3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
2021-09-14 18:51:23 +02:00

780 lines
26 KiB
XML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-21.11">
<title>Release 21.11 (“?”, 2021.11/??)</title>
<para>
In addition to numerous new and upgraded packages, this release has
the following highlights:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Support is planned until the end of June 2022, handing over to
22.05.
</para>
</listitem>
</itemizedlist>
<section xml:id="sec-release-21.11-highlights">
<title>Highlights</title>
<itemizedlist>
<listitem>
<para>
PHP now defaults to PHP 8.0, updated from 7.4.
</para>
</listitem>
<listitem>
<para>
kOps now defaults to 1.21.0, which uses containerd as the
default runtime.
</para>
</listitem>
<listitem>
<para>
<literal>python3</literal> now defaults to Python 3.9, updated
from Python 3.8.
</para>
</listitem>
<listitem>
<para>
PostgreSQL now defaults to major version 13.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-new-services">
<title>New Services</title>
<itemizedlist>
<listitem>
<para>
<link xlink:href="https://digint.ch/btrbk/index.html">btrbk</link>,
a backup tool for btrfs subvolumes, taking advantage of btrfs
specific capabilities to create atomic snapshots and transfer
them incrementally to your backup locations. Available as
<link xlink:href="options.html#opt-services.brtbk.instances">services.btrbk</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/xrelkd/clipcat/">clipcat</link>,
an X11 clipboard manager written in Rust. Available at
[services.clipcat](options.html#o pt-services.clipcat.enable).
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/maxmind/geoipupdate">geoipupdate</link>,
a GeoIP database updater from MaxMind. Available as
<link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://www.isc.org/kea/">Kea</link>, ISCs
2nd generation DHCP and DDNS server suite. Available at
<link xlink:href="options.html#opt-services.kea">services.kea</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://sr.ht">sourcehut</link>, a
collection of tools useful for software development. Available
as
<link xlink:href="options.html#opt-services.sourcehut.enable">services.sourcehut</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://download.pureftpd.org/pub/ucarp/README">ucarp</link>,
an userspace implementation of the Common Address Redundancy
Protocol (CARP). Available as
<link xlink:href="options.html#opt-networking.ucarp.enable">networking.ucarp</link>.
</para>
</listitem>
<listitem>
<para>
Users of flashrom should migrate to
<link xlink:href="options.html#opt-programs.flashrom.enable">programs.flashrom.enable</link>
and add themselves to the <literal>flashrom</literal> group to
be able to access programmers supported by flashrom.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://vikunja.io">vikunja</link>, a to-do
list app. Available as
<link linkend="opt-services.vikunja.enable">services.vikunja</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/evilsocket/opensnitch">opensnitch</link>,
an application firewall. Available as
<link linkend="opt-services.opensnitch.enable">services.opensnitch</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://www.snapraid.it/">snapraid</link>, a
backup program for disk arrays. Available as
<link linkend="opt-snapraid.enable">snapraid</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/hockeypuck/hockeypuck">Hockeypuck</link>,
a OpenPGP Key Server. Available as
<link linkend="opt-services.hockeypuck.enable">services.hockeypuck</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/buildkite/buildkite-agent-metrics">buildkite-agent-metrics</link>,
a command-line tool for collecting Buildkite agent metrics,
now has a Prometheus exporter available as
<link linkend="opt-services.prometheus.exporters.buildkite-agent.enable">services.prometheus.exporters.buildkite-agent</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/prometheus/influxdb_exporter">influxdb-exporter</link>
a Prometheus exporter that exports metrics received on an
InfluxDB compatible endpoint is now available as
<link linkend="opt-services.prometheus.exporters.influxdb.enable">services.prometheus.exporters.influxdb</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/matrix-discord/mx-puppet-discord">mx-puppet-discord</link>,
a discord puppeting bridge for matrix. Available as
<link linkend="opt-services.mx-puppet-discord.enable">services.mx-puppet-discord</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-incompatibilities">
<title>Backward Incompatibilities</title>
<itemizedlist>
<listitem>
<para>
The <literal>staticjinja</literal> package has been upgraded
from 1.0.4 to 3.0.1
</para>
</listitem>
<listitem>
<para>
<literal>services.geoip-updater</literal> was broken and has
been replaced by
<link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>.
</para>
</listitem>
<listitem>
<para>
PHP 7.3 is no longer supported due to upstream not supporting
this version for the entire lifecycle of the 21.11 release.
