diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index fb3305cdc798..b72c50e21834 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -44,7 +44,7 @@ - `base16-builder` node package has been removed due to lack of upstream maintenance. -- `budgie-desktop` has been updated [10.9.4](https://github.com/BuddiesOfBudgie/budgie-desktop/releases/tag/v10.9.4). This changes `XDG_CURRENT_DESKTOP` from `Budgie:GNOME` to `Budgie` and contains ABI bumps for libpeas2 migration. +- `budgie-desktop` has been updated to [10.9.4](https://github.com/BuddiesOfBudgie/budgie-desktop/releases/tag/v10.9.4). This changes `XDG_CURRENT_DESKTOP` from `Budgie:GNOME` to `Budgie` and contains ABI bumps for libpeas2 migration. - `buildGoModule` removes the compatibility layer of `CGO_ENABLED` not specified via `env`. Specifying `CGO_ENABLED` directly now results in an error. @@ -135,7 +135,7 @@ - `linux` and all other Linux kernel packages have moved all in-tree kernel modules into a new `modules` output. -- `lxde` scope has been removed, and its packages have been moved the top-level. +- `lxde` scope has been removed, and its packages have been moved to the top-level. - `mariadb` now defaults to `mariadb_114` instead of `mariadb_1011`, meaning the default version was upgraded from 10.11.x to 11.4.x. See the [upgrade notes](https://mariadb.com/kb/en/upgrading-from-mariadb-10-11-to-mariadb-11-4/) for potential issues. @@ -183,7 +183,7 @@ - `pcp` has been removed because the upstream repo was archived and it hasn't been updated since 2021. - `podofo` has been updated from `0.9.8` to `1.0.0`. These releases are by nature very incompatible due to major API changes. The legacy versions can be found under `podofo_0_10` and `podofo_0_9`. - Changelog: https://github.com/podofo/podofo/blob/1.0.0/CHANGELOG.md, API-Migration-Guide: https://github.com/podofo/podofo/blob/1.0.0/API-MIGRATION.md. + Changelog: , API-Migration-Guide: . - `privatebin` has been updated to `2.0.0`. This release changes configuration defaults including switching the template and removing legacy features. See the [v2.0.0 changelog entry](https://github.com/PrivateBin/PrivateBin/releases/tag/2.0.0) for details on how to upgrade. @@ -246,7 +246,7 @@ - `sublime-music` has been removed because upstream has announced it is no longer maintained. Upstream suggests using `supersonic` instead. -- Support for bootstrapping native GHC compilers on 32‐bit ARM and little‐endian 64‐bit PowerPC has been dropped. +- Support for bootstrapping native GHC compilers on 32‐bit ARM and little‐endian 64-bit PowerPC has been dropped. The latter was probably broken anyway. If there is interest in restoring support for these architectures, it should be possible to cross‐compile a bootstrap GHC binary. @@ -359,7 +359,7 @@ and [release notes for v18](https://goteleport.com/docs/changelog/#1800-070325). - `ffmpeg_8`, `ffmpeg_8-headless`, and `ffmpeg_8-full` have been added. The default version of FFmpeg is now `ffmpeg_8`. You can install previous versions from package attributes such as `ffmpeg_7`. -- `forgejo-runner` upgrading to version 11 brings a license change from MIT to GPLv3-or-later. +- `forgejo-runner` has been upgraded to version 11, which brings a license change from MIT to GPLv3-or-later. - GIMP now defaults to version 3. Use `gimp2` for the old version. @@ -405,8 +405,6 @@ and [release notes for v18](https://goteleport.com/docs/changelog/#1800-070325). - `prl-tools` has been moved out of `linuxPackages` because Parallels Guest Tools become driverless since 26.1.0. -- `searx` was updated to use `envsubst` instead of `sed` for parsing secrets from environment variables. - - `sftpman` has been updated to version 2, a rewrite in Rust which is mostly backward compatible but does include some changes to the CLI. For more information, [check the project's README](https://github.com/spantaleev/sftpman-rs#is-sftpman-v2-compatible-with-sftpman-v1). @@ -440,6 +438,8 @@ and [release notes for v18](https://goteleport.com/docs/changelog/#1800-070325). - Packages using `versionCheckHook` that previously relied solely on `pname` to locate the program used to version check, but have a differing `meta.mainProgram` entry, might now fail. - `waydroid-nftables` is a new variant