Home Explore Blog CI



nixpkgs
17th chunk of `nixos/doc/manual/release-notes/rl-2505.section.md`
7f8ba495d65110ea8f167193f09c09a2ce2d758d1919f2110000000100000cd5
- `networking.wireguard` now has an optional networkd backend. It is enabled by default when `networking.useNetworkd` is enabled, and it can be enabled alongside scripted networking with `networking.wireguard.useNetworkd`. Some `networking.wireguard` options have slightly different behavior with the networkd and script-based backends, documented in each option.

- `services.rss-bridge` now has a `package` option as well as support for `caddy` as reverse proxy.

- `services.avahi.ipv6` now defaults to true.

- In the `services.xserver.displayManager.startx` module, two new options [generateScript](#opt-services.xserver.displayManager.startx.generateScript) and [extraCommands](#opt-services.xserver.displayManager.startx.extraCommands) have been added to to declaratively configure the .xinitrc script.

- All services that require a root certificate bundle now use the value of a new read-only option, `security.pki.caBundle`.

- [`services.hddfancontrol`](#opt-services.hddfancontrol.enable) has been modified to use an attribute set for settings, enabling configurations with multiple instances of the daemon running at once (e.g., for two separate drive bays).

- `services.cloudflared` now uses a dynamic user, and its `user` and `group` options have been removed. If the user or group is still necessary, they can be created manually.

- The Home Assistant module has new options {option}`services.home-assistant.blueprints.automation`, `services.home-assistant.blueprints.script`, and {option}`services.home-assistant.blueprints.template` that allow for the declarative installation of [blueprints](https://www.home-assistant.io/docs/blueprint/) into the appropriate configuration directories.

- `services.dovecot2.modules` have been removed, now need to use `environment.systemPackages` to load additional Dovecot modules.

- `services.kmonad` now creates a determinate symlink (in `/dev/input/by-id/`) to each of KMonad virtual devices.

- `services.searx` now supports configuration of the favicons cache and other options available in SearXNG's `favicons.toml` file

- `services.gitea` now supports CAPTCHA usage through the `services.gitea.captcha` variable.

- `services.soft-serve` now restarts upon config change.

- `services.keycloak` now provides a `realmFiles` option that allows to import realms during startup. See https://www.keycloak.org/server/importExport

- `bind.cacheNetworks` now only controls access for recursive queries, where it previously controlled access for all queries.

- The [Starship](https://starship.rs) module now automatically loads the starship prompt when using [`xonsh`](https://xon.sh).

- [`services.mongodb.enableAuth`](#opt-services.mongodb.enableAuth) now uses the newer [mongosh](https://github.com/mongodb-js/mongosh) shell instead of the legacy shell to configure the initial superuser. You can configure the mongosh package to use through the [`services.mongodb.mongoshPackage`](#opt-services.mongodb.mongoshPackage) option.

- There is a new set of NixOS test tools for testing virtual Wi-Fi networks in many different topologies. See the {option}`services.vwifi` module, {option}`services.kismet` NixOS test, and [manual](https://nixos.org/manual/nixpkgs/unstable/#sec-nixos-test-wifi) for documentation and examples.
Title: NixOS 25.05: Service and Module Updates - Networking, Home Assistant, Searx, Gitea, and More
Summary
This section covers various updates to services and modules in NixOS 25.05. Highlights include: optional networkd backend for `networking.wireguard`, `services.rss-bridge` gaining a `package` option and Caddy support, `services.avahi.ipv6` defaulting to true, and enhanced `.xinitrc` configuration for `services.xserver.displayManager.startx`. All services now use `security.pki.caBundle` for root certificates. Other updates include `services.hddfancontrol` attribute set modification, dynamic user for `services.cloudflared`, new blueprint options for Home Assistant, Dovecot module changes, determinate symlinks for `services.kmonad`, Searx favicons cache configuration, CAPTCHA support for `services.gitea`, config change restarts for `services.soft-serve`, realm import for `services.keycloak`, modified `bind.cacheNetworks` behavior, Starship prompt integration with Xonsh, Mongosh usage in `services.mongodb.enableAuth`, and new virtual Wi-Fi network testing tools.