mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-02-09 21:53:24 +00:00
1838 lines
75 KiB
XML
1838 lines
75 KiB
XML
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-22.11">
|
||
<title>Release 22.11 (“Raccoon”, 2022.11/30)</title>
|
||
<para>
|
||
The NixOS release team is happy to announce a new version of NixOS
|
||
22.11. NixOS is both a Linux distribution, and a set of packages
|
||
usable on other Linux systems and macOS.
|
||
</para>
|
||
<para>
|
||
This release is supported until the end of June 2023, handing over
|
||
to NixOS 23.05.
|
||
</para>
|
||
<para>
|
||
To upgrade to the latest release follow the
|
||
<link linkend="sec-upgrading">upgrade chapter</link>.
|
||
</para>
|
||
<section xml:id="sec-release-22.11-highlights">
|
||
<title>Highlights</title>
|
||
<para>
|
||
In addition to numerous new and upgraded packages, this release
|
||
includes the following highlights:
|
||
</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
Software that uses the <literal>crypt</literal> password
|
||
hashing API is now using the implementation provided by
|
||
<link xlink:href="https://github.com/besser82/libxcrypt"><literal>libxcrypt</literal></link>
|
||
instead of glibc’s, which enables support for more secure
|
||
algorithms.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Support for algorithms that <literal>libxcrypt</literal>
|
||
<link xlink:href="https://github.com/besser82/libxcrypt/blob/v4.4.28/lib/hashes.conf#L41">does
|
||
not consider strong</link> are
|
||
<emphasis role="strong">deprecated</emphasis> as of this
|
||
release, and will be removed in NixOS 23.05.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
This includes system login passwords. Given this, we
|
||
<emphasis role="strong">strongly encourage</emphasis> all
|
||
users to update their system passwords, as you will be
|
||
unable to login if password hashes are not migrated by the
|
||
time their support is removed.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
When using
|
||
<literal>users.users.<name>.hashedPassword</literal>
|
||
to configure user passwords, run
|
||
<literal>mkpasswd</literal>, and use the yescrypt hash
|
||
that is provided as the new value.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
On the other hand, for interactively configured user
|
||
passwords, simply re-set the passwords for all users
|
||
with <literal>passwd</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
This release introduces warnings for the use of
|
||
deprecated hash algorithms for both methods of
|
||
configuring passwords. To make sure you migrated
|
||
correctly, run
|
||
<literal>nixos-rebuild switch</literal>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The NixOS documentation is now generated from markdown. While
|
||
docbook is still part of the documentation build process, it’s
|
||
a big step towards the full migration.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>aarch64-linux</literal> is now included in the
|
||
<literal>nixos-22.11</literal> and
|
||
<literal>nixos-22.11-small</literal> channels. This means that
|
||
when those channel update, both
|
||
<literal>x86_64-linux</literal> and
|
||
<literal>aarch64-linux</literal> will be available in the
|
||
binary cache.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>aarch64-linux</literal> ISOs are now available on the
|
||
<link xlink:href="https://nixos.org/download.html">downloads
|
||
page</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>nsncd</literal> is now available as a replacement of
|
||
<literal>nscd</literal>.
|
||
</para>
|
||
<para>
|
||
<literal>nscd</literal> is responsible for resolving
|
||
hostnames, users and more in NixOS and has been a long
|
||
standing source of bugs, such as sporadic network freezes.
|
||
</para>
|
||
<para>
|
||
More context in this
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/135888">issue</link>.
|
||
</para>
|
||
<para>
|
||
Help us test the new implementation by setting
|
||
<literal>services.nscd.enableNsncd</literal> to
|
||
<literal>true</literal>.
|
||
</para>
|
||
<para>
|
||
We plan to use <literal>nsncd</literal> by default in NixOS
|
||
23.05.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Linode cloud images are now supported by importing
|
||
<literal>${modulesPath}/virtualisation/linode-image.nix</literal>
|
||
and accessing <literal>system.build.linodeImage</literal> on
|
||
the output.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>hardware.nvidia</literal> has a new option,
|
||
<literal>hardware.nvidia.open</literal>, that can be used to
|
||
enable the usage of NVIDIA’s open-source kernel driver. Note
|
||
that the driver’s support for GeForce and Workstation GPUs is
|
||
still alpha quality, see
|
||
<link xlink:href="https://developer.nvidia.com/blog/nvidia-releases-open-source-gpu-kernel-modules/">the
|
||
release announcement</link> for more information.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>emacs</literal> package now makes use of native
|
||
compilation which means:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
Emacs packages from Nixpkgs, builtin or not, will do
|
||
native compilation ahead of time so you can enjoy the
|
||
benefit of native compilation without compiling them on
|
||
you machine;
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Emacs packages from somewhere else, e.g.
|
||
<literal>package-install</literal>, will perform
|
||
asynchronously deferred native compilation. If you do not
|
||
want this, maybe to avoid CPU consumption for compilation,
|
||
you can use
|
||
<literal>(setq native-comp-deferred-compilation nil)</literal>
|
||
to disable it while still benefiting from native
|
||
compilation for packages from Nixpkgs.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-22.11-internal">
|
||
<title>Internal changes</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
Haskell <literal>ghcWithPackages</literal> is now up to 15
|
||
times faster to evaluate, thanks to changing
|
||
<literal>lib.closePropagation</literal> from a quadratic to
|
||
linear complexity. Please see backward incompatibilities notes
|
||
below.
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/194391">https://github.com/NixOS/nixpkgs/pull/194391</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
For cross-compilation targets that can also run on the
|
||
building machine, we now run tests. This, for example, is the
|
||
case for the <literal>pkgsStatic</literal> and
|
||
<literal>pkgsLLVM</literal> package sets or i686 packages on
|
||
<literal>x86_64</literal> machines.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
To simplify cross-compilation in NixOS, this release
|
||
introduces the <literal>nixpkgs.hostPlatform</literal> and
|
||
<literal>nixpkgs.buildPlatform</literal> options. These cover
|
||
and override the
|
||
<literal>nixpkgs.{system,localSystem,crossSystem}</literal>
|
||
options.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<literal>hostPlatform</literal> is the platform or
|
||
<quote><literal>system</literal></quote> string of the
|
||
NixOS system described by the configuration.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>buildPlatform</literal> is the platform that is
|
||
responsible for building the NixOS configuration. It
|
||
defaults to the <literal>hostPlatform</literal>, for a
|
||
non-cross build configuration. To cross compile, set
|
||
<literal>buildPlatform</literal> to a different value.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<para>
|
||
The new options convey the same information, but with fewer
|
||
options, and following the Nixpkgs terminology.
