diff options
Diffstat (limited to 'nixos/doc/manual/from_md/release-notes/rl-2111.section.xml')
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2111.section.xml | 720 |
1 files changed, 720 insertions, 0 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml new file mode 100644 index 00000000000..9dd98a5262f --- /dev/null +++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml @@ -0,0 +1,720 @@ +<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-21.11"> + <title>Release 21.11 (“?”, 2021.11/??)</title> + <para> + In addition to numerous new and upgraded packages, this release has + the following highlights: + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + Support is planned until the end of June 2022, handing over to + 22.05. + </para> + </listitem> + </itemizedlist> + <section xml:id="sec-release-21.11-highlights"> + <title>Highlights</title> + <itemizedlist> + <listitem> + <para> + PHP now defaults to PHP 8.0, updated from 7.4. + </para> + </listitem> + <listitem> + <para> + kOps now defaults to 1.21.0, which uses containerd as the + default runtime. + </para> + </listitem> + <listitem> + <para> + <literal>python3</literal> now defaults to Python 3.9, updated + from Python 3.8. + </para> + </listitem> + <listitem> + <para> + PostgreSQL now defaults to major version 13. + </para> + </listitem> + </itemizedlist> + </section> + <section xml:id="sec-release-21.11-new-services"> + <title>New Services</title> + <itemizedlist> + <listitem> + <para> + <link xlink:href="https://digint.ch/btrbk/index.html">btrbk</link>, + a backup tool for btrfs subvolumes, taking advantage of btrfs + specific capabilities to create atomic snapshots and transfer + them incrementally to your backup locations. Available as + <link xlink:href="options.html#opt-services.brtbk.instances">services.btrbk</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/xrelkd/clipcat/">clipcat</link>, + an X11 clipboard manager written in Rust. Available at + [services.clipcat](options.html#o pt-services.clipcat.enable). + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/maxmind/geoipupdate">geoipupdate</link>, + a GeoIP database updater from MaxMind. Available as + <link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://www.isc.org/kea/">Kea</link>, ISCs + 2nd generation DHCP and DDNS server suite. Available at + <link xlink:href="options.html#opt-services.kea">services.kea</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://sr.ht">sourcehut</link>, a + collection of tools useful for software development. Available + as + <link xlink:href="options.html#opt-services.sourcehut.enable">services.sourcehut</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://download.pureftpd.org/pub/ucarp/README">ucarp</link>, + an userspace implementation of the Common Address Redundancy + Protocol (CARP). Available as + <link xlink:href="options.html#opt-networking.ucarp.enable">networking.ucarp</link>. + </para> + </listitem> + <listitem> + <para> + Users of flashrom should migrate to + <link xlink:href="options.html#opt-programs.flashrom.enable">programs.flashrom.enable</link> + and add themselves to the <literal>flashrom</literal> group to + be able to access programmers supported by flashrom. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://vikunja.io">vikunja</link>, a to-do + list app. Available as + <link linkend="opt-services.vikunja.enable">services.vikunja</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://www.snapraid.it/">snapraid</link>, a + backup program for disk arrays. Available as + <link linkend="opt-snapraid.enable">snapraid</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/hockeypuck/hockeypuck">Hockeypuck</link>, + a OpenPGP Key Server. Available as + <link linkend="opt-services.hockeypuck.enable">services.hockeypuck</link>. + </para> + </listitem> + <listitem> + <para> + <link xlink:href="https://github.com/buildkite/buildkite-agent-metrics">buildkite-agent-metrics</link>, + a command-line tool for collecting Buildkite agent metrics, + now has a Prometheus exporter available as + <link linkend="opt-services.prometheus.exporters.buildkite-agent.enable">services.prometheus.exporters.buildkite-agent</link>. + </para> + </listitem> + </itemizedlist> + </section> + <section xml:id="sec-release-21.11-incompatibilities"> + <title>Backward Incompatibilities</title> + <itemizedlist> + <listitem> + <para> + The <literal>staticjinja</literal> package has been upgraded + from 1.0.4 to 3.0.1 + </para> + </listitem> + <listitem> + <para> + <literal>services.geoip-updater</literal> was broken