diff options
Diffstat (limited to 'nixos/doc/manual/release-notes/rl-2411.section.md')
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2411.section.md | 46 |
1 files changed, 37 insertions, 9 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index 1ec8c7ff90660..f9a5846c1f384 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -61,7 +61,7 @@ ## New Modules {#sec-release-24.11-new-modules} -- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwariror 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver). +- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwarrior 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver). - [FlareSolverr](https://github.com/FlareSolverr/FlareSolverr), proxy server to bypass Cloudflare protection. Available as [services.flaresolverr](#opt-services.flaresolverr.enable) service. @@ -108,6 +108,8 @@ - [zeronsd](https://github.com/zerotier/zeronsd), a DNS server for ZeroTier users. Available with [services.zeronsd.servedNetworks](#opt-services.zeronsd.servedNetworks). +- [Collabora Online](https://www.collaboraonline.com/), a collaborative online office suite based on LibreOffice technology. Available as [services.collabora-online](options.html#opt-services.collabora-online.enable). + - [wg-access-server](https://github.com/freifunkMUC/wg-access-server/), an all-in-one WireGuard VPN solution with a web ui for connecting devices. Available at [services.wg-access-server](#opt-services.wg-access-server.enable). - [Pingvin Share](https://github.com/stonith404/pingvin-share), a self-hosted file sharing platform and an alternative for WeTransfer. Available as [services.pingvin-share](#opt-services.pingvin-share.enable). @@ -151,8 +153,18 @@ - [Dependency Track](https://dependencytrack.org/), an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Available as [services.dependency-track](option.html#opt-services.dependency-track). +- [Immich](https://github.com/immich-app/immich), a self-hosted photo and video backup solution. Available as [services.immich](#opt-services.immich.enable). + ## Backward Incompatibilities {#sec-release-24.11-incompatibilities} +- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details. + +- The nvidia driver no longer defaults to the proprietary driver starting with version 560. You will need to manually set `hardware.nvidia.open` to select the proprietary or open driver. + +- All Cinnamon and XApp packages have been moved to top-level (i.e., `cinnamon.nemo` is now `nemo`). + +- All GNOME packages have been moved to top-level (i.e., `gnome.nautilus` is now `nautilus`). + - `transmission` package has been aliased with a `trace` warning to `transmission_3`. Since [Transmission 4 has been released last year](https://github.com/transmission/transmission/releases/tag/4.0.0), and Transmission 3 will eventually go away, it was decided perform this warning alias to make people aware of the new version. The `services.transmission.package` defaults to `transmission_3` as well because the upgrade can cause data loss in certain specific usage patterns (examples: [#5153](https://github.com/transmission/transmission/issues/5153), [#6796](https://github.com/transmission/transmission/issues/6796)). Please make sure to back up to your data directory per your usage: - `transmission-gtk`: `~/.config/transmission` - `transmission-daemon` using NixOS module: `${config.services.transmission.home}/.config/transmission-daemon` (defaults to `/var/lib/transmission/.config/transmission-daemon`) @@ -214,8 +226,6 @@ - The `mautrix-signal` module was adapted to incorporate the configuration rearrangement that resulted from the update to the mautrix bridgev2 architecture. Pre-0.7.0 configurations should continue to work. In case you want to update your configuration make sure to check the NixOS manual. -- The nvidia driver no longer defaults to the proprietary driver starting with version 560. You will need to manually set `hardware.nvidia.open` to select the proprietary or open driver. - - `singularity-tools` have the `storeDir` argument removed from its override interface and use `builtins.storeDir` instead. - Two build helpers in `singularity-tools`, i.e., `mkLayer` and `shellScript`, are deprecated, as they are no longer involved in image-building. Maintainers will remove them in future releases. @@ -229,10 +239,6 @@ - The method to safely handle secrets in the `networking.wireless` module has been changed to benefit from a [new feature](https://w1.fi/cgit/hostap/commit/?id=e680a51e94a33591f61edb210926bcb71217a21a) of wpa_supplicant. The syntax to refer to secrets has changed slightly and the option `networking.wireless.environmentFile` has been replaced by `networking.wireless.secretsFile`; see the description of the latter for how to upgrade. -- All Cinnamon and XApp packages have been moved to top-level (i.e., `cinnamon.nemo` is now `nemo`). - -- All GNOME packages have been moved to top-level (i.e., `gnome.nautilus` is now `nautilus`). - - `services.cgit` now runs as the cgit user by default instead of root. This change requires granting access to the repositories to this user or setting the appropriate one through `services.cgit.some-instance.user`. @@ -430,8 +436,6 @@ - `services.roundcube.maxAttachmentSize` will multiply the value set with `1.37` to offset overhead introduced by the base64 encoding applied to attachments. -- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details. - - The `services.mxisd` module has been removed as both [mxisd](https://github.com/kamax-matrix/mxisd) and [ma1sd](https://github.com/ma1uta/ma1sd) are not maintained any longer. Consequently the package `pkgs.ma1sd` has also been removed. @@ -485,6 +489,8 @@ place. The GUI components related to the project are non-free and not packaged. +- Compatible string matching for `hardware.deviceTree.overlays` has been changed to a more correct behavior. See [below](#sec-release-24.11-migration-dto-compatible) for details. + ## Other Notable Changes {#sec-release-24.11-notable-changes} <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> @@ -512,6 +518,9 @@ - `lib.misc.mapAttrsFlatten` is now formally deprecated and will be removed in future releases; use the identical [`lib.attrsets.mapAttrsToList`](https://nixos.org/manual/nixpkgs/unstable#function-library-lib.attrsets.mapAttrsToList) instead. +- Tailscale's `authKeyFile` can now have its corresponding parameters set through `config.services.tailscale.authKeyParameters`, allowing for non-ephemeral unsupervised deployment and more. + See [Registering new nodes using OAuth credentials](https://tailscale.com/kb/1215/oauth-clients#registering-new-nodes-using-oauth-credentials) for the supported options. + - `nixosTests` now provide a working IPv6 setup for VLAN 1 by default. - Kanidm can now be provisioned using the new [`services.kanidm.provision`] option, but requires using a patched version available via `pkgs.kanidm.withSecretProvisioning`. @@ -609,3 +618,22 @@ in { ]; }; ``` + +### `hardware.deviceTree.overlays` compatible string matching {#sec-release-24.11-migration-dto-compatible} + +The original compatible string implementation in older NixOS versions relied on substring matching, +which is incorrect for overlays with multiple compatible strings and other cases. + +The new behavior is consistent with what other tools already do - the overlay is considered applicable if, +and only if, _any_ of the compatible strings in the overlay match _any_ of the compatible strings in the DT. + +To provide some examples: + +| Overlay `compatible` | DT `compatible` | Pre-24.11 behavior | Correct behavior | Notes | +|----------------------|-----------------|--------------------|------------------|--------------------------------------------| +| `"foo"` | `"foo", "bar"` | match | match | Most common use case does not change | +| `"foo"` | `"foobar"` | match | no match | Substrings should not be matched | +| `"foo bar"` | `"foo", "bar"` | match | no match | Separators should not be matched to spaces | +| `"foo", "bar"` | `"baz", "bar"` | no match | match | One compatible string matching is enough | + +Note that this also allows writing overlays that explicitly apply to multiple boards. |