|
||
</para>
|
||
<para>
|
||
The existing options
|
||
<literal>nixpkgs.{system,localSystem,crossSystem}</literal>
|
||
have not been formally deprecated, to allow for evaluation of
|
||
the change and to allow for a transition period so that in
|
||
time the ecosystem can switch without breaking compatibility
|
||
with any supported NixOS release.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-22.11-version-updates">
|
||
<title>Notable version updates</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
Nix has been upgraded from v2.8.1 to v2.11.0. For more
|
||
information, please see the release notes for
|
||
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.9.html">2.9</link>,
|
||
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.10.html">2.10</link>
|
||
and
|
||
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.11.html">2.11</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
OpenSSL now defaults to OpenSSL 3, updated from 1.1.1.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
GNOME has been upgraded to version 43. Please see the
|
||
<link xlink:href="https://release.gnome.org/43/">release
|
||
notes</link> for details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
KDE Plasma has been upgraded from v5.24 to v5.26. Please see
|
||
the release notes for
|
||
<link xlink:href="https://kde.org/announcements/plasma/5/5.25.0/">v5.25</link>
|
||
and
|
||
<link xlink:href="https://kde.org/announcements/plasma/5/5.26.0/">v5.26</link>
|
||
for more details on the included changes.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Cinnamon has been updated to 5.4, and the Cinnamon module now
|
||
defaults to Blueman as the Bluetooth manager and slick-greeter
|
||
as the LightDM greeter, to match upstream.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
PHP now defaults to PHP 8.1, updated from 8.0.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Perl has been updated to 5.36, and its core module
|
||
<literal>HTTP::Tiny</literal> was patched to verify SSL/TLS
|
||
certificates by default.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Python now defaults to 3.10, updated from 3.9.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-22.11-incompatibilities">
|
||
<title>Backward Incompatibilities</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
Nixpkgs now requires Nix 2.3 or newer.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>isCompatible</literal> predicate checking CPU
|
||
compatibility is no longer exposed by the platform sets
|
||
generated using <literal>lib.systems.elaborate</literal>. In
|
||
most cases you will want to use the new
|
||
<literal>canExecute</literal> predicate instead which also
|
||
considers the kernel / syscall interface. It is briefly
|
||
described in the release’s
|
||
<link linkend="sec-release-22.11-highlights">highlights
|
||
section</link>.
|
||
<literal>lib.systems.parse.isCompatible</literal> still
|
||
exists, but has changed semantically: Architectures with
|
||
differing endianness modes are <emphasis>no longer considered
|
||
compatible</emphasis>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>ngrok</literal> has been upgraded from 2.3.40 to
|
||
3.0.4. Please see
|
||
<link xlink:href="https://ngrok.com/docs/guides/upgrade-v2-v3">the
|
||
upgrade guide</link> and
|
||
<link xlink:href="https://ngrok.com/docs/ngrok-agent/changelog">changelog</link>.
|
||
Notably, breaking changes are that the config file format has
|
||
changed and support for single hyphen arguments was dropped.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>i18n.supportedLocales</literal> is now only generated
|
||
with the locales set in <literal>i18n.defaultLocale</literal>
|
||
and <literal>i18n.extraLocaleSettings</literal>.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
This reduces the final system closure size by up to 200MB.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
If you require all locales installed, set the option to
|
||
<literal>[ "all" ]</literal>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Deprecated settings <literal>logrotate.paths</literal> and
|
||
<literal>logrotate.extraConfig</literal> have been removed.
|
||
Please convert any uses to
|
||
<link linkend="opt-services.logrotate.settings">services.logrotate.settings</link>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>isPowerPC</literal> predicate, found on
|
||
<literal>platform</literal> attrsets
|
||
(<literal>hostPlatform</literal>,
|
||
<literal>buildPlatform</literal>,
|
||
<literal>targetPlatform</literal>, etc) has been removed in
|
||
order to reduce confusion. The predicate was was defined such
|
||
that it matches only the 32-bit big-endian members of the
|
||
POWER/PowerPC family, despite having a name which would imply
|
||
a broader set of systems. If you were using this predicate,
|
||
you can replace <literal>foo.isPowerPC</literal> with
|
||
<literal>(with foo; isPower && is32bit && isBigEndian)</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>fetchgit</literal> fetcher now uses
|
||
<link xlink:href="https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling">cone
|
||
mode</link> by default for sparse checkouts.
|
||
<link xlink:href="https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems">Non-cone
|
||
mode</link> can be enabled by passing
|
||
<literal>nonConeMode = true</literal>, but note that non-cone
|
||
mode is deprecated and this option may be removed alongside a
|
||
future Git update without notice.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>fetchgit</literal> fetcher supports sparse
|
||
checkouts via the <literal>sparseCheckout</literal> option.
|
||
This used to accept a multi-line string with
|
||
directories/patterns to check out, but now requires a list of
|
||
strings.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>openssh</literal> was updated to version 9.1,
|
||
disabling the generation of DSA keys when using
|
||
<literal>ssh-keygen -A</literal> as they are insecure. Also,
|
||
<literal>SetEnv</literal> directives in
|
||
<literal>ssh_config</literal> and
|
||
<literal>sshd_config</literal> are now first-match-wins.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>bsp-layout</literal> no longer uses the command
|
||
<literal>cycle</literal> to switch to other window layouts, as
|
||
it got replaced by the commands <literal>previous</literal>
|
||
and <literal>next</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Barco ClickShare driver/client package
|
||
<literal>pkgs.clickshare-csc1</literal> and the option
|
||
<literal>programs.clickshare-csc1.enable</literal> have been
|
||
removed, as it requires <literal>qt4</literal>, which reached
|
||
its end-of-life 2015 and will no longer be supported by
|
||
nixpkgs.
|
||
<link xlink:href="https://www.barco.com/de/support/knowledge-base/4380-can-i-use-linux-os-with-clickshare-base-units">According
|
||
to Barco</link> many of their base unit models can be used
|
||
with Google Chrome and the Google Cast extension.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>services.hbase</literal> has been renamed to
|
||
<literal>services.hbase-standalone</literal>. For production
|
||
HBase clusters, use <literal>services.hadoop.hbase</literal>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>p4</literal> package now only includes the
|
||
open-source Perforce Helix Core command-line client and APIs.
|
||
It no longer installs the unfree Helix Core Server binaries
|
||
<literal>p4d</literal>, <literal>p4broker</literal>, and
|
||
<literal>p4p</literal>. To install the Helix Core Server
|
||
binaries, use the <literal>p4d</literal> package instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The OpenSSL extension for the PHP interpreter used by
|
||
Nextcloud is built against OpenSSL 1.1 if
|
||
<xref linkend="opt-system.stateVersion" /> is below
|
||
<literal>22.11</literal>. This is to make sure that people
|
||
using
|
||
<link xlink:href="https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html">server-side
|
||
encryption</link> don’t lose access to their files.
