diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2111.section.md')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2111.section.md | 184 |
1 files changed, 180 insertions, 4 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md index 6bd552c873a..5e379ad6fd1 100644 --- a/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixos/doc/manual/release-notes/rl-2111.section.md @@ -1,9 +1,185 @@ -# Release 21.11 (“?”, 2021.11/??) {#release-21.11} +# Release 21.11 (“?”, 2021.11/??) {#sec-release-21.11} In addition to numerous new and upgraded packages, this release has the following highlights: -* Support is planned until the end of April 2022, handing over to 22.05. +- Support is planned until the end of June 2022, handing over to 22.05. -## Backward incompatibilities +## Highlights {#sec-release-21.11-highlights} -* The `staticjinja` package has been upgraded from 1.0.4 to 2.0.0 +- PHP now defaults to PHP 8.0, updated from 7.4. +- kOps now defaults to 1.21.0, which uses containerd as the default runtime. + +- `python3` now defaults to Python 3.9, updated from Python 3.8. + +- PostgreSQL now defaults to major version 13. + +## New Services {#sec-release-21.11-new-services} + +- [btrbk](https://digint.ch/btrbk/index.html), a backup tool for btrfs subvolumes, taking advantage of btrfs specific capabilities to create atomic snapshots and transfer them incrementally to your backup locations. Available as [services.btrbk](options.html#opt-services.brtbk.instances). + +- [clipcat](https://github.com/xrelkd/clipcat/), an X11 clipboard manager written in Rust. Available at [services.clipcat](options.html#o +pt-services.clipcat.enable). + +- [geoipupdate](https://github.com/maxmind/geoipupdate), a GeoIP database updater from MaxMind. Available as [services.geoipupdate](options.html#opt-services.geoipupdate.enable). + +- [Kea](https://www.isc.org/kea/), ISCs 2nd generation DHCP and DDNS server suite. Available at [services.kea](options.html#opt-services.kea). + +- [sourcehut](https://sr.ht), a collection of tools useful for software development. Available as [services.sourcehut](options.html#opt-services.sourcehut.enable). + +- [ucarp](https://download.pureftpd.org/pub/ucarp/README), an userspace implementation of the Common Address Redundancy Protocol (CARP). Available as [networking.ucarp](options.html#opt-networking.ucarp.enable). + +- Users of flashrom should migrate to [programs.flashrom.enable](options.html#opt-programs.flashrom.enable) and add themselves to the `flashrom` group to be able to access programmers supported by flashrom. + +- [vikunja](https://vikunja.io), a to-do list app. Available as [services.vikunja](#opt-services.vikunja.enable). + +- [snapraid](https://www.snapraid.it/), a backup program for disk arrays. + Available as [snapraid](#opt-snapraid.enable). + +- [Hockeypuck](https://github.com/hockeypuck/hockeypuck), a OpenPGP Key Server. Available as [services.hockeypuck](#opt-services.hockeypuck.enable). + +- [buildkite-agent-metrics](https://github.com/buildkite/buildkite-agent-metrics), a command-line tool for collecting Buildkite agent metrics, now has a Prometheus exporter available as [services.prometheus.exporters.buildkite-agent](#opt-services.prometheus.exporters.buildkite-agent.enable). + +## Backward Incompatibilities {#sec-release-21.11-incompatibilities} + +- The `staticjinja` package has been upgraded from 1.0.4 to 3.0.1 + +- `services.geoip-updater` was broken and has been replaced by [services.geoipupdate](options.html#opt-services.geoipupdate.enable). + +- PHP 7.3 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 21.11 release. + +- Those making use of `buildBazelPackage` will need to regenerate the fetch hashes (preferred), or set `fetchConfigured = false;`. + +- `consul` was upgraded to a new major release with breaking changes, see [upstream changelog](https://github.com/hashicorp/consul/releases/tag/v1.10.0). + +- fsharp41 has been removed in preference to use the latest dotnet-sdk + +- The following F#-related packages have been removed for being unmaintaned. Please use `fetchNuGet` for specific packages. + + - ExtCore + - Fake + - Fantomas + - FsCheck + - FsCheck262 + - FsCheckNunit + - FSharpAutoComplete + - FSharpCompilerCodeDom + - FSharpCompilerService + - FSharpCompilerTools + - FSharpCore302 + - FSharpCore3125 + - FSharpCore4001 + - FSharpCore4117 + - FSharpData + - FSharpData225 + - FSharpDataSQLProvider + - FSharpFormatting + - FsLexYacc + - FsLexYacc706 + - FsLexYaccRuntime + - FsPickler + - FsUnit + - Projekt + - Suave + - UnionArgParser + - ExcelDnaRegistration + - MathNetNumerics + +- `programs.x2goserver` is now `services.x2goserver` + +- The following dotnet-related packages have been removed for being unmaintaned. Please use `fetchNuGet` for specific packages. + - Autofac + - SystemValueTuple + - MicrosoftDiaSymReader + - MicrosoftDiaSymReaderPortablePdb + - SystemCollectionsImmutable + - SystemCollectionsImmutable131 + - SystemReflectionMetadata + - NUnit350 + - Deedle + - ExcelDna + - GitVersionTree + - NDeskOptions + +* The `antlr` package now defaults to the 4.x release instead of the + old 2.7.7 version. + +* The `pulseeffects` package updated to [version 4.x](https://github.com/wwmm/easyeffects/releases/tag/v6.0.0) and