of `waydroid` that supports nftables instead of iptables. + +- `searx` was updated to use `envsubst` instead of `sed` for parsing secrets from environment variables. If your previous configuration included a secret reference like `server.secret_key = "@SEARX_SECRET_KEY@"`, you must migrate to the new envsubst syntax: `server.secret_key = "$SEARX_SECRET_KEY"`. ## Nixpkgs Library {#sec-nixpkgs-release-25.11-lib} @@ -470,7 +470,7 @@ and [release notes for v18](https://goteleport.com/docs/changelog/#1800-070325). - `lib.sources.pathType`, `lib.sources.pathIsDirectory` and `lib.sources.pathIsRegularFile` have been replaced by `lib.filesystem.pathType`, `lib.filesystem.pathIsDirectory` and `lib.filesystem.pathIsRegularFile` respectively. -- `lib.strings.isCoercibleToString` has been in favor of either `lib.strings.isStringLike` or `lib.strings.isConvertibleWithToString`. Only use the latter if it needs to return true for null, numbers, booleans, or a list of those. +- `lib.strings.isCoercibleToString` has been replaced in favor of either `lib.strings.isStringLike` or `lib.strings.isConvertibleWithToString`. Only use the latter if it needs to return true for null, numbers, booleans, or a list of those. - `lib.types.string` has been removed. See [this pull request](https://github.com/NixOS/nixpkgs/pull/66346) for better alternative types like `lib.types.str`. diff --git a/nixos/doc/manual/release-notes/rl-2511.section.md b/nixos/doc/manual/release-notes/rl-2511.section.md index 34d84f620135..155943510abf 100644 --- a/nixos/doc/manual/release-notes/rl-2511.section.md +++ b/nixos/doc/manual/release-notes/rl-2511.section.md @@ -4,7 +4,7 @@ -- Added `nixos-init`, a Rust-based bashless initialization system for systemd initrd. This allows building NixOS systems without any interpreter. Enable via `system.nixos-init.enable = true;`. +- Added `nixos-init`, a Rust-based bashless initialization system for systemd initrd. - COSMIC DE has been updated to the beta version, bringing it closer to its first stable release. This includes updates to its core components, applications, and overall stability. @@ -47,11 +47,13 @@ - Auto-scrub support for Bcachefs filesystems can now be enabled through [services.bcachefs.autoScrub.enable](#opt-services.bcachefs.autoScrub.enable) to periodically check for data corruption. If there's a correct copy available, it will automatically repair corrupted blocks. -- [Beszel](https://beszel.dev), a lightweight server monitoring hub with historical data, docker stats, and alerts. Available as [`services.beszel.agent`](options.html#opt-services.beszel.agent.enable) and [`services.beszel.hub`](options.html#opt-services.beszel.hub.enable). +- [Beszel](https://beszel.dev), a lightweight server monitoring hub with historical data, docker stats, and alerts. Available as [`services.beszel.agent`](#opt-services.beszel.agent.enable) and [`services.beszel.hub`](#opt-services.beszel.hub.enable). -- [boot.kernel.sysfs](options.html#opt-boot.kernel.sysfs), a new way to set sysfs attributes. +- [boot.kernel.sysfs](#opt-boot.kernel.sysfs), a new way to set sysfs attributes. -- [Broadcast Box](https://github.com/Glimesh/broadcast-box), a WebRTC broadcast server. Available as [services.broadcast-box](options.html#opt-services.broadcast-box.enable). +- [Broadcast Box](https://github.com/Glimesh/broadcast-box), a WebRTC broadcast server. Available as [services.broadcast-box](#opt-services.broadcast-box.enable). + +- Drivers and utilities for [Tenstorrent](https://tenstorrent.com) have been added. Available as [hardware.tenstorrent](#opt-hardware.tenstorrent.enable). - [byedpi](https://github.com/hufrea/byedpi), a DPI bypass service. Available as [services.byedpi](#opt-services.byedpi.enable). @@ -67,9 +69,7 @@ - [crowdsec-firewall-bouncer](https://www.crowdsec.net/), the CrowdSec Remediation Component for fetching new and old decisions from a CrowdSec API and adding them to a blocklist used by supported firewalls. Available as [services.crowdsec-firewall-bouncer](#opt-services.crowdsec-firewall-bouncer.enable). -- Docker now defaults to 28.x, because version 27.x stopped receiving security updates and bug fixes after [May 2, 2025](https://github.com/moby/moby/pull/49910). - -- [docuseal](https://github.com/docusealco/docuseal), a