Home Explore Blog CI



nixpkgs
1st chunk of `nixos/doc/manual/release-notes/rl-1903.section.md`
40cad43c7a025c671692a898be59b6b2cf293f201910c268000000010000101f
# Release 19.03 ("Koi", 2019/04/11) {#sec-release-19.03}

## Highlights {#sec-release-19.03-highlights}

In addition to numerous new and upgraded packages, this release has the following highlights:

- End of support is planned for end of October 2019, handing over to 19.09.

- The default Python 3 interpreter is now CPython 3.7 instead of CPython 3.6.

- Added the Pantheon desktop environment. It can be enabled through `services.xserver.desktopManager.pantheon.enable`.

  ::: {.note}
  By default, `services.xserver.desktopManager.pantheon` enables LightDM as a display manager, as pantheon's screen locking implementation relies on it.
  Because of that it is recommended to leave LightDM enabled. If you'd like to disable it anyway, set `services.xserver.displayManager.lightdm.enable` to `false` and enable your preferred display manager.
  :::

  Also note that Pantheon's LightDM greeter is not enabled by default, because it has numerous issues in NixOS and isn't optimal for use here yet.

- A major refactoring of the Kubernetes module has been completed. Refactorings primarily focus on decoupling components and enhancing security. Two-way TLS and RBAC has been enabled by default for all components, which slightly changes the way the module is configured. See: [](#sec-kubernetes) for details.

- There is now a set of `confinement` options for `systemd.services`, which allows to restrict services into a chroot 2 ed environment that only contains the store paths from the runtime closure of the service.

## New Services {#sec-release-19.03-new-services}

The following new services were added since the last release:

- `./programs/nm-applet.nix`

- There is a new `security.googleOsLogin` module for using [OS Login](https://cloud.google.com/compute/docs/instances/managing-instance-access) to manage SSH access to Google Compute Engine instances, which supersedes the imperative and broken `google-accounts-daemon` used in `nixos/modules/virtualisation/google-compute-config.nix`.

- `./services/misc/beanstalkd.nix`

- There is a new `services.cockroachdb` module for running CockroachDB databases. NixOS now ships with CockroachDB 2.1.x as well, available on `x86_64-linux` and `aarch64-linux`.

- `./security/duosec.nix`

- The [PAM module for Duo Security](https://duo.com/docs/duounix) has been enabled for use. One can configure it using the `security.duosec` options along with the corresponding PAM option in `security.pam.services.<name?>.duoSecurity.enable`.

## Backward Incompatibilities {#sec-release-19.03-incompatibilities}

When upgrading from a previous release, please be aware of the following incompatible changes:

- The minimum version of Nix required to evaluate Nixpkgs is now 2.0.

  - For users of NixOS 18.03 and 19.03, NixOS defaults to Nix 2.0, but supports using Nix 1.11 by setting `nix.package = pkgs.nix1;`. If this option is set to a Nix 1.11 package, you will need to either unset the option or upgrade it to Nix 2.0.

  - For users of NixOS 17.09, you will first need to upgrade Nix by setting `nix.package = pkgs.nixStable2;` and run `nixos-rebuild switch` as the `root` user.

  - For users of a daemon-less Nix installation on Linux or macOS, you can upgrade Nix by running `curl -L https://nixos.org/nix/install | sh`, or prior to doing a channel update, running `nix-env -iA nix`. If you have already run a channel update and Nix is no longer able to evaluate Nixpkgs, the error message printed should provide adequate directions for upgrading Nix.

  - For users of the Nix daemon on macOS, you can upgrade Nix by running `sudo -i sh -c 'nix-channel --update && nix-env -iA nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo launchctl start org.nixos.nix-daemon`.

- The `buildPythonPackage` function now sets `strictDeps = true` to help distinguish between native and non-native dependencies in order to improve cross-compilation compatibility. Note however that this may break user expressions.

- The `buildPythonPackage` function now sets `LANG = C.UTF-8` to enable Unicode support. The `glibcLocales` package is no longer needed as a build input.
Title: NixOS Release 19.03 Overview
Summary
This section details the highlights, new services, and backward incompatibilities introduced in NixOS release 19.03, codenamed 'Koi'. Key updates include the end-of-life timeline, a Python version upgrade, the addition of the Pantheon desktop environment, a refactored Kubernetes module, new confinement options for systemd services, and several new services. It also outlines necessary upgrade steps and potential breakages due to changes in the buildPythonPackage function and minimum Nix version requirements.