Release 2021_007 (2021-03-08)#


  • [NixOS 20.09] Many services will be restarted due to a systemd-related change.

  • [NixOS 20.09] VM will schedule a reboot to activate the kernel update.

NixOS 20.09 platform#

  • Merge upstream NixOS changes. Includes security fixes for imagemagick (CVE-2021-20176), nodejs (CVE-2021-22883, CVE-2021-22884, CVE-2021-23840), postgresql (CVE-2021-3393) and screen (CVE-2021-26937) and a kernel update. (#PL-129712).

  • Update Elasticsearch and Kibana to 7.10.2 (#PL-129713).

  • Kibana 7: disable broken reporting extension (#PL-127508).

  • LAMP: don’t listen on port 80 by default because it conflicts with the webgateway role (#PL-129672).

  • Add a sensu check for each certificate managed by NixOS letsencrypt automation. It checks the validity and warns before certs expire (#PL-127856).

  • Mailserver: update /etc/local/mailserver/README for the new configuration system (#PL-129587).


  • Improve documentation about using fc-manage to pick up local changes, CMDB or OS updates.

Detailed Changes#