Release 22.11 (“Raccoon”, 2022.11/??)
Support is planned until the end of June 2023, handing over to
23.05.
Highlights
In addition to numerous new and upgraded packages, this release
has the following highlights:
GNOME has been upgraded to 43. Please take a look at their
Release
Notes for details.
During cross-compilation, tests are now executed if the test
suite can be executed by the build platform. This is the case
when doing “native” cross-compilation where the build and host
platforms are largely the same, but the nixpkgs’ cross
compilation infrastructure is used, e.g.
pkgsStatic and pkgsLLVM.
Another possibility is that the build platform is a superset
of the host platform, e.g. when cross-compiling from
x86_64-unknown-linux to
i686-unknown-linux. The predicate gating
test suite execution is the newly added
canExecute predicate: You can e.g. check if
stdenv.buildPlatform can execute binaries
built for stdenv.hostPlatform (i.e.
produced by stdenv.cc) by evaluating
stdenv.buildPlatform.canExecute stdenv.hostPlatform.
The nixpkgs.hostPlatform and
nixpkgs.buildPlatform options have been
added. These cover and override the
nixpkgs.{system,localSystem,crossSystem}
options.
hostPlatform is the platform or
system string of the
NixOS system described by the configuration.
buildPlatform is the platform that is
responsible for building the NixOS configuration. It
defaults to the hostPlatform, for a
non-cross build configuration. To cross compile, set
buildPlatform to a different value.
The new options convey the same information, but with fewer
options, and following the Nixpkgs terminology.
The existing options
nixpkgs.{system,localSystem,crossSystem}
have not been formally deprecated, to allow for evaluation of
the change and to allow for a transition period so that in
time the ecosystem can switch without breaking compatibility
with any supported NixOS release.
emacs enables native compilation which
means:
emacs packages from nixpkgs, builtin or not, will do
native compilation ahead of time so you can enjoy the
benefit of native compilation without compiling them on
you machine;
emacs packages from somewhere else, e.g.
package-install, will do asynchronously
deferred native compilation. If you do not want this,
maybe to avoid CPU consumption for compilation, you can
use
(setq native-comp-deferred-compilation nil)
to disable it while still enjoy the benefit of native
compilation for packages from nixpkgs.
nixos-generate-config now generates
configurations that can be built in pure mode. This is
achieved by setting the new
nixpkgs.hostPlatform option.
You may have to unset the system parameter
in lib.nixosSystem, or similarly remove
definitions of the
nixpkgs.{system,localSystem,crossSystem}
options.
Alternatively, you can remove the
hostPlatform line and use NixOS like you
would in NixOS 22.05 and earlier.
PHP now defaults to PHP 8.1, updated from 8.0.
PHP is now built NTS (Non-Thread Safe)
style by default, for Apache and mod_php
usage we still enable ZTS (Zend Thread
Safe). This has been a common practice for a long time in
other distributions.
protonup has been aliased to and replaced
by protonup-ng due to upstream not
maintaining it.
Perl has been updated to 5.36, and its core module
HTTP::Tiny was patched to verify SSL/TLS
certificates by default.
Improved performances of
lib.closePropagation which was previously
quadratic. This is used in e.g.
ghcWithPackages. Please see backward
incompatibilities notes below.
Cinnamon has been updated to 5.4. While at it, the cinnamon
module now defaults to blueman as bluetooth manager and
slick-greeter as lightdm greeter to match upstream.
OpenSSL now defaults to OpenSSL 3, updated from 1.1.1.
An image configuration and generator has been added for Linode
images, largely based on the present GCE configuration and
image.
hardware.nvidia has a new option
open that can be used to opt in the
opensource version of NVIDIA kernel driver. Note that the
driver’s support for GeForce and Workstation GPUs is still
alpha quality, see
NVIDIA
Releases Open-Source GPU Kernel Modules for the
official announcement.
New Services
appvm,
Nix based app VMs. Available as
virtualisation.appvm.
automatic-timezoned.
a Linux daemon to automatically update the system timezone
based on location. Available as
services.automatic-timezoned.
[xray] (https://github.com/XTLS/Xray-core), a fully compatible
v2ray-core replacement. Features XTLS, which when enabled on
server and client, brings UDP FullCone NAT to proxy setups.
Available as
services.xray.
syncstorage-rs,
a self-hostable sync server for Firefox. Available as
services.firefox-syncserver.
dragonflydb,
a modern replacement for Redis and Memcached. Available as
services.dragonflydb.
