pyrox.dev
1<section xmlns="http://docbook.org/ns/docbook"
2 xmlns:xlink="http://www.w3.org/1999/xlink"
3 xmlns:xi="http://www.w3.org/2001/XInclude"
4 version="5.0"
5 xml:id="sec-release-18.03">
6
7<title>Release 18.03 (“Impala”, 2018/03/??)</title>
8
9<section xmlns="http://docbook.org/ns/docbook"
10 xmlns:xlink="http://www.w3.org/1999/xlink"
11 xmlns:xi="http://www.w3.org/2001/XInclude"
12 version="5.0"
13 xml:id="sec-release-18.03-highlights">
14
15<title>Highlights</title>
16
17<para>In addition to numerous new and upgraded packages, this release
18has the following highlights: </para>
19
20<itemizedlist>
21 <listitem>
22 <para>
23 Nix now defaults to 2.0; see its
24 <link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-2.0">release notes</link>.
25 </para>
26 </listitem>
27
28 <listitem>
29 <para>
30 Linux kernel defaults to the 4.14 branch (it was 4.9).
31 </para>
32 </listitem>
33
34 <listitem>
35 <para>
36 GCC defaults to 7.x (it was 6.x).
37 </para>
38 </listitem>
39
40 <listitem>
41 <para>
42 MariaDB 10.2, updated from 10.1, is now the default MySQL implementation. While upgrading a few changes
43 have been made to the infrastructure involved:
44 <itemizedlist>
45 <listitem>
46 <para>
47 <literal>libmysql</literal> has been deprecated, please use <literal>mysql.connector-c</literal>
48 instead, a compatibility passthru has been added to the MySQL packages.
49 </para>
50 </listitem>
51 <listitem>
52 <para>
53 The <literal>mysql57</literal> package has a new <literal>static</literal> output containing
54 the static libraries including <literal>libmysqld.a</literal>
55 </para>
56 </listitem>
57 </itemizedlist>
58 </para>
59 </listitem>
60
61 <listitem>
62 <para>
63 The GNOME version is now 3.26.
64 </para>
65 </listitem>
66
67 <listitem>
68 <para>PHP now defaults to PHP 7.2</para>
69 </listitem>
70</itemizedlist>
71
72</section>
73<section xmlns="http://docbook.org/ns/docbook"
74 xmlns:xlink="http://www.w3.org/1999/xlink"
75 xmlns:xi="http://www.w3.org/2001/XInclude"
76 version="5.0"
77 xml:id="sec-release-18.03-new-services">
78
79<title>New Services</title>
80
81<para>The following new services were added since the last release:</para>
82
83<itemizedlist>
84 <listitem>
85 <para></para>
86 </listitem>
87</itemizedlist>
88
89</section>
90<section xmlns="http://docbook.org/ns/docbook"
91 xmlns:xlink="http://www.w3.org/1999/xlink"
92 xmlns:xi="http://www.w3.org/2001/XInclude"
93 version="5.0"
94 xml:id="sec-release-18.03-incompatibilities">
95
96<title>Backward Incompatibilities</title>
97
98<para>When upgrading from a previous release, please be aware of the
99following incompatible changes:</para>
100
101<itemizedlist>
102 <listitem>
103 <para>
104 <literal>sound.enable</literal> now defaults to false.
105 </para>
106 </listitem>
107 <listitem>
108 <para>
109 Dollar signs in options under <option>services.postfix</option> are
110 passed verbatim to Postfix, which will interpret them as the beginning of
111 a parameter expression. This was already true for string-valued options
112 in the previous release, but not for list-valued options. If you need to
113 pass literal dollar signs through Postfix, double them.
114 </para>
115 </listitem>
116 <listitem>
117 <para>
118 The <literal>postage</literal> package (for web-based PostgreSQL
119 administration) has been renamed to <literal>pgmanage</literal>. The
120 corresponding module has also been renamed. To migrate please rename all
121 <option>services.postage</option> options to
122 <option>services.pgmanage</option>.
123 </para>
124 </listitem>
125 <listitem>
126 <para>
127 Package attributes starting with a digit have been prefixed with an
128 underscore sign. This is to avoid quoting in the configuration and
129 other issues with command-line tools like <literal>nix-env</literal>.
