pyrox.dev
1<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-15.09">
2 <title>Release 15.09 (<quote>Dingo</quote>, 2015/09/30)</title>
3 <para>
4 In addition to numerous new and upgraded packages, this release has
5 the following highlights:
6 </para>
7 <itemizedlist>
8 <listitem>
9 <para>
10 The <link xlink:href="http://haskell.org/">Haskell</link>
11 packages infrastructure has been re-designed from the ground up
12 ("Haskell NG"). NixOS now distributes the latest
13 version of every single package registered on
14 <link xlink:href="http://hackage.haskell.org/">Hackage</link> --
15 well in excess of 8,000 Haskell packages. Detailed instructions
16 on how to use that infrastructure can be found in the
17 <link xlink:href="https://nixos.org/nixpkgs/manual/#users-guide-to-the-haskell-infrastructure">User's
18 Guide to the Haskell Infrastructure</link>. Users migrating from
19 an earlier release may find helpful information below, in the
20 list of backwards-incompatible changes. Furthermore, we
21 distribute 51(!) additional Haskell package sets that provide
22 every single <link xlink:href="http://www.stackage.org/">LTS
23 Haskell</link> release since version 0.0 as well as the most
24 recent <link xlink:href="http://www.stackage.org/">Stackage
25 Nightly</link> snapshot. The announcement
26 <link xlink:href="https://nixos.org/nix-dev/2015-September/018138.html">"Full
27 Stackage Support in Nixpkgs"</link> gives additional
28 details.
29 </para>
30 </listitem>
31 <listitem>
32 <para>
33 Nix has been updated to version 1.10, which among other
34 improvements enables cryptographic signatures on binary caches
35 for improved security.
36 </para>
37 </listitem>
38 <listitem>
39 <para>
40 You can now keep your NixOS system up to date automatically by
41 setting
42 </para>
43 </listitem>
44 </itemizedlist>
45 <programlisting language="bash">
46{
47 system.autoUpgrade.enable = true;
48}
49</programlisting>
50 <para>
51 This will cause the system to periodically check for updates in your
52 current channel and run <literal>nixos-rebuild</literal>.
