2015-09-01 14:52:08 +02:00
|
|
|
|
<section xmlns="http://docbook.org/ns/docbook"
|
|
|
|
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
|
|
|
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
|
|
|
|
version="5.0"
|
2016-02-29 11:39:11 +01:00
|
|
|
|
xml:id="sec-release-16.03">
|
2015-09-01 14:52:08 +02:00
|
|
|
|
|
2016-04-01 00:08:49 +02:00
|
|
|
|
<title>Release 16.03 (“Emu”, 2016/03/31)</title>
|
2015-09-01 14:52:08 +02:00
|
|
|
|
|
2015-11-18 01:26:00 +01:00
|
|
|
|
<para>In addition to numerous new and upgraded packages, this release
|
|
|
|
|
has the following highlights:</para>
|
|
|
|
|
|
|
|
|
|
<itemizedlist>
|
|
|
|
|
|
2016-01-15 08:34:26 +01:00
|
|
|
|
<listitem>
|
2016-03-31 12:30:05 +02:00
|
|
|
|
<para>Systemd 229, bringing <link
|
|
|
|
|
xlink:href="https://github.com/systemd/systemd/blob/v229/NEWS">numerous
|
|
|
|
|
improvements</link> over 217.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>Linux 4.4 (was 3.18).</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>GCC 5.3 (was 4.9). Note that GCC 5 <link
|
|
|
|
|
xlink:href="https://gcc.gnu.org/onlinedocs/libstdc++/manual/using_dual_abi.html">changes
|
|
|
|
|
the C++ ABI in an incompatible way</link>; this may cause problems
|
|
|
|
|
if you try to link objects compiled with different versions of
|
|
|
|
|
GCC.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>Glibc 2.23 (was 2.21).</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-04-01 00:39:01 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Binutils 2.26 (was 2.23.1). See #909</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-03-31 12:30:05 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Improved support for ensuring <link
|
|
|
|
|
xlink:href="https://reproducible-builds.org/">bitwise reproducible
|
|
|
|
|
builds</link>. For example, <literal>stdenv</literal> now sets the
|
|
|
|
|
environment variable <envar
|
|
|
|
|
xlink:href="https://reproducible-builds.org/specs/source-date-epoch/">SOURCE_DATE_EPOCH</envar>
|
|
|
|
|
to a deterministic value, and Nix has <link
|
|
|
|
|
xlink:href="http://nixos.org/nix/manual/#ssec-relnotes-1.11">gained
|
|
|
|
|
an option</link> to repeat a build a number of times to test
|
|
|
|
|
determinism. An ongoing project, the goal of exact reproducibility
|
|
|
|
|
is to allow binaries to be verified independently (e.g., a user
|
|
|
|
|
might only trust binaries that appear in three independent binary
|
|
|
|
|
caches).</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>Perl 5.22.</para>
|
2016-01-15 08:34:26 +01:00
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-11-18 01:26:00 +01:00
|
|
|
|
</itemizedlist>
|
|
|
|
|
|
2015-11-26 22:43:11 +01:00
|
|
|
|
<para>The following new services were added since the last release:
|
|
|
|
|
|
|
|
|
|
<itemizedlist>
|
|
|
|
|
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
|
2016-04-01 00:00:24 +02:00
|
|
|
|
<listitem><para><literal>hardware/video/webcam/facetimehd.nix</literal></para></listitem>
|
2016-04-12 12:46:12 +02:00
|
|
|
|
<listitem><para><literal>i18n/input-method/default.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>i18n/input-method/fcitx.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>i18n/input-method/ibus.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>i18n/input-method/nabi.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>i18n/input-method/uim.nix</literal></para></listitem>
|
2016-04-01 00:00:24 +02:00
|
|
|
|
<listitem><para><literal>programs/fish.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>security/acme.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>security/audit.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>security/oath.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/hardware/irqbalance.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/mail/dspam.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/mail/opendkim.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/mail/postsrsd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/mail/rspamd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/mail/rmilter.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/autofs.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/bepasty.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/calibre-server.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/cfdyndns.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/gammu-smsd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/mathics.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/matrix-synapse.