18.09-highlights"> + <title>Highlights</title> + + <para> + In addition to numerous new and upgraded packages, this release has the + following notable updates: + </para> + + <itemizedlist> + <listitem> + <para> + End of support is planned for end of April 2019, handing over to 19.03. + </para> + </listitem> + <listitem> + <para> + Platform support: x86_64-linux and x86_64-darwin as always. Support for + aarch64-linux is as with the previous releases, not equivalent to the + x86-64-linux release, but with efforts to reach parity. + </para> + </listitem> + <listitem> + <para> + Nix has been updated to 2.1; see its + <link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-2.1">release + notes</link>. + </para> + </listitem> + <listitem> + <para> + Core versions: linux: 4.14 LTS (unchanged), glibc: 2.26 → 2.27, gcc: 7 + (unchanged), systemd: 237 → 239. + </para> + </listitem> + <listitem> + <para> + Desktop version changes: gnome: 3.26 → 3.28, (KDE) plasma-desktop: 5.12 + → 5.13. + </para> + </listitem> + </itemizedlist> + + <para> + Notable changes and additions for 18.09 include: + </para> + + <itemizedlist> + <listitem> + <para> + Support for wrapping binaries using <literal>firejail</literal> has been + added through <varname>programs.firejail.wrappedBinaries</varname>. + </para> + <para> + For example + </para> +<programlisting> +programs.firejail = { + enable = true; + wrappedBinaries = { + firefox = "${lib.getBin pkgs.firefox}/bin/firefox"; + mpv = "${lib.getBin pkgs.mpv}/bin/mpv"; + }; +}; +</programlisting> + <para> + This will place <literal>firefox</literal> and <literal>mpv</literal> + binaries in the global path wrapped by firejail. + </para> + </listitem> + <listitem> + <para> + User channels are now in the default <literal>NIX_PATH</literal>, allowing + users to use their personal <command>nix-channel</command> defined + channels in <command>nix-build</command> and <command>nix-shell</command> + commands, as well as in imports like <code>import + <mychannel></code>. + </para> + <para> + For example + </para> +<programlisting> +$ nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgsunstable +$ nix-channel --update +$ nix-build '<nixpkgsunstable>' -A gitFull +$ nix run -f '<nixpkgsunstable>' gitFull +$ nix-instantiate -E '(import <nixpkgsunstable> {}).gitFull' +</programlisting> + </listitem> + </itemizedlist> + </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-18.09-new-services"> + <title>New Services</title> + + <para> + A curated selection of new services that were added since the last release: + </para> + + <itemizedlist> + <listitem> + <para> + The <varname>services.cassandra</varname> module has been reworked and was + rewritten from scratch. The service has succeeding tests for the versions + 2.1, 2.2, 3.0 and 3.11 of + <link + xlink:href="https://cassandra.apache.org/">Apache + Cassandra</link>. + </para> + </listitem> + <listitem> + <para> + There is a new <varname>services.foundationdb</varname> module for + deploying + <link xlink:href="https://www.foundationdb.org">FoundationDB</link> + clusters. + </para> + </listitem> + <listitem> + <para> + When enabled the <literal>iproute2</literal> will copy the files expected + by ip route (e.g., <filename>rt_tables</filename>) in + <filename>/etc/iproute2</filename>. This allows to write aliases for + routing tables for instance. + </para> + </listitem> + <listitem> + <para> + <varname>services.strongswan-swanctl</varname> is a modern replacement for + <varname>services.strongswan</varname>. You can use either one of them to + setup IPsec VPNs but not both at the same time. + </para> + <para> + <varname>services.strongswan-swanctl</varname> uses the + <link xlink:href="https://wiki.strongswan.org/projects/strongswan/wiki/swanctl">swanctl</link> + command which uses the modern + <link xlink:href="https://github.com/strongswan/strongswan/blob/master/src/libcharon/plugins/vici/README.md">vici</link> + <emphasis>Versatile IKE Configuration Interface</emphasis>. The deprecated + <literal>ipsec</literal> command used in + <varname>services.strongswan</varname> is using the legacy + <link xlink:href="https://github.com/strongswan/strongswan/blob/master/README_LEGACY.md">stroke + configuration interface</link>. + </para> + </listitem> + <listitem> + <para> + The new <varname>services.elasticsearch-curator</varname> service + periodically curates or manages, your Elasticsearch indices and snapshots. + </para> + </listitem> + </itemizedlist> + + <para> + Every new services: + </para> + + <itemizedlist> + <listitem> + <para> + <literal>./config/xdg/autostart.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./config/xdg/icons.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./config/xdg/menus.