DocuSign alternative. Create, fill, and sign digital documents. Available at [services.docuseal](#opt-services.docuseal.enable). +- [docuseal](https://github.com/docusealco/docuseal), a DocuSign alternative. Create, fill, and sign digital documents. Available as [services.docuseal](#opt-services.docuseal.enable). - [Draupnir](https://github.com/the-draupnir-project/draupnir), a Matrix moderation bot. Available as [services.draupnir](#opt-services.draupnir.enable). @@ -93,14 +93,14 @@ - [Homebridge](https://github.com/homebridge/homebridge), a lightweight Node.js server you can run on your home network that emulates the iOS HomeKit API. Available as [services.homebridge](#opt-services.homebridge.enable). -- [IfState](https://ifstate.net), manage host interface settings in a declarative manner. Available as [networking.ifstate](options.html#opt-networking.ifstate.enable) and [boot.initrd.network.ifstate](options.html#opt-boot.initrd.network.ifstate.enable). +- [IfState](https://ifstate.net), manage host interface settings in a declarative manner. Available as [networking.ifstate](#opt-networking.ifstate.enable) and [boot.initrd.network.ifstate](#opt-boot.initrd.network.ifstate.enable). - [KMinion](https://github.com/redpanda-data/kminion), feature-rich Prometheus exporter for Apache Kafka. Available as [services.prometheus.exporters.kafka](options.html#opt-services.prometheus.exporters.kafka). - [LACT](https://github.com/ilya-zlobintsev/LACT), a GPU monitoring and configuration tool, can now be enabled through [services.lact.enable](#opt-services.lact.enable). Note that for LACT to work properly on AMD GPU systems, you need to enable [hardware.amdgpu.overdrive.enable](#opt-hardware.amdgpu.overdrive.enable). -- [lemurs](https://github.com/coastalwhite/lemurs), a customizable TUI display/login manager. Available at [services.displayManager.lemurs](#opt-services.displayManager.lemurs.enable). +- [lemurs](https://github.com/coastalwhite/lemurs), a customizable TUI display/login manager. Available as [services.displayManager.lemurs](#opt-services.displayManager.lemurs.enable). - [LibreTranslate](https://libretranslate.com), a free and open source machine translation API. Available as [services.libretranslate](#opt-services.libretranslate.enable). @@ -121,11 +121,11 @@ - [nebula-lighthouse-service](https://github.com/manuels/nebula-lighthouse-service), a public Nebula VPN lighthouse service. Available as [services.nebula-lighthouse-service](#opt-services.nebula-lighthouse-service.enable). -- [Newt](https://github.com/fosrl/newt), a fully user space WireGuard tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. Available as [services.newt](options.html#opt-services.newt.enable). +- [Newt](https://github.com/fosrl/newt), a fully user space WireGuard tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. Available as [services.newt](#opt-services.newt.enable). - [nixbit](https://github.com/pbek/nixbit), a GUI application for updating your NixOS system from a Nix Flakes Git repository. Available as [programs.nixbit](#opt-programs.nixbit.enable). -- [nix-store-veritysetup](https://github.com/nikstur/nix-store-veritysetup-generator), a systemd generator to unlock the Nix Store as a dm-verity protected block device. Available as [boot.initrd.nix-store-veritysetup](options.html#opt-boot.initrd.nix-store-veritysetup.enable). +- [nix-store-veritysetup](https://github.com/nikstur/nix-store-veritysetup-generator), a systemd generator to unlock the Nix Store as a dm-verity protected block device. Available as [boot.initrd.nix-store-veritysetup](#opt-boot.initrd.nix-store-veritysetup.enable). - [nvme-rs](https://github.com/liberodark/nvme-rs), NVMe monitoring [services.nvme-rs](#opt-services.nvme-rs.enable). @@ -139,7 +139,7 @@ - [Pi-hole](https://pi-hole.net/), a DNS sinkhole for advertisements based on Dnsmasq. Available as [services.pihole-ftl](#opt-services.pihole-ftl.enable), and [services.pihole-web](#opt-services.pihole-web.enable) for the web GUI and API. -- [pmount](https://salsa.debian.org/debian/pmount), a tool that allows normal users to mount removable devices without requiring root privileges Available at [programs.pmount](#opt-programs.pmount.enable). +- [pmount](https://salsa.debian.org/debian/pmount), a tool that allows normal users to mount removable devices without requiring root privileges Available as [programs.pmount](#opt-programs.pmount.enable). - [postfix-tlspol](https://github.com/Zuplu/postfix-tlspol), a MTA-STS and DANE resolver and TLS policy server for Postfix. Available as [services.postfix-tlspol](#opt-services.postfix-tlspol.enable). @@ -153,7 +153,7 @@ - [radicle-native-ci](https://radicle.network/nodes/seed.radicle.dev/rad:z3qg5TKmN83afz2fj9z3fQjU8vaYE), an adapter for the [Radicle CI broker](https://radicle.network/nodes/seed.radicle.dev/rad:zwTxygwuz5LDGBq255RA2CbNGrz8), for performing CI runs locally. Available as [services.radicle.ci.adapters.native](#opt-services.radicle.ci.adapters.native.instances). -- [rauc](https://rauc.io/) (the Robust Auto-Update Controller), a daemon that allows reliable and secure software updates in embedded Linux systems. Available at [services.rauc](#opt-services.rauc.enable). +- [rauc](https://rauc.io/) (the Robust Auto-Update Controller), a daemon that allows reliable and secure software updates in embedded Linux systems. Available as [services.rauc](#opt-services.rauc.enable). - [ringboard](https://github.com/SUPERCILEX/clipboard-history), a fast, efficient, and composable clipboard manager for Linux. Available for x11 as [services.ringboard](#opt-services.ringboard.x11.enable) and for Wayland as [services.ringboard](#opt-services.ringboard.wayland.enable). @@ -189,7 +189,7 @@ - [tuwunel](https://matrix-construct.github.io/tuwunel/), a federated chat server implementing the Matrix protocol, forked from Conduwuit. Available as [services.matrix-tuwunel](#opt-services.matrix-tuwunel.enable). -- [umami](https://github.com/umami-software/umami), a simple, fast, privacy-focused alternative to Google Analytics. Available with [services.umami](#opt-services.umami.enable). +- [umami](https://github.com/umami-software/umami), a simple, fast, privacy-focused alternative to Google Analytics. Available as [services.umami](#opt-services.umami.enable). - [wayvnc](https://github.com/any1/wayvnc), a VNC server for wlroots based Wayland compositors. Available as [programs.wayvnc](#opt-programs.wayvnc.enable). @@ -373,7 +373,7 @@ - `boot.plymouth` now has a [`package`](#opt-boot.plymouth.package) option to specify the package used in the module. -- Drivers and utilities for [Tenstorrent](https://tenstorrent.com) have been added. Available as [hardware.tenstorrent](#opt-hardware.tenstorrent.enable). +- Docker now defaults to 28.x, because version 27.x stopped receiving security updates and bug fixes after [May 2, 2025](https://github.com/moby/moby/pull/49910). - Due to [deprecation of gnome-session X11 support](https://blogs.gnome.org/alatiera/2025/06/08/the-x11-session-removal/), `services.desktopManager.pantheon` now defaults to pantheon-wayland session. The X11 session has been removed, see [this issue](https://github.com/elementary/session-settings/issues/91) for details. @@ -436,9 +436,9 @@ - `services.k3s` now shares most of its code with `services.rke2`. The merge resulted in both modules providing more options, with `services.rke2` receiving the most improvements. Existing configurations for either module should not be affected. -- [services.libvirtd.autoSnapshot](options.html#opt-services.libvirtd.autoSnapshot.enable) has been added as a backup service for libvirt managed VMs. +- [services.libvirtd.autoSnapshot](#opt-services.libvirtd.autoSnapshot.enable) has been added as a backup service for libvirt managed VMs. -- `services.limesurvey` now supports nginx as reverse-proxy. Available through [services.limesurvey.webserver](#opt-services.limesurvey.webserver). +- `services.limesurvey` now supports nginx as reverse-proxy. Available as [services.limesurvey.webserver](#opt-services.limesurvey.webserver). - `services.mattermost` has been updated to use the 10.11 ESR instead of 10.5. While this shouldn't break anyone, we also now package Mattermost 11 as mattermostLatest. Note that Mattermost 11 drops support for MySQL. The Mattermost module will assertion fail if you try to use MySQL with Mattermost 11; support for using MySQL with Mattermost will fully be removed in NixOS 26.