Home Explore Blog CI



nixpkgs
18th chunk of `nixos/doc/manual/release-notes/rl-2305.section.md`
11d23a2ae0ffdc48936c7818463d1ffd8e33af8935d340a0000000010000112a
- The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting.

- `openjdk` from version 11 and above is not build with `openjfx` (i.e.: JavaFX) support by default anymore. You can re-enable it by overriding, e.g.: `openjdk11.override { enableJavaFX = true; };`.

- [Xastir](https://xastir.org/index.php/Main_Page) can now access AX.25 interfaces via the `libax25` package.

- `nixos-version` now accepts `--configuration-revision` to display more information about the current generation revision

- The option `services.nomad.extraSettingsPlugins` has been fixed to allow more than one plugin in the path.

- The option `services.prometheus.exporters.pihole.interval` does not exist anymore and has been removed.

- The option `services.gpsd.device` has been replaced with  `services.gpsd.devices`, which supports multiple devices.

- `k3s` can now be configured with an `EnvironmentFile` for its systemd service, allowing secrets to be provided without ending up in the Nix Store.

- The `gitea` module options have been moved into a freeform attribute set below `services.gitea.settings`.

- `boot.initrd.luks.device.<name>` has a new `tryEmptyPassphrase` option, this is useful for OEMs who need to install an encrypted disk with a future settable passphrase

- The `bind` module now allows the per-zone `allow-query` setting to be configured (previously it was hard-coded to `any`; it still defaults to `any` to retain compatibility).

- The option `services.jitsi-videobridge.apis` has been renamed to `colibriRestApi` and turned into a boolean. Setting it to `true` will enable the private rest API, useful for monitoring using `services.prometheus.exporters.jitsi.enable`. Learn more about the API: "[The COLIBRI control interface (/colibri/)](https://github.com/jitsi/jitsi-videobridge/blob/v2.3/doc/rest.md)".

- Booting from a volume managed by the Stratis storage management daemon is now supported. Use `fileSystems.<name>.stratis.poolUuid` to configure the pool containing the fs.

## Nixpkgs internals {#sec-release-23.05-nixpkgs-internals}

- `buildDunePackage` now defaults to `strictDeps = true` which means that any library should go into `buildInputs` or `checkInputs`. Any executable that is run on the building machine should go into `nativeBuildInputs` or `nativeCheckInputs` respectively. Example of executables are `ocaml`, `findlib` and `menhir`. PPXs are libraries which are built by dune and should therefore not go into `nativeBuildInputs`.

- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implementation is still available via `buildFHSEnvChroot` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs.

- Top-level `buildPlatform`, `hostPlatform`, `targetPlatform` have been deprecated, use `stdenv.X` instead.

- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead.

- `checkInputs` have been renamed to `nativeCheckInputs`, because they behave the same as `nativeBuildInputs` when `doCheck` is set. `checkInputs` now denote a new type of dependencies, added to `buildInputs` when `doCheck` is set. As a rule of thumb, `nativeCheckInputs` are tools on `$PATH` used during the tests, and `checkInputs` are libraries which are linked to executables built as part of the tests. Similarly, `installCheckInputs` are renamed to `nativeInstallCheckInputs`, corresponding to `nativeBuildInputs`, and `installCheckInputs` are a new type of dependencies added to `buildInputs` when `doInstallCheck` is set. (Note that this change will not cause breakage to derivations with `strictDeps` unset, which are most packages except python, rust, ocaml and go packages).
Title: NixOS 23.05: Tailscale, OpenJDK, Xastir, and Module Updates, Plus Nixpkgs Internals
Summary
Updates include Tailscale routing feature controls, OpenJDK JavaFX handling, Xastir AX.25 interface access, and improvements to `nixos-version`. Module updates address Nomad, Prometheus, GPSD, K3s, and Gitea. LUKS device configuration gains a new option. Bind module allows per-zone `allow-query` setting configuration. Jitsi-videobridge API option is renamed. Stratis volume booting is now supported. Nixpkgs internals include `buildDunePackage` defaults, `buildFHSUserEnv` updates, deprecated platform variables, and the removal of `carnix` and `cratesIO`. Check inputs have been renamed for clarity.