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/misc/octoprint.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/monitoring/hdaps.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/monitoring/heapster.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/network-filesystems/netatalk.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/network-filesystems/xtreemfs.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/autossh.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/dnschain.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/gale.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/miniupnpd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/namecoind.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/ostinato.nix</literal></para></listitem>
|
2016-02-11 12:02:11 +01:00
|
|
|
|
<listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem>
|
2016-04-01 00:00:24 +02:00
|
|
|
|
<listitem><para><literal>services/networking/shairport-sync.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/networking/supplicant.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/search/kibana.nix</literal></para></listitem>
|
2016-02-01 09:47:23 +01:00
|
|
|
|
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
|
2016-04-01 00:00:24 +02:00
|
|
|
|
<listitem><para><literal>services/security/physlock.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/x11/hardware/libinput.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>services/x11/window-managers/windowlab.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>system/boot/initrd-network.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>system/boot/initrd-ssh.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>system/boot/loader/loader.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>system/boot/networkd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>system/boot/resolved.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>virtualisation/lxd.nix</literal></para></listitem>
|
|
|
|
|
<listitem><para><literal>virtualisation/rkt.nix</literal></para></listitem>
|
2015-11-26 22:43:11 +01:00
|
|
|
|
</itemizedlist>
|
|
|
|
|
</para>
|
|
|
|
|
|
2015-09-01 14:52:08 +02:00
|
|
|
|
<para>When upgrading from a previous release, please be aware of the
|
2015-09-21 11:02:17 +02:00
|
|
|
|
following incompatible changes:</para>
|
|
|
|
|
|
|
|
|
|
<itemizedlist>
|
2016-03-31 12:30:05 +02:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>We no longer produce graphical ISO images and VirtualBox
|
|
|
|
|
images for <literal>i686-linux</literal>. A minimal ISO image is
|
|
|
|
|
still provided.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>Firefox and similar browsers are now <emphasis>wrapped by default</emphasis>.
|
|
|
|
|
The package and attribute names are plain <literal>firefox</literal>
|
|
|
|
|
or <literal>midori</literal>, etc. Backward-compatibility attributes were set up,
|
|
|
|
|
but note that <command>nix-env -u</command> will <emphasis>not</emphasis> update
|
|
|
|
|
your current <literal>firefox-with-plugins</literal>;
|
|
|
|
|
you have to uninstall it and install <literal>firefox</literal> instead.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-09-21 11:02:17 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><command>wmiiSnap</command> has been replaced with
|
|
|
|
|
<command>wmii_hg</command>, but
|
|
|
|
|
<command>services.xserver.windowManager.wmii.enable</command> has
|
|
|
|
|
been updated respectively so this only affects you if you have
|
|
|
|
|
explicitly installed <command>wmiiSnap</command>.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-01-14 13:07:56 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>jobs</literal> NixOS option has been removed. It served as
|
|
|
|
|
compatibility layer between Upstart jobs and SystemD services. All services
|
|
|
|
|
have been rewritten to use <literal>systemd.services</literal></para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-09-21 11:02:17 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><command>wmiimenu</command> is removed, as it has been
|
|
|
|
|
removed by the developers upstream. Use <command>wimenu</command>
|
|
|
|
|
from the <command>wmii-hg</command> package.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>Gitit is no longer automatically added to the module list in
|
|
|
|
|
NixOS and as such there will not be any manual entries for it. You
|
|
|
|
|
will need to add an import statement to your NixOS configuration
|
|
|
|
|
in order to use it, e.g.