</para>
</listitem>
<listitem>
<para>
Those making use of <literal>buildBazelPackage</literal> will
need to regenerate the fetch hashes (preferred), or set
<literal>fetchConfigured = false;</literal>.
</para>
</listitem>
<listitem>
<para>
<literal>consul</literal> was upgraded to a new major release
with breaking changes, see
<link xlink:href="https://github.com/hashicorp/consul/releases/tag/v1.10.0">upstream
changelog</link>.
</para>
</listitem>
<listitem>
<para>
fsharp41 has been removed in preference to use the latest
dotnet-sdk
</para>
</listitem>
<listitem>
<para>
The following F#-related packages have been removed for being
unmaintaned. Please use <literal>fetchNuGet</literal> for
specific packages.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
ExtCore
</para>
</listitem>
<listitem>
<para>
Fake
</para>
</listitem>
<listitem>
<para>
Fantomas
</para>
</listitem>
<listitem>
<para>
FsCheck
</para>
</listitem>
<listitem>
<para>
FsCheck262
</para>
</listitem>
<listitem>
<para>
FsCheckNunit
</para>
</listitem>
<listitem>
<para>
FSharpAutoComplete
</para>
</listitem>
<listitem>
<para>
FSharpCompilerCodeDom
</para>
</listitem>
<listitem>
<para>
FSharpCompilerService
</para>
</listitem>
<listitem>
<para>
FSharpCompilerTools
</para>
</listitem>
<listitem>
<para>
FSharpCore302
</para>
</listitem>
<listitem>
<para>
FSharpCore3125
</para>
</listitem>
<listitem>
<para>
FSharpCore4001
</para>
</listitem>
<listitem>
<para>
FSharpCore4117
</para>
</listitem>
<listitem>
<para>
FSharpData
</para>
</listitem>
<listitem>
<para>
FSharpData225
</para>
</listitem>
<listitem>
<para>
FSharpDataSQLProvider
</para>
</listitem>
<listitem>
<para>
FSharpFormatting
</para>
</listitem>
<listitem>
<para>
FsLexYacc
</para>
</listitem>
<listitem>
<para>
FsLexYacc706
</para>
</listitem>
<listitem>
<para>
FsLexYaccRuntime
</para>
</listitem>
<listitem>
<para>
FsPickler
</para>
</listitem>
<listitem>
<para>
FsUnit
</para>
</listitem>
<listitem>
<para>
Projekt
</para>
</listitem>
<listitem>
<para>
Suave
</para>
</listitem>
<listitem>
<para>
UnionArgParser
</para>
</listitem>
<listitem>
<para>
ExcelDnaRegistration
</para>
</listitem>
<listitem>
<para>
MathNetNumerics
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
<literal>programs.x2goserver</literal> is now
<literal>services.x2goserver</literal>
</para>
</listitem>
<listitem>
<para>
The following dotnet-related packages have been removed for
being unmaintaned. Please use <literal>fetchNuGet</literal>
for specific packages.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Autofac
</para>
</listitem>
<listitem>
<para>
SystemValueTuple
</para>
</listitem>
<listitem>
<para>
MicrosoftDiaSymReader
</para>
</listitem>
<listitem>
<para>
MicrosoftDiaSymReaderPortablePdb
</para>
</listitem>
<listitem>
<para>
SystemCollectionsImmutable
</para>
</listitem>
<listitem>
<para>
SystemCollectionsImmutable131
</para>
</listitem>
<listitem>
<para>
SystemReflectionMetadata
</para>
</listitem>
<listitem>
<para>
NUnit350
</para>
</listitem>
<listitem>
<para>
Deedle
</para>
</listitem>
<listitem>
<para>
ExcelDna
</para>
</listitem>
<listitem>
<para>
GitVersionTree
</para>
</listitem>
<listitem>
<para>
NDeskOptions
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<itemizedlist>
<listitem>
<para>
The <literal>antlr</literal> package now defaults to the 4.x
release instead of the old 2.7.7 version.
</para>
</listitem>
<listitem>
<para>
The <literal>pulseeffects</literal> package updated to
<link xlink:href="https://github.com/wwmm/easyeffects/releases/tag/v6.0.0">version
4.x</link> and renamed to <literal>easyeffects</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>libwnck</literal> package now defaults to the 3.x
release instead of the old 2.31.0 version.