|
||
</para>
|
||
<para>
|
||
In any other case, it’s safe to use OpenSSL 3 for PHP’s
|
||
OpenSSL extension. This can be done by setting
|
||
<xref linkend="opt-services.nextcloud.enableBrokenCiphersForSSE" />
|
||
to <literal>false</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>coq</literal> package and versioned variants
|
||
starting at <literal>coq_8_14</literal> no longer include
|
||
CoqIDE, which is now available through
|
||
<literal>coqPackages.coqide</literal>. It is still possible to
|
||
get CoqIDE as part of the <literal>coq</literal> package by
|
||
overriding the <literal>buildIde</literal> argument of the
|
||
derivation.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
PHP 7.4 is no longer supported due to upstream not supporting
|
||
this version for the entire lifecycle of the 22.11 release.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The ipfs package and module were renamed to kubo. The kubo
|
||
module now uses an RFC42-style <literal>settings</literal>
|
||
option instead of <literal>extraConfig</literal> and the
|
||
<literal>gatewayAddress</literal>,
|
||
<literal>apiAddress</literal> and
|
||
<literal>swarmAddress</literal> options were renamed. Using
|
||
the old names will print a warning but still work.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>pkgs.cosign</literal> does not provide the
|
||
<literal>cosigned</literal> binary anymore. The
|
||
<literal>sget</literal> binary has been moved into its own
|
||
package.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Emacs now uses the Lucid toolkit by default instead of GTK
|
||
because of stability and compatibility issues. Users who still
|
||
wish to remain using GTK can do so by using
|
||
<literal>emacs-gtk</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>kanidm</literal> has been updated to 1.1.0-alpha.10
|
||
and now requires a TLS certificate and key. It will always
|
||
start <literal>https</literal> and-–-if enabled-–-an LDAPS
|
||
server and no HTTP and LDAP server anymore.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
riak package removed along with
|
||
<literal>services.riak</literal> module, due to lack of
|
||
maintainer to update the package.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
ppd files in <literal>pkgs.cups-drv-rastertosag-gdi</literal>
|
||
are now gzipped. If you refer to such a ppd file with its path
|
||
(e.g. via
|
||
<link xlink:href="options.html#opt-hardware.printers.ensurePrinters">hardware.printers.ensurePrinters</link>)
|
||
you will need to append <literal>.gz</literal> to the path.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
xow package removed along with the
|
||
<literal>hardware.xow</literal> module, due to the project
|
||
being deprecated in favor of <literal>xone</literal>, which is
|
||
available via the <literal>hardware.xone</literal> module.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
dd-agent package removed along with the
|
||
<literal>services.dd-agent</literal> module, due to the
|
||
project being deprecated in favor of
|
||
<literal>datadog-agent</literal>, which is available via the
|
||
<literal>services.datadog-agent</literal> module.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>teleport</literal> has been upgraded to major version
|
||
10. Please see upstream
|
||
<link xlink:href="https://goteleport.com/docs/ver/10.0/management/operations/upgrading/">upgrade
|
||
instructions</link> and
|
||
<link xlink:href="https://goteleport.com/docs/ver/10.0/changelog/#1000">release
|
||
notes</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>lib.closePropagation</literal> now needs that all
|
||
gathered sets have an <literal>outPath</literal> attribute.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
lemmy module option
|
||
<literal>services.lemmy.settings.database.createLocally</literal>
|
||
moved to
|
||
<literal>services.lemmy.database.createLocally</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
virtlyst package and <literal>services.virtlyst</literal>
|
||
module removed, due to lack of maintainers.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>nix.checkConfig</literal> option now fully
|
||
disables the config check. The new
|
||
<literal>nix.checkAllErrors</literal> option behaves like
|
||
<literal>nix.checkConfig</literal> previously did.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>generateOptparseApplicativeCompletions</literal> and
|
||
<literal>generateOptparseApplicativeCompletion</literal> from
|
||
<literal>haskell.lib.compose</literal> (and
|
||
<literal>haskell.lib</literal>) have been deprecated in favor
|
||
of <literal>generateOptparseApplicativeCompletions</literal>
|
||
(plural!) as provided by the haskell package sets (so
|
||
<literal>haskellPackages.generateOptparseApplicativeCompletions</literal>
|
||
etc.). The latter allows for cross-compilation (by
|
||
automatically disabling generation of completion in the cross
|
||
case). For it to work properly you need to make sure that the
|
||
function comes from the same context as the package you are
|
||
trying to override, i.e. always use the same package set as
|
||
your package is coming from or – even better – use
|
||
<literal>self.generateOptparseApplicativeCompletions</literal>
|
||
if you are overriding a haskell package set. The old functions
|
||
are retained for backwards compatibility, but yield are
|
||
warning.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>services.graphite.api</literal> and
|
||
<literal>services.graphite.beacon</literal> NixOS options, and
|
||
the <literal>python3.pkgs.graphite_api</literal>,
|
||
<literal>python3.pkgs.graphite_beacon</literal> and
|
||
<literal>python3.pkgs.influxgraph</literal> packages, have
|
||
been removed due to lack of upstream maintenance.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>trace</literal> binary from
|
||
<literal>perf-linux</literal> package has been removed, due to
|
||
being a duplicate of the <literal>perf</literal> binary.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>aws</literal> package has been removed due to
|
||
being abandoned by the upstream. It is recommended to use
|
||
<literal>awscli</literal> or <literal>awscli2</literal>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<link xlink:href="https://ce-programming.github.io/CEmu">CEmu
|
||
TI-84 Plus CE emulator</link> package has been renamed to
|
||
<literal>cemu-ti</literal>. The
|
||
<link xlink:href="https://cemu.info">Cemu Wii U
|
||
emulator</link> is now packaged as <literal>cemu</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>systemd-networkd</literal> v250 deprecated, renamed,
|
||
and moved some sections and settings which leads to the
|
||
following breaking module changes:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<literal>systemd.network.networks.<name>.dhcpV6PrefixDelegationConfig</literal>
|
||
is renamed to
|
||
<literal>systemd.network.networks.<name>.dhcpPrefixDelegationConfig</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>systemd.network.networks.<name>.dhcpV6Config</literal>
|
||
no longer accepts the
|
||
<literal>ForceDHCPv6PDOtherInformation=</literal> setting.