130 The change affects the following packages:
131 <itemizedlist>
132 <listitem>
133 <para><literal>2048-in-terminal</literal> → <literal>_2048-in-terminal</literal></para>
134 </listitem>
135 <listitem>
136 <para><literal>90secondportraits</literal> → <literal>_90secondportraits</literal></para>
137 </listitem>
138 <listitem>
139 <para><literal>2bwm</literal> → <literal>_2bwm</literal></para>
140 </listitem>
141 <listitem>
142 <para><literal>389-ds-base</literal> → <literal>_389-ds-base</literal></para>
143 </listitem>
144 </itemizedlist>
145 </para>
146 </listitem>
147 <listitem>
148 <para>
149 <emphasis role="strong">
150 The OpenSSH service no longer enables support for DSA keys by default,
151 which could cause a system lock out. Update your keys or, unfavorably,
152 re-enable DSA support manually.
153 </emphasis>
154 </para>
155
156 <para>
157 DSA support was
158 <link xlink:href="https://www.openssh.com/legacy.html">deprecated in OpenSSH 7.0</link>,
159 due to it being too weak. To re-enable support, add
160 <literal>PubkeyAcceptedKeyTypes +ssh-dss</literal> to the end of your
161 <option>services.openssh.extraConfig</option>.
162 </para>
163
164 <para>
165 After updating the keys to be stronger, anyone still on a pre-17.03
166 version is safe to jump to 17.03, as vetted
167 <link xlink:href="https://search.nix.gsc.io/?q=stateVersion">here</link>.
168 </para>
169 </listitem>
170 <listitem>
171 <para>
172 The <literal>openssh</literal> package
173 now includes Kerberos support by default;
174 the <literal>openssh_with_kerberos</literal> package
175 is now a deprecated alias.
176 If you do not want Kerberos support,
177 you can do <literal>openssh.override { withKerboros = false; }</literal>.
178 Note, this also applies to the <literal>openssh_hpn</literal> package.
179 </para>
180 </listitem>
181 <listitem>
182 <para>
183 <literal>cc-wrapper</literal> has been split in two; there is now also a <literal>bintools-wrapper</literal>.
184 The most commonly used files in <filename>nix-support</filename> are now split between the two wrappers.
185 Some commonly used ones, like <filename>nix-support/dynamic-linker</filename>, are duplicated for backwards compatability, even though they rightly belong only in <literal>bintools-wrapper</literal>.
186 Other more obscure ones are just moved.
187 </para>
188 </listitem>
189 <listitem>
190 <para>
191 The propagation logic has been changed.
192 The new logic, along with new types of dependencies that go with, is thoroughly documented in the "Specifying dependencies" section of the "Standard Environment" chapter of the nixpkgs manual.
193 <!-- That's <xref linkend="ssec-stdenv-attributes"> were we to merge the manuals. -->
194 The old logic isn't but is easy to describe: dependencies were propagated as the same type of dependency no matter what.
195 In practice, that means that many <function>propagatedNativeBuildInputs</function> should instead be <function>propagatedBuildInputs</function>.
196 Thankfully, that was and is the least used type of dependency.
197 Also, it means that some <function>propagatedBuildInputs</function> should instead be <function>depsTargetTargetPropagated</function>.
198 Other types dependencies should be unaffected.
199 </para>
200 </listitem>
201 <listitem>
202 <para>
203 <literal>lib.addPassthru drv passthru</literal> is removed. Use <literal>lib.extendDerivation true passthru drv</literal> instead.
204 </para>
205 </listitem>
206 <listitem>
207 <para>
208 The <literal>memcached</literal> service no longer accept dynamic socket
209 paths via <option>services.memcached.socket</option>. Unix sockets can be
210 still enabled by <option>services.memcached.enableUnixSocket</option> and
211 will be accessible at <literal>/run/memcached/memcached.sock</literal>.
212 </para>
213 </listitem>
214 <listitem>
215 <para>
216 The <varname>hardware.amdHybridGraphics.disable</varname> option was removed for lack of a maintainer. If you still need this module, you may wish to include a copy of it from an older version of nixos in your imports.
217 </para>
218 </listitem>
219 <listitem>
220 <para>
221 The merging of config options for <varname>services.postfix.config</varname>
222 was buggy. Previously, if other options in the Postfix module like
223 <varname>services.postfix.useSrs</varname> were set and the user set config
224 options that were also set by such options, the resulting config wouldn't
225 include all options that were needed. They are now merged correctly. If
226 config options need to be overridden, <literal>lib.mkForce</literal> or
227 <literal>lib.mkOverride</literal> can be used.
228 </para>
229 </listitem>
230 <listitem>
231 <para>
232 The following changes apply if the <literal>stateVersion</literal> is changed to 18.03 or higher.
233 For <literal>stateVersion = "17.09"</literal> or lower the old behavior is preserved.
234 </para>
235 <itemizedlist>
236 <listitem>
237 <para>
238 <literal>matrix-synapse</literal> uses postgresql by default instead of sqlite.