</para>
</listitem>
<listitem>
<para>
The <literal>bitwarden_rs</literal> packages and modules were
renamed to <literal>vaultwarden</literal>
<link xlink:href="https://github.com/dani-garcia/vaultwarden/discussions/1642">following
upstream</link>. More specifically,
</para>
<itemizedlist>
<listitem>
<para>
<literal>pkgs.bitwarden_rs</literal>,
<literal>pkgs.bitwarden_rs-sqlite</literal>,
<literal>pkgs.bitwarden_rs-mysql</literal> and
<literal>pkgs.bitwarden_rs-postgresql</literal> were
renamed to <literal>pkgs.vaultwarden</literal>,
<literal>pkgs.vaultwarden-sqlite</literal>,
<literal>pkgs.vaultwarden-mysql</literal> and
<literal>pkgs.vaultwarden-postgresql</literal>,
respectively.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Old names are preserved as aliases for backwards
compatibility, but may be removed in the future.
</para>
</listitem>
<listitem>
<para>
The <literal>bitwarden_rs</literal> executable was
also renamed to <literal>vaultwarden</literal> in all
packages.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
<literal>pkgs.bitwarden_rs-vault</literal> was renamed to
<literal>pkgs.vaultwarden-vault</literal>.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
<literal>pkgs.bitwarden_rs-vault</literal> is
preserved as an alias for backwards compatibility, but
may be removed in the future.
</para>
</listitem>
<listitem>
<para>
The static files were moved from
<literal>/usr/share/bitwarden_rs</literal> to
<literal>/usr/share/vaultwarden</literal>.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
The <literal>services.bitwarden_rs</literal> config module
was renamed to <literal>services.vaultwarden</literal>.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
<literal>services.bitwarden_rs</literal> is preserved
as an alias for backwards compatibility, but may be
removed in the future.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
<literal>systemd.services.bitwarden_rs</literal>,
<literal>systemd.services.backup-bitwarden_rs</literal>
and <literal>systemd.timers.backup-bitwarden_rs</literal>
were renamed to
<literal>systemd.services.vaultwarden</literal>,
<literal>systemd.services.backup-vaultwarden</literal> and
<literal>systemd.timers.backup-vaultwarden</literal>,
respectively.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Old names are preserved as aliases for backwards
compatibility, but may be removed in the future.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
<literal>users.users.bitwarden_rs</literal> and
<literal>users.groups.bitwarden_rs</literal> were renamed
to <literal>users.users.vaultwarden</literal> and
<literal>users.groups.vaultwarden</literal>, respectively.
</para>
</listitem>
<listitem>
<para>
The data directory remains located at
<literal>/var/lib/bitwarden_rs</literal>, for backwards
compatibility.
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<itemizedlist>
<listitem>
<para>
<literal>yggdrasil</literal> was upgraded to a new major
release with breaking changes, see
<link xlink:href="https://github.com/yggdrasil-network/yggdrasil-go/releases/tag/v0.4.0">upstream
changelog</link>.
</para>
</listitem>
<listitem>
<para>
<literal>icingaweb2</literal> was upgraded to a new release
which requires a manual database upgrade, see
<link xlink:href="https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0">upstream
changelog</link>.
</para>
</listitem>
<listitem>
<para>
The <literal>isabelle</literal> package has been upgraded from
2020 to 2021
</para>
</listitem>
<listitem>
<para>
the <literal>mingw-64</literal> package has been upgraded from
6.0.0 to 9.0.0
</para>
</listitem>
<listitem>
<para>
<literal>tt-rss</literal> was upgraded to the commit on
2021-06-21, which has breaking changes. If you use
<literal>services.tt-rss.extraConfig</literal> you should
migrate to the <literal>putenv</literal>-style configuration.
See
<link xlink:href="https://community.tt-rss.org/t/rip-config-php-hello-classes-config-php/4337">this
Discourse post</link> in the tt-rss forums for more details.
</para>
</listitem>
<listitem>
<para>
The following Visual Studio Code extensions were renamed to
keep the naming convention uniform.
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
<literal>bbenoist.Nix</literal> -&gt;
<literal>bbenoist.nix</literal>
</para>
</listitem>
<listitem>
<para>
<literal>CoenraadS.bracket-pair-colorizer</literal> -&gt;
<literal>coenraads.bracket-pair-colorizer</literal>
</para>
</listitem>
<listitem>
<para>
<literal>golang.Go</literal> -&gt;
<literal>golang.go</literal>
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-21.11-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
<listitem>
<para>
The setting
<link xlink:href="options.html#opt-services.openssh.logLevel"><literal>services.openssh.logLevel</literal></link>
<literal>&quot;VERBOSE&quot;</literal>
<literal>&quot;INFO&quot;</literal>. This brings NixOS in line
with upstream and other Linux distributions, and reduces log
spam on servers due to bruteforcing botnets.