|
||
Please use the <literal>WithoutRA=</literal> and
|
||
<literal>UseDelegatedPrefix=</literal> settings in your
|
||
<literal>systemd.network.networks.<name>.dhcpV6Config</literal>
|
||
and the <literal>DHCPv6Client=</literal> setting in your
|
||
<literal>systemd.network.networks.<name>.ipv6AcceptRAConfig</literal>
|
||
to control when the DHCPv6 client is started and how the
|
||
delegated prefixes are handled by the DHCPv6 client.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>systemd.network.networks.<name>.networkConfig</literal>
|
||
no longer accepts the <literal>IPv6Token=</literal>
|
||
setting. Use the <literal>Token=</literal> setting in your
|
||
<literal>systemd.network.networks.<name>.ipv6AcceptRAConfig</literal>
|
||
instead. The
|
||
<literal>systemd.network.networks.<name>.ipv6Prefixes.*.ipv6PrefixConfig</literal>
|
||
now also accepts the <literal>Token=</literal> setting.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>arangodb</literal> versions 3.3, 3.4, and 3.5 have
|
||
been removed because they are at EOL upstream. The default is
|
||
now 3.10.0. Support for aarch64-linux has been removed since
|
||
the target cannot be built reproducibly. By default
|
||
<literal>arangodb</literal> is now built for the
|
||
<literal>haswell</literal> architecture. If you wish to build
|
||
for a different architecture, you may override the
|
||
<literal>targetArchitecture</literal> argument with a value
|
||
from
|
||
<link xlink:href="https://github.com/arangodb/arangodb/blob/207ec6937e41a46e10aea34953879341f0606841/cmake/OptimizeForArchitecture.cmake#L594">this
|
||
list supported upstream</link>. Some architecture specific
|
||
optimizations are also conditionally enabled. You may alter
|
||
this behavior by overriding the
|
||
<literal>asmOptimizations</literal> parameter. You may also
|
||
add additional architecture support by adding more
|
||
<literal>-DHAS_XYZ</literal> flags to
|
||
<literal>cmakeFlags</literal> via
|
||
<literal>overrideAttrs</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>meta.mainProgram</literal> attribute of packages
|
||
in <literal>wineWowPackages</literal> now defaults to
|
||
<literal>"wine64"</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>paperless</literal> module now defaults
|
||
<literal>PAPERLESS_TIME_ZONE</literal> to your configured
|
||
system timezone.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The top-level <literal>termonad-with-packages</literal> alias
|
||
for <literal>termonad</literal> has been removed.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Linux 4.9 has been removed because it will reach its end of
|
||
life within the lifespan of 22.11.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
(Neo)Vim can not be configured with
|
||
<literal>configure.pathogen</literal> anymore to reduce
|
||
maintainance burden. Use <literal>configure.packages</literal>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Neovim can not be configured with plug anymore (still works
|
||
for vim).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>adguardhome</literal> module no longer uses
|
||
<literal>host</literal> and <literal>port</literal> options,
|
||
use <literal>settings.bind_host</literal> and
|
||
<literal>settings.bind_port</literal> instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The default <literal>kops</literal> version is now 1.25.1 and
|
||
support for 1.22 and older has been dropped.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>zrepl</literal> package has been updated from
|
||
0.5.0 to 0.6.0. See the
|
||
<link xlink:href="https://zrepl.github.io/changelog.html">changelog</link>
|
||
for details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>k3s</literal> no longer supports Docker as runtime
|
||
due to upstream dropping support.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>cassandra_2_1</literal> and
|
||
<literal>cassandra_2_2</literal> have been removed. Please
|
||
update to <literal>cassandra_3_11</literal> or
|
||
<literal>cassandra_3_0</literal>. See the
|
||
<link xlink:href="https://github.com/apache/cassandra/blob/cassandra-3.11.14/NEWS.txt">changelog</link>
|
||
for more information about the upgrade process.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>mysql57</literal> has been removed. Please update to
|
||
<literal>mysql80</literal> or <literal>mariadb</literal>. See
|
||
the
|
||
<link xlink:href="https://mariadb.com/kb/en/upgrading-from-mysql-to-mariadb/">upgrade
|
||
guide</link> for more information.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Consequently, <literal>cqrlog</literal> and
|
||
<literal>amorok</literal> now use <literal>mariadb</literal>
|
||
instead of <literal>mysql57</literal> for their embedded
|
||
databases. Running <literal>mysql_upgrade</literal> may be
|
||
neccesary.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>k3s</literal> supports <literal>clusterInit</literal>
|
||
option, and it is enabled by default, for servers.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>percona-server56</literal> has been removed. Please
|
||
migrate to <literal>mysql</literal> or
|
||
<literal>mariadb</literal> if possible.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>obs-studio</literal> hase been updated to version 28.
|
||
If you have packaged custom plugins, check if they are
|
||
compatible. <literal>obs-websocket</literal> has been
|
||
integrated into <literal>obs-studio</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>signald</literal> has been bumped to
|
||
<literal>0.23.0</literal>. For the upgrade, a migration
|
||
process is necessary. It can be done by running a command like
|
||
this before starting <literal>signald.service</literal>:
|
||
</para>
|
||
<programlisting>
|
||
signald -d /var/lib/signald/db \
|
||
--database sqlite:/var/lib/signald/db \
|
||
--migrate-data
|
||
</programlisting>
|
||
<para>
|
||
For further information, please read the upstream changelogs.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>stylua</literal> no longer accepts
|
||
<literal>lua52Support</literal> and
|
||
<literal>luauSupport</literal> overrides. Use
|
||
<literal>features</literal> instead, which defaults to
|
||
<literal>[ "lua54" "luau" ]</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>ocamlPackages.ocaml_extlib</literal> has been renamed
|
||
to <literal>ocamlPackages.extlib</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>pkgs.fetchNextcloudApp</literal> has been rewritten
|
||
to circumvent impurities in e.g. tarballs from GitHub and to
|
||
make it easier to apply patches. This means that your hashes
|
||
are out-of-date and the (previously required) attributes
|
||
<literal>name</literal> and <literal>version</literal> are no
|
||
longer accepted.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Syncthing service now only allows absolute paths—starting
|
||
with <literal>/</literal> or <literal>~/</literal>—for
|
||
<literal>services.syncthing.folders.<name>.path</literal>.
|
||
In a future release other paths will be allowed again and
|
||
interpreted relative to
|
||
<literal>services.syncthing.dataDir</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>services.github-runner</literal> and
|
||
<literal>services.github-runners.<name></literal> gained
|
||
the option <literal>serviceOverrides</literal> which allows
|
||
overriding the systemd <literal>serviceConfig</literal>. If
|
||
you have been overriding the systemd service configuration
|
||
(i.e., by defining
|
||
<literal>systemd.services.github-runner.serviceConfig</literal>),
|
||
you have to use the <literal>serviceOverrides</literal> option
|
||
now. Example:
|
||
</para>
|
||
<programlisting>
|
||
services.github-runner.serviceOverrides.SupplementaryGroups = [
|
||
"docker"
|
||
];
|
||
</programlisting>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-22.11-notable-changes">
|
||
<title>Other Notable Changes</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
PHP is now built in <literal>NTS</literal> (Non-Thread Safe)
|
||
mode by default.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
For Apache and <literal>mod_php</literal> usage, we enable
|
||
<literal>ZTS</literal> (Zend Thread Safe) mode. This has
|
||
been a common practice for a long time in other
|
||
distributions.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>firefox</literal>, <literal>thunderbird</literal> and
|
||
<literal>librewolf</literal> now come with Wayland support by
|
||
default. The <literal>firefox-wayland</literal>,
|
||
<literal>firefox-esr-wayland</literal>,
|
||
<literal>thunderbird-wayland</literal> and
|
||
<literal>librewolf-wayland</literal> attributes are obsolete
|
||
and have been aliased to their generic attribute.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>xplr</literal> package has been updated from
|
||
0.18.0 to 0.19.0, which brings some breaking changes. See the
|
||
<link xlink:href="https://github.com/sayanarijit/xplr/releases/tag/v0.19.0">upstream
|
||
release notes</link> for more details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Configuring multiple GitHub runners is now possible through
|
||
<literal>services.github-runners.<name></literal>. The
|
||
options under <literal>services.github-runner</literal>
|
||
remain, to configure a single runner.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>github-runner</literal> gained support for ephemeral
|
||
runners and registrations using a personal access token (PAT)
|
||
instead of a registration token. See
|
||
<literal>services.github-runner.ephemeral</literal> and
|
||
<literal>services.github-runner.tokenFile</literal> for
|
||
details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
A new module was added to provide hardware support for the
|
||
Saleae Logic device family, providing the options
|
||
<literal>hardware.saleae-logic.enable</literal> and
|
||
<literal>hardware.saleae-logic.package</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
ZFS module will no longer allow hibernation by default.
