Home Explore Blog CI



nixpkgs
5th chunk of `nixos/doc/manual/release-notes/rl-1603.section.md`
a16a3236b342bea9f0ac8d2dceb7eb15c3812e013b120ce50000000100000c6b
- The option `services.nsd.zones.<name>.data` no longer interpret the dollar sign (\$) as a shell variable, as such it should not be escaped anymore. Thus the following zone data:

  ```dns-zone
  $ORIGIN example.com.
  $TTL 1800
  @       IN      SOA     ns1.vpn.nbp.name.      admin.example.com. (

  ```

  Should modified to look like the actual file expected by nsd:

  ```dns-zone
  $ORIGIN example.com.
  $TTL 1800
  @       IN      SOA     ns1.vpn.nbp.name.      admin.example.com. (

  ```

- `service.syncthing.dataDir` options now has to point to exact folder where syncthing is writing to. Example configuration should look something like:

  ```nix
  {
    services.syncthing = {
        enable = true;
        dataDir = "/home/somebody/.syncthing";
        user = "somebody";
    };
  }
  ```

- `networking.firewall.allowPing` is now enabled by default. Users are encouraged to configure an appropriate rate limit for their machines using the Kernel interface at `/proc/sys/net/ipv4/icmp_ratelimit` and `/proc/sys/net/ipv6/icmp/ratelimit` or using the firewall itself, i.e. by setting the NixOS option `networking.firewall.pingLimit`.

- Systems with some broadcom cards used to result into a generated config that is no longer accepted. If you get errors like

  ```ShellSession
  error: path ‘/nix/store/*-broadcom-sta-*’ does not exist and cannot be created
  ```

  you should either re-run `nixos-generate-config` or manually replace `"${config.boot.kernelPackages.broadcom_sta}"` by `config.boot.kernelPackages.broadcom_sta` in your `/etc/nixos/hardware-configuration.nix`. More discussion is on [ the github issue](https://github.com/NixOS/nixpkgs/pull/12595).

- The `services.xserver.startGnuPGAgent` option has been removed. GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no longer requires (or even supports) the "start everything as a child of the agent" scheme we've implemented in NixOS for older versions. To configure the gpg-agent for your X session, add the following code to `~/.bashrc` or some file that's sourced when your shell is started:

  ```shell
  GPG_TTY=$(tty)
  export GPG_TTY
  ```

  If you want to use gpg-agent for SSH, too, add the following to your session initialization (e.g. `displayManager.sessionCommands`)

  ```shell
      gpg-connect-agent /bye
      unset SSH_AGENT_PID
      export SSH_AUTH_SOCK="''${HOME}/.gnupg/S.gpg-agent.ssh"
  ```

  and make sure that

  ```conf
      enable-ssh-support
  ```

  is included in your `~/.gnupg/gpg-agent.conf`. You will need to use `ssh-add` to re-add your ssh keys. If gpg's automatic transformation of the private keys to the new format fails, you will need to re-import your private keyring as well:

  ```ShellSession
      gpg --import ~/.gnupg/secring.gpg
  ```

  The `gpg-agent(1)` man page has more details about this subject, i.e. in the "EXAMPLES" section.

Other notable improvements:

- `ejabberd` module is brought back and now works on NixOS.

- Input method support was improved. New NixOS modules (fcitx, nabi and uim), fcitx engines (chewing, hangul, m17n, mozc and table-other) and ibus engines (hangul and m17n) have been added.
Title: Incompatible Changes and Improvements in Release 16.03 (Continued)
Summary
This section continues detailing incompatible changes in NixOS Release 16.03. It covers NSD zone data, Syncthing data directory configuration, default enabling of ping with suggested rate limiting, issues with Broadcom cards, removal of `services.xserver.startGnuPGAgent`, and configuration changes for GPG agent in X sessions. It also highlights improvements such as the reintroduction of the ejabberd module and enhanced input method support with new modules and engines.