53 </para>
54 <itemizedlist>
55 <listitem>
56 <para>
57 This release is based on Glibc 2.21, GCC 4.9 and Linux 3.18.
58 </para>
59 </listitem>
60 <listitem>
61 <para>
62 GNOME has been upgraded to 3.16.
63 </para>
64 </listitem>
65 <listitem>
66 <para>
67 Xfce has been upgraded to 4.12.
68 </para>
69 </listitem>
70 <listitem>
71 <para>
72 KDE 5 has been upgraded to KDE Frameworks 5.10, Plasma 5.3.2 and
73 Applications 15.04.3. KDE 4 has been updated to kdelibs-4.14.10.
74 </para>
75 </listitem>
76 <listitem>
77 <para>
78 E19 has been upgraded to 0.16.8.15.
79 </para>
80 </listitem>
81 </itemizedlist>
82 <para>
83 The following new services were added since the last release:
84 </para>
85 <itemizedlist>
86 <listitem>
87 <para>
88 <literal>services/mail/exim.nix</literal>
89 </para>
90 </listitem>
91 <listitem>
92 <para>
93 <literal>services/misc/apache-kafka.nix</literal>
94 </para>
95 </listitem>
96 <listitem>
97 <para>
98 <literal>services/misc/canto-daemon.nix</literal>
99 </para>
100 </listitem>
101 <listitem>
102 <para>
103 <literal>services/misc/confd.nix</literal>
104 </para>
105 </listitem>
106 <listitem>
107 <para>
108 <literal>services/misc/devmon.nix</literal>
109 </para>
110 </listitem>
111 <listitem>
112 <para>
113 <literal>services/misc/gitit.nix</literal>
114 </para>
115 </listitem>
116 <listitem>
117 <para>
118 <literal>services/misc/ihaskell.nix</literal>
119 </para>
120 </listitem>
121 <listitem>
122 <para>
123 <literal>services/misc/mbpfan.nix</literal>
124 </para>
125 </listitem>
126 <listitem>
127 <para>
128 <literal>services/misc/mediatomb.nix</literal>
129 </para>
130 </listitem>
131 <listitem>
132 <para>
133 <literal>services/misc/mwlib.nix</literal>
134 </para>
135 </listitem>
136 <listitem>
137 <para>
138 <literal>services/misc/parsoid.nix</literal>
139 </para>
140 </listitem>
141 <listitem>
142 <para>
143 <literal>services/misc/plex.nix</literal>
144 </para>
145 </listitem>
146 <listitem>
147 <para>
148 <literal>services/misc/ripple-rest.nix</literal>
149 </para>
150 </listitem>
151 <listitem>
152 <para>
153 <literal>services/misc/ripple-data-api.nix</literal>
154 </para>
155 </listitem>
156 <listitem>
157 <para>
158 <literal>services/misc/subsonic.nix</literal>
159 </para>
160 </listitem>
161 <listitem>
162 <para>
163 <literal>services/misc/sundtek.nix</literal>
164 </para>
165 </listitem>
166 <listitem>
167 <para>
168 <literal>services/monitoring/cadvisor.nix</literal>
169 </para>
170 </listitem>
171 <listitem>
172 <para>
173 <literal>services/monitoring/das_watchdog.nix</literal>
174 </para>
175 </listitem>
176 <listitem>
177 <para>
178 <literal>services/monitoring/grafana.nix</literal>
179 </para>
180 </listitem>
181 <listitem>
182 <para>
183 <literal>services/monitoring/riemann-tools.nix</literal>
184 </para>
185 </listitem>
186 <listitem>
187 <para>
188 <literal>services/monitoring/teamviewer.nix</literal>
189 </para>
190 </listitem>
191 <listitem>
192 <para>
193 <literal>services/network-filesystems/u9fs.nix</literal>
194 </para>
195 </listitem>
196 <listitem>
197 <para>
198 <literal>services/networking/aiccu.nix</literal>
199 </para>
200 </listitem>
201 <listitem>
202 <para>
203 <literal>services/networking/asterisk.nix</literal>
204 </para>
205 </listitem>
206 <listitem>
207 <para>
208 <literal>services/networking/bird.nix</literal>
209 </para>
210 </listitem>
211 <listitem>
212 <para>
213 <literal>services/networking/charybdis.nix</literal>
214 </para>
215 </listitem>
216 <listitem>
217 <para>
218 <literal>services/networking/docker-registry-server.nix</literal>
219 </para>
220 </listitem>
221 <listitem>
222 <para>
223 <literal>services/networking/fan.nix</literal>
224 </para>
225 </listitem>
226 <listitem>
227 <para>
228 <literal>services/networking/firefox/sync-server.nix</literal>
229 </para>
230 </listitem>
231 <listitem>
232 <para>
233 <literal>services/networking/gateone.nix</literal>
234 </para>
235 </listitem>
236 <listitem>
237 <para>
238 <literal>services/networking/heyefi.nix</literal>
239 </para>
240 </listitem>
241 <listitem>
242 <para>
243 <literal>services/networking/i2p.nix</literal>
244 </para>
245 </listitem>
246 <listitem>
247 <para>
248 <literal>services/networking/lambdabot.nix</literal>
249 </para>
250 </listitem>
251 <listitem>
252 <para>
253 <literal>services/networking/mstpd.nix</literal>
254 </para>
255 </listitem>
256 <listitem>
257 <para>
258 <literal>services/networking/nix-serve.nix</literal>
