Home Explore Blog CI



nixpkgs
11th chunk of `nixos/doc/manual/release-notes/rl-2411.section.md`
16035a188dfae10af178ce87e9dcc744b7145232d1b891790000000100000ffa
  use the new `opensshWithKerberos` and `openssh_hpnWithKerberos` package flavors (e.g. `programs.ssh.package = pkgs.openssh_gssapi`).

- `security.ipa.ipaHostname` now defaults to the value of `networking.fqdn` if
  it is set, instead of the previous hardcoded default of
  `${networking.hostName}.${security.ipa.domain}`.

- The `MSMTP_QUEUE` and `MSMTP_LOG` environment variables accepted by `msmtpq` have been renamed to `MSMTPQ_Q` and `MSMTPQ_LOG` respectively.

- The logrotate service has been hardened and now requires enabling `allowNetworking` if network access is required.

- `mautrix-whatsapp` has been updated to version 0.11.0, which is a major rewrite of the bridge. Config file changes are required.

- qBittorrent has been updated to major version 5, which drops support for Qt 5.
  The `qbittorrent-qt5` package has been removed.

- The fcgiwrap module now allows multiple instances running as distinct users.
  The option `services.fgciwrap` now takes an attribute set of the
  configuration of each individual instance.
  This requires migrating any previous configuration keys from
  `services.fcgiwrap.*` to `services.fcgiwrap.instances.some-instance.*`.
  The ownership and mode of the UNIX sockets created by this service are now
  configurable and private by default.
  Processes also now run as a dynamically allocated user by default instead of
  root.

- The `mautrix-signal` module was adapted to incorporate the configuration changes that resulted from the update to the mautrix bridgev2 architecture. Pre-0.7.0 configurations should continue to work.
  In case you want to update your configuration, make sure to check the NixOS manual.

- `cargo-tauri` has been updated to major version 2. Please review [the migration guide](https://tauri.app/start/migrate/from-tauri-1/).
  v1 of `cargo-tauri` is still available as `cargo-tauri_1`, but will be removed in future releases.

- The nvidia driver no longer defaults to the proprietary driver starting with version 560. You will need to manually set `hardware.nvidia.open` to select the proprietary or open driver.

- `postgresql_12` has been removed since it reached its end of life.

- `postgresql` no longer accepts the `enableSystemd` override. Use `systemdSupport` instead.

- `postgresql` was split into default and -dev outputs. To make this work without circular dependencies, the output of the `pg_config` system view has been removed. The `pg_config` binary is provided in the -dev output and still works as expected.

- The arguments from [](#opt-services.postgresql.initdbArgs) now get shell-escaped.

- `postgresql` is now [hardened by default](#module-services-postgres-hardening) using the common `systemd` settings for that.

- The dhcpcd service (`networking.useDHCP`) has been hardened and now runs exclusively as the "dhcpcd" user.
  Users that were relying on the root privileges in `networking.dhcpcd.runHook` will have to write specific [sudo](security.sudo.extraRules) or [polkit](security.polkit.extraConfig) rules to allow dhcpcd to perform privileged actions.

  As part of these changes, the DHCP lease files directory has also been moved from `/var/db/dhcpcd` to `/var/lib/dhcpcd`. This migration is performed automatically, but users may have to update their backup configuration.

- `singularity-tools` have the `storeDir` argument removed from its override interface and use `builtins.storeDir` instead.

- The `mkLayer` and `shellScript` build helpers in `singularity-tools` are deprecated, as they are no longer involved in image-building. Maintainers will remove them in future releases.

- The `rust.toTargetArch`, `rust.toTargetOs`, `rust.toTargetFamily`, `rust.toTargetVendor`, `rust.toRustTarget`, `rust.toRustTargetSpec`, `rust.toRustTargetSpecShort`, and `rust.IsNoStdTarget` functions are deprecated in favour of the `rust.platform.arch`, `rust.platform.os`, `rust.platform.target-family`, `rust.platform.vendor`, `rust.rustcTarget`, `rust.rustcTargetSpec`, `rust.cargoShortTarget`, `rust.cargoEnvVarTarget`, and `rust.isNoStdTarget` platform attributes respectively.
Title: More Backward Incompatibilities in NixOS 24.11 (Continued)
Summary
This section continues detailing backward incompatibilities in NixOS 24.11. It covers configuration changes required for mautrix-signal, the update of cargo-tauri to version 2, and changes to the NVIDIA driver requiring manual selection. It also includes the removal of postgresql_12, updates to postgresql configuration, and hardening of the dhcpcd service, including changes to lease file locations and privilege handling. Furthermore, it covers changes to singularity-tools, including the removal of the storeDir argument and deprecation of build helpers. Finally, it details the deprecation of rust functions in favor of platform attributes.