about summary refs log tree commit diff
path: root/nixos/doc/manual/release-notes/rl-2411.section.md
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2411.section.md')
-rw-r--r--nixos/doc/manual/release-notes/rl-2411.section.md46
1 files changed, 37 insertions, 9 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md
index 1ec8c7ff90660..f9a5846c1f384 100644
--- a/nixos/doc/manual/release-notes/rl-2411.section.md
+++ b/nixos/doc/manual/release-notes/rl-2411.section.md
@@ -61,7 +61,7 @@
 
 ## New Modules {#sec-release-24.11-new-modules}
 
-- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwariror 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver).
+- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwarrior 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver).
 
 - [FlareSolverr](https://github.com/FlareSolverr/FlareSolverr), proxy server to bypass Cloudflare protection. Available as [services.flaresolverr](#opt-services.flaresolverr.enable) service.
 
@@ -108,6 +108,8 @@
 
 - [zeronsd](https://github.com/zerotier/zeronsd), a DNS server for ZeroTier users. Available with [services.zeronsd.servedNetworks](#opt-services.zeronsd.servedNetworks).
 
+- [Collabora Online](https://www.collaboraonline.com/), a collaborative online office suite based on LibreOffice technology. Available as [services.collabora-online](options.html#opt-services.collabora-online.enable).
+
 - [wg-access-server](https://github.com/freifunkMUC/wg-access-server/), an all-in-one WireGuard VPN solution with a web ui for connecting devices. Available at [services.wg-access-server](#opt-services.wg-access-server.enable).
 
 - [Pingvin Share](https://github.com/stonith404/pingvin-share), a self-hosted file sharing platform and an alternative for WeTransfer. Available as [services.pingvin-share](#opt-services.pingvin-share.enable).
@@ -151,8 +153,18 @@
 
 - [Dependency Track](https://dependencytrack.org/), an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Available as [services.dependency-track](option.html#opt-services.dependency-track).
 
+- [Immich](https://github.com/immich-app/immich), a self-hosted photo and video backup solution. Available as [services.immich](#opt-services.immich.enable).
+
 ## Backward Incompatibilities {#sec-release-24.11-incompatibilities}
 
+- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details.
+
+- The nvidia driver no longer defaults to the proprietary driver starting with version 560. You will need to manually set `hardware.nvidia.open` to select the proprietary or open driver.
+
+- All Cinnamon and XApp packages have been moved to top-level (i.e., `cinnamon.nemo` is now `nemo`).
+
+- All GNOME packages have been moved to top-level (i.e., `gnome.nautilus` is now `nautilus`).
+
 - `transmission` package has been aliased with a `trace` warning to `transmission_3`. Since [Transmission 4 has been released last year](https://github.com/transmission/transmission/releases/tag/4.0.0), and Transmission 3 will eventually go away, it was decided perform this warning alias to make people aware of the new version. The `services.transmission.package` defaults to `transmission_3` as well because the upgrade can cause data loss in certain specific usage patterns (examples: [#5153](https://github.com/transmission/transmission/issues/5153), [#6796](https://github.com/transmission/transmission/issues/6796)). Please make sure to back up to your data directory per your usage:
   - `transmission-gtk`: `~/.config/transmission`
   - `transmission-daemon` using NixOS module: `${config.services.transmission.home}/.config/transmission-daemon` (defaults to `/var/lib/transmission/.config/transmission-daemon`)
@@ -214,8 +226,6 @@
 - The `mautrix-signal` module was adapted to incorporate the configuration rearrangement that resulted from the update to the mautrix bridgev2 architecture. Pre-0.7.0 configurations should continue to work.
   In case you want to update your configuration make sure to check the NixOS manual.
 
-- The nvidia driver no longer defaults to the proprietary driver starting with version 560. You will need to manually set `hardware.nvidia.open` to select the proprietary or open driver.
-
 - `singularity-tools` have the `storeDir` argument removed from its override interface and use `builtins.storeDir` instead.
 
