Home Explore Blog CI



nixpkgs
18th chunk of `nixos/doc/manual/release-notes/rl-2505.section.md`
916720969a988a7f5e38b3dcf7532c0817e7d8dcacdf36740000000100000923
- `services.keycloak` now provides a `realmFiles` option that allows to import realms during startup. See https://www.keycloak.org/server/importExport

- `bind.cacheNetworks` now only controls access for recursive queries, where it previously controlled access for all queries.

- The [Starship](https://starship.rs) module now automatically loads the starship prompt when using [`xonsh`](https://xon.sh).

- [`services.mongodb.enableAuth`](#opt-services.mongodb.enableAuth) now uses the newer [mongosh](https://github.com/mongodb-js/mongosh) shell instead of the legacy shell to configure the initial superuser. You can configure the mongosh package to use through the [`services.mongodb.mongoshPackage`](#opt-services.mongodb.mongoshPackage) option.

- There is a new set of NixOS test tools for testing virtual Wi-Fi networks in many different topologies. See the {option}`services.vwifi` module, {option}`services.kismet` NixOS test, and [manual](https://nixos.org/manual/nixpkgs/unstable/#sec-nixos-test-wifi) for documentation and examples.

- The paperless module now has an option for regular automatic export of documents data using the integrated document exporter.

- Exposed the `paperless-manage` script package via the `services.paperless.manage` read-only option.

- New options for the declarative configuration of the user space part of ALSA have been introduced under [hardware.alsa](#opt-hardware.alsa.enable), including setting the default capture and playback device, defining sound card aliases and volume controls.
  Note: these are intended for users not running a sound server like PulseAudio or PipeWire, but having ALSA as their only sound system.

- `services.k3s` now provides the `autoDeployCharts` option that allows to automatically deploy Helm charts via the k3s Helm controller.

- [Mattermost](#opt-services.mattermost.enable), a self-hosted chat collaboration platform supporting calls, playbooks, and boards, has been updated. It now has multiple versions, disabled telemetry, and a native frontend build in nixpkgs, removing all upstream prebuilt blobs.
  - Mattermost telemetry reporting is now disabled by default, though security update notifications are enabled. Look at [`services.mattermost.telemetry`](#opt-services.mattermost.telemetry.enableDiagnostics) for options to control this behavior.
Title: NixOS 25.05: Service Updates - Keycloak, MongoDB, Paperless, ALSA, K3s, and Mattermost
Summary
This section highlights updates to various services in NixOS 25.05. Keycloak now supports realm import via the `realmFiles` option. `bind.cacheNetworks` has a change to only control access for recursive queries. The Starship module now integrates with Xonsh. MongoDB configuration via `services.mongodb.enableAuth` now uses Mongosh. New tools have been added for virtual Wi-Fi network testing. The paperless module now offers automated document data export. ALSA's user-space configuration is now declarative via `hardware.alsa`, and `services.k3s` enables automatic Helm chart deployment. Mattermost receives several upgrades, including version updates, disabled telemetry (by default), and a native frontend build.