and has + been replaced by + <link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>. + </para> + </listitem> + <listitem> + <para> + PHP 7.3 is no longer supported due to upstream not supporting + this version for the entire lifecycle of the 21.11 release. + </para> + </listitem> + <listitem> + <para> + Those making use of <literal>buildBazelPackage</literal> will + need to regenerate the fetch hashes (preferred), or set + <literal>fetchConfigured = false;</literal>. + </para> + </listitem> + <listitem> + <para> + <literal>consul</literal> was upgraded to a new major release + with breaking changes, see + <link xlink:href="https://github.com/hashicorp/consul/releases/tag/v1.10.0">upstream + changelog</link>. + </para> + </listitem> + <listitem> + <para> + fsharp41 has been removed in preference to use the latest + dotnet-sdk + </para> + </listitem> + <listitem> + <para> + The following F#-related packages have been removed for being + unmaintaned. Please use <literal>fetchNuGet</literal> for + specific packages. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + ExtCore + </para> + </listitem> + <listitem> + <para> + Fake + </para> + </listitem> + <listitem> + <para> + Fantomas + </para> + </listitem> + <listitem> + <para> + FsCheck + </para> + </listitem> + <listitem> + <para> + FsCheck262 + </para> + </listitem> + <listitem> + <para> + FsCheckNunit + </para> + </listitem> + <listitem> + <para> + FSharpAutoComplete + </para> + </listitem> + <listitem> + <para> + FSharpCompilerCodeDom + </para> + </listitem> + <listitem> + <para> + FSharpCompilerService + </para> + </listitem> + <listitem> + <para> + FSharpCompilerTools + </para> + </listitem> + <listitem> + <para> + FSharpCore302 + </para> + </listitem> + <listitem> + <para> + FSharpCore3125 + </para> + </listitem> + <listitem> + <para> + FSharpCore4001 + </para> + </listitem> + <listitem> + <para> + FSharpCore4117 + </para> + </listitem> + <listitem> + <para> + FSharpData + </para> + </listitem> + <listitem> + <para> + FSharpData225 + </para> + </listitem> + <listitem> + <para> + FSharpDataSQLProvider + </para> + </listitem> + <listitem> + <para> + FSharpFormatting + </para> + </listitem> + <listitem> + <para> + FsLexYacc + </para> + </listitem> + <listitem> + <para> + FsLexYacc706 + </para> + </listitem> + <listitem> + <para> + FsLexYaccRuntime + </para> + </listitem> + <listitem> + <para> + FsPickler + </para> + </listitem> + <listitem> + <para> + FsUnit + </para> + </listitem> + <listitem> + <para> + Projekt + </para> + </listitem> + <listitem> + <para> + Suave + </para> + </listitem> + <listitem> + <para> + UnionArgParser + </para> + </listitem> + <listitem> + <para> + ExcelDnaRegistration + </para> + </listitem> + <listitem> + <para> + MathNetNumerics + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + <literal>programs.x2goserver</literal> is now + <literal>services.x2goserver</literal> + </para> + </listitem> + <listitem> + <para> + The following dotnet-related packages have been removed for + being unmaintaned. Please use <literal>fetchNuGet</literal> + for specific packages. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + Autofac + </para> + </listitem> + <listitem> + <para> + SystemValueTuple + </para> + </listitem> + <listitem> + <para> + MicrosoftDiaSymReader + </para> + </listitem> + <listitem> + <para> + MicrosoftDiaSymReaderPortablePdb + </para> + </listitem> + <listitem> + <para> + SystemCollectionsImmutable + </para> + </listitem> + <listitem> + <para> + SystemCollectionsImmutable131 + </para> + </listitem> + <listitem> + <para> + SystemReflectionMetadata + </para> + </listitem> + <listitem> + <para> + NUnit350 + </para> + </listitem> + <listitem> + <para> + Deedle + </para> + </listitem> + <listitem> + <para> + ExcelDna + </para> + </listitem> + <listitem> + <para> + GitVersionTree + </para> + </listitem> + <listitem> + <para> + NDeskOptions + </para> + </listitem> + </itemizedlist> + </listitem> + </itemizedlist> + <itemizedlist> + <listitem> + <para> + The <literal>antlr</literal> package now defaults to the 4.x + release instead of the old 2.7.7 version. + </para> + </listitem> + <listitem> + <para> + The <literal>pulseeffects</literal> package updated to + <link xlink:href="https://github.com/wwmm/easyeffects/releases/tag/v6.0.0">version + 4.x</link> and renamed to <literal>easyeffects</literal>. + </para> + </listitem> + <listitem> + <para> + The <literal>libwnck</literal> package now defaults to the 3.x + release instead of the old 2.31.0 version. + </para> + </listitem> + <listitem> + <para> + The <literal>bitwarden_rs</literal> packages and modules were + renamed to <literal>vaultwarden</literal> + <link xlink:href="https://github.com/dani-garcia/vaultwarden/discussions/1642">following + upstream</link>. More specifically, + </para> + <itemizedlist> + <listitem> + <para> + <literal>pkgs.bitwarden_rs</literal>, + <literal>pkgs.bitwarden_rs-sqlite</literal>, + <literal>pkgs.bitwarden_rs-mysql</literal> and + <literal>pkgs.bitwarden_rs-postgresql</literal> were + renamed to <literal>pkgs.vaultwarden</literal>, + <literal>pkgs.vaultwarden-sqlite</literal>, + <literal>pkgs.vaultwarden-mysql</literal> and + <literal>pkgs.vaultwarden-postgresql</literal>, + respectively. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + Old names are preserved as aliases for backwards + compatibility, but may be removed in the future. + </para> + </listitem> + <listitem> + <para> + The <literal>bitwarden_rs</literal> executable was + also renamed to <literal>vaultwarden</literal> in all + packages. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + <literal>pkgs.bitwarden_rs-vault</literal> was renamed to + <literal>pkgs.vaultwarden-vault</literal>. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + <literal>pkgs.bitwarden_rs-vault</literal> is + preserved as an alias for backwards compatibility, but + may be removed in the future. + </para> + </listitem> + <listitem> + <para> + The static files were moved from + <literal>/usr/share/bitwarden_rs</literal> to + <literal>/usr/share/vaultwarden</literal>. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + The <literal>services.bitwarden_rs</literal> config module + was renamed to <literal>services.vaultwarden</literal>. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + <literal>services.bitwarden_rs</literal> is preserved + as an alias for backwards compatibility, but may be + removed in the future. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + <literal>systemd.services.bitwarden_rs</literal>, + <literal>systemd.services.backup-bitwarden_rs</literal> + and <literal>systemd.timers.backup-bitwarden_rs</literal> + were renamed to + <literal>systemd.services.vaultwarden</literal>, + <literal>systemd.services.backup-vaultwarden</literal> and + <literal>systemd.timers.backup-vaultwarden</literal>, + respectively. + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + Old names are preserved as aliases for backwards + compatibility, but may be removed in the future. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + <literal>users.users.bitwarden_rs</literal> and + <literal>users.groups.bitwarden_rs</literal> were renamed + to <literal>users.users.vaultwarden</literal> and + <literal>users.groups.vaultwarden</literal>, respectively. + </para> + </listitem> + <listitem> + <para> + The data directory remains located at + <literal>/var/lib/bitwarden_rs</literal>, for backwards + compatibility. + </para> + </listitem> + </itemizedlist> + </listitem> + </itemizedlist> + <itemizedlist> + <listitem> + <para> + <literal>yggdrasil</literal> was upgraded to a new major + release with breaking changes, see + <link xlink:href="https://github.com/yggdrasil-network/yggdrasil-go/releases/tag/v0.4.0">upstream + changelog</link>. + </para> + </listitem> + <listitem> + <para> + <literal>icingaweb2</literal> was upgraded to a new release + which requires a manual database upgrade, see + <link xlink:href="https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0">upstream + changelog</link>. + </para> + </listitem> + <listitem> + <para> + The <literal>isabelle</literal> package has been upgraded from + 2020 to 2021 + </para> + </listitem> + <listitem> + <para> + the <literal>mingw-64</literal> package has been upgraded from + 6.0.0 to 9.0.0 + </para> + </listitem> + </itemizedlist> + </section> + <section xml:id="sec-release-21.11-notable-changes"> + <title>Other Notable Changes</title> + <itemizedlist> + <listitem> + <para> + The setting + <link xlink:href="options.html#opt-services.openssh.logLevel"><literal>services.openssh.logLevel</literal></link> + <literal>"VERBOSE"</literal> + <literal>"INFO"</literal>. This brings NixOS in line + with upstream and other Linux distributions, and reduces log + spam on servers due to bruteforcing botnets. + </para> + <para> + However, if + <link xlink:href="options.html#opt-services.fail2ban.enable"><literal>services.fail2ban.enable</literal></link> + is <literal>true</literal>, the <literal>fail2ban</literal> + will override the verbosity to + <literal>"VERBOSE"</literal>, so that + <literal>fail2ban</literal> can observe the