diff options
Diffstat (limited to 'nixos')
4 files changed, 31 insertions, 4 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index a660e28af04aa..1872601dc8e53 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -118,6 +118,11 @@ </listitem> <listitem> <para> + PostgreSQL now defaults to major version 14. + </para> + </listitem> + <listitem> + <para> The new <link xlink:href="https://nixos.org/manual/nixpkgs/stable/#sec-postgresqlTestHook"><literal>postgresqlTestHook</literal></link> runs a PostgreSQL server for the duration of package checks. @@ -691,6 +696,18 @@ </listitem> <listitem> <para> + <literal>openldap</literal> (and therefore the slapd LDAP + server) were updated to version 2.6.2. The project introduced + backwards-incompatible changes, namely the removal of the bdb, + hdb, ndb, and shell backends in slapd. Therefore before + updating, dump your database <literal>slapcat -n 1</literal> + in LDIF format, and reimport it after updating your + <literal>services.openldap.settings</literal>, which + represents your <literal>cn=config</literal>. + </para> + </listitem> + <listitem> + <para> <literal>openssh</literal> has been update to 8.9p1, changing the FIDO security key middleware interface. </para> diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 96b138aa82e2d..10617a5250172 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -45,6 +45,8 @@ In addition to numerous new and upgraded packages, this release has the followin - Pulseaudio has been upgraded to version 15.0 and now optionally [supports additional Bluetooth audio codecs](https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/15.0/#supportforldacandaptxbluetoothcodecsplussbcxqsbcwithhigher-qualityparameters) like aptX or LDAC, with codec switching support being available in `pavucontrol`. This feature is disabled by default but can be enabled by using `hardware.pulseaudio.package = pkgs.pulseaudioFull;`. Existing 3rd party modules that provided similar functionality, like `pulseaudio-modules-bt` or `pulseaudio-hsphfpd` are deprecated and have been removed. +- PostgreSQL now defaults to major version 14. + - The new [`postgresqlTestHook`](https://nixos.org/manual/nixpkgs/stable/#sec-postgresqlTestHook) runs a PostgreSQL server for the duration of package checks. - [`kops`](https://kops.sigs.k8s.io) defaults to 1.22.4, which will enable [Instance Metadata Service Version 2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html) and require tokens on new clusters with Kubernetes 1.22. This will increase security by default, but may break some types of workloads. See the [release notes](https://kops.sigs.k8s.io/releases/1.22-notes/) for details. @@ -244,6 +246,8 @@ In addition to numerous new and upgraded packages, this release has the followin - In the ncdns module, the default value of `services.ncdns.address` has been changed to the IPv6 loopback address (`::1`). +- `openldap` (and therefore the slapd LDAP server) were updated to version 2.6.2. The project introduced backwards-incompatible changes, namely the removal of the bdb, hdb, ndb, and shell backends in slapd. Therefore before updating, dump your database `slapcat -n 1` in LDIF format, and reimport it after updating your `services.openldap.settings`, which represents your `cn=config`. + - `openssh` has been update to 8.9p1, changing the FIDO security key middleware interface. - `git` no longer hardcodes the path to openssh' ssh binary to reduce the amount of rebuilds. If you are using git with ssh remotes and do not have a ssh binary in your enviroment consider adding `openssh` to it or switching to `gitFull`. diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix index 2c1e25d430840..1967a2371bdd7 100644 --- a/nixos/modules/services/databases/openldap.nix +++ b/nixos/modules/services/databases/openldap.nix @@ -268,9 +268,14 @@ in { }; systemd.services.openldap = { - description = "LDAP server"; + description = "OpenLDAP Server Daemon"; + documentation = [ + "man:slapd" + "man:slapd-config" + "man:slapd-mdb" + ]; wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; + after = [ "network-online.target" ]; preStart = let settingsFile = pkgs.writeText "config.ldif" (lib.concatStringsSep "\n" (attrsToLdif "cn=config" cfg.settings)); @@ -306,7 +311,7 @@ in { "${openldap}/libexec/slapd" "-u" cfg.user "-g" cfg.group "-F" configDir "-h" (lib.concatStringsSep " " cfg.urlList) ]); - Type = "forking"; + Type = "notify"; PIDFile = cfg.settings.attrs.olcPidFile; }; }; diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 2919022496a36..550bd36efff28 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -295,7 +295,8 @@ in # Note: when changing the default, make it conditional on # ‘system.stateVersion’ to maintain compatibility with existing # systems! - mkDefault (if versionAtLeast config.system.stateVersion "21.11" then pkgs.postgresql_13 + mkDefault (if versionAtLeast config.system.stateVersion "22.05" then pkgs.postgresql_14 + else if versionAtLeast config.system.stateVersion "21.11" then pkgs.postgresql_13 else if versionAtLeast config.system.stateVersion "20.03" then pkgs.postgresql_11 else if versionAtLeast config.system.stateVersion "17.09" then mkThrow "9_6" else mkThrow "9_5"); |