Commit 60f52f6c authored by Martin Weinelt's avatar Martin Weinelt
Browse files

Merge remote-tracking branch 'origin/staging-next' into staging

parents 602ee7a1 7ea3d439

nixos/doc/manual/from_md/release-notes/rl-2305.section.xml

+40 −0
Original line number Diff line number Diff line
@@ -70,6 +70,46 @@ 
          deprecation</link>.

        </para>

      </listitem>

      <listitem>

        <para>

          The

          <link linkend="opt-services.snapserver.openFirewall">services.snapserver.openFirewall</link>

          module option default value has been changed from

          <literal>true</literal> to <literal>false</literal>. You will

          need to explicitely set this option to

          <literal>true</literal>, or configure your firewall.

        </para>

      </listitem>

      <listitem>

        <para>

          The

          <link linkend="opt-services.avahi.openFirewall">services.avahi.openFirewall</link>

          module option default value has been changed from

          <literal>true</literal> to <literal>false</literal>. You will

          need to explicitely set this option to

          <literal>true</literal>, or configure your firewall.

        </para>

      </listitem>

      <listitem>

        <para>

          The

          <link linkend="opt-services.tmate-ssh-server.openFirewall">services.tmate-ssh-server.openFirewall</link>

          module option default value has been changed from

          <literal>true</literal> to <literal>false</literal>. You will

          need to explicitely set this option to

          <literal>true</literal>, or configure your firewall.

        </para>

      </listitem>

      <listitem>

        <para>

          The

          <link linkend="opt-services.unifi-video.openFirewall">services.unifi-video.openFirewall</link>

          module option default value has been changed from

          <literal>true</literal> to <literal>false</literal>. You will

          need to explicitely set this option to

          <literal>true</literal>, or configure your firewall.

        </para>

      </listitem>

      <listitem>

        <para>

          The EC2 image module previously detected and automatically

nixos/doc/manual/release-notes/rl-2305.section.md

+8 −0
Original line number Diff line number Diff line
@@ -27,6 +27,14 @@ In addition to numerous new and upgraded packages, this release has the followin 


- `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/).



- The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall.



- The [services.avahi.openFirewall](#opt-services.avahi.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall.



- The [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall.



- The [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitely set this option to `true`, or configure your firewall.



- The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2.



- The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation.

nixos/modules/installer/cd-dvd/channel.nix

+14 −1
Original line number Diff line number Diff line
@@ -6,6 +6,12 @@ 
with lib;



let

  # This is copied into the installer image, so it's important that it is filtered

  # to avoid including a large .git directory.

  # We also want the source name to be normalised to "source" to avoid depending on the

  # location of nixpkgs.

  # In the future we might want to expose the ISO image from the flake and use

  # `self.outPath` directly instead.

  nixpkgs = lib.cleanSource pkgs.path;



  # We need a copy of the Nix expressions for Nixpkgs and NixOS on the
@@ -31,7 +37,14 @@ let 
in



{

  nix.registry.nixpkgs.flake.outPath = builtins.path { name = "source"; path = pkgs.path; };

  # Pin the nixpkgs flake in the installer to our cleaned up nixpkgs source.

  # FIXME: this might be surprising and is really only needed for offline installations,

  # see discussion in https://github.com/NixOS/nixpkgs/pull/204178#issuecomment-1336289021

  nix.registry.nixpkgs.to = {

    type = "path";

    path = nixpkgs;

  };



  # Provide the NixOS/Nixpkgs sources in /etc/nixos.  This is required

  # for nixos-install.

  boot.postBootCommands = mkAfter

nixos/modules/services/audio/snapserver.nix

+2 −9
Original line number Diff line number Diff line
@@ -101,9 +101,7 @@ in { 


      openFirewall = mkOption {

        type = types.bool;

        # Make the behavior consistent with other services. Set the default to

        # false and remove the accompanying warning after NixOS 22.05 is released.

        default = true;

        default = false;

        description = lib.mdDoc ''

          Whether to automatically open the specified ports in the firewall.

        '';
@@ -279,12 +277,7 @@ in { 
      # https://github.com/badaix/snapcast/blob/98ac8b2fb7305084376607b59173ce4097c620d8/server/streamreader/stream_manager.cpp#L85

      filter (w: w != "") (mapAttrsToList (k: v: if v.type == "spotify" then ''

        services.snapserver.streams.${k}.type = "spotify" is deprecated, use services.snapserver.streams.${k}.type = "librespot" instead.

      '' else "") cfg.streams)

      # Remove this warning after NixOS 22.05 is released.

      ++ optional (options.services.snapserver.openFirewall.highestPrio >= (mkOptionDefault null).priority) ''

        services.snapserver.openFirewall will no longer default to true starting with NixOS 22.11.

        Enable it explicitly if you need to control Snapserver remotely.

      '';

      '' else "") cfg.streams);



    systemd.services.snapserver = {

      after = [ "network.target" ];

nixos/modules/services/mail/mailman.nix

+1 −1
Original line number Diff line number Diff line
@@ -443,7 +443,7 @@ in { 
      virtualHosts = lib.genAttrs cfg.webHosts (webHost: {

        locations = {

          ${cfg.serve.virtualRoot}.extraConfig = "uwsgi_pass unix:/run/mailman-web.socket;";

          "${cfg.serve.virtualRoot}/static/".alias = webSettings.STATIC_ROOT + "/";

          "${removeSuffix "/" cfg.serve.virtualRoot}/static/".alias = webSettings.STATIC_ROOT + "/";

        };

      });

    };