Home Explore Blog Models CI



nixpkgs
14th chunk of `nixos/doc/manual/release-notes/rl-2411.section.md`
b0cc6313e5aab950af913da4d761941d025b4abc222b9e060000000100001076
- `forgejo` and `forgejo-lts` no longer support the opt-in feature [PAM (Pluggable Authentication Module)](https://forgejo.org/docs/latest/user/authentication/#pam-pluggable-authentication-module).

- `gitea` no longer supports the opt-in feature [PAM (Pluggable Authentication Module)](https://docs.gitea.com/usage/authentication#pam-pluggable-authentication-module).

- `vuze` was removed because it is unmaintained upstream and insecure (CVE-2018-13417).
  BiglyBT is a maintained fork.

- `services.ddclient.use` has been deprecated: `ddclient` now supports separate IPv4 and IPv6 configuration. Use `services.ddclient.usev4` and `services.ddclient.usev6` instead.

- `services.pgbouncer` systemd service is now configured with `Type=notify-reload` and allows reloading configuration without process restart. PgBouncer configuration options were moved to the freeform type option under [`services.pgbouncer.settings`](#opt-services.pgbouncer.settings).

- Docear was removed because it was unmaintained upstream.
  JabRef, Zotero, or Mendeley are potential replacements.

- `nodePackages.coc-metals` was removed due to being deprecated upstream.
  `vimPlugins.nvim-metals` is its official replacement.

- `matrix-sliding-sync` was removed because it has been replaced by the simplified sliding sync functionality introduced in matrix-synapse 114.0.

- `nodePackages.coc-tslint`, `vimPlugins.coc-tslint`, `nodePackages.coc-tslint-plugin`,
  and `vimPlugins.coc-tslint-plugin` were removed due to being deprecated upstream. The
  `nodePackages.coc-eslint` and `vimPlugins.coc-eslint` packages offer comparable
  features for `eslint`, which replaced `tslint`.

- Tcl packages have been moved into the `tclPackages` scope.

- `teleport` has been upgraded from major version 15 to major version 16.
  Refer to upstream [upgrade instructions](https://goteleport.com/docs/management/operations/upgrading/)
  and [release notes for v16](https://goteleport.com/docs/changelog/#1600-061324).

- `tests.overriding`'s `passthru.tests` has been restructured as an attribute set instead of a list, making individual tests accessible by their names.

- `skk-dict` was split into multiple packages under `skkDictionaries`.
  If in doubt of what to use, try `skkDictionaries.l`. As part of this change, the dictionaries
  were moved from `$out/share` to `$out/share/skk`. The dictionaries also won't
  be converted to UTF-8 unless the `useUtf8` package option is enabled; UTF-8
  converted dictionaries will have the .utf8 suffix appended to its filename.

- `vaultwarden` lost the capability to bind to privileged ports. If you rely on
   this behavior, override the systemd unit to allow `CAP_NET_BIND_SERVICE` in
   your configuration.

- `services.invoiceplane.sites.<name>.extraConfig` was removed. Configuration must now be done
  through the structured `services.invoiceplane.sites.<name>.settings` option.

- `services.ollama.sandbox` has been replaced with options to configure
  a static `user` and `group`. The `writablePaths` option has also been removed and
  the models directory is now always exempt from sandboxing.

- The `gns3-server` service now runs under the `gns3` system user
  instead of a dynamically created one via `DynamicUser`.
  The use of SUID wrappers is incompatible with SystemD's `DynamicUser` setting,
  and GNS3 requires calling ubridge through its SUID wrapper to function properly.
  This change requires to manually move the following directories:
    * from `/var/lib/private/gns3` to `/var/lib/gns3`
    * from `/var/log/private/gns3` to `/var/log/gns3`
  and to change the ownership of these directories and their contents to `gns3` (including `/etc/gns3`).

- Legacy package `stalwart-mail_0_6` was dropped, please note the
  [manual upgrade process](https://github.com/stalwartlabs/mail-server/blob/main/UPGRADING.md)
  before changing the package to `pkgs.stalwart-mail` in
  [`services.stalwart-mail.package`](#opt-services.stalwart-mail.package).

- `nomad_1_5` and `nomad_1_6` were dropped, as [they have reached end-of-life upstream](https://support.hashicorp.com/hc/en-us/articles/360021185113-Support-Period-and-End-of-Life-EOL-Policy). Evaluating them will throw an error.
Title: Software Package and Service Updates, Deprecations, and Configuration Changes
Summary
This chunk details software updates, removals, and configuration adjustments. Key changes include: PAM support removed from `forgejo` and `gitea`. Packages like `vuze`, `Docear`, `coc-metals`, `coc-tslint`, `matrix-sliding-sync`, and older `stalwart-mail` and `nomad` versions were removed due to unmaintenance, insecurity, or deprecation. Configuration updates: `services.ddclient.use` deprecated for `usev4`/`usev6`. `services.pgbouncer` now reloads config via `settings`. `Tcl` packages moved to `tclPackages`. `teleport` upgraded to v16. `skk-dict` split into `skkDictionaries` with new paths. `vaultwarden` loses privileged port binding. `services.invoiceplane` uses structured `settings`. `services.ollama.sandbox` uses static user/group. `gns3-server` now runs as `gns3` user, requiring manual directory adjustments.