renamed to `easyeffects`. + +* The `libwnck` package now defaults to the 3.x release instead of the + old 2.31.0 version. + +* The `bitwarden_rs` packages and modules were renamed to `vaultwarden` + [following upstream](https://github.com/dani-garcia/vaultwarden/discussions/1642). More specifically, + + * `pkgs.bitwarden_rs`, `pkgs.bitwarden_rs-sqlite`, `pkgs.bitwarden_rs-mysql` and + `pkgs.bitwarden_rs-postgresql` were renamed to `pkgs.vaultwarden`, `pkgs.vaultwarden-sqlite`, + `pkgs.vaultwarden-mysql` and `pkgs.vaultwarden-postgresql`, respectively. + * Old names are preserved as aliases for backwards compatibility, but may be removed in the future. + * The `bitwarden_rs` executable was also renamed to `vaultwarden` in all packages. + + * `pkgs.bitwarden_rs-vault` was renamed to `pkgs.vaultwarden-vault`. + * `pkgs.bitwarden_rs-vault` is preserved as an alias for backwards compatibility, but may be removed in the future. + * The static files were moved from `/usr/share/bitwarden_rs` to `/usr/share/vaultwarden`. + + * The `services.bitwarden_rs` config module was renamed to `services.vaultwarden`. + * `services.bitwarden_rs` is preserved as an alias for backwards compatibility, but may be removed in the future. + + * `systemd.services.bitwarden_rs`, `systemd.services.backup-bitwarden_rs` and `systemd.timers.backup-bitwarden_rs` + were renamed to `systemd.services.vaultwarden`, `systemd.services.backup-vaultwarden` and + `systemd.timers.backup-vaultwarden`, respectively. + * Old names are preserved as aliases for backwards compatibility, but may be removed in the future. + + * `users.users.bitwarden_rs` and `users.groups.bitwarden_rs` were renamed to `users.users.vaultwarden` and + `users.groups.vaultwarden`, respectively. + + * The data directory remains located at `/var/lib/bitwarden_rs`, for backwards compatibility. + +- `yggdrasil` was upgraded to a new major release with breaking changes, see [upstream changelog](https://github.com/yggdrasil-network/yggdrasil-go/releases/tag/v0.4.0). + +- `icingaweb2` was upgraded to a new release which requires a manual database upgrade, see [upstream changelog](https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0). + +- The `isabelle` package has been upgraded from 2020 to 2021 + +- the `mingw-64` package has been upgraded from 6.0.0 to 9.0.0 + +## Other Notable Changes {#sec-release-21.11-notable-changes} + +- The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets. + + However, if [`services.fail2ban.enable`](options.html#opt-services.fail2ban.enable) is `true`, the `fail2ban` will override the verbosity to `"VERBOSE"`, so that `fail2ban` can observe the failed login attempts from the SSH logs. + +- Sway: The terminal emulator `rxvt-unicode` is no longer installed by default via `programs.sway.extraPackages`. The current default configuration uses `alacritty` (and soon `foot`) so this is only an issue when using a customized configuration and not installing `rxvt-unicode` explicitly. + +- `python3` now defaults to Python 3.9. Python 3.9 introduces many deprecation warnings, please look at the [What's New In Python 3.9 post](https://docs.python.org/3/whatsnew/3.9.html) for more information. + +- The `claws-mail` package now references the new GTK+ 3 release branch, major version 4. To use the GTK+ 2 releases, one can install the `claws-mail-gtk2` package. + +- The wordpress module provides a new interface which allows to use different webservers with the new option [`services.wordpress.webserver`](options.html#opt-services.wordpress.webserver). Currently `httpd` and `nginx` are supported. The definitions of wordpress sites should now be set in [`services.wordpress.sites`](options.html#opt-services.wordpress.sites). + + Sites definitions that use the old interface are automatically migrated in the new option. This backward compatibility will be removed in 22.05. + +- The order of NSS (host) modules has been brought in line with upstream + recommendations: + + - The `myhostname` module is placed before the `resolve` (optional) and `dns` + entries, but after `file` (to allow overriding via `/etc/hosts` / + `networking.extraHosts`, and prevent ISPs with catchall-DNS resolvers from + hijacking `.localhost` domains) + - The `mymachines` module, which provides hostname resolution for local + containers (registered with `systemd-machined`) is placed to the front, to + make sure its mappings are preferred over other resolvers. + - If systemd-networkd is enabled, the `resolve` module is placed before + `files` and `myhostname`, as it provides the same logic internally, with + caching. + - The `mdns(_minimal)` module has been updated to the new priorities. + + If you use your own NSS host modules, make sure to update your priorities + according to these rules: + + - NSS modules which should be queried before `resolved` DNS resolution should + use mkBefore. + - NSS modules which should be queried after `resolved`, `files` and + `myhostname`, but before `dns` should use the default priority + - NSS modules which should come after `dns` should use mkAfter. + +- The [networking.wireless.iwd](options.html#opt-networking.wireless.iwd.enable) module has a new [networking.wireless.iwd.settings](options.html#opt-networking.wireless.iwd.settings) option. |