</para>
<para>
However, if
<link xlink:href="options.html#opt-services.fail2ban.enable"><literal>services.fail2ban.enable</literal></link>
is <literal>true</literal>, the <literal>fail2ban</literal>
will override the verbosity to
<literal>&quot;VERBOSE&quot;</literal>, so that
<literal>fail2ban</literal> can observe the failed login
attempts from the SSH logs.
</para>
</listitem>
<listitem>
<para>
Sway: The terminal emulator <literal>rxvt-unicode</literal> is
no longer installed by default via
<literal>programs.sway.extraPackages</literal>. The current
default configuration uses <literal>alacritty</literal> (and
soon <literal>foot</literal>) so this is only an issue when
using a customized configuration and not installing
<literal>rxvt-unicode</literal> explicitly.
</para>
</listitem>
<listitem>
<para>
<literal>python3</literal> now defaults to Python 3.9. Python
3.9 introduces many deprecation warnings, please look at the
<link xlink:href="https://docs.python.org/3/whatsnew/3.9.html">Whats
New In Python 3.9 post</link> for more information.
</para>
</listitem>
<listitem>
<para>
The <literal>claws-mail</literal> package now references the
new GTK+ 3 release branch, major version 4. To use the GTK+ 2
releases, one can install the
<literal>claws-mail-gtk2</literal> package.
</para>
</listitem>
<listitem>
<para>
The wordpress module provides a new interface which allows to
use different webservers with the new option
<link xlink:href="options.html#opt-services.wordpress.webserver"><literal>services.wordpress.webserver</literal></link>.
Currently <literal>httpd</literal> and
<literal>nginx</literal> are supported. The definitions of
wordpress sites should now be set in
<link xlink:href="options.html#opt-services.wordpress.sites"><literal>services.wordpress.sites</literal></link>.
</para>
<para>
Sites definitions that use the old interface are automatically
migrated in the new option. This backward compatibility will
be removed in 22.05.
</para>
</listitem>
<listitem>
<para>
The order of NSS (host) modules has been brought in line with
upstream recommendations:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
The <literal>myhostname</literal> module is placed before
the <literal>resolve</literal> (optional) and
<literal>dns</literal> entries, but after
<literal>file</literal> (to allow overriding via
<literal>/etc/hosts</literal> /
<literal>networking.extraHosts</literal>, and prevent ISPs
with catchall-DNS resolvers from hijacking
<literal>.localhost</literal> domains)
</para>
</listitem>
<listitem>
<para>
The <literal>mymachines</literal> module, which provides
hostname resolution for local containers (registered with
<literal>systemd-machined</literal>) is placed to the
front, to make sure its mappings are preferred over other
resolvers.
</para>
</listitem>
<listitem>
<para>
If systemd-networkd is enabled, the
<literal>resolve</literal> module is placed before
<literal>files</literal> and
<literal>myhostname</literal>, as it provides the same
logic internally, with caching.
</para>
</listitem>
<listitem>
<para>
The <literal>mdns(_minimal)</literal> module has been
updated to the new priorities.
</para>
</listitem>
</itemizedlist>
<para>
If you use your own NSS host modules, make sure to update your
priorities according to these rules:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
NSS modules which should be queried before
<literal>resolved</literal> DNS resolution should use
mkBefore.
</para>
</listitem>
<listitem>
<para>
NSS modules which should be queried after
<literal>resolved</literal>, <literal>files</literal> and
<literal>myhostname</literal>, but before
<literal>dns</literal> should use the default priority
</para>
</listitem>
<listitem>
<para>
NSS modules which should come after <literal>dns</literal>
should use mkAfter.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
The
<link xlink:href="options.html#opt-networking.wireless.iwd.enable">networking.wireless.iwd</link>
module has a new
<link xlink:href="options.html#opt-networking.wireless.iwd.settings">networking.wireless.iwd.settings</link>
option.
</para>
</listitem>
<listitem>
<para>
The
<link xlink:href="options.html#opt-services.syncoid.enable">services.syncoid.enable</link>
module now properly drops ZFS permissions after usage. Before
it delegated permissions to whole pools instead of datasets
and didnt clean up after execution. You can manually look
this up for your pools by running
<literal>zfs allow your-pool-name</literal> and use
<literal>zfs unallow syncoid your-pool-name</literal> to clean
this up.
</para>
</listitem>
</itemizedlist>
</section>
</section>