Komga, a free and
open source comics/mangas media server. Available as
services.komga.
Tandoor Recipes,
a self-hosted multi-tenant recipe collection. Available as
services.tandoor-recipes.
HBase
cluster, a distributed, scalable, big data store.
Available as
services.hadoop.hbase.
Please,
a Sudo clone written in Rust. Available as
security.please
Sachet,
an SMS alerting tool for the Prometheus Alertmanager.
Available as
services.prometheus.sachet.
infnoise,
a hardware True Random Number Generator dongle. Available as
services.infnoise.
kthxbye,
an alert acknowledgement management daemon for Prometheus
Alertmanager. Available as
services.kthxbye
kanata,
a tool to improve keyboard comfort and usability with advanced
customization. Available as
services.kanata.
karma,
an alert dashboard for Prometheus Alertmanager. Available as
services.karma
languagetool,
a multilingual grammar, style, and spell checker. Available as
services.languagetool.
OpenRGB,
a FOSS tool for controlling RGB lighting. Available as
services.hardware.openrgb.enable.
Outline,
a wiki and knowledge base similar to Notion. Available as
services.outline.
ntfy.sh, a push
notification service. Available as
services.ntfy-sh
alps,
a simple and extensible webmail. Available as
services.alps.
endlessh,
an SSH tarpit. Available as
services.endlessh.
endlessh-go,
an SSH tarpit that exposes Prometheus metrics. Available as
services.endlessh-go.
Garage,
a simple object storage server for geodistributed deployments,
alternative to MinIO. Available as
services.garage.
netbird, a zero
configuration VPN. Available as
services.netbird.
persistent-evdev,
a daemon to add virtual proxy devices that mirror a physical
input device but persist even if the underlying hardware is
hot-plugged. Available as
services.persistent-evdev.
schleuder, a
mailing list manager with PGP support. Enable using
services.schleuder.
Dolibarr,
an enterprise resource planning and customer relationship
manager. Enable using
services.dolibarr.
FreshRSS, a
free, self-hostable RSS feed aggregator. Available as
services.freshrss.
expressvpn,
the CLI client for ExpressVPN. Available as
services.expressvpn.
merecat,
a small and easy HTTP server based on thttpd. Available as
services.merecat
go-autoconfig,
IMAP/SMTP autodiscover server. Available as
services.go-autoconfig.
tmate-ssh-server,
server side part of
tmate. Available
as
services.tmate-ssh-server.
Grafana
Tempo, a distributed tracing store. Available as
services.tempo.
AusweisApp2,
the authentication software for the German ID card. Available
as
programs.ausweisapp.
Patroni,
a template for PostgreSQL HA with ZooKeeper, etcd or Consul.
Available as
services.patroni.
Prometheus
IPMI exporter, an IPMI exporter for Prometheus.
Available as
services.prometheus.exporters.ipmi.
WriteFreely,
a simple blogging platform with ActivityPub support. Available
as
services.writefreely.
Listmonk, a
self-hosted newsletter manager. Enable using
services.listmonk.
Uptime
Kuma, a fancy self-hosted monitoring tool. Available as
services.uptime-kuma.
Mepo, a
fast, simple, hackable OSM map viewer for mobile and desktop
Linux. Available as
programs.mepo.enable.
Backward Incompatibilities
Nixpkgs now requires Nix 2.3 or newer.
The isCompatible predicate checking CPU
compatibility is no longer exposed by the platform sets
generated using lib.systems.elaborate. In
most cases you will want to use the new
canExecute predicate instead which also
considers the kernel / syscall interface. It is briefly
described in the release’s
highlights
section.
lib.systems.parse.isCompatible still
exists, but has changed semantically: Architectures with
differing endianness modes are no longer considered
compatible.
ngrok has been upgraded from 2.3.40 to
3.0.4. Please see
the
upgrade guide and
changelog.
Notably, breaking changes are that the config file format has
changed and support for single hypen arguments was dropped.
i18n.supportedLocales is now by default
only generated with the locales set in
i18n.defaultLocale and
i18n.extraLocaleSettings. This got
partially copied over from the minimal profile and reduces the
final system size by up to 200MB. If you require all locales
installed set the option to
[ "all" ].
Deprecated settings logrotate.paths and
logrotate.extraConfig have been removed.
Please convert any uses to
services.logrotate.settings
instead.