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./config/xdg/mime.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./hardware/brightnessctl.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./hardware/onlykey.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./hardware/video/uvcvideo/default.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./misc/documentation.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/firejail.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/iftop.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/sedutil.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/singularity.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/xss-lock.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./programs/zsh/zsh-autosuggestions.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/admin/oxidized.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/backup/duplicati.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/backup/restic.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/backup/restic-rest-server.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/cluster/hadoop/default.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/databases/aerospike.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/databases/monetdb.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/desktops/bamf.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/desktops/flatpak.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/desktops/zeitgeist.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/development/bloop.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/development/jupyter/default.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/hardware/lcd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/hardware/undervolt.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/clipmenu.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/gitweb.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/serviio.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/safeeyes.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/sysprof.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/misc/weechat.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/monitoring/datadog-agent.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/monitoring/incron.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/dnsdist.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/freeradius.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/hans.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/morty.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/ndppd.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/ocserv.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/owamp.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/quagga.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/shadowsocks.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/stubby.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/networking/zeronet.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/security/certmgr.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/security/cfssl.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/security/oauth2_proxy_nginx.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-apps/virtlyst.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-apps/youtrack.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-servers/hitch/default.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-servers/hydron.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-servers/meguca.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./services/web-servers/nginx/gitweb.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./virtualisation/kvmgt.nix</literal> + </para> + </listitem> + <listitem> + <para> + <literal>./virtualisation/qemu-guest-agent.nix</literal> + </para> + </listitem> + </itemizedlist> + </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-18.09-incompatibilities"> + <title>Backward Incompatibilities</title> + + <para> + When upgrading from a previous release, please be aware of the following + incompatible changes: + </para> + + <itemizedlist> + <listitem> + <para> + Some licenses that were incorrectly not marked as unfree now are. This is + the case for: + <itemizedlist> + <listitem> + <para> + cc-by-nc-sa-20: Creative Commons Attribution Non Commercial Share Alike + 2.0 + </para> + </listitem> + <listitem> + <para> + cc-by-nc-sa-25: Creative Commons Attribution Non Commercial Share Alike + 2.5 + </para> + </listitem> + <listitem> + <para> + cc-by-nc-sa-30: Creative Commons Attribution Non Commercial Share Alike + 3.0 + </para> + </listitem> + <listitem> + <para> + cc-by-nc-sa-40: Creative Commons Attribution Non Commercial Share Alike + 4.0 + </para> + </listitem> + <listitem> + <para> + cc-by-nd-30: Creative Commons Attribution-No Derivative Works v3.00 + </para> + </listitem> + <listitem> + <para> + msrla: Microsoft Research License Agreement + </para> + </listitem> + </itemizedlist> + </para> + </listitem> + <listitem> + <para> + The deprecated <varname>services.cassandra</varname> module has seen a + complete rewrite. (See above.) + </para> + </listitem> + <listitem> + <para> + <literal>lib.strict</literal> is removed. Use + <literal>builtins.seq</literal> instead. + </para> + </listitem> + <listitem> + <para> + The <literal>clementine</literal> package points now to the free + derivation. <literal>clementineFree</literal> is removed now and + <literal>clementineUnfree</literal> points to the package which is bundled + with the unfree <literal>libspotify</literal> package. + </para> + </listitem> + <listitem> + <para> + The <literal>netcat</literal> package is now taken directly from OpenBSD's + <literal>libressl</literal>, instead of relying on Debian's fork. The new + version should be very close to the old version, but there are some minor + differences. Importantly, flags like -b, -q, -C, and -Z are no longer + accepted by the nc command. + </para> + </listitem> + <listitem> + <para> + The <varname>services.docker-registry.extraConfig</varname> object doesn't + contain environment variables anymore. Instead it needs to provide an + object structure that can be mapped onto the YAML configuration defined in + <link xlink:href="https://github.com/docker/distribution/blob/v2.6.2/docs/configuration.md">the + <varname>docker/distribution</varname> docs</link>. + </para> + </listitem> + <listitem> + <para> + <literal>gnucash</literal> has changed from version 2.4 to 3.x. If you've + been using <literal>gnucash</literal> (version 2.4) instead of + <literal>gnucash26</literal> (version 2.6) you must open your Gnucash data + file(s) with <literal>gnucash26</literal> and then save them to upgrade + the file format. Then you may use your data file(s) with Gnucash 3.x. See + the upgrade + <link xlink:href="https://wiki.gnucash.org/wiki/FAQ#Using_Different_Versions.2C_Up_And_Downgrade">documentation</link>. + Gnucash 2.4 is still available under the attribute + <literal>gnucash24</literal>. + </para> + </listitem> + <listitem> + <para> + <varname>services.munge</varname> now runs as user (and group) + <literal>munge</literal> instead of root. Make sure the key file is + accessible to the daemon. + </para> + </listitem> + <listitem> + <para> + <varname>dockerTools.buildImage</varname> now uses <literal>null</literal> + as default value for <varname>tag</varname>, which indicates that the nix + output hash will be used as tag. + </para> + </listitem> + <listitem> + <para> + The ELK stack: <varname>elasticsearch</varname>, + <varname>logstash</varname> and <varname>kibana</varname> has been + upgraded from 2.* to 6.3.*. The 2.* versions have been + <link xlink:href="https://www.elastic.co/support/eol">unsupported since + last year</link> so they have been removed. You can still use the 5.* + versions under the names <varname>elasticsearch5</varname>, + <varname>logstash5</varname> and <varname>kibana5</varname>. + </para> + <para> + The elastic beats: <varname>filebeat</varname>, + <varname>heartbeat</varname>, <varname>metricbeat</varname> and + <varname>packetbeat</varname> have had the same treatment: they now target + 6.3.* as well. The 5.* versions are available under the names: + <varname>filebeat5</varname>, <varname>heartbeat5</varname>, + <varname>metricbeat5</varname> and <varname>packetbeat5</varname> + </para> + <para> + The ELK-6.3 stack now comes with + <link xlink:href="https://www.elastic.co/products/x-pack/open">X-Pack by + default</link>. Since X-Pack is licensed under the + <link xlink:href="https://github.com/elastic/elasticsearch/blob/master/licenses/ELASTIC-LICENSE.txt">Elastic + License</link> the ELK packages now have an unfree license. To use them + you need to specify <literal>allowUnfree = true;</literal> in your nixpkgs + configuration. + </para> + <para> + Fortunately there is also a free variant of the ELK stack without X-Pack. + The packages are available under the names: + <varname>elasticsearch-oss</varname>, <varname>logstash-oss</varname> and + <varname>kibana-oss</varname>. + </para> + </listitem> + <listitem> + <para> + Options + <literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.ramfsMountPoint</literal> + <literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.storage.mountPoint</literal> + were removed. <literal>luksroot.nix</literal> module never supported more + than one YubiKey at a time anyway, hence those options never had any + effect. You should be able to remove them from your config without