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
This is a safety measure to prevent data loss cases like
|
||
the ones described at
|
||
<link xlink:href="https://github.com/openzfs/zfs/issues/260">OpenZFS/260</link>
|
||
and
|
||
<link xlink:href="https://github.com/openzfs/zfs/issues/12842">OpenZFS/12842</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Use the <literal>boot.zfs.allowHibernation</literal>
|
||
option to configure this behaviour.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Mastodon now automatically removes remote media attachments
|
||
older than 30 days. This is configurable through
|
||
<literal>services.mastodon.mediaAutoRemove</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Redis module now disables RDB persistence when
|
||
<literal>services.redis.servers.<name>.save = []</literal>
|
||
instead of using the Redis default.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Neo4j was updated from version 3 to version 4. See upstream’s
|
||
<link xlink:href="https://neo4j.com/docs/upgrade-migration-guide/current/">migration
|
||
guide</link> for information on how to migrate your instance.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>networking.wireguard</literal> module now can set
|
||
the mtu on interfaces and tag its packets with an fwmark.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The option <literal>overrideStrategy</literal> was added to
|
||
the different systemd unit options
|
||
(<literal>systemd.services.<name></literal>,
|
||
<literal>systemd.sockets.<name></literal>, …) to allow
|
||
enforcing the creation of a dropin file, rather than the main
|
||
unit file, by setting it to <literal>asDropin</literal>. This
|
||
is useful in cases where the existence of the main unit file
|
||
is not known to Nix at evaluation time, for example when the
|
||
main unit file is provided by adding a package to
|
||
<literal>systemd.packages</literal>. See the fix proposed in
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/135557#issuecomment-1295392470">NixOS’s
|
||
systemd abstraction doesn’t work with systemd template
|
||
units</link> for an example.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>polymc</literal> package has been removed due to
|
||
a rogue maintainer. It has been replaced by
|
||
<literal>prismlauncher</literal>, a fork by the rest of the
|
||
maintainers. For more details, see
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/196624">the
|
||
PR that made this change</link> and
|
||
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/196460">the
|
||
issue detailing the vulnerability</link>. Users with existing
|
||
installations should rename
|
||
<literal>~/.local/share/polymc</literal> to
|
||
<literal>~/.local/share/PrismLauncher</literal>. The main
|
||
config file’s path has also moved from
|
||
<literal>~/.local/share/polymc/polymc.cfg</literal> to
|
||
<literal>~/.local/share/PrismLauncher/prismlauncher.cfg</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>bloat</literal> package has been updated from
|
||
unstable-2022-03-31 to unstable-2022-10-25, which brings a
|
||
breaking change. See
|
||
<link xlink:href="https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73">this
|
||
upstream commit message</link> for details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Synapse’s systemd unit has been hardened.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The module <literal>services.grafana</literal> was refactored
|
||
to be compliant with
|
||
<link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
|
||
0042</link>. To be precise, this means that the following
|
||
things have changed:
|
||
</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
The newly introduced option
|
||
<xref linkend="opt-services.grafana.settings" /> is an
|
||
attribute-set that will be converted into Grafana’s INI
|
||
format. This means that the configuration from
|
||
<link xlink:href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/">Grafana’s
|
||
configuration reference</link> can be directly written as
|
||
attribute-set in Nix within this option.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The option
|
||
<literal>services.grafana.extraOptions</literal> has been
|
||
removed. This option was an association of environment
|
||
variables for Grafana. If you had an expression like
|
||
</para>
|
||
<programlisting language="bash">
|
||
{
|
||
services.grafana.extraOptions.SECURITY_ADMIN_USER = "foobar";
|
||
}
|
||
</programlisting>
|
||
<para>
|
||
your Grafana instance was running with
|
||
<literal>GF_SECURITY_ADMIN_USER=foobar</literal> in its
|
||
environment.
|
||
</para>
|
||
<para>
|
||
For the migration, it is recommended to turn it into the
|
||
INI format, i.e. to declare
|
||
</para>
|
||
<programlisting language="bash">
|
||
{
|
||
services.grafana.settings.security.admin_user = "foobar";
|
||
}
|
||
</programlisting>
|
||
<para>
|
||
instead.
|
||
</para>
|
||
<para>
|
||
The keys in
|
||
<literal>services.grafana.extraOptions</literal> have the
|
||
format
|
||
<literal><INI section name>_<Key Name></literal>.
|
||
Further details are outlined in the
|
||
<link xlink:href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#override-configuration-with-environment-variables">configuration
|
||
reference</link>.
|
||
</para>
|
||
<para>
|
||
Alternatively you can also set all your values from
|
||
<literal>extraOptions</literal> to
|
||
<literal>systemd.services.grafana.environment</literal>,
|
||
make sure you don’t forget to add the
|
||
<literal>GF_</literal> prefix though!