The isPowerPC predicate, found on
platform attrsets
(hostPlatform,
buildPlatform,
targetPlatform, etc) has been removed in
order to reduce confusion. The predicate was was defined such
that it matches only the 32-bit big-endian members of the
POWER/PowerPC family, despite having a name which would imply
a broader set of systems. If you were using this predicate,
you can replace foo.isPowerPC with
(with foo; isPower && is32bit && isBigEndian).
The fetchgit fetcher now uses
cone
mode by default for sparse checkouts.
Non-cone
mode can be enabled by passing
nonConeMode = true, but note that non-cone
mode is deprecated and this option may be removed alongside a
future Git update without notice.
openssh was updated to version 9.1,
disabling the generation of DSA keys when using
ssh-keygen -A as they are insecure. Also,
SetEnv directives in
ssh_config and
sshd_config are now first-match-wins
bsp-layout no longer uses the command
cycle to switch to other window layouts, as
it got replaced by the commands previous
and next.
The Barco ClickShare driver/client package
pkgs.clickshare-csc1 and the option
programs.clickshare-csc1.enable have been
removed, as it requires qt4, which reached
its end-of-life 2015 and will no longer be supported by
nixpkgs.
According
to Barco many of their base unit models can be used
with Google Chrome and the Google Cast extension.
services.hbase has been renamed to
services.hbase-standalone. For production
HBase clusters, use services.hadoop.hbase
instead.
The p4 package now only includes the
open-source Perforce Helix Core command-line client and APIs.
It no longer installs the unfree Helix Core Server binaries
p4d, p4broker, and
p4p. To install the Helix Core Server
binaries, use the p4d package instead.
The coq package and versioned variants
starting at coq_8_14 no longer include
CoqIDE, which is now available through
coqPackages.coqide. It is still possible to
get CoqIDE as part of the coq package by
overriding the buildIde argument of the
derivation.
PHP 7.4 is no longer supported due to upstream not supporting
this version for the entire lifecycle of the 22.11 release.
The ipfs package and module were renamed to kubo. The kubo
module now uses an RFC42-style settings
option instead of extraConfig and the
gatewayAddress,
apiAddress and
swarmAddress options were renamed. Using
the old names will print a warning but still work.
pkgs.cosign does not provide the
cosigned binary anymore. The
sget binary has been moved into its own
package.
Emacs now uses the Lucid toolkit by default instead of GTK
because of stability and compatibility issues. Users who still
wish to remain using GTK can do so by using
emacs-gtk.
riak package removed along with
services.riak module, due to lack of
maintainer to update the package.
ppd files in pkgs.cups-drv-rastertosag-gdi
are now gzipped. If you refer to such a ppd file with its path
(e.g. via
hardware.printers.ensurePrinters)
you will need to append .gz to the path.
xow package removed along with the
hardware.xow module, due to the project
being deprecated in favor of xone, which is
available via the hardware.xone module.
dd-agent package removed along with the
services.dd-agent module, due to the
project being deprecated in favor of
datadog-agent, which is available via the
services.datadog-agent module.
teleport has been upgraded to major version
10. Please see upstream
upgrade
instructions and
release
notes.
lib.closePropagation now needs that all
gathered sets have an outPath attribute.
lemmy module option
services.lemmy.settings.database.createLocally
moved to
services.lemmy.database.createLocally.
virtlyst package and services.virtlyst
module removed, due to lack of maintainers.
The nix.checkConfig option now fully
disables the config check. The new
nix.checkAllErrors option behaves like
nix.checkConfig previously did.
generateOptparseApplicativeCompletions and
generateOptparseApplicativeCompletion from
haskell.lib.compose (and
haskell.lib) have been deprecated in favor
of generateOptparseApplicativeCompletions
(plural!) as provided by the haskell package sets (so
haskellPackages.generateOptparseApplicativeCompletions
etc.). The latter allows for cross-compilation (by
automatically disabling generation of completion in the cross
case). For it to work properly you need to make sure that the
function comes from the same context as the package you are
trying to override, i.e. always use the same package set as
your package is coming from or – even better – use
self.generateOptparseApplicativeCompletions
if you are overriding a haskell package set. The old functions
are retained for backwards compatibility, but yield are
warning.
The services.graphite.api and
services.graphite.beacon NixOS options, and
the python3.pkgs.graphite_api,
python3.pkgs.graphite_beacon and
python3.pkgs.influxgraph packages, have
been removed due to lack of upstream maintenance.
