during remote (e.g. SSH) sessions. This has the side effect of running the
switch in an isolated environment, that could possible break post-switch
scripts that depends on things like environment variables being set. If you
want to opt-out from this behavior for now, you may set the
`NIXOS_SWITCH_USE_DIRTY_ENV` environment variable before running
`nixos-rebuild`. However, keep in mind that this option will be removed in
the future.
- The `services.vaultwarden.config` option default value was changed to make
Vaultwarden only listen on localhost, following the [secure defaults for most
NixOS services](https://github.com/NixOS/nixpkgs/issues/100192).
- `services.lemmy.settings.federation` was removed in v0.17.0 and no longer has
any effect. To enable federation, the hostname must be set in the
configuration file and then federation must be enabled in the admin web UI.
Refer to the [release
notes](https://github.com/LemmyNet/lemmy/blob/c32585b03429f0f76d1e4ff738786321a0a9df98/RELEASES.md#upgrade-instructions)
for more details.
- `pict-rs` was upgraded from v0.3 to v0.4 and contains an incompatible database
& configuration change. To upgrade on systems with `stateVersion = "23.05";`
or older follow the migration steps from
https://git.asonix.dog/asonix/pict-rs#user-content-0-3-to-0-4-migration-guide
and set `services.pict-rs.package = pkgs.pict-rs;`.
- The following packages in `haskellPackages` have a separate bin output now:
`cabal-fmt`, `calligraphy`, `eventlog2html`, `ghc-debug-brick`, `hindent`,
`nixfmt`, `releaser`. This means you need to replace e.g.
`"${pkgs.haskellPackages.nixfmt}/bin/nixfmt"` with `"${lib.getBin
pkgs.haskellPackages.nixfmt}/bin/nixfmt"` or `"${lib.getExe
pkgs.haskellPackages.nixfmt}"`. The binaries also won’t be in scope if you
rely on them being installed e.g. via `ghcWithPackages`.
`environment.packages` picks the `bin` output automatically, so for normal
installation no intervention is required. Also, toplevel attributes like
`pkgs.nixfmt` are not impacted negatively by this change.
- `spamassassin` no longer supports the `Hashcash` module. The module needs to
be removed from the `loadplugin` list if it was copied over from the default
`initPreConf` option.
- `nano` was removed from `environment.defaultPackages`. To not leave systems
without a editor, now `programs.nano.enable` is enabled by default.
- `programs.nano.nanorc` and `programs.nano.syntaxHighlight` no longer have an
effect unless `programs.nano.enable` is set to true which is the default.
- `services.outline.sequelizeArguments` has been removed, as `outline` no
longer executes database migrations via the `sequelize` cli.
- The binary of the package `cloud-sql-proxy` has changed from
`cloud_sql_proxy` to `cloud-sql-proxy`.
- The module `services.apache-kafka` was largely rewritten and has certain
breaking changes. To be precise, this means that the following things have
changed:
- Most settings have been migrated to
[services.apache-kafka.settings](#opt-services.apache-kafka.settings).
- Care must be taken when adapting an existing cluster to these changes,
see [](#module-services-apache-kafka-migrating-to-settings).
- By virtue of being less opinionated, it is now possible to use the module
to run Apache Kafka in KRaft mode instead of Zookeeper mode.
- [A few options](#module-services-apache-kafka-kraft) have been added to
assist in this mode.
- Garage has been upgraded to v0.9.x. `services.garage.package` needs to be
explicitly set now, so version upgrades can be done in a controlled fashion.
For this, we expose `garage_x_y` attributes which can be set here.
- `voms` and `xrootd` now moves the `$out/etc` content to the `$etc` output
instead of `$out/etc.orig`, when input argument `externalEtc` is not `null`.
- The `woodpecker-*` CI packages have been updated to v1.0.0. This release is
wildly incompatible with the v0.15.x versions that were previously packaged.