Home Explore Blog CI



nixpkgs
10th chunk of `nixos/doc/manual/release-notes/rl-2505.section.md`
23fe7de2e6bebbe2f15c1e374a4ffade2aabbdb9041b935c0000000100000ff1
- Nextcloud's default FPM pool settings have been increased according to upstream recommentations. It's advised
  to review the new defaults and description of
  [](#opt-services.nextcloud.poolSettings).

- In `users.users` subuid allocation on systems with multiple users it could happen that some users' allocated subuid ranges collided with others. Now these users get new subuid ranges assigned. When this happens, a warning is issued on the first activation. If the subuids were used (e.g. with rootless container managers like podman), please change the ownership of affected files accordingly.

- The `services.locate` module does no longer support findutil's `locate` due to its inferior performance compared to `mlocate` and `plocate`. The new default is `plocate`.
  As the `service.locate.localuser` option only applied when using findutil's `locate`, it has also been removed.

- `services.paperless` now installs `paperless-manage` as a normal system package instead of creating a symlink in `/var/lib/paperless`.
  `paperless-manage` now also changes to the appropriate user when being executed.

- `asusd` has been upgraded to version 6 which supports multiple aura devices. To account for this, the single `auraConfig` configuration option has been replaced with `auraConfigs` which is an attribute set of config options per each device. The config files may also be now specified as either source files or text strings; to account for this you will need to specify that `text` is used for your existing configs, e.g.:
  ```diff
  -services.asusd.asusdConfig = '''file contents'''
  +services.asusd.asusdConfig.text = '''file contents'''
  ```

- `linuxPackages.nvidiaPackages.stable` now defaults to the `production` variant instead of `latest`.

- `services.paperless.address` no longer accepts a domain name or Unix domain socket.

- `networking.wireguard.enable = true` does not always add `wireguard-tools` to system packages anymore. Only when wireguard interfaces are configured, the backing implementation packages are added to system PATH.

- `virtualisation/azure-common.nix`'s filesystem and grub configurations have been moved to `virtualisation/azure-image.nix`. This makes `azure-common.nix` more generic so it could be used for users who generate Azure image using other methods (e.g. nixos-generators and disko). For existing users depending on these configurations, please also import `azure-image.nix`.

- `services.signald` has been removed as `signald` is unmaintained upstream and has been incompatible to official Signal servers for a long while.

- The `earlyoom` service is now using upstream systemd service, which enables
  hardening and filesystem isolation by default. If you need filesystem write
  access or want to access home directory via `killHook`, hardening setting can
  be changed via, e.g. `systemd.services.earlyoom.serviceConfig.ProtectSystem`.

  `services.earlyoom.extraArgs` is now shell-escaped for each element without
  word-breaking. So you want to write `extraArgs = [ "--prefer" "spaced pat" ]`
  rather than previous `extraArgs = [ "--prefer 'spaced pat'" ]`.

- `programs.less.lessopen` is now null by default. To restore the previous behaviour, set it to `''|${lib.getExe' pkgs.lesspipe "lesspipe.sh"} %s''`.

- `hardware.pulseaudio` has been renamed to `services.pulseaudio`.  The deprecated option names will continue to work, but causes a warning.

- `services.nextcloud` now uses systemd's credential mechanism to read in secret files. The `nextcloud-occ` wrapper script implements this using `systemd-run`, as such it now also requires root privileges or `$CREDENTIALS_DIRECTORY` set where running it as user `nextcloud` was enough previously.

- `services.mongodb.initialRootPassword` has been replaced with the more secure option [`services.mongodb.initialRootPasswordFile`](#opt-services.mongodb.initialRootPasswordFile)

- `services.bird2` has been renamed to `services.bird` and the default bird package has been switched to `bird3`. `bird2` can still be chosen via the `services.bird.package` option.
Title: NixOS 25.05: Further Backward Incompatibilities and Updates
Summary
This section details more backward incompatibilities and updates in NixOS 25.05. It includes adjustments to Nextcloud's FPM pool settings, changes to subuid allocation, removal of findutil's `locate` support, installation of `paperless-manage` as a system package, updates to `asusd` configuration, a change to the default `linuxPackages.nvidiaPackages.stable` variant, restrictions on `services.paperless.address`, conditional inclusion of `wireguard-tools`, migration of Azure configurations, removal of `services.signald`, updates to `earlyoom` service configuration, a change to the default value of `programs.less.lessopen`, renaming of `hardware.pulseaudio` to `services.pulseaudio`, changes to Nextcloud's secret file reading, replacement of `services.mongodb.initialRootPassword` with `services.mongodb.initialRootPasswordFile`, and renaming of `services.bird2` to `services.bird` with a switch to the bird3 package.