1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-23.05">
<title>Release 23.05 (“Stoat”, 2023.05/??)</title>
<para>
Support is planned until the end of December 2023, handing over to
23.11.
</para>
<section xml:id="sec-release-23.05-highlights">
<title>Highlights</title>
<para>
In addition to numerous new and upgraded packages, this release
has the following highlights:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Cinnamon has been updated to 5.6, see
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/201328#issue-1449910204">the
pull request</link> for what is changed.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-new-services">
<title>New Services</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Create the first release note entry in this section!
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-incompatibilities">
<title>Backward Incompatibilities</title>
<itemizedlist>
<listitem>
<para>
<literal>carnix</literal> and <literal>cratesIO</literal> has
been removed due to being unmaintained, use alternatives such
as
<link xlink:href="https://github.com/nix-community/naersk">naersk</link>
and
<link xlink:href="https://github.com/kolloch/crate2nix">crate2nix</link>
instead.
</para>
</listitem>
<listitem>
<para>
The EC2 image module no longer fetches instance metadata in
stage-1. This results in a significantly smaller initramfs,
since network drivers no longer need to be included, and
faster boots, since metadata fetching can happen in parallel
with startup of other services. This breaks services which
rely on metadata being present by the time stage-2 is entered.
Anything which reads EC2 metadata from
<literal>/etc/ec2-metadata</literal> should now have an
<literal>after</literal> dependency on
<literal>fetch-ec2-metadata.service</literal>
</para>
</listitem>
<listitem>
<para>
<literal>services.sourcehut.dispatch</literal> and the
corresponding package
(<literal>sourcehut.dispatchsrht</literal>) have been removed
due to
<link xlink:href="https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/">upstream
deprecation</link>.
</para>
</listitem>
<listitem>
<para>
The EC2 image module previously detected and automatically
mounted ext3-formatted instance store devices and partitions
in stage-1 (initramfs), storing <literal>/tmp</literal> on the
first discovered device. This behaviour, which only catered to
very specific use cases and could not be disabled, has been
removed. Users relying on this should provide their own
implementation, and probably use ext4 and perform the mount in
stage-2.
</para>
</listitem>
<listitem>
<para>
The EC2 image module previously detected and activated
swap-formatted instance store devices and partitions in
stage-1 (initramfs). This behaviour has been removed. Users
relying on this should provide their own implementation.
</para>
</listitem>
<listitem>
<para>
The <literal>nix.readOnlyStore</literal> option has been
renamed to <literal>boot.readOnlyNixStore</literal> to clarify
that it configures the NixOS boot process, not the Nix daemon.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
<listitem>
<para>
The module for the application firewall
<literal>opensnitch</literal> got the ability to configure
rules. Available as
<link linkend="opt-services.opensnitch.rules">services.opensnitch.rules</link>
</para>
</listitem>
<listitem>
<para>
A new <literal>virtualisation.rosetta</literal> module was
added to allow running <literal>x86_64</literal> binaries
through
<link xlink:href="https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment">Rosetta</link>
inside virtualised NixOS guests on Apple silicon. This feature
works by default with the
<link xlink:href="https://docs.getutm.app/">UTM</link>
virtualisation
<link xlink:href="https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm">package</link>.
</para>
</listitem>
<listitem>
<para>
Resilio sync secret keys can now be provided using a secrets
file at runtime, preventing these secrets from ending up in
the Nix store.
</para>
</listitem>
</itemizedlist>
</section>
</section>
|