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Previously, the options
|
||
<xref linkend="opt-services.grafana.provision.datasources" />
|
||
and
|
||
<xref linkend="opt-services.grafana.provision.dashboards" />
|
||
expected lists of datasources or dashboards for the
|
||
<link xlink:href="https://grafana.com/docs/grafana/latest/administration/provisioning/">declarative
|
||
provisioning</link>.
|
||
</para>
|
||
<para>
|
||
To declare lists of
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
<emphasis role="strong">datasources</emphasis>, please
|
||
rename your declarations to
|
||
<xref linkend="opt-services.grafana.provision.datasources.settings.datasources" />.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<emphasis role="strong">dashboards</emphasis>, please
|
||
rename your declarations to
|
||
<xref linkend="opt-services.grafana.provision.dashboards.settings.providers" />.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<para>
|
||
This change was made to support more features for that:
|
||
</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
It’s possible to declare the
|
||
<literal>apiVersion</literal> of your dashboards and
|
||
datasources by
|
||
<xref linkend="opt-services.grafana.provision.datasources.settings.apiVersion" />
|
||
(or
|
||
<xref linkend="opt-services.grafana.provision.dashboards.settings.apiVersion" />).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Instead of declaring datasources and dashboards in
|
||
pure Nix, it’s also possible to specify configuration
|
||
files (or directories) with YAML instead using
|
||
<xref linkend="opt-services.grafana.provision.datasources.path" />
|
||
(or
|
||
<xref linkend="opt-services.grafana.provision.dashboards.path" />.
|
||
This is useful when having provisioning files from
|
||
non-NixOS Grafana instances that you also want to
|
||
deploy to NixOS.
|
||
</para>
|
||
<para>
|
||
<emphasis role="strong">Note:</emphasis> secrets from
|
||
these files will be leaked into the store unless you
|
||
use a
|
||
<link xlink:href="https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#file-provider"><emphasis role="strong">file</emphasis>-provider
|
||
or env-var</link> for secrets!
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<xref linkend="opt-services.grafana.provision.notifiers" />
|
||
is not affected by this change because this feature is
|
||
deprecated by Grafana and will probably removed in
|
||
Grafana 10. It’s recommended to use
|
||
<literal>services.grafana.provision.alerting.contactPoints</literal>
|
||
instead.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>services.grafana.provision.alerting</literal>
|
||
option was added. It includes suboptions for every
|
||
alerting-related objects (with the exception of
|
||
<literal>notifiers</literal>), which means it’s now possible
|
||
to configure modern Grafana alerting declaratively.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Synapse now requires entries in the
|
||
<literal>state_group_edges</literal> table to be unique, in
|
||
order to prevent accidentally introducing duplicate
|
||
information (for example, because a database backup was
|
||
restored multiple times). If your Synapse database already has
|
||
duplicate rows in this table, this could fail with an error
|
||
and require manual remediation.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>diamond</literal> package has been update from
|
||
0.8.36 to 2.0.15. See the
|
||
<link xlink:href="https://github.com/bbuchfink/diamond/releases">upstream
|
||
release notes</link> for more details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>guake</literal> package has been updated from
|
||
3.6.3 to 3.9.0, see the
|
||
<link xlink:href="https://github.com/Guake/guake/releases">changelog</link>
|
||
for more details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>netlify-cli</literal> package has been updated
|
||
from 6.13.2 to 12.2.4, see the
|
||
<link xlink:href="https://github.com/netlify/cli/releases">changelog</link>
|
||
for more details.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>dockerTools.buildImage</literal>’s
|
||
<literal>contents</literal> parameter has been deprecated in
|
||
favor of <literal>copyToRoot</literal>. Use
|
||
<literal>copyToRoot = buildEnv { ... };</literal> or similar
|
||
if you intend to add packages to <literal>/bin</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>proxmox.qemuConf.bios</literal> option was added,
|
||
it corresponds to <literal>Hardware->BIOS</literal> field
|
||
in Proxmox web interface. Use
|
||
<literal>"ovmf"</literal> value to build UEFI image,
|
||
default value remains <literal>"bios"</literal>. New
|
||
option <literal>proxmox.partitionTableType</literal> defaults
|
||
to either <literal>"legacy"</literal> or
|
||
<literal>"efi"</literal>, depending on the
|
||
<literal>bios</literal> value. Setting
|
||
<literal>partitionTableType</literal> to
|
||
<literal>"hybrid"</literal> results in an image,
|
||
which supports both methods
|
||
(<literal>"bios"</literal> and
|
||
<literal>"ovmf"</literal>), thereby remaining
|
||
bootable after change to Proxmox
|
||
<literal>Hardware->BIOS</literal> field.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2.
|
||
It is now the upstream version from https://www.memtest.org/,
|
||
as coreboot’s fork is no longer available.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Option descriptions, examples, and defaults writting in
|
||
DocBook are now deprecated. Using CommonMark is preferred and
|
||
will become the default in a future release.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The
|
||
<literal>documentation.nixos.options.allowDocBook</literal>
|
||
option was added to ease the transition to CommonMark option
|
||
documentation. Setting this option to <literal>false</literal>
|
||
causes an error for every option included in the manual that
|
||
uses DocBook documentation; it defaults to
|
||
<literal>true</literal> to preserve the previous behavior and
|
||
will be removed once the transition to CommonMark is complete.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Redis module now persists each instance’s configuration
|
||
file in the state directory, in order to support some more
|
||
advanced use cases like Sentinel.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>protonup</literal> has been aliased to and replaced
|
||
by <literal>protonup-ng</literal> due to upstream not
|
||
maintaining it.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The udisks2 service, available at
|
||
<literal>services.udisks2.enable</literal>, is now disabled by
|
||
default. It will automatically be enabled through services and
|
||
desktop environments as needed. This also means that polkit
|
||
will now actually be disabled by default. The default for
|
||
<literal>security.polkit.enable</literal> was already flipped
|
||
in the previous release, but udisks2 being enabled by default
|
||
re-enabled it.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Nextcloud has been updated to version
|
||
<emphasis role="strong">25</emphasis>. Additionally the
|
||
following things have changed for Nextcloud in NixOS:
|
||
</para>
|
||
<itemizedlist spacing="compact">
|
||
<listitem>
|
||
<para>
|
||
For Nextcloud <emphasis role="strong">>=24</emphasis>,
|
||
the default PHP version is 8.1.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Nextcloud <emphasis role="strong">23</emphasis> has been
|
||
removed since it will reach its
|
||
<link xlink:href="https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule/d76576a12a626d53305d480a6065b57cab705d3d">end
|
||
of life in December 2022</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
If <literal>system.stateVersion</literal> is
|
||
<emphasis role="strong">>=22.11</emphasis>, Nextcloud
|
||
25 will be installed by default. For older versions,
|
||
Nextcloud 24 will be installed.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
Please ensure that you only upgrade one major release at a
|
||
time! Nextcloud doesn’t support upgrades across multiple
|
||
versions, i.e. an upgrade from
|
||
<emphasis role="strong">23</emphasis> to
|
||
<emphasis role="strong">25</emphasis> is only possible
|
||
when upgrading to <emphasis role="strong">24</emphasis>
|
||
first.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
systemd-oomd is enabled by default. Depending on which systemd
|
||
units have <literal>ManagedOOMSwap=kill</literal> or
|
||
<literal>ManagedOOMMemoryPressure=kill</literal>, systemd-oomd
|
||
will SIGKILL all the processes under the appropriate
|
||
descendant cgroups when the configured limits are exceeded.
