Skip to content

Releases: juanfont/headscale

v0.19.0-beta1

19 Jan 12:01
Compare
Choose a tag to compare
v0.19.0-beta1 Pre-release
Pre-release

Changelog

  • f19e8aa Fix failing tests
  • da5c051 Lint fix
  • 5da0963 Migrate DB: rename namespace, automigrate user
  • 9eaa8dd Migrate DB: rename table is plural, order matters
  • b98bf19 Regenerate go from proto
  • af1ec5a Rename .go namespace files
  • e3a2593 Rename [Nn]amespace -> [Uu]ser in go code
  • bf0b85f Rename acl test file
  • 428d7c8 Rename namespace in protobuf files
  • fb3e2dc Rename namespace to user in docs
  • 86a7129 Update changelog, more explicit backup note
  • 90287a6 gofumpt
  • 81441af update changelog

v0.18.0

14 Jan 18:27
Compare
Choose a tag to compare

Changelog

  • Reworked routing and added support for subnet router failover #1024
  • Added an OIDC AllowGroups Configuration options and authorization check #1041
  • Set db_ssl to false by default #1052
  • Fix duplicate nodes due to incorrect implementation of the protocol #1058
  • Report if a machine is online in CLI more accurately #1062
  • Added config option for custom DNS records #1035
  • Expire nodes based on OIDC token expiry #1067
  • Remove ephemeral nodes on logout #1098
  • Performance improvements in ACLs #1129
  • OIDC client secret can be passed via a file #1127

v0.18.0-beta4

13 Jan 09:08
Compare
Choose a tag to compare
v0.18.0-beta4 Pre-release
Pre-release

Changelog

  • Reworked routing and added support for subnet router failover #1024
  • Added an OIDC AllowGroups Configuration options and authorization check #1041
  • Set db_ssl to false by default #1052
  • Fix duplicate nodes due to incorrect implementation of the protocol #1058
  • Report if a machine is online in CLI more accurately #1062
  • Added config option for custom DNS records #1035
  • Expire nodes based on OIDC token expiry #1067
  • Remove ephemeral nodes on logout #1098
  • Performance improvements in ACLs #1129

v0.18.0-beta3

05 Jan 14:09
Compare
Choose a tag to compare
v0.18.0-beta3 Pre-release
Pre-release
  • Reworked routing and added support for subnet router failover #1024
  • Added an OIDC AllowGroups Configuration options and authorization check #1041
  • Set db_ssl to false by default #1052
  • Fix duplicate nodes due to incorrect implementation of the protocol #1058
  • Report if a machine is online in CLI more accurately #1062
  • Added config option for custom DNS records #1035
  • Expire nodes based on OIDC token expiry #1067
  • Remove ephemeral nodes on logout #1098

v0.18.0-beta2

21 Dec 20:16
Compare
Choose a tag to compare
v0.18.0-beta2 Pre-release
Pre-release

Changelog

  • Reworked routing and added support for subnet router failover #1024
  • Added an OIDC AllowGroups Configuration options and authorization check #1041
  • Set db_ssl to false by default #1052
  • Fix duplicate nodes due to incorrect implementation of the protocol #1058
  • Report if a machine is online in CLI more accurately #1062

v0.18.0-beta1

07 Dec 14:07
Compare
Choose a tag to compare
v0.18.0-beta1 Pre-release
Pre-release

Changes

  • Reworked routing and added support for subnet router failover #1024
  • Added an OIDC AllowGroups Configuration options and authorization check #1041
  • Set db_ssl to false by default #1052