|
|
|
|
|
|
|
|
|
|
<programlisting><![CDATA[
|
|
|
|
|
{
|
2016-04-01 00:46:54 +02:00
|
|
|
|
imports = [ <nixpkgs/nixos/modules/services/misc/gitit.nix> ];
|
2015-09-21 11:02:17 +02:00
|
|
|
|
}
|
|
|
|
|
]]></programlisting>
|
|
|
|
|
|
|
|
|
|
will include the Gitit service configuration options.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-11-01 23:14:40 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><command>nginx</command> does not accept flags for enabling and
|
|
|
|
|
disabling modules anymore. Instead it accepts <literal>modules</literal>
|
|
|
|
|
argument, which is a list of modules to be built in. All modules now
|
|
|
|
|
reside in <literal>nginxModules</literal> set. Example configuration:
|
|
|
|
|
|
|
|
|
|
<programlisting><![CDATA[
|
|
|
|
|
nginx.override {
|
|
|
|
|
modules = [ nginxModules.rtmp nginxModules.dav nginxModules.moreheaders ];
|
|
|
|
|
}
|
|
|
|
|
]]></programlisting>
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-11-21 21:55:10 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><command>s3sync</command> is removed, as it hasn't been
|
|
|
|
|
developed by upstream for 4 years and only runs with ruby 1.8.
|
|
|
|
|
For an actively-developer alternative look at
|
|
|
|
|
<command>tarsnap</command> and others.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-11-16 18:10:20 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><command>ruby_1_8</command> has been removed as it's not
|
|
|
|
|
supported from upstream anymore and probably contains security
|
|
|
|
|
issues.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-11-29 13:50:55 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>tidy-html5</literal> package is removed.
|
|
|
|
|
Upstream only provided <literal>(lib)tidy5</literal> during development,
|
|
|
|
|
and now they went back to <literal>(lib)tidy</literal> to work as a drop-in
|
|
|
|
|
replacement of the original package that has been unmaintained for years.
|
|
|
|
|
You can (still) use the <literal>html-tidy</literal> package, which got updated
|
|
|
|
|
to a stable release from this new upstream.</para>
|
|
|
|
|
</listitem>
|
2015-12-08 16:54:02 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>extraDeviceOptions</literal> argument is removed
|
|
|
|
|
from <literal>bumblebee</literal> package. Instead there are
|
|
|
|
|
now two separate arguments: <literal>extraNvidiaDeviceOptions</literal>
|
|
|
|
|
and <literal>extraNouveauDeviceOptions</literal> for setting
|
|
|
|
|
extra X11 options for nvidia and nouveau drivers, respectively.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2015-12-17 12:29:16 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>The <literal>Ctrl+Alt+Backspace</literal> key combination
|
|
|
|
|
no longer kills the X server by default.
|
|
|
|
|
There's a new option <option>services.xserver.enableCtrlAltBackspace</option>
|
|
|
|
|
allowing to enable the combination again.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2015-12-17 14:21:53 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>emacsPackagesNg</literal> now contains all packages
|
|
|
|
|
from the ELPA, MELPA, and MELPA Stable repositories.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2016-01-21 10:38:03 +01:00
|
|
|
|
|
2016-01-21 10:47:16 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Data directory for Postfix MTA server is moved from
|
|
|
|
|
<filename>/var/postfix</filename> to <filename>/var/lib/postfix</filename>.