|
||
NixOS does currently not configure cgroups with oomd by
|
||
default, this can be enabled using
|
||
<link xlink:href="options.html#opt-systemd.oomd.enableRootSlice">systemd.oomd.enableRootSlice</link>,
|
||
<link xlink:href="options.html#opt-systemd.oomd.enableSystemSlice">systemd.oomd.enableSystemSlice</link>,
|
||
and
|
||
<link xlink:href="options.html#opt-systemd.oomd.enableUserServices">systemd.oomd.enableUserServices</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>tt-rss</literal> service performs two database
|
||
migrations when you first use its web UI after upgrade.
|
||
Consider backing up its database before updating.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>pass-secret-service</literal> package now
|
||
includes systemd units from upstream, so adding it to the
|
||
NixOS <literal>services.dbus.packages</literal> option will
|
||
make it start automatically as a systemd user service when an
|
||
application tries to talk to the libsecret D-Bus API.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Wordpress module now has support for installing language
|
||
packs through a new option,
|
||
<literal>services.wordpress.sites.<site>.languages</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The default package for
|
||
<literal>services.mullvad-vpn.package</literal> was changed to
|
||
<literal>pkgs.mullvad</literal>, allowing cross-platform usage
|
||
of Mullvad. <literal>pkgs.mullvad</literal> only contains the
|
||
Mullvad CLI tool, so users who rely on the Mullvad GUI will
|
||
want to change it back to <literal>pkgs.mullvad-vpn</literal>,
|
||
or add <literal>pkgs.mullvad-vpn</literal> to their
|
||
environment.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
PowerDNS has been updated from v4.6.2 to v4.7.2. Please be
|
||
sure to review the
|
||
<link xlink:href="https://doc.powerdns.com/authoritative/upgrading.html#to-4-7-0-or-master">Upgrade
|
||
Notes</link> provided by upstream before upgrading. Worth
|
||
specifically noting is that the new Catalog Zones feature
|
||
comes with a mandatory schema change for the GSQL database
|
||
backends, which has to be manually applied.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
There is a new module for the <literal>thunar</literal>
|
||
program (the Xfce file manager), which depends on the
|
||
<literal>xfconf</literal> dbus service, and also has a dbus
|
||
service and a systemd unit. The option
|
||
<literal>services.xserver.desktopManager.xfce.thunarPlugins</literal>
|
||
has been renamed to
|
||
<literal>programs.thunar.plugins</literal>, and may be removed
|
||
in a future release.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
There is a new module for <literal>xfconf</literal> (the Xfce
|
||
configuration storage system), which has a dbus service.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The Mastodon package has been upgraded to v4.0.0. See the
|
||
<link xlink:href="https://github.com/mastodon/mastodon/releases/tag/v4.0.0">v4.0.0
|
||
release notes</link> for a list of changes. On standard
|
||
setups, no manual migration steps are required. Nevertheless,
|
||
a database backup is recommended.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>nomad</literal> package now defaults to v1.3,
|
||
which no longer has a downgrade path to v1.2 or older.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>nodePackages</literal> package set now defaults
|
||
to the LTS release in the <literal>nodejs</literal> package
|
||
again, instead of being pinned to
|
||
<literal>nodejs-14_x</literal>. Several updates to node2nix
|
||
have been made for compatibility with newer Node.js and npm
|
||
versions and a new <literal>postRebuild</literal> hook has
|
||
been added for packages to perform extra build steps before
|
||
the npm install step prunes dev dependencies.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>boot.kernel.sysctl</literal> is defined as a
|
||
freeformType and adds a custom merge option for
|
||
<literal>net.core.rmem_max</literal> (taking the highest value
|
||
defined to avoid conflicts between 2 services trying to set
|
||
that value).
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The <literal>mame</literal> package does not ship with its
|
||
tools anymore in the default output. They were moved to a
|
||
separate <literal>tools</literal> output instead. For
|
||
convenience, <literal>mame-tools</literal> package was added
|
||
for those who want to use it.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
A NixOS module for Firefox has been added which allows
|
||
preferences and
|
||
<link xlink:href="https://github.com/mozilla/policy-templates/blob/master/README.md">policies</link>
|
||
to be set. This also allows extensions to be installed via the
|
||
<literal>ExtensionSettings</literal> policy. The new options
|
||
are under <literal>programs.firefox</literal>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
The option
|
||
<literal>services.picom.experimentalBackends</literal> was
|
||
removed since it is now the default and the option will cause
|
||
<literal>picom</literal> to quit instead.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>haskellPackages.callHackage</literal> is not always
|
||
invalidated if <literal>all-cabal-hashes</literal> changes,
|
||
leading to less rebuilds of haskell dependencies.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<literal>haskellPackages.callHackage</literal> and
|
||
<literal>haskellPackages.callCabal2nix</literal> (and related
|
||
functions) no longer keep a reference to the
|
||
<literal>cabal2nix</literal> call used to generate them. As a
|
||
result, they will be garbage collected more often.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section xml:id="sec-release-22.11-new-services">
|
||
<title>New Services</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://git.sr.ht/~migadu/alps">alps</link>,
|
||
a simple and extensible webmail. Available as
|
||
<link linkend="opt-services.alps.enable">services.alps</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/jollheef/appvm">appvm</link>,
|
||
Nix based app VMs. Available as
|
||
<link xlink:href="options.html#opt-virtualisation.appvm.enable">virtualisation.appvm</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.ausweisapp.bund.de/">AusweisApp2</link>,
|
||
the authentication software for the German ID card. Available
|
||
as
|
||
<link linkend="opt-programs.ausweisapp.enable">programs.ausweisapp</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/maxbrunet/automatic-timezoned">automatic-timezoned</link>.
|
||
a Linux daemon to automatically update the system timezone
|
||
based on location. Available as
|
||
<link linkend="opt-services.automatic-timezoned.enable">services.automatic-timezoned</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.dolibarr.org/">Dolibarr</link>,
|
||
an enterprise resource planning and customer relationship
|
||
manager. Enable using
|
||
<link linkend="opt-services.dolibarr.enable">services.dolibarr</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://dragonflydb.io/">dragonflydb</link>,
|
||
a modern replacement for Redis and Memcached. Available as
|
||
<link linkend="opt-services.dragonflydb.enable">services.dragonflydb</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/shizunge/endlessh-go">endlessh-go</link>,
|
||
an SSH tarpit that exposes Prometheus metrics. Available as
|
||
<link linkend="opt-services.endlessh-go.enable">services.endlessh-go</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/skeeto/endlessh">endlessh</link>,
|
||
an SSH tarpit. Available as
|
||
<link linkend="opt-services.endlessh.enable">services.endlessh</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://evcc.io">EVCC</link> is an EV charge
|
||
controller with PV integration. It supports a multitude of
|
||
chargers, meters, vehicle APIs and more and ties that together
|
||
with a well-tested backend and a lightweight web frontend.