259 </para>
260 </listitem>
261 <listitem>
262 <para>
263 <literal>services/networking/nylon.nix</literal>
264 </para>
265 </listitem>
266 <listitem>
267 <para>
268 <literal>services/networking/racoon.nix</literal>
269 </para>
270 </listitem>
271 <listitem>
272 <para>
273 <literal>services/networking/skydns.nix</literal>
274 </para>
275 </listitem>
276 <listitem>
277 <para>
278 <literal>services/networking/shout.nix</literal>
279 </para>
280 </listitem>
281 <listitem>
282 <para>
283 <literal>services/networking/softether.nix</literal>
284 </para>
285 </listitem>
286 <listitem>
287 <para>
288 <literal>services/networking/sslh.nix</literal>
289 </para>
290 </listitem>
291 <listitem>
292 <para>
293 <literal>services/networking/tinc.nix</literal>
294 </para>
295 </listitem>
296 <listitem>
297 <para>
298 <literal>services/networking/tlsdated.nix</literal>
299 </para>
300 </listitem>
301 <listitem>
302 <para>
303 <literal>services/networking/tox-bootstrapd.nix</literal>
304 </para>
305 </listitem>
306 <listitem>
307 <para>
308 <literal>services/networking/tvheadend.nix</literal>
309 </para>
310 </listitem>
311 <listitem>
312 <para>
313 <literal>services/networking/zerotierone.nix</literal>
314 </para>
315 </listitem>
316 <listitem>
317 <para>
318 <literal>services/scheduling/marathon.nix</literal>
319 </para>
320 </listitem>
321 <listitem>
322 <para>
323 <literal>services/security/fprintd.nix</literal>
324 </para>
325 </listitem>
326 <listitem>
327 <para>
328 <literal>services/security/hologram.nix</literal>
329 </para>
330 </listitem>
331 <listitem>
332 <para>
333 <literal>services/security/munge.nix</literal>
334 </para>
335 </listitem>
336 <listitem>
337 <para>
338 <literal>services/system/cloud-init.nix</literal>
339 </para>
340 </listitem>
341 <listitem>
342 <para>
343 <literal>services/web-servers/shellinabox.nix</literal>
344 </para>
345 </listitem>
346 <listitem>
347 <para>
348 <literal>services/web-servers/uwsgi.nix</literal>
349 </para>
350 </listitem>
351 <listitem>
352 <para>
353 <literal>services/x11/unclutter.nix</literal>
354 </para>
355 </listitem>
356 <listitem>
357 <para>
358 <literal>services/x11/display-managers/sddm.nix</literal>
359 </para>
360 </listitem>
361 <listitem>
362 <para>
363 <literal>system/boot/coredump.nix</literal>
364 </para>
365 </listitem>
366 <listitem>
367 <para>
368 <literal>system/boot/loader/loader.nix</literal>
369 </para>
370 </listitem>
371 <listitem>
372 <para>
373 <literal>system/boot/loader/generic-extlinux-compatible</literal>
374 </para>
375 </listitem>
376 <listitem>
377 <para>
378 <literal>system/boot/networkd.nix</literal>
379 </para>
380 </listitem>
381 <listitem>
382 <para>
383 <literal>system/boot/resolved.nix</literal>
384 </para>
385 </listitem>
386 <listitem>
387 <para>
388 <literal>system/boot/timesyncd.nix</literal>
389 </para>
390 </listitem>
391 <listitem>
392 <para>
393 <literal>tasks/filesystems/exfat.nix</literal>
394 </para>
395 </listitem>
396 <listitem>
397 <para>
398 <literal>tasks/filesystems/ntfs.nix</literal>
399 </para>
400 </listitem>
401 <listitem>
402 <para>
403 <literal>tasks/filesystems/vboxsf.nix</literal>
404 </para>
405 </listitem>
406 <listitem>
407 <para>
408 <literal>virtualisation/virtualbox-host.nix</literal>
409 </para>
410 </listitem>
411 <listitem>
412 <para>
413 <literal>virtualisation/vmware-guest.nix</literal>
414 </para>
415 </listitem>
416 <listitem>
417 <para>
418 <literal>virtualisation/xen-dom0.nix</literal>
419 </para>
420 </listitem>
421 </itemizedlist>
422 <para>
423 When upgrading from a previous release, please be aware of the
424 following incompatible changes:
425 </para>
426 <itemizedlist spacing="compact">
427 <listitem>
428 <para>
429 <literal>sshd</literal> no longer supports DSA and ECDSA host
430 keys by default. If you have existing systems with such host
431 keys and want to continue to use them, please set
432 </para>
433 </listitem>
434 </itemizedlist>
435 <programlisting language="bash">
436{
437 system.stateVersion = "14.12";
438}
439</programlisting>
440 <para>
441 The new option <literal>system.stateVersion</literal> ensures that
442 certain configuration changes that could break existing systems
443 (such as the <literal>sshd</literal> host key setting) will maintain
444 compatibility with the specified NixOS release. NixOps sets the
445 state version of existing deployments automatically.