The trace binary from
perf-linux package has been removed, due to
being a duplicate of the perf binary.
The aws package has been removed due to
being abandoned by the upstream. It is recommended to use
awscli or awscli2
instead.
The
CEmu
TI-84 Plus CE emulator package has been renamed to
cemu-ti. The
Cemu Wii U
emulator is now packaged as cemu.
systemd-networkd v250 deprecated, renamed,
and moved some sections and settings which leads to the
following breaking module changes:
systemd.network.networks.<name>.dhcpV6PrefixDelegationConfig
is renamed to
systemd.network.networks.<name>.dhcpPrefixDelegationConfig.
systemd.network.networks.<name>.dhcpV6Config
no longer accepts the
ForceDHCPv6PDOtherInformation= setting.
Please use the WithoutRA= and
UseDelegatedPrefix= settings in your
systemd.network.networks.<name>.dhcpV6Config
and the DHCPv6Client= setting in your
systemd.network.networks.<name>.ipv6AcceptRAConfig
to control when the DHCPv6 client is started and how the
delegated prefixes are handled by the DHCPv6 client.
systemd.network.networks.<name>.networkConfig
no longer accepts the IPv6Token=
setting. Use the Token= setting in your
systemd.network.networks.<name>.ipv6AcceptRAConfig
instead. The
systemd.network.networks.<name>.ipv6Prefixes.*.ipv6PrefixConfig
now also accepts the Token= setting.
arangodb versions 3.3, 3.4, and 3.5 have
been removed because they are at EOL upstream. The default is
now 3.10.0. Support for aarch64-linux has been removed since
the target cannot be built reproducibly. By default
arangodb is now built for the
haswell architecture. If you wish to build
for a different architecture, you may override the
targetArchitecture argument with a value
from
this
list supported upstream. Some architecture specific
optimizations are also conditionally enabled. You may alter
this behavior by overriding the
asmOptimizations parameter. You may also
add additional architecture support by adding more
-DHAS_XYZ flags to
cmakeFlags via
overrideAttrs.
The meta.mainProgram attribute of packages
in wineWowPackages now defaults to
"wine64".
The paperless module now defaults
PAPERLESS_TIME_ZONE to your configured
system timezone.
The top-level termonad-with-packages alias
for termonad has been removed.
Linux 4.9 has been removed because it will reach its end of
life within the lifespan of 22.11.
(Neo)Vim can not be configured with
configure.pathogen anymore to reduce
maintainance burden. Use configure.packages
instead.
Neovim can not be configured with plug anymore (still works
for vim).
The adguardhome module no longer uses
host and port options,
use settings.bind_host and
settings.bind_port instead.
The default kops version is now 1.25.1 and
support for 1.22 and older has been dropped.
The zrepl package has been updated from
0.5.0 to 0.6.0. See the
changelog
for details.
k3s no longer supports docker as runtime
due to upstream dropping support.
cassandra_2_1 and
cassandra_2_2 have been removed. Please
update to cassandra_3_11 or
cassandra_3_0. See the
changelog
for more information about the upgrade process.
mysql57 has been removed. Please update to
mysql80 or mariadb. See
the
upgrade
guide for more information.
Consequently, cqrlog and
amorok now use mariadb
instead of mysql57 for their embedded
databases. Running mysql_upgrade may be
neccesary.
k3s supports clusterInit
option, and it is enabled by default, for servers.
percona-server56 has been removed. Please
migrate to mysql or
mariadb if possible.
obs-studio hase been updated to version 28.
If you have packaged custom plugins, check if they are
compatible. obs-websocket has been
integrated into obs-studio.
signald has been bumped to
0.23.0. For the upgrade, a migration
process is necessary. It can be done by running a command like
this before starting signald.service:
signald -d /var/lib/signald/db \
--database sqlite:/var/lib/signald/db \
--migrate-data
For further information, please read the upstream changelogs.
stylua no longer accepts
lua52Support and
luauSupport overrides, use
features instead, which defaults to
[ "lua54" "luau" ].
ocamlPackages.ocaml_extlib has been renamed
to ocamlPackages.extlib.
pkgs.fetchNextcloudApp has been rewritten
to circumvent impurities in e.g. tarballs from GitHub and to
make it easier to apply patches. This means that your hashes
are out-of-date and the (previously required) attributes
name and version are no
longer accepted.
The Syncthing service now only allows absolute paths—starting
with / or ~/—for
services.syncthing.folders.<name>.path.