failed login + attempts from the SSH logs. + </para> + </listitem> + <listitem> + <para> + Sway: The terminal emulator <literal>rxvt-unicode</literal> is + no longer installed by default via + <literal>programs.sway.extraPackages</literal>. The current + default configuration uses <literal>alacritty</literal> (and + soon <literal>foot</literal>) so this is only an issue when + using a customized configuration and not installing + <literal>rxvt-unicode</literal> explicitly. + </para> + </listitem> + <listitem> + <para> + <literal>python3</literal> now defaults to Python 3.9. Python + 3.9 introduces many deprecation warnings, please look at the + <link xlink:href="https://docs.python.org/3/whatsnew/3.9.html">What’s + New In Python 3.9 post</link> for more information. + </para> + </listitem> + <listitem> + <para> + The <literal>claws-mail</literal> package now references the + new GTK+ 3 release branch, major version 4. To use the GTK+ 2 + releases, one can install the + <literal>claws-mail-gtk2</literal> package. + </para> + </listitem> + <listitem> + <para> + The wordpress module provides a new interface which allows to + use different webservers with the new option + <link xlink:href="options.html#opt-services.wordpress.webserver"><literal>services.wordpress.webserver</literal></link>. + Currently <literal>httpd</literal> and + <literal>nginx</literal> are supported. The definitions of + wordpress sites should now be set in + <link xlink:href="options.html#opt-services.wordpress.sites"><literal>services.wordpress.sites</literal></link>. + </para> + <para> + Sites definitions that use the old interface are automatically + migrated in the new option. This backward compatibility will + be removed in 22.05. + </para> + </listitem> + <listitem> + <para> + The order of NSS (host) modules has been brought in line with + upstream recommendations: + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + The <literal>myhostname</literal> module is placed before + the <literal>resolve</literal> (optional) and + <literal>dns</literal> entries, but after + <literal>file</literal> (to allow overriding via + <literal>/etc/hosts</literal> / + <literal>networking.extraHosts</literal>, and prevent ISPs + with catchall-DNS resolvers from hijacking + <literal>.localhost</literal> domains) + </para> + </listitem> + <listitem> + <para> + The <literal>mymachines</literal> module, which provides + hostname resolution for local containers (registered with + <literal>systemd-machined</literal>) is placed to the + front, to make sure its mappings are preferred over other + resolvers. + </para> + </listitem> + <listitem> + <para> + If systemd-networkd is enabled, the + <literal>resolve</literal> module is placed before + <literal>files</literal> and + <literal>myhostname</literal>, as it provides the same + logic internally, with caching. + </para> + </listitem> + <listitem> + <para> + The <literal>mdns(_minimal)</literal> module has been + updated to the new priorities. + </para> + </listitem> + </itemizedlist> + <para> + If you use your own NSS host modules, make sure to update your + priorities according to these rules: + </para> + <itemizedlist spacing="compact"> + <listitem> + <para> + NSS modules which should be queried before + <literal>resolved</literal> DNS resolution should use + mkBefore. + </para> + </listitem> + <listitem> + <para> + NSS modules which should be queried after + <literal>resolved</literal>, <literal>files</literal> and + <literal>myhostname</literal>, but before + <literal>dns</literal> should use the default priority + </para> + </listitem> + <listitem> + <para> + NSS modules which should come after <literal>dns</literal> + should use mkAfter. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> + The + <link xlink:href="options.html#opt-networking.wireless.iwd.enable">networking.wireless.iwd</link> + module has a new + <link xlink:href="options.html#opt-networking.wireless.iwd.settings">networking.wireless.iwd.settings</link> + option. + </para> + </listitem> + <listitem> + <para> + The + <link xlink:href="options.html#opt-services.syncoid.enable">services.syncoid.enable</link> + module now properly drops ZFS permissions after usage. Before + it delegated permissions to whole pools instead of datasets + and didn’t clean up after execution. You can manually look + this up for your pools by running + <literal>zfs allow your-pool-name</literal> and use + <literal>zfs unallow syncoid your-pool-name</literal> to clean + this up. + </para> + </listitem> + </itemizedlist> + </section> +</section> |