|
|
|
|
|
Old configurations are migrated automatically. <literal>service.postfix</literal>
|
|
|
|
|
module has also received many improvements, such as correct directories' access
|
|
|
|
|
rights, new <literal>aliasFiles</literal> and <literal>mapFiles</literal>
|
|
|
|
|
options and more.</para>
|
|
|
|
|
</listitem>
|
2016-01-25 10:02:15 +01:00
|
|
|
|
|
2015-10-21 19:37:14 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Filesystem options should now be configured as a list of strings, not
|
|
|
|
|
a comma-separated string. The old style will continue to work, but print a
|
|
|
|
|
warning, until the 16.09 release. An example of the new style:
|
|
|
|
|
|
|
|
|
|
<programlisting>
|
|
|
|
|
fileSystems."/example" = {
|
|
|
|
|
device = "/dev/sdc";
|
|
|
|
|
fsType = "btrfs";
|
|
|
|
|
options = [ "noatime" "compress=lzo" "space_cache" "autodefrag" ];
|
|
|
|
|
};
|
|
|
|
|
</programlisting>
|
2016-02-07 13:52:42 +01:00
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-01-21 10:38:03 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>CUPS, installed by <literal>services.printing</literal> module, now
|
|
|
|
|
has its data directory in <filename>/var/lib/cups</filename>. Old
|
|
|
|
|
configurations from <filename>/etc/cups</filename> are moved there
|
|
|
|
|
automatically, but there might be problems. Also configuration options
|
|
|
|
|
<literal>services.printing.cupsdConf</literal> and
|
|
|
|
|
<literal>services.printing.cupsdFilesConf</literal> were removed
|
|
|
|
|
because they had been allowing one to override configuration variables
|
|
|
|
|
required for CUPS to work at all on NixOS. For most use cases,
|
|
|
|
|
<literal>services.printing.extraConf</literal> and new option
|
|
|
|
|
<literal>services.printing.extraFilesConf</literal> should be enough;
|
|
|
|
|
if you encounter a situation when they are not, please file a bug.</para>
|
|
|
|
|
|
|
|
|
|
<para>There are also Gutenprint improvements; in particular, a new option
|
|
|
|
|
<literal>services.printing.gutenprint</literal> is added to enable automatic
|
|
|
|
|
updating of Gutenprint PPMs; it's greatly recommended to enable it instead
|
|
|
|
|
of adding <literal>gutenprint</literal> to the <literal>drivers</literal> list.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2016-01-25 00:57:28 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use
|
2016-05-21 16:27:27 +02:00
|
|
|
|
<literal>hardware.opengl.extraPackages{,32}</literal> instead. You can
|
2016-01-25 00:57:28 +01:00
|
|
|
|
also specify VDPAU drivers there.</para>
|
|
|
|
|
</listitem>
|
2016-02-16 15:32:01 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<literal>programs.ibus</literal> moved to <literal>i18n.inputMethod.ibus</literal>.
|
|
|
|
|
The option <literal>programs.ibus.plugins</literal> changed to <literal>i18n.inputMethod.ibus.engines</literal>
|
|
|
|
|
and the option to enable ibus changed from <literal>programs.ibus.enable</literal> to
|
|
|
|
|
<literal>i18n.inputMethod.enabled</literal>.
|
|
|
|
|
<literal>i18n.inputMethod.enabled</literal> should be set to the used input method name,
|
|
|
|
|
<literal>"ibus"</literal> for ibus.
|
|
|
|
|
An example of the new style:
|
|
|
|
|
|
|
|
|
|
<programlisting>
|
|
|
|
|
i18n.inputMethod.enabled = "ibus";
|
|
|
|
|
i18n.inputMethod.ibus.engines = with pkgs.ibus-engines; [ anthy mozc ];
|
|
|
|
|
</programlisting>
|
|
|
|
|
|
|
|
|
|
That is equivalent to the old version:
|
|
|
|
|
|
|
|
|
|
<programlisting>
|
|
|
|
|
programs.ibus.enable = true;
|
|
|
|
|
programs.ibus.plugins = with pkgs; [ ibus-anthy mozc ];
|
|
|
|
|
</programlisting>
|
|
|
|
|
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-02-17 02:55:26 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>services.udev.extraRules</literal> option now writes rules
|
|
|
|
|
to <filename>99-local.rules</filename> instead of <filename>10-local.rules</filename>.