 - Two build helpers in `singularity-tools`, i.e., `mkLayer` and `shellScript`, are deprecated, as they are no longer involved in image-building. Maintainers will remove them in future releases.
@@ -229,10 +239,6 @@
 - The method to safely handle secrets in the `networking.wireless` module has been changed to benefit from a [new feature](https://w1.fi/cgit/hostap/commit/?id=e680a51e94a33591f61edb210926bcb71217a21a) of wpa_supplicant.
   The syntax to refer to secrets has changed slightly and the option `networking.wireless.environmentFile` has been replaced by `networking.wireless.secretsFile`; see the description of the latter for how to upgrade.
 
-- All Cinnamon and XApp packages have been moved to top-level (i.e., `cinnamon.nemo` is now `nemo`).
-
-- All GNOME packages have been moved to top-level (i.e., `gnome.nautilus` is now `nautilus`).
-
 - `services.cgit` now runs as the cgit user by default instead of root.
   This change requires granting access to the repositories to this user or
   setting the appropriate one through `services.cgit.some-instance.user`.
@@ -430,8 +436,6 @@
 
 - `services.roundcube.maxAttachmentSize` will multiply the value set with `1.37` to offset overhead introduced by the base64 encoding applied to attachments.
 
-- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details.
-
 - The `services.mxisd` module has been removed as both [mxisd](https://github.com/kamax-matrix/mxisd) and [ma1sd](https://github.com/ma1uta/ma1sd) are not maintained any longer.
   Consequently the package `pkgs.ma1sd` has also been removed.
 
@@ -485,6 +489,8 @@
   place. The GUI components related to the project are non-free and not
   packaged.
 
+- Compatible string matching for `hardware.deviceTree.overlays` has been changed to a more correct behavior. See [below](#sec-release-24.11-migration-dto-compatible) for details.
+
 ## Other Notable Changes {#sec-release-24.11-notable-changes}
 
 <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
@@ -512,6 +518,9 @@
 
 - `lib.misc.mapAttrsFlatten` is now formally deprecated and will be removed in future releases; use the identical [`lib.attrsets.mapAttrsToList`](https://nixos.org/manual/nixpkgs/unstable#function-library-lib.attrsets.mapAttrsToList) instead.
 
+- Tailscale's `authKeyFile` can now have its corresponding parameters set through `config.services.tailscale.authKeyParameters`, allowing for non-ephemeral unsupervised deployment and more.
+  See [Registering new nodes using OAuth credentials](https://tailscale.com/kb/1215/oauth-clients#registering-new-nodes-using-oauth-credentials) for the supported options.
+
 - `nixosTests` now provide a working IPv6 setup for VLAN 1 by default.
 
 - Kanidm can now be provisioned using the new [`services.kanidm.provision`] option, but requires using a patched version available via `pkgs.kanidm.withSecretProvisioning`.
@@ -609,3 +618,22 @@ in {
   ];
 };
 ```
+
+### `hardware.deviceTree.overlays` compatible string matching {#sec-release-24.11-migration-dto-compatible}
+
+The original compatible string implementation in older NixOS versions relied on substring matching,
+which is incorrect for overlays with multiple compatible strings and other cases.
+
+The new behavior is consistent with what other tools already do - the overlay is considered applicable if,
+and only if, _any_ of the compatible strings in the overlay match _any_ of the compatible strings in the DT.
+
+To provide some examples:
+
+| Overlay `compatible` | DT `compatible` | Pre-24.11 behavior | Correct behavior | Notes                                      |
+|----------------------|-----------------|--------------------|------------------|--------------------------------------------|
+| `"foo"`              | `"foo", "bar"`  | match              | match            | Most common use case does not change       |
+| `"foo"`              | `"foobar"`      | match              | no match         | Substrings should not be matched           |
+| `"foo bar"`          | `"foo", "bar"`  | match              | no match         | Separators should not be matched to spaces |
+| `"foo", "bar"`       | `"baz", "bar"`  | no match           | match            | One compatible string matching is enough   |
+
+Note that this also allows writing overlays that explicitly apply to multiple boards.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-28 03:23:47 +0000