- Existing `resholve*` functions have been renamed and nested under `pkgs.resholve`. Update uses to:
- `resholvePackage` -> `resholve.mkDerivation`
- `resholveScript` -> `resholve.writeScript`
- `resholveScriptBin` -> `resholve.writeScriptBin`
- `pkgs.cosmopolitan` no longer provides the `cosmoc` command. It has been moved to `pkgs.cosmoc`.
- `pkgs.graalvmXX-ce` packages no longer provide support for Python/Ruby/WASM, instead focusing only in Java and Native Image Support. If you need to add support back, please see the `pkgs.graalvmCEPackages.mkGraal` function to create your own customized version of GraalVM with support for what you need.
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
## Other Notable Changes {#sec-release-22.05-notable-changes}
- The option [services.redis.servers](#opt-services.redis.servers) was added
to support per-application `redis-server` which is more secure since Redis databases
are only mere key prefixes without any configuration or ACL of their own.
Backward-compatibility is preserved by mapping old `services.redis.settings`
to `services.redis.servers."".settings`, but you are strongly encouraged
to name each `redis-server` instance after the application using it,
instead of keeping that nameless one.
Except for the nameless `services.redis.servers.""`
still accessible at `127.0.0.1:6379`,
and to the members of the Unix group `redis`
through the Unix socket `/run/redis/redis.sock`,
all other `services.redis.servers.${serverName}`
are only accessible by default
to the members of the Unix group `redis-${serverName}`
through the Unix socket `/run/redis-${serverName}/redis.sock`.
- The option [virtualisation.vmVariant](#opt-virtualisation.vmVariant) was added
to allow users to make changes to the `nixos-rebuild build-vm` configuration
that do not apply to their normal system.
The `config.system.build.vm` attribute now always exists and defaults to the
value from `vmVariant`. Configurations that import the `virtualisation/qemu-vm.nix`
module themselves will override this value, such that `vmVariant` is not used.
Similarly [virtualisation.vmVariantWithBootloader](#opt-virtualisation.vmVariantWithBootLoader) was added.
- The configuration portion of the `nix-daemon` module has been reworked and exposed as [nix.settings](options.html#opt-nix-settings):
* Legacy options have been mapped to the corresponding options under under [nix.settings](options.html#opt-nix.settings) and will be deprecated when NixOS 21.11 reaches end of life.
* [nix.buildMachines.publicHostKey](options.html#opt-nix.buildMachines.publicHostKey) has been added.
- [`kops`](https://kops.sigs.k8s.io) defaults to 1.23.2, which will enable [Instance Metadata Service Version 2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html) and require tokens on new clusters with Kubernetes >= 1.22. This will increase security by default, but may break some types of workloads. The default behaviour for `spec.kubeDNS.nodeLocalDNS.forwardToKubeDNS` has changed from `true` to `false`. Cilium now has `disable-cnp-status-updates: true` by default. Set this to false if you rely on the CiliumNetworkPolicy status fields. Support for Kubernetes 1.17, the Lyft CNI, Weave CNI on Kubernetes >= 1.23, CentOS 7 and 8, Debian 9, RHEL 7, and Ubuntu 16.05 (Xenial) has been removed. See the [1.22 release notes](https://kops.sigs.k8s.io/releases/1.22-notes/) and [1.23 release notes](https://kops.sigs.k8s.io/releases/1.23-notes/) for more details, including other significant changes.
- Mattermost has been upgraded to extended support version 6.3 as the previously
packaged extended support version 5.37 is [reaching end of life](https://docs.mattermost.com/upgrade/extended-support-release.html).
Migration may take some time, see the [changelog](https://docs.mattermost.com/install/self-managed-changelog.html#release-v6-3-extended-support-release)