|
||
Available as
|
||
<link linkend="opt-services.evcc.enable">services.evcc</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.expressvpn.com">expressvpn</link>,
|
||
the CLI client for ExpressVPN. Available as
|
||
<link linkend="opt-services.expressvpn.enable">services.expressvpn</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://freshrss.org/">FreshRSS</link>, a
|
||
free, self-hostable RSS feed aggregator. Available as
|
||
<link linkend="opt-services.freshrss.enable">services.freshrss</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>,
|
||
a simple object storage server for geodistributed deployments,
|
||
alternative to MinIO. Available as
|
||
<link linkend="opt-services.garage.enable">services.garage</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/L11R/go-autoconfig">go-autoconfig</link>,
|
||
IMAP/SMTP autodiscover server. Available as
|
||
<link linkend="opt-services.go-autoconfig.enable">services.go-autoconfig</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.grafana.com/oss/tempo/">Grafana
|
||
Tempo</link>, a distributed tracing store. Available as
|
||
<link linkend="opt-services.tempo.enable">services.tempo</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://hbase.apache.org/">HBase
|
||
cluster</link>, a distributed, scalable, big data store.
|
||
Available as
|
||
<link xlink:href="options.html#opt-services.hadoop.hbase.enable">services.hadoop.hbase</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/leetronics/infnoise">infnoise</link>,
|
||
a hardware True Random Number Generator dongle. Available as
|
||
<link xlink:href="options.html#opt-services.infnoise.enable">services.infnoise</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/jtroo/kanata">kanata</link>,
|
||
a tool to improve keyboard comfort and usability with advanced
|
||
customization. Available as
|
||
<link xlink:href="options.html#opt-services.kanata.enable">services.kanata</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/prymitive/karma">karma</link>,
|
||
an alert dashboard for Prometheus Alertmanager. Available as
|
||
<link xlink:href="options.html#opt-services.karma.enable">services.karma</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://komga.org/">Komga</link>, a free and
|
||
open source comics/mangas media server. Available as
|
||
<link linkend="opt-services.komga.enable">services.komga</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/prymitive/kthxbye">kthxbye</link>,
|
||
an alert acknowledgement management daemon for Prometheus
|
||
Alertmanager. Available as
|
||
<link xlink:href="options.html#opt-services.kthxbye.enable">services.kthxbye</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://languagetool.org/">languagetool</link>,
|
||
a multilingual grammar, style, and spell checker. Available as
|
||
<link xlink:href="options.html#opt-services.languagetool.enable">services.languagetool</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://listmonk.app">Listmonk</link>, a
|
||
self-hosted newsletter manager. Enable using
|
||
<link xlink:href="options.html#opt-services.listmonk.enable">services.listmonk</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://mepo.milesalan.com">Mepo</link>, a
|
||
fast, simple, hackable OSM map viewer for mobile and desktop
|
||
Linux. Available as
|
||
<link linkend="opt-programs.mepo.enable">programs.mepo.enable</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://troglobit.com/projects/merecat/">merecat</link>,
|
||
a small and easy HTTP server based on thttpd. Available as
|
||
<link linkend="opt-services.merecat.enable">services.merecat</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://netbird.io">netbird</link>, a zero
|
||
configuration VPN. Available as
|
||
<link xlink:href="options.html#opt-services.netbird.enable">services.netbird</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://ntfy.sh">ntfy.sh</link>, a push
|
||
notification service. Available as
|
||
<link linkend="opt-services.ntfy-sh.enable">services.ntfy-sh</link>
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://gitlab.com/CalcProgrammer1/OpenRGB/-/tree/master">OpenRGB</link>,
|
||
a FOSS tool for controlling RGB lighting. Available as
|
||
<link xlink:href="options.html#opt-services.hardware.openrgb.enable">services.hardware.openrgb.enable</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://www.getoutline.com/">Outline</link>,
|
||
a wiki and knowledge base similar to Notion. Available as
|
||
<link linkend="opt-services.outline.enable">services.outline</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/zalando/patroni">Patroni</link>,
|
||
a template for PostgreSQL HA with ZooKeeper, etcd or Consul.
|
||
Available as
|
||
<link xlink:href="options.html#opt-services.patroni.enable">services.patroni</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/aiberia/persistent-evdev">persistent-evdev</link>,
|
||
a daemon to add virtual proxy devices that mirror a physical
|
||
input device but persist even if the underlying hardware is
|
||
hot-plugged. Available as
|
||
<link linkend="opt-services.persistent-evdev.enable">services.persistent-evdev</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/edneville/please">Please</link>,
|
||
a Sudo clone written in Rust. Available as
|
||
<link linkend="opt-security.please.enable">security.please</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/prometheus-community/ipmi_exporter">Prometheus
|
||
IPMI exporter</link>, an IPMI exporter for Prometheus.
|
||
Available as
|
||
<link linkend="opt-services.prometheus.exporters.ipmi.enable">services.prometheus.exporters.ipmi</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/messagebird/sachet/">Sachet</link>,
|
||
an SMS alerting tool for the Prometheus Alertmanager.
|
||
Available as
|
||
<link linkend="opt-services.prometheus.sachet.enable">services.prometheus.sachet</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://schleuder.org/">schleuder</link>, a
|
||
mailing list manager with PGP support. Enable using
|
||
<link linkend="opt-services.schleuder.enable">services.schleuder</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/mozilla-services/syncstorage-rs">syncstorage-rs</link>,
|
||
a self-hostable sync server for Firefox. Available as
|
||
<link xlink:href="options.html#opt-services.firefox-syncserver.enable">services.firefox-syncserver</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://tandoor.dev">Tandoor Recipes</link>,
|
||
a self-hosted multi-tenant recipe collection. Available as
|
||
<link xlink:href="options.html#opt-services.tandoor-recipes.enable">services.tandoor-recipes</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/tmate-io/tmate-ssh-server">tmate-ssh-server</link>,
|
||
server side part of
|
||
<link xlink:href="https://tmate.io/">tmate</link>. Available
|
||
as
|
||
<link linkend="opt-services.tmate-ssh-server.enable">services.tmate-ssh-server</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://uptime.kuma.pet/">Uptime
|
||
Kuma</link>, a fancy self-hosted monitoring tool. Available as
|
||
<link linkend="opt-services.uptime-kuma.enable">services.uptime-kuma</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://writefreely.org">WriteFreely</link>,
|
||
a simple blogging platform with ActivityPub support. Available
|
||
as
|
||
<link xlink:href="options.html#opt-services.writefreely.enable">services.writefreely</link>.
|
||
</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>
|
||
<link xlink:href="https://github.com/XTLS/Xray-core">xray</link>,
|
||
a fully compatible v2ray-core replacement. Features XTLS,
|
||
which when enabled on server and client, brings UDP FullCone
|
||
NAT to proxy setups. Available as
|
||
<link xlink:href="options.html#opt-services.xray.enable">services.xray</link>.
|
||
</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
</section>
|