|
|
|
|
|
This makes all the user rules apply after others, so their results wouldn't be
|
|
|
|
|
overriden by anything else.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-02-26 08:31:58 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Large parts of the <literal>services.gitlab</literal> module has been
|
|
|
|
|
been rewritten. There are new configuration options available. The
|
|
|
|
|
<literal>stateDir</literal> option was renamned to
|
|
|
|
|
<literal>statePath</literal> and the <literal>satellitesDir</literal> option
|
|
|
|
|
was removed. Please review the currently available options.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2015-08-23 16:39:13 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
The option <option>services.nsd.zones.<name>.data</option> no
|
|
|
|
|
longer interpret the dollar sign ($) as a shell variable, as such it
|
|
|
|
|
should not be escaped anymore. Thus the following zone data:
|
|
|
|
|
</para>
|
|
|
|
|
<programlisting>
|
|
|
|
|
\$ORIGIN example.com.
|
|
|
|
|
\$TTL 1800
|
|
|
|
|
@ IN SOA ns1.vpn.nbp.name. admin.example.com. (
|
|
|
|
|
</programlisting>
|
|
|
|
|
<para>
|
|
|
|
|
Should modified to look like the actual file expected by nsd:
|
|
|
|
|
</para>
|
|
|
|
|
<programlisting>
|
|
|
|
|
$ORIGIN example.com.
|
|
|
|
|
$TTL 1800
|
|
|
|
|
@ IN SOA ns1.vpn.nbp.name. admin.example.com. (
|
|
|
|
|
</programlisting>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-03-09 12:21:52 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<literal>service.syncthing.dataDir</literal> options now has to point
|
|
|
|
|
to exact folder where syncthing is writing to. Example configuration should
|
2016-04-03 19:36:27 +02:00
|
|
|
|
look something like:
|
2016-03-09 12:21:52 +01:00
|
|
|
|
</para>
|
|
|
|
|
<programlisting>
|
|
|
|
|
services.syncthing = {
|
|
|
|
|
enable = true;
|
|
|
|
|
dataDir = "/home/somebody/.syncthing";
|
|
|
|
|
user = "somebody";
|
|
|
|
|
};
|
|
|
|
|
</programlisting>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-03-18 12:00:39 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
<literal>networking.firewall.allowPing</literal> is now enabled by
|
|
|
|
|
default. Users are encourarged to configure an approiate rate limit for
|
|
|
|
|
their machines using the Kernel interface at
|
|
|
|
|
<filename>/proc/sys/net/ipv4/icmp_ratelimit</filename> and
|
|
|
|
|
<filename>/proc/sys/net/ipv6/icmp/ratelimit</filename> or using the
|
|
|
|
|
firewall itself, i.e. by setting the NixOS option
|
|
|
|
|
<literal>networking.firewall.pingLimit</literal>.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-03-29 16:32:50 +02:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
Systems with some broadcom cards used to result into a generated config
|
|
|
|
|
that is no longer accepted. If you get errors like
|
|
|
|
|
<screen>error: path ‘/nix/store/*-broadcom-sta-*’ does not exist and cannot be created</screen>
|
|
|
|
|
you should either re-run <command>nixos-generate-config</command> or manually replace
|
|
|
|
|
<literal>"${config.boot.kernelPackages.broadcom_sta}"</literal>
|
|
|
|
|
by
|
|
|
|
|
<literal>config.boot.kernelPackages.broadcom_sta</literal>
|
|
|
|
|
in your <filename>/etc/nixos/hardware-configuration.nix</filename>.
|
|
|
|
|
More discussion is on <link xlink:href="https://github.com/NixOS/nixpkgs/pull/12595">
|
|
|
|
|
the github issue</link>.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2016-03-27 00:01:43 +01:00
|
|
|
|
|
|
|
|
|
<listitem>
|
|
|
|
|
<para>
|
|
|
|
|
The <literal>services.xserver.startGnuPGAgent</literal> option has been removed.
|
|
|
|
|
GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no
|
|
|
|
|
longer requires (or even supports) the "start everything as a child of the
|
|
|
|
|
agent" scheme we've implemented in NixOS for older versions.
