# Release 23.11 (“Tapir”, 2023.11/29) {#sec-release-23.11}

The NixOS release team is happy to announce a new version of NixOS. The release is called NixOS 23.11 ("Tapir").

NixOS is a Linux distribution, whose set of packages can also be used on other Linux systems and macOS.

Support is planned until the end of June 2024, handing over to NixOS 24.05.

To upgrade to the latest release, follow the upgrade chapter and check the [Breaking Changes](#sec-release-23.11-nixos-breaking-changes)
section for packages and services used in your configuration.

The team is excited about the many software updates and improvements in this release. Just to name a few, do check the updates
for `GNOME` packages, `systemd`, `glibc`, the `ROCM` package set, and `hostapd` (which brings support for WiFi6 (IEEE 802.11ax) and WPA3-SAE-PK).

Make sure to also check the many updates in the [Nixpkgs library](#sec-release-23.11-nixpkgs-lib) when developing your own packages.

## Table of Contents {#sec-release-23.11-toc}

- [NixOS](#sec-release-23.11-nixos)
  - [Breaking Changes](#sec-release-23.11-nixos-breaking-changes)
  - [New Services](#sec-release-23.11-nixos-new-services)
  - [Other Notable Changes](#sec-release-23.11-nixos-notable-changes)
- [Nixpkgs Library](#sec-release-23.11-nixpkgs-lib)
  - [Breaking Changes](#sec-release-23.11-lib-breaking)
  - [Additions and Improvements](#sec-release-23.11-lib-additions-improvements)
  - [Deprecations](#sec-release-23.11-lib-deprecations)

## NixOS {#sec-release-23.11-nixos}


### Breaking Changes {#sec-release-23.11-nixos-breaking-changes}

- `services.postgresql.ensurePermissions` has been deprecated in favor of
  `services.postgresql.ensureUsers.*.ensureDBOwnership` which simplifies the
  setup of database owned by a certain system user in local database contexts
  (which make use of peer authentication via UNIX sockets), migration
  guidelines were provided in the NixOS manual, please refer to them if you are
  affected by a PostgreSQL 15 changing the way `GRANT ALL PRIVILEGES` is
  working. `services.postgresql.ensurePermissions` will be removed in 24.05.
  All NixOS modules were migrated using one of the strategy, e.g.
  `ensureDBOwnership` or `postStart`. Refer to the [PR
  #266270](https://github.com/NixOS/nixpkgs/pull/266270) for more details.

- `network-online.target` has been fixed to no longer time out for systems with
  `networking.useDHCP = true` and `networking.useNetworkd = true`. Workarounds
  for this can be removed.

- The `boot.loader.raspberryPi` options have been marked deprecated, with
  intent of removal for NixOS 24.11. They had a limited use-case, and do not
  work like people expect. They required either very old installs from ([before
  mid-2019](https://github.com/NixOS/nixpkgs/pull/62462)) or customized builds
  out of scope of the standard and generic AArch64 support. That option set
  never supported the Raspberry Pi 4 family of devices.

- `python3.pkgs.sequoia` was removed in favor of `python3.pkgs.pysequoia`. The
  latter package is based on upstream's dedicated repository for sequoia's
  Python bindings, where the Python bindings from
  [gitlab:sequoia-pgp/sequoia](https://gitlab.com/sequoia-pgp/sequoia) were
  removed long ago.

- `writeTextFile` requires `executable` to be boolean now, values like `null`
  or `""` will fail to evaluate now.

- The latest version of `clonehero` now stores custom content in
  `~/.clonehero`. Refer to the [migration
  instructions](https://clonehero.net/2022/11/29/v23-to-v1-migration-instructions.html)
  for more details. Typically, these content files would exist along side the
  binary, but the previous build used a wrapper script that would store them in
  `~/.config/unity3d/srylain Inc_/Clone Hero`.

- `services.mastodon` doesn't support providing a TCP port to its `streaming`
  component anymore, as upstream implemented parallelization by running
  multiple instances instead of running multiple processes in one instance.
  Please create a PR if you are interested in this feature.\