any + issues. + </para> + </listitem> + <listitem> + <para> + <literal>stdenv.system</literal> and <literal>system</literal> in nixpkgs + now refer to the host platform instead of the build platform. For native + builds this is not change, let alone a breaking one. For cross builds, it + is a breaking change, and <literal>stdenv.buildPlatform.system</literal> + can be used instead for the old behavior. They should be using that + anyways for clarity. + </para> + </listitem> + <listitem> + <para> + Groups <literal>kvm</literal> and <literal>render</literal> are introduced + now, as systemd requires them. + </para> + </listitem> + </itemizedlist> + </section> + + <section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-release-18.09-notable-changes"> + <title>Other Notable Changes</title> + + <itemizedlist> + <listitem> + <para> + <literal>dockerTools.pullImage</literal> relies on image digest instead of + image tag to download the image. The <literal>sha256</literal> of a pulled + image has to be updated. + </para> + </listitem> + <listitem> + <para> + <literal>lib.attrNamesToStr</literal> has been deprecated. Use more + specific concatenation (<literal>lib.concat(Map)StringsSep</literal>) + instead. + </para> + </listitem> + <listitem> + <para> + <literal>lib.addErrorContextToAttrs</literal> has been deprecated. Use + <literal>builtins.addErrorContext</literal> directly. + </para> + </listitem> + <listitem> + <para> + <literal>lib.showVal</literal> has been deprecated. Use + <literal>lib.traceSeqN</literal> instead. + </para> + </listitem> + <listitem> + <para> + <literal>lib.traceXMLVal</literal> has been deprecated. Use + <literal>lib.traceValFn builtins.toXml</literal> instead. + </para> + </listitem> + <listitem> + <para> + <literal>lib.traceXMLValMarked</literal> has been deprecated. Use + <literal>lib.traceValFn (x: str + builtins.toXML x)</literal> instead. + </para> + </listitem> + <listitem> + <para> + The <literal>pkgs</literal> argument to NixOS modules can now be set + directly using <literal>nixpkgs.pkgs</literal>. Previously, only the + <literal>system</literal>, <literal>config</literal> and + <literal>overlays</literal> arguments could be used to influence + <literal>pkgs</literal>. + </para> + </listitem> + <listitem> + <para> + A NixOS system can now be constructed more easily based on a preexisting + invocation of Nixpkgs. For example: +<programlisting> +inherit (pkgs.nixos { + boot.loader.grub.enable = false; + fileSystems."/".device = "/dev/xvda1"; +}) toplevel kernel initialRamdisk manual; + </programlisting> + This benefits evaluation performance, lets you write Nixpkgs packages that + depend on NixOS images and is consistent with a deployment architecture + that would be centered around Nixpkgs overlays. + </para> + </listitem> + <listitem> + <para> + <literal>lib.traceValIfNot</literal> has been deprecated. Use + <literal>if/then/else</literal> and <literal>lib.traceValSeq</literal> + instead. + </para> + </listitem> + <listitem> + <para> + <literal>lib.traceCallXml</literal> has been deprecated. Please complain + if you use the function regularly. + </para> + </listitem> + <listitem> + <para> + The attribute <literal>lib.nixpkgsVersion</literal> has been deprecated in + favor of <literal>lib.version</literal>. Please refer to the discussion in + <link xlink:href="https://github.com/NixOS/nixpkgs/pull/39416#discussion_r183845745">NixOS/nixpkgs#39416</link> + for further reference. + </para> + </listitem> + <listitem> + <para> + <literal>lib.recursiveUpdateUntil</literal> was not acting according to + its specification. It has been fixed to act according to the docstring, + and a test has been added. + </para> + </listitem> + <listitem> + <para> + The module for <option>security.dhparams</option> has two new options now: + </para> + <variablelist> + <varlistentry> + <term> + <option>security.dhparams.stateless</option> + </term> + <listitem> + <para> + Puts the generated Diffie-Hellman parameters into the Nix store instead + of managing them in a stateful manner in + <filename class="directory">/var/lib/dhparams</filename>. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> + <option>security.dhparams.defaultBitSize</option> + </term> + <listitem> + <para> + The default bit size to use for the generated Diffie-Hellman + parameters. + </para> + </listitem> + </varlistentry> + </variablelist> + <note> + <para> + The path to the actual generated parameter files should now be queried + using + <literal>config.security.dhparams.params.