446 </para>
447 <itemizedlist>
448 <listitem>
449 <para>
450 <literal>cron</literal> is no longer enabled by default, unless
451 you have a non-empty
452 <literal>services.cron.systemCronJobs</literal>. To force
453 <literal>cron</literal> to be enabled, set
454 <literal>services.cron.enable = true</literal>.
455 </para>
456 </listitem>
457 <listitem>
458 <para>
459 Nix now requires binary caches to be cryptographically signed.
460 If you have unsigned binary caches that you want to continue to
461 use, you should set
462 <literal>nix.requireSignedBinaryCaches = false</literal>.
463 </para>
464 </listitem>
465 <listitem>
466 <para>
467 Steam now doesn't need root rights to work. Instead of using
468 <literal>*-steam-chrootenv</literal>, you should now just run
469 <literal>steam</literal>. <literal>steamChrootEnv</literal>
470 package was renamed to <literal>steam</literal>, and old
471 <literal>steam</literal> package -- to
472 <literal>steamOriginal</literal>.
473 </para>
474 </listitem>
475 <listitem>
476 <para>
477 CMPlayer has been renamed to bomi upstream. Package
478 <literal>cmplayer</literal> was accordingly renamed to
479 <literal>bomi</literal>
480 </para>
481 </listitem>
482 <listitem>
483 <para>
484 Atom Shell has been renamed to Electron upstream. Package
485 <literal>atom-shell</literal> was accordingly renamed to
486 <literal>electron</literal>
487 </para>
488 </listitem>
489 <listitem>
490 <para>
491 Elm is not released on Hackage anymore. You should now use
492 <literal>elmPackages.elm</literal> which contains the latest Elm
493 platform.
494 </para>
495 </listitem>
496 <listitem>
497 <para>
498 The CUPS printing service has been updated to version
499 <literal>2.0.2</literal>. Furthermore its systemd service has
500 been renamed to <literal>cups.service</literal>.
501 </para>
502 <para>
503 Local printers are no longer shared or advertised by default.
504 This behavior can be changed by enabling
505 <literal>services.printing.defaultShared</literal> or
506 <literal>services.printing.browsing</literal> respectively.
507 </para>
508 </listitem>
509 <listitem>
510 <para>
511 The VirtualBox host and guest options have been named more
512 consistently. They can now found in
513 <literal>virtualisation.virtualbox.host.*</literal> instead of
514 <literal>services.virtualboxHost.*</literal> and
515 <literal>virtualisation.virtualbox.guest.*</literal> instead of
516 <literal>services.virtualboxGuest.*</literal>.
517 </para>
518 <para>
519 Also, there now is support for the <literal>vboxsf</literal>
520 file system using the <literal>fileSystems</literal>
521 configuration attribute. An example of how this can be used in a
522 configuration:
523 </para>
524 </listitem>
525 </itemizedlist>
526 <programlisting language="bash">
527{
528 fileSystems."/shiny" = {
529 device = "myshinysharedfolder";
530 fsType = "vboxsf";
531 };
532}
533</programlisting>
534 <itemizedlist spacing="compact">
535 <listitem>
536 <para>
537 "<literal>nix-env -qa</literal>" no longer discovers
538 Haskell packages by name. The only packages visible in the
539 global scope are <literal>ghc</literal>,
540 <literal>cabal-install</literal>, and <literal>stack</literal>,
541 but all other packages are hidden. The reason for this
542 inconvenience is the sheer size of the Haskell package set.