In a future release other paths will be allowed again and
interpreted relative to
services.syncthing.dataDir.
services.github-runner and
services.github-runners.<name> gained
the option serviceOverrides which allows
overriding the systemd serviceConfig. If
you have been overriding the systemd service configuration
(i.e., by defining
systemd.services.github-runner.serviceConfig),
you have to use the serviceOverrides option
now. Example:
services.github-runner.serviceOverrides.SupplementaryGroups = [
"docker"
];
Other Notable Changes
The xplr package has been updated from
0.18.0 to 0.19.0, which brings some breaking changes. See the
upstream
release notes for more details.
Configuring multiple GitHub runners is now possible through
services.github-runners.<name>. The
option services.github-runner remains.
github-runner gained support for ephemeral
runners and registrations using a personal access token (PAT)
instead of a registration token. See
services.github-runner.ephemeral and
services.github-runner.tokenFile for
details.
A new module was added for the Saleae Logic device family,
providing the options
hardware.saleae-logic.enable and
hardware.saleae-logic.package.
ZFS module will not allow hibernation by default, this is a
safety measure to prevent data loss cases like the ones
described at
OpenZFS/260
and
OpenZFS/12842.
Use the boot.zfs.allowHibernation option to
configure this behaviour.
mastodon now automatically removes remote
media attachments older than 30 days. This is configurable
through services.mastodon.mediaAutoRemove.
The Redis module now disables RDB persistence when
services.redis.servers.<name>.save = []
instead of using the Redis default.
Neo4j was updated from version 3 to version 4. See this
migration
guide on how to migrate your Neo4j instance.
The networking.wireguard module now can set
the mtu on interfaces and tag its packets with an fwmark.
The option overrideStrategy was added to
the different systemd unit options
(systemd.services.<name>,
systemd.sockets.<name>, …) to allow
enforcing the creation of a dropin file, rather than the main
unit file, by setting it to asDropin. This
is useful in cases where the existence of the main unit file
is not known to Nix at evaluation time, for example when the
main unit file is provided by adding a package to
systemd.packages. See the fix proposed in
NixOS’s
systemd abstraction doesn’t work with systemd template
units for an example.
The polymc package has been removed due to
a rogue maintainer. It has been replaced by
prismlauncher, a fork by the rest of the
maintainers. For more details, see
the
pull request that made this change and
this
issue detailing the vulnerability. Users with existing
installations should rename
~/.local/share/polymc to
~/.local/share/PrismLauncher. The main
config file’s path has also moved from
~/.local/share/polymc/polymc.cfg to
~/.local/share/PrismLauncher/prismlauncher.cfg.
The bloat package has been updated from
unstable-2022-03-31 to unstable-2022-10-25, which brings a
breaking change. See
this
upstream commit message for details.
The services.matrix-synapse systemd unit
has been hardened.
The services.grafana options were converted
to a
RFC
0042 configuration.
The services.grafana.provision.datasources
and services.grafana.provision.dashboards
options were converted to a
RFC
0042 configuration. They also now support specifying
the provisioning YAML file with path
option.
The services.grafana.provision.alerting
option was added. It includes suboptions for every
alerting-related objects (with the exception of
notifiers), which means it’s now possible
to configure modern Grafana alerting declaratively.
Matrix Synapse now requires entries in the
state_group_edges table to be unique, in
order to prevent accidentally introducing duplicate
information (for example, because a database backup was
restored multiple times). If your Synapse database already has
duplicate rows in this table, this could fail with an error
and require manual remediation.
The diamond package has been update from
0.8.36 to 2.0.15. See the
upstream
release notes for more details.
The guake package has been updated from
3.6.3 to 3.9.0, see the
changelog
for more details.
dockerTools.buildImage deprecates the
misunderstood contents parameter, in favor
of copyToRoot. Use
copyToRoot = buildEnv { ... }; or similar
if you intend to add packages to /bin.
memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2.
It is now the upstream version from https://www.memtest.org/,
as coreboot’s fork is no longer available.
Option descriptions, examples, and defaults writting in
DocBook are now deprecated. Using CommonMark is preferred and
will become the default in a future release.
The
documentation.nixos.options.allowDocBook
option was added to ease the transition to CommonMark option
documentation. Setting this option to false
causes an error for every option included in the manual that
uses DocBook documentation; it defaults to
true to preserve the previous behavior and
will be removed once the transition to CommonMark is complete.