<replaceable>name</replaceable>.path</literal> + because it might be either in the Nix store or in a directory configured + by <option>security.dhparams.path</option>. + </para> + </note> + <note> + <title>For developers:</title> + <para> + Module implementers should not set a specific bit size in order to let + users configure it by themselves if they want to have a different bit + size than the default (2048). + </para> + <para> + An example usage of this would be: +<programlisting> +{ config, ... }: + +{ + security.dhparams.params.myservice = {}; + environment.etc."myservice.conf".text = '' + dhparams = ${config.security.dhparams.params.myservice.path} + ''; +} +</programlisting> + </para> + </note> + </listitem> + <listitem> + <para> + <literal>networking.networkmanager.useDnsmasq</literal> has been + deprecated. Use <literal>networking.networkmanager.dns</literal> instead. + </para> + </listitem> + <listitem> + <para> + The Kubernetes package has been bumped to major version 1.11. Please + consult the + <link xlink:href="https://github.com/kubernetes/kubernetes/blob/release-1.11/CHANGELOG-1.11.md">release + notes</link> for details on new features and api changes. + </para> + </listitem> + <listitem> + <para> + The option + <varname>services.kubernetes.apiserver.admissionControl</varname> was + renamed to + <varname>services.kubernetes.apiserver.enableAdmissionPlugins</varname>. + </para> + </listitem> + <listitem> + <para> + Recommended way to access the Kubernetes Dashboard is via HTTPS (TLS) + Therefore; public service port for the dashboard has changed to 443 + (container port 8443) and scheme to https. + </para> + </listitem> + <listitem> + <para> + The option <varname>services.kubernetes.apiserver.address</varname> was + renamed to <varname>services.kubernetes.apiserver.bindAddress</varname>. + Note that the default value has changed from 127.0.0.1 to 0.0.0.0. + </para> + </listitem> + <listitem> + <para> + The option <varname>services.kubernetes.apiserver.publicAddress</varname> + was not used and thus has been removed. + </para> + </listitem> + <listitem> + <para> + The option + <varname>services.kubernetes.addons.dashboard.enableRBAC</varname> was + renamed to + <varname>services.kubernetes.addons.dashboard.rbac.enable</varname>. + </para> + </listitem> + <listitem> + <para> + The Kubernetes Dashboard now has only minimal RBAC permissions by default. + If dashboard cluster-admin rights are desired, set + <varname>services.kubernetes.addons.dashboard.rbac.clusterAdmin</varname> + to true. On existing clusters, in order for the revocation of privileges + to take effect, the current ClusterRoleBinding for kubernetes-dashboard + must be manually removed: <literal>kubectl delete clusterrolebinding + kubernetes-dashboard</literal> + </para> + </listitem> + <listitem> + <para> + The <varname>programs.screen</varname> module provides allows to configure + <literal>/etc/screenrc</literal>, however the module behaved fairly + counterintuitive as the config exists, but the package wasn't available. + Since 18.09 <literal>pkgs.screen</literal> will be added to + <literal>environment.systemPackages</literal>. + </para> + </listitem> + <listitem> + <para> + The module <option>services.networking.hostapd</option> now uses WPA2 by + default. + </para> + </listitem> + <listitem> + <para> + <varname>s6Dns</varname>, <varname>s6Networking</varname>, + <varname>s6LinuxUtils</varname> and <varname>s6PortableUtils</varname> + renamed to <varname>s6-dns</varname>, <varname>s6-networking</varname>, + <varname>s6-linux-utils</varname> and <varname>s6-portable-utils</varname> + respectively. + </para> + </listitem> + <listitem> + <para> + The module option <option>nix.useSandbox</option> is now defaulted to + <literal>true</literal>. + </para> + </listitem> + <listitem> + <para> + The config activation script of <literal>nixos-rebuild</literal> now + <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemctl.html#Manager%20Lifecycle%20Commands">reloads</link> + all user units for each authenticated user. + </para> + </listitem> + <listitem> + <para> + The default display manager is now LightDM. To use SLiM set + <literal>services.xserver.displayManager.slim.enable</literal> to + <literal>true</literal>. + </para> + </listitem> + <listitem> + <para> + NixOS option descriptions are now automatically broken up into individual + paragraphs if the text contains two consecutive newlines, so it's no + longer necessary to use <code></para><para></code> to start a + new paragraph. + </para> + </listitem> + <listitem> + <para> + Top-level <literal>buildPlatform</literal>, + <literal>hostPlatform</literal>, and <literal>targetPlatform</literal> in + Nixpkgs are deprecated. Please use their equivalents in + <literal>stdenv</literal> instead: + <literal>stdenv.buildPlatform</literal>, + <literal>stdenv.hostPlatform</literal>, and + <literal>stdenv.targetPlatform</literal>. + </para> + </listitem> + </itemizedlist> + </section> +</section> |