|
|
|
|
|
To configure the gpg-agent for your X session, add the following code to
|
|
|
|
|
<filename>~/.bashrc</filename> or some file that’s sourced when your shell is started:
|
|
|
|
|
<programlisting>
|
|
|
|
|
GPG_TTY=$(tty)
|
|
|
|
|
export GPG_TTY
|
|
|
|
|
</programlisting>
|
|
|
|
|
If you want to use gpg-agent for SSH, too, add the following to your session
|
|
|
|
|
initialization (e.g. <literal>displayManager.sessionCommands</literal>)
|
|
|
|
|
<programlisting>
|
|
|
|
|
gpg-connect-agent /bye
|
|
|
|
|
unset SSH_AGENT_PID
|
|
|
|
|
export SSH_AUTH_SOCK="''${HOME}/.gnupg/S.gpg-agent.ssh"
|
|
|
|
|
</programlisting>
|
|
|
|
|
and make sure that
|
|
|
|
|
<programlisting>
|
|
|
|
|
enable-ssh-support
|
|
|
|
|
</programlisting>
|
|
|
|
|
is included in your <filename>~/.gnupg/gpg-agent.conf</filename>.
|
|
|
|
|
You will need to use <command>ssh-add</command> to re-add your ssh keys.
|
|
|
|
|
If gpg’s automatic transformation of the private keys to the new format fails,
|
|
|
|
|
you will need to re-import your private keyring as well:
|
|
|
|
|
<programlisting>
|
|
|
|
|
gpg --import ~/.gnupg/secring.gpg
|
|
|
|
|
</programlisting>
|
|
|
|
|
The <command>gpg-agent(1)</command> man page has more details about this subject,
|
|
|
|
|
i.e. in the "EXAMPLES" section.
|
|
|
|
|
</para>
|
|
|
|
|
</listitem>
|
2015-09-21 11:02:17 +02:00
|
|
|
|
</itemizedlist>
|
|
|
|
|
|
2016-01-10 10:14:40 +01:00
|
|
|
|
|
|
|
|
|
<para>Other notable improvements:
|
2016-03-31 12:30:05 +02:00
|
|
|
|
|
2016-01-10 10:14:40 +01:00
|
|
|
|
<itemizedlist>
|
2016-03-31 12:30:05 +02:00
|
|
|
|
|
|
|
|
|
<!--
|
2016-01-10 10:14:40 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>The <command>command-not-found</command> hook was extended.
|
|
|
|
|
Apart from <literal>$NIX_AUTO_INSTALL</literal> variable,
|
|
|
|
|
it newly also checks for <literal>$NIX_AUTO_RUN</literal>
|
|
|
|
|
which causes it to directly run the missing commands via
|
2016-03-31 12:30:05 +02:00
|
|
|
|
<command>nix-shell</command> (without installing anything).</para>
|
2016-01-10 10:14:40 +01:00
|
|
|
|
</listitem>
|
2016-03-31 12:30:05 +02:00
|
|
|
|
-->
|
2016-01-10 10:14:40 +01:00
|
|
|
|
|
2016-01-21 10:41:59 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para><literal>ejabberd</literal> module is brought back and now works on
|
|
|
|
|
NixOS.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-02-16 15:32:01 +01:00
|
|
|
|
<listitem>
|
|
|
|
|
<para>Input method support was improved. New NixOS modules (fcitx, nabi and uim),
|
|
|
|
|
fcitx engines (chewing, hangul, m17n, mozc and table-other) and ibus engines (hangul and m17n)
|
|
|
|
|
have been added.</para>
|
|
|
|
|
</listitem>
|
|
|
|
|
|
2016-01-10 10:14:40 +01:00
|
|
|
|
</itemizedlist></para>
|
|
|
|
|
|
2015-09-01 14:52:08 +02:00
|
|
|
|
</section>
|