543 Name-based lookups are expensive, and most
544 <literal>nix-env -qa</literal> operations would become much
545 slower if we'd add the entire Hackage database into the top
546 level attribute set. Instead, the list of Haskell packages can
547 be displayed by running:
548 </para>
549 </listitem>
550 </itemizedlist>
551 <programlisting>
552nix-env -f "<nixpkgs>" -qaP -A haskellPackages
553</programlisting>
554 <para>
555 Executable programs written in Haskell can be installed with:
556 </para>
557 <programlisting>
558nix-env -f "<nixpkgs>" -iA haskellPackages.pandoc
559</programlisting>
560 <para>
561 Installing Haskell <emphasis>libraries</emphasis> this way, however,
562 is no longer supported. See the next item for more details.
563 </para>
564 <itemizedlist>
565 <listitem>
566 <para>
567 Previous versions of NixOS came with a feature called
568 <literal>ghc-wrapper</literal>, a small script that allowed GHC
569 to transparently pick up on libraries installed in the user's
570 profile. This feature has been deprecated;
571 <literal>ghc-wrapper</literal> was removed from the
572 distribution. The proper way to register Haskell libraries with
573 the compiler now is the
574 <literal>haskellPackages.ghcWithPackages</literal> function. The
575 <link xlink:href="https://nixos.org/nixpkgs/manual/#users-guide-to-the-haskell-infrastructure">User's
576 Guide to the Haskell Infrastructure</link> provides more
577 information about this subject.
578 </para>
579 </listitem>
580 <listitem>
581 <para>
582 All Haskell builds that have been generated with version 1.x of
583 the <literal>cabal2nix</literal> utility are now invalid and
584 need to be re-generated with a current version of
585 <literal>cabal2nix</literal> to function. The most recent
586 version of this tool can be installed by running
587 <literal>nix-env -i cabal2nix</literal>.
588 </para>
589 </listitem>
590 <listitem>
591 <para>
592 The <literal>haskellPackages</literal> set in Nixpkgs used to
593 have a function attribute called <literal>extension</literal>
594 that users could override in their
595 <literal>~/.nixpkgs/config.nix</literal> files to configure
596 additional attributes, etc. That function still exists, but it's
597 now called <literal>overrides</literal>.
598 </para>
599 </listitem>
600 <listitem>
601 <para>
602 The OpenBLAS library has been updated to version
603 <literal>0.2.14</literal>. Support for the
604 <literal>x86_64-darwin</literal> platform was added. Dynamic
605 architecture detection was enabled; OpenBLAS now selects
606 microarchitecture-optimized routines at runtime, so optimal
607 performance is achieved without the need to rebuild OpenBLAS
608 locally. OpenBLAS has replaced ATLAS in most packages which use
609 an optimized BLAS or LAPACK implementation.
610 </para>
611 </listitem>
612 <listitem>
613 <para>
614 The <literal>phpfpm</literal> is now using the default PHP
615 version (<literal>pkgs.php</literal>) instead of PHP 5.4
616 (<literal>pkgs.php54</literal>).
617 </para>
618 </listitem>
619 <listitem>
620 <para>
621 The <literal>locate</literal> service no longer indexes the Nix
622 store by default, preventing packages with potentially numerous
623 versions from cluttering the output. Indexing the store can be
624 activated by setting
625 <literal>services.locate.includeStore = true</literal>.
626 </para>
627 </listitem>
628 <listitem>
629 <para>
630 The Nix expression search path (<literal>NIX_PATH</literal>) no
631 longer contains <literal>/etc/nixos/nixpkgs</literal> by
632 default. You can override <literal>NIX_PATH</literal> by setting
633 <literal>nix.nixPath</literal>.
634 </para>
635 </listitem>
636 <listitem>
637 <para>
638 Python 2.6 has been marked as broken (as it no longer receives
639 security updates from upstream).
640 </para>
641 </listitem>
642 <listitem>
643 <para>
644 Any use of module arguments such as <literal>pkgs</literal> to
645 access library functions, or to define
646 <literal>imports</literal> attributes will now lead to an
647 infinite loop at the time of the evaluation.
