I have recently upgraded several systems to Trixie, this covers 2 servers and 1 desktop.

The servers are managed by Puppet (which has notably forked into OpenVox recently).

The actual upgrades went without errors. I have a script that I use for these upgrades now and they have gone without a hitch. I also am starting to gather a runbook for pre-operations, of which the main points are:

• Backup all PostgreSQL databases.
• Upgrade the kernel and reboot.
• Remove all external non-distribution packages.

Some of this (but not all) is automated with the script.

The biggest issue I saw was regarding the legacy facts: Legacy facts no longer collected or sent to Puppet Server. This initially blocked everything, as the manifests used old syntax, so they wouldn't even evaluate. I found a setting is useful, include_legacy_facts. I used this to get a toehold on the problem, but I ended up reverting it once I fixed all the manifests.

This change looks something like this:

 class main::fstab {
+    $my_hostname = $facts['networking']['hostname']
+    
     file { '/etc/fstab':
-        source => "puppet:///modules/main/fstab/${hostname}.cf",
+        source => "puppet:///modules/main/fstab/${my_hostname}.cf",

Previously $hostname was provided in every scope as a global. Under the new arrangement, only $facts is global, and everything else must be accessed as an element of this hash.

I mentioned PostgreSQL before: currently my approach is to backup all databases, completely purge postgresql, and start afresh with the new version (modifying the version number in my manifests). This seems to be more robust and skips upgrade logic in the Debian packages. I am likely missing something, but this approach has worked for me.

last was removed, I don't care about this but as I'm something of a stickler for Unix tradition I have installed wtmpdb globally in an attempt to preserve this.

There are a few syntax changes in the newer puppetlabs-postgresql version. Notably, postgresql_password needs to be qualified with postgresql:: prefix now.

The non-free-firmware apt repository is required on my laptop, a Thinkpad T450, otherwise the wifi does not function, frustratingly.

On first install to the T450, grub does not show the graphical menu. I've had to put in a weird hack to enable the grub menu to show properly. I found the hack in a bug report. This is rather bad, luckily the fix is simple, it involves modifying the 00_header file.

It's been reported 3 times:

• grub menu not shown on boot after upgrade to 2.12~rc1-9
• GRUB Screen Invisible (Black Screen)
• GRUB v2.12-7 doesn't show menu in graphical mode

There was a change in the syntax used for WSGI configurations in puppetlabs-apache. I couldn't find much clear documentation for this, but the diff looks something like:

-        wsgi_daemon_process => 'gebunden',
-        wsgi_process_group => 'gebunden',
-        
-        wsgi_daemon_process_options => {
-            home => $backend_root,
-            python-path => $backend_root
+        wsgi_daemon_process => {
+            'gebunden' => {
+                home => $backend_root,
+                python-path => $backend_root
+            }
         },
+        wsgi_process_group => 'gebunden'

Note that the python-path is now embedded into the overall wsgi_daemon_process parameter.

I have removed support for some services that are no longer used.

telegram-desktop

telegram-desktop was removed from Trixie. I attempted to backport it, but faced a few obstacles. First, parts of the build dependencies also needed to be backported; second, being complex C++ code, they have long build processes that require a lot of memory. I eventually managed to do so, but only thanks to this intrepid bug reporter who has run into the same issue as me.

• cppgir
• libtgowt-dev
• telegram-desktop

tt-rss

tt-rss was removed from Debian for trixie, but it has been re-uploaded to Sid. In trixie there are issues with the php-php-gettext dependency. However I was able to just rebuild the sid packages on trixie, effectively backporting them to trixie. You need both of these packages. This version of tt-rss dates back to 2021 and uses some old code. As such, there are still a large amount of warnings from uses of various deprecated PHP features; it's likely this backporting strategy won't be able to continue forever, but for now tt-rss continues to work.

• php-php-gettext
• tt-rss

virtualbox

Virtualbox has been removed from trixie. There are new upstream virtualbox packages available for trixie, though. I used 7.2_7.2.0-170228.

However, there is a strange issue which manifests in no VMs being able to load, failing with a "Guru Meditation" error. Background info here. The kernel now always loads KVM, which conflicts with Virtualbox; so the eventual solution was to blacklist kvm and kvm_intel. This may have to be revisited at some point in the future.

urxvt-unicode

I ran into this rather odd visual bug, which seems to be specific to xmonad.

Applied the fix lines-rewrap.patch, mentioned in that bug.

Backported package: rxvt-unicode

I've finally retired GitLab, as I found it was too heavyweight, I don't use most of the features, had a huge attack surface and the upgrade process was labrynthine.

There was a change to the default behaviour of /tmp to make it use a ramdisk. I'm OK with the default behaviour here for now, as I am not really hitting RAM pressure on any of these machines.