Changelog

  • 7b8cf5e Add 1.34.0 to integration tests
  • fba77de Add Route DB model and migration from existing field
  • 63cd312 Add breaking change about noise private path
  • bd4b2da Add changelog entry to correct version
  • 95d3062 Add github action updater
  • 4de676c Add instructions for macOS GUI
  • 70f2f5d Added an OIDC AllowGroups option for authorization.
  • 6718ff7 Added helper methods for subnet failover + unit tests
  • ac8bff7 Call processMachineRoutes when a new Map is received
  • 5a70ea7 Correct typo on standalone (fixes #1021)
  • 6c2d6fa Do not explicitly set the protocols when ommited in ACL
  • 6f4c6c1 Ignore tparallel where it doesnt make sense
  • 19f12f9 Make goreleaser use Nix
  • 946d38e Minor linting fixes
  • 4453728 Murder docker container and network before run
  • 52862b8 Port integration tests routes CLI to v2
  • 68c72d0 Prep changelog for new release
  • b62acff Refactor machine.go, and move functionality to routes.go + unit tests
  • 34631df Refactored route grpc glue code
  • 8170f5e Removed unused code and linting fixes
  • a506d0f Run handlePrimarySubnetFailover() with a ticker when Serve
  • 134c72f Set db_ssl to false by default, fixes #1043
  • 06f7e7c Tag dockerfiles to minor version so we dont have to care about patch
  • a58a552 Update macos/windows doc
  • 0db16c7 Update nix deps, get go 1.19.3 in
  • 1b557ac Update protobuf definitions + support methods for the API
  • 34107f9 Updated changelog
  • 8fa9755 Updated generated pb code
  • 86fa136 Upgrade go dependencies
  • 1015bc3 Upgrade to Tailscale 1.34.0
  • 78819be Use the new routes API from the CLI
  • 89c1207 added changelog for 0.17.1
  • d1bca10 docs(README): update contributors
  • 638a3d4 fix nix run
  • 54f701f generateACLPolicy() no longer a Headscale method

v0.17.1

05 Dec 21:19
Compare
Choose a tag to compare

Changes

  • Correct typo on macOS standalone profile link #1028
  • Update platform docs with Fast User Switching #1016

v0.17.0

26 Nov 11:07
Compare
Choose a tag to compare

BREAKING

  • noise.private_key_path has been added and is required for the new noise protocol.
  • Log level option log_level was moved to a distinct log config section and renamed to level #768
  • Removed Alpine Linux container image #962

Important Changes

  • Added support for Tailscale TS2021 protocol #738
  • Add experimental support for SSH ACL (see docs for limitations) #847
    • Please note that this support should be considered partially implemented
    • SSH ACLs status:
      • Support accept and check (SSH can be enabled and used for connecting and authentication)
      • Rejecting connections are not supported, meaning that if you enable SSH, then assume that all ssh connections will be allowed.
      • If you decied to try this feature, please carefully managed permissions by blocking port 22 with regular ACLs or do not set --ssh on your clients.
      • We are currently improving our testing of the SSH ACLs, help us get an overview by testing and giving feedback.
    • This feature should be considered dangerous and it is disabled by default. Enable by setting HEADSCALE_EXPERIMENTAL_FEATURE_SSH=1.

Changes

  • Add ability to specify config location via env var HEADSCALE_CONFIG #674
  • Target Go 1.19 for Headscale #778
  • Target Tailscale v1.30.0 to build Headscale #780
  • Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
  • Fix subnet routers with Primary Routes #811
  • Added support for JSON logs #653
  • Sanitise the node key passed to registration url #823
  • Add support for generating pre-auth keys with tags #767
  • Add support for evaluating autoApprovers ACL entries when a machine is registered #763
  • Add config flag to allow Headscale to start if OIDC provider is down #829
  • Fix prefix length comparison bug in AutoApprovers route evaluation #862
  • Random node DNS suffix only applied if names collide in namespace. #766
  • Remove ip_prefix configuration option and warning #899
  • Add dns_config.override_local_dns option #905
  • Fix some DNS config issues #660
  • Make it possible to disable TS2019 with build flag #928
  • Fix OIDC registration issues #960 and #971
  • Add support for specifying NextDNS DNS-over-HTTPS resolver #940
  • Make more sslmode available for postgresql connection #927

Commits

  • c28ca27 Add SSH ACL to changelog