648 </para>
649 <para>
650 In case of an infinite loop, use the
651 <literal>--show-trace</literal> command line argument and read
652 the line just above the error message.
653 </para>
654 <programlisting>
655$ nixos-rebuild build --show-trace
656…
657while evaluating the module argument `pkgs' in "/etc/nixos/my-module.nix":
658infinite recursion encountered
659</programlisting>
660 <para>
661 Any use of <literal>pkgs.lib</literal>, should be replaced by
662 <literal>lib</literal>, after adding it as argument of the
663 module. The following module
664 </para>
665 <programlisting language="bash">
666{ config, pkgs, ... }:
667
668with pkgs.lib;
669
670{
671 options = {
672 foo = mkOption { … };
673 };
674 config = mkIf config.foo { … };
675}
676</programlisting>
677 <para>
678 should be modified to look like:
679 </para>
680 <programlisting language="bash">
681{ config, pkgs, lib, ... }:
682
683with lib;
684
685{
686 options = {
687 foo = mkOption { option declaration };
688 };
689 config = mkIf config.foo { option definition };
690}
691</programlisting>
692 <para>
693 When <literal>pkgs</literal> is used to download other projects
694 to import their modules, and only in such cases, it should be
695 replaced by <literal>(import <nixpkgs> {})</literal>. The
696 following module
697 </para>
698 <programlisting language="bash">
699{ config, pkgs, ... }:
700
701let
702 myProject = pkgs.fetchurl {
703 src = url;
704 sha256 = hash;
705 };
706in
707
708{
709 imports = [ "${myProject}/module.nix" ];
710}
711</programlisting>
712 <para>
713 should be modified to look like:
714 </para>
715 <programlisting language="bash">
716{ config, pkgs, ... }:
717
718let
719 myProject = (import <nixpkgs> {}).fetchurl {
720 src = url;
721 sha256 = hash;
722 };
723in
724
725{
726 imports = [ "${myProject}/module.nix" ];
727}
728</programlisting>
729 </listitem>
730 </itemizedlist>
731 <para>
732 Other notable improvements:
733 </para>
734 <itemizedlist>
735 <listitem>
736 <para>
737 The nixos and nixpkgs channels were unified, so one
738 <emphasis>can</emphasis> use
739 <literal>nix-env -iA nixos.bash</literal> instead of
740 <literal>nix-env -iA nixos.pkgs.bash</literal>. See
741 <link xlink:href="https://github.com/NixOS/nixpkgs/commit/2cd7c1f198">the
742 commit</link> for details.
743 </para>
744 </listitem>
745 <listitem>
746 <para>
747 Users running an SSH server who worry about the quality of their
748 <literal>/etc/ssh/moduli</literal> file with respect to the
749 <link xlink:href="https://stribika.github.io/2015/01/04/secure-secure-shell.html">vulnerabilities
750 discovered in the Diffie-Hellman key exchange</link> can now
751 replace OpenSSH's default version with one they generated
752 themselves using the new
753 <literal>services.openssh.moduliFile</literal> option.
754 </para>
755 </listitem>
756 <listitem>
757 <para>
758 A newly packaged TeX Live 2015 is provided in
759 <literal>pkgs.texlive</literal>, split into 6500 nix packages.
760 For basic user documentation see
761 <link xlink:href="https://github.com/NixOS/nixpkgs/blob/release-15.09/pkgs/tools/typesetting/tex/texlive/default.nix#L1">the
762 source</link>. Beware of
763 <link xlink:href="https://github.com/NixOS/nixpkgs/issues/9757">an
764 issue</link> when installing a too large package set. The plan
765 is to deprecate and maybe delete the original TeX packages until
766 the next release.
767 </para>
768 </listitem>
769 <listitem>
770 <para>
771 <literal>buildEnv.env</literal> on all Python interpreters is
772 now available for nix-shell interoperability.
773 </para>
774 </listitem>
775 </itemizedlist>
776</section>