Home Explore Blog Models CI



nixpkgs
6th chunk of `nixos/doc/manual/release-notes/rl-1809.section.md`
a9b0147b39b69376fa77aa482be309d43fd33abeabac45210000000100000c8e
  Module implementers should not set a specific bit size in order to let users configure it by themselves if they want to have a different bit size than the default (2048).

  An example usage of this would be:

  ```nix
  { config, ... }:

  {
    security.dhparams.params.myservice = { };
    environment.etc."myservice.conf".text = ''
      dhparams = ${config.security.dhparams.params.myservice.path}
    '';
  }
  ```

  :::

- `networking.networkmanager.useDnsmasq` has been deprecated. Use `networking.networkmanager.dns` instead.

- The Kubernetes package has been bumped to major version 1.11. Please consult the [release notes](https://github.com/kubernetes/kubernetes/blob/release-1.11/CHANGELOG-1.11.md) for details on new features and api changes.

- The option `services.kubernetes.apiserver.admissionControl` was renamed to `services.kubernetes.apiserver.enableAdmissionPlugins`.

- Recommended way to access the Kubernetes Dashboard is via HTTPS (TLS) Therefore; public service port for the dashboard has changed to 443 (container port 8443) and scheme to https.

- The option `services.kubernetes.apiserver.address` was renamed to `services.kubernetes.apiserver.bindAddress`. Note that the default value has changed from 127.0.0.1 to 0.0.0.0.

- The option `services.kubernetes.apiserver.publicAddress` was not used and thus has been removed.

- The option `services.kubernetes.addons.dashboard.enableRBAC` was renamed to `services.kubernetes.addons.dashboard.rbac.enable`.

- The Kubernetes Dashboard now has only minimal RBAC permissions by default. If dashboard cluster-admin rights are desired, set `services.kubernetes.addons.dashboard.rbac.clusterAdmin` to true. On existing clusters, in order for the revocation of privileges to take effect, the current ClusterRoleBinding for kubernetes-dashboard must be manually removed: `kubectl delete clusterrolebinding kubernetes-dashboard`

- The `programs.screen` module provides allows to configure `/etc/screenrc`, however the module behaved fairly counterintuitive as the config exists, but the package wasn't available. Since 18.09 `pkgs.screen` will be added to `environment.systemPackages`.

- The module `services.networking.hostapd` now uses WPA2 by default.

- `s6Dns`, `s6Networking`, `s6LinuxUtils` and `s6PortableUtils` renamed to `s6-dns`, `s6-networking`, `s6-linux-utils` and `s6-portable-utils` respectively.

- The module option `nix.useSandbox` is now defaulted to `true`.

- The config activation script of `nixos-rebuild` now [reloads](https://www.freedesktop.org/software/systemd/man/systemctl.html#Manager%20Lifecycle%20Commands) all user units for each authenticated user.

- The default display manager is now LightDM. To use SLiM set `services.xserver.displayManager.slim.enable` to `true`.

- NixOS option descriptions are now automatically broken up into individual paragraphs if the text contains two consecutive newlines, so it's no longer necessary to use `</para><para>` to start a new paragraph.

- Top-level `buildPlatform`, `hostPlatform`, and `targetPlatform` in Nixpkgs are deprecated. Please use their equivalents in `stdenv` instead: `stdenv.buildPlatform`, `stdenv.hostPlatform`, and `stdenv.targetPlatform`.
Title: NixOS/Nixpkgs 18.09: Deprecations, Kubernetes Updates, and System Defaults
Summary
NixOS/Nixpkgs 18.09 release notes detail deprecations, renames, and new system defaults. `networking.networkmanager.useDnsmasq` is deprecated. The Kubernetes package updates to 1.11, with numerous option renames (e.g., `admissionControl` to `enableAdmissionPlugins`, `address` to `bindAddress`) and the removal of `publicAddress`. The Kubernetes Dashboard now uses HTTPS on port 443 and has minimal RBAC by default, with an option for cluster-admin rights. The `programs.screen` module now includes `pkgs.screen` in `environment.systemPackages`. `services.networking.hostapd` defaults to WPA2. `s6` utility packages have been renamed (e.g., `s6Dns` to `s6-dns`). `nix.useSandbox` now defaults to `true`. `nixos-rebuild` activation scripts reload user units. LightDM is the new default display manager. NixOS option descriptions auto-format paragraphs. Top-level `buildPlatform`, `hostPlatform`, and `targetPlatform` are deprecated in Nixpkgs, recommending `stdenv` equivalents instead.