239 Migration instructions can be found <link xlink:href="https://github.com/matrix-org/synapse/blob/master/docs/postgres.rst#porting-from-sqlite"> here </link>.
240 </para>
241 </listitem>
242 </itemizedlist>
243 </listitem>
244 <listitem>
245 <para>
246 The <literal>jid</literal> package has been removed, due to maintenance
247 overhead of a go package having non-versioned dependencies.
248 </para>
249 </listitem>
250 <listitem>
251 <para>
252 When using <option>services.xserver.libinput</option> (enabled by default in GNOME),
253 it now handles all input devices, not just touchpads. As a result, you might need to
254 re-evaluate any custom Xorg configuration. In particular,
255 <literal>Option "XkbRules" "base"</literal> may result in broken keyboard layout.
256 </para>
257 </listitem>
258 <listitem>
259 <para>
260 The <literal>attic</literal> package was removed. A maintained fork called
261 <link xlink:href="https://www.borgbackup.org/">Borg</link> should be used instead.
262 Migration instructions can be found
263 <link xlink:href="http://borgbackup.readthedocs.io/en/stable/usage/upgrade.html#attic-and-borg-0-xx-to-borg-1-x">here</link>.
264 </para>
265 </listitem>
266 <listitem>
267 <para>
268 The Piwik analytics software was renamed to Matomo:
269 <itemizedlist>
270 <listitem>
271 <para>The package <literal>pkgs.piwik</literal> was renamed to <literal>pkgs.matomo</literal>.</para>
272 </listitem>
273 <listitem>
274 <para>The service <literal>services.piwik</literal> was renamed to <literal>services.matomo</literal>.</para>
275 </listitem>
276 <listitem>
277 <para>
278 The data directory <filename>/var/lib/piwik</filename> was renamed to <filename>/var/lib/matomo</filename>.
279 All files will be moved automatically on first startup, but you might need to adjust your backup scripts.
280 </para>
281 </listitem>
282 <listitem>
283 <para>
284 The default <option>serverName</option> for the nginx configuration changed from
285 <literal>piwik.${config.networking.hostName}</literal> to
286 <literal>matomo.${config.networking.hostName}.${config.networking.domain}</literal>
287 if <option>config.networking.domain</option> is set,
288 <literal>matomo.${config.networking.hostName}</literal> if it is not set.
289 If you change your <option>serverName</option>, remember you'll need to update the
290 <literal>trustedHosts[]</literal> array in <filename>/var/lib/matomo/config/config.ini.php</filename>
291 as well.
292 </para>
293 </listitem>
294 <listitem>
295 <para>
296 The <literal>piwik</literal> user was renamed to <literal>matomo</literal>.
297 The service will adjust ownership automatically for files in the data directory.
298 If you use unix socket authentication, remember to give the new <literal>matomo</literal> user
299 access to the database and to change the <literal>username</literal> to <literal>matomo</literal>
300 in the <literal>[database]</literal> section of <filename>/var/lib/matomo/config/config.ini.php</filename>.
301 </para>
302 </listitem>
303 <listitem>
304 <para>
305 If you named your database `piwik`, you might want to rename it to `matomo` to keep things clean,
306 but this is neither enforced nor required.
307 </para>
308 </listitem>
309 </itemizedlist>
310 </para>
311 </listitem>
312 <listitem>
313 <para>
314 <literal>nodejs-4_x</literal> is end-of-life.
315 <literal>nodejs-4_x</literal>, <literal>nodejs-slim-4_x</literal> and <literal>nodePackages_4_x</literal> are removed.
316 </para>
317 </listitem>
318 <listitem>
319 <para>
320 The <literal>pump.io</literal> NixOS module was removed.
321 It is now maintained as an
322 <link xlink:href="https://github.com/rvl/pump.io-nixos">external module</link>.
323 </para>
324 </listitem>
325</itemizedlist>
326
327</section>
328<section xmlns="http://docbook.org/ns/docbook"
329 xmlns:xlink="http://www.w3.org/1999/xlink"
330 xmlns:xi="http://www.w3.org/2001/XInclude"
331 version="5.0"
332 xml:id="sec-release-18.03-notable-changes">
333
334<title>Other Notable Changes</title>
335
336<itemizedlist>
337 <listitem>
338 <para>
339 ZNC option <option>services.znc.mutable</option> now defaults to
340 <literal>true</literal>. That means that old configuration is not
341 overwritten by default when update to the znc options are made.
