more details.
- Mattermost has been upgraded to extended support version 8.1 as the previously
packaged extended support version 7.8 is [reaching end-of-life](https://docs.mattermost.com/upgrade/extended-support-release.html).
Migration may take some time, refer to the [changelog](https://docs.mattermost.com/install/self-managed-changelog.html#release-v8-1-extended-support-release)
and [important upgrade notes](https://docs.mattermost.com/upgrade/important-upgrade-notes.html).
- The `netdata` package disables cloud support by default now. To enable it use the `netdataCloud` package.
- `networking.nftables` is no longer flushing all rulesets on every reload.
Use `networking.nftables.flushRuleset = true;` to enable the previous behaviour.
- Node.js v14, v16 has been removed as they were end of life. Any dependent packages that contributors were not able to reasonably upgrade were dropped after a month of notice to their maintainers, were **removed**.
- This includes VSCode Server.
- This includes Kibana 7 as the ELK stack is unmaintained in nixpkgs and is marked for slow removal.
- The application firewall `opensnitch` uses the process monitor method eBPF as
default now. This is recommended by upstream. The method may be changed with
the setting
[services.opensnitch.settings.ProcMonitorMethod](#opt-services.opensnitch.settings.ProcMonitorMethod).
- `paperwork` is updated to v2.2. Documents scanned with this version will not
be visible to previous versions if you downgrade. Refer to the [upstream
announcement](https://forum.openpaper.work/t/paperwork-2-2-testing-phase/316#important-switch-from-jpeg-to-png-for-new-pages-2)
for details and workarounds.
- The latest available version of Nextcloud is v27 (available as
`pkgs.nextcloud27`). The installation logic is as follows:
- If [`services.nextcloud.package`](#opt-services.nextcloud.package) is
specified explicitly, this package will be installed (**recommended**)
- If [`system.stateVersion`](#opt-system.stateVersion) is >=23.11,
`pkgs.nextcloud27` will be installed by default.
- If [`system.stateVersion`](#opt-system.stateVersion) is >=23.05,
`pkgs.nextcloud26` will be installed by default.
- Please note that an upgrade from v25 (or older) to v27 is not possible
directly. Please upgrade to `nextcloud26` (or earlier) first. Nextcloud
prohibits skipping major versions while upgrading. You may upgrade by
declaring [`services.nextcloud.package =
pkgs.nextcloud26;`](options.html#opt-services.nextcloud.package) inbetween.
- `postgresql_11` has been removed since it'll stop receiving fixes on November
9th 2023.
- `programs.gnupg.agent.pinentryFlavor` is set in `/etc/gnupg/gpg-agent.conf`
now. It will no longer take precedence over a `pinentry-program` set in
`~/.gnupg/gpg-agent.conf`.
- `python3.pkgs.flitBuildHook` has been removed. Use `flit-core` and `format =
"pyproject"` instead.
- Certificate generation via the `security.acme` limits the concurrent number
of running certificate renewals and generation jobs now. This is to avoid
spiking resource usage when processing many certificates at once. The limit
defaults to *5* and can be adjusted via `maxConcurrentRenewals`. Setting the
value to *0* disables the limits altogether.
- `services.borgmatic.settings.location` and
`services.borgmatic.configurations.<name>.location` are deprecated, please
move your options out of sections to the global scope.
- `services.fail2ban.jails` can be configured with attribute sets now, defining
settings and filters instead of lines. The stringed options `daemonConfig`
and `extraSettings` have respectively been replaced by `daemonSettings` and
`jails.DEFAULT.settings`. Those use attribute sets.
- The `services.mbpfan` module has the option `aggressive` enabled by default
now. This is for better heat moderation. To get the upstream defaults you may
disable this.
- Apptainer/Singularity defaults to using `"$out/var/lib"` for the