The redis module now persists each instance’s configuration
file in the state directory, in order to support some more
advanced use cases like sentinel.
The udisks2 service, available at
services.udisks2.enable, is now disabled by
default. It will automatically be enabled through services and
desktop environments as needed. This also means that polkit
will now actually be disabled by default. The default for
security.polkit.enable was already flipped
in the previous release, but udisks2 being enabled by default
re-enabled it.
Nextcloud has been updated to version
25. Additionally the
following things have changed for Nextcloud in NixOS:
For Nextcloud >=24,
the default PHP version is 8.1.
Nextcloud 23 has been
removed since it will reach its
end
of life in December 2022.
For system.stateVersion being
>=22.11, Nextcloud
25 will be installed by default. For older versions,
Nextcloud 24 will be installed.
Please ensure that you only upgrade on major release at a
time! Nextcloud doesn’t support upgrades across multiple
versions, i.e. an upgrade from
23 to
25 is only possible
when upgrading to 24
first.
Add udev rules for the Teensy family of microcontrollers.
The Qt QML disk cache is now disabled by default. This fixes a
long-standing issue where updating Qt/KDE apps would sometimes
cause them to crash or behave strangely without explanation.
Those concerned about the small (~10%) performance hit to
application startup can re-enable the cache (and expose
themselves to gremlins) by setting the envrionment variable
QML_FORCE_DISK_CACHE to
1 using e.g. the
environment.sessionVariables NixOS option.
systemd-oomd is enabled by default. Depending on which systemd
units have ManagedOOMSwap=kill or
ManagedOOMMemoryPressure=kill, systemd-oomd
will SIGKILL all the processes under the appropriate
descendant cgroups when the configured limits are exceeded.
NixOS does currently not configure cgroups with oomd by
default, this can be enabled using
systemd.oomd.enableRootSlice,
systemd.oomd.enableSystemSlice,
and
systemd.oomd.enableUserServices.
The tt-rss service performs two database
migrations when you first use its web UI after upgrade.
Consider backing up its database before updating.
The pass-secret-service package now
includes systemd units from upstream, so adding it to the
NixOS services.dbus.packages option will
make it start automatically as a systemd user service when an
application tries to talk to the libsecret D-Bus API.
There is a new module for AMD SEV CPU functionality, which
grants access to the hardware.
The Wordpress module got support for installing language packs
through
services.wordpress.sites.<site>.languages.
The default package for
services.mullvad-vpn.package was changed to
pkgs.mullvad, allowing cross-platform usage
of Mullvad. pkgs.mullvad only contains the
Mullvad CLI tool, so users who rely on the Mullvad GUI will
want to change it back to pkgs.mullvad-vpn,
or add pkgs.mullvad-vpn to their
environment.
PowerDNS has been updated from 4.6.x to
4.7.x. Please be sure to review the
Upgrade
Notes provided by upstream before upgrading. Worth
specifically noting is that the new Catalog Zones feature
comes with a mandatory schema change for the gsql database
backends, which has to be manually applied.
There is a new module for the thunar
program (the Xfce file manager), which depends on the
xfconf dbus service, and also has a dbus
service and a systemd unit. The option
services.xserver.desktopManager.xfce.thunarPlugins
has been renamed to
programs.thunar.plugins, and in a future
release it may be removed.
There is a new module for the xfconf
program (the Xfce configuration storage system), which has a
dbus service.
The nomad package now defaults to 1.3,
which no longer has a downgrade path to releases 1.2 or older.
The nodePackages package set now defaults
to the LTS release in the nodejs package
again, instead of being pinned to
nodejs-14_x. Several updates to node2nix
have been made for compatibility with newer Node.js and npm
versions and a new postRebuild hook has
been added for packages to perform extra build steps before
the npm install step prunes dev dependencies.
boot.kernel.sysctl is defined as a
freeformType and adds a custom merge option for
net.core.rmem_max (taking the highest value
defined to avoid conflicts between 2 services trying to set
that value).
The mame package does not ship with its
tools anymore in the default output. They were moved to a
separate tools output instead. For
convenience, mame-tools package was added
for those who want to use it.
A NixOS module for Firefox has been added which allows
preferences and
policies
to be set. This also allows extensions to be installed via the
ExtensionSettings policy. The new options
are under programs.firefox.
The option
services.picom.experimentalBackends was
removed since it is now the default and the option will cause
picom to quit instead.