342 </para>
343 </listitem>
344 <listitem>
345 <para>
346 The option <option>networking.wireless.networks.<name>.auth</option>
347 has been added for wireless networks with WPA-Enterprise authentication.
348 There is also a new <option>extraConfig</option> option to directly
349 configure <literal>wpa_supplicant</literal> and <option>hidden</option>
350 to connect to hidden networks.
351 </para>
352 </listitem>
353 <listitem>
354 <para>
355 In the module <option>networking.interfaces.<name></option> the
356 following options have been removed:
357 <itemizedlist>
358 <listitem>
359 <para><option>ipAddress</option></para>
360 </listitem>
361 <listitem>
362 <para><option>ipv6Address</option></para>
363 </listitem>
364 <listitem>
365 <para><option>prefixLength</option></para>
366 </listitem>
367 <listitem>
368 <para><option>ipv6PrefixLength</option></para>
369 </listitem>
370 <listitem>
371 <para><option>subnetMask</option></para>
372 </listitem>
373 </itemizedlist>
374 To assign static addresses to an interface the options
375 <option>ipv4.addresses</option> and <option>ipv6.addresses</option>
376 should be used instead.
377 The options <option>ip4</option> and <option>ip6</option> have been
378 renamed to <option>ipv4.addresses</option> <option>ipv6.addresses</option>
379 respectively.
380 The new options <option>ipv4.routes</option> and <option>ipv6.routes</option>
381 have been added to set up static routing.
382 </para>
383 </listitem>
384 <listitem>
385 <para>
386 The option <option>services.xserver.desktopManager.default</option> is now
387 <literal>none</literal> by default. An assertion failure is thrown if WM's
388 and DM's default are <literal>none</literal>.
389 To explicitly run a plain X session without and DM or WM, the newly
390 introduced option <option>services.xserver.plainX</option> must be set to true.
391 </para>
392 </listitem>
393 <listitem>
394 <para>
395 The option <option>services.logstash.listenAddress</option> is now <literal>127.0.0.1</literal> by default.
396 Previously the default behaviour was to listen on all interfaces.
397 </para>
398 </listitem>
399 <listitem>
400 <para>
401 <literal>services.btrfs.autoScrub</literal> has been added, to
402 periodically check btrfs filesystems for data corruption.
403 If there's a correct copy available, it will automatically repair
404 corrupted blocks.
405 </para>
406 </listitem>
407 <listitem>
408 <para>
409 <literal>displayManager.lightdm.greeters.gtk.clock-format.</literal>
410 has been added, the clock format string (as expected by
411 strftime, e.g. <literal>%H:%M</literal>) to use with the lightdm
412 gtk greeter panel.
413 </para>
414 <para>
415 If set to null the default clock format is used.
416 </para>
417 </listitem>
418 <listitem>
419 <para>
420 <literal>displayManager.lightdm.greeters.gtk.indicators</literal>
421 has been added, a list of allowed indicator modules to use with
422 the lightdm gtk greeter panel.
423 </para>
424 <para>
425 Built-in indicators include <literal>~a11y</literal>,
426 <literal>~language</literal>, <literal>~session</literal>,
427 <literal>~power</literal>, <literal>~clock</literal>,
428 <literal>~host</literal>, <literal>~spacer</literal>. Unity
429 indicators can be represented by short name
430 (e.g. <literal>sound</literal>, <literal>power</literal>),
431 service file name, or absolute path.
432 </para>
433 <para>
434 If set to <literal>null</literal> the default indicators are
435 used.
436 </para>
437 <para>
438 In order to have the previous default configuration add
439<programlisting>
440 services.xserver.displayManager.lightdm.greeters.gtk.indicators = [
441 "~host" "~spacer"
442 "~clock" "~spacer"
443 "~session"
444 "~language"
445 "~a11y"
446 "~power"
447 ];
448</programlisting>
449 to your <literal>configuration.nix</literal>.
450 </para>
451 </listitem>
452 <listitem>
453 <para>
454 The NixOS test driver supports user services declared by <literal>systemd.user.services</literal>.
455 The methods <literal>waitForUnit</literal>, <literal>getUnitInfo</literal>, <literal>startJob</literal>
456 and <literal>stopJob</literal> provide an optional <literal>$user</literal> argument for that purpose.
457 </para>
458 </listitem>
459 <listitem>
460 <para>
461 Enabling bash completion on NixOS, <literal>programs.bash.enableCompletion</literal>, will now also enable
462 completion for the Nix command line tools by installing the
463 <link xlink:href="https://github.com/hedning/nix-bash-completions">nix-bash-completions</link> package.
464 </para>
465 </listitem>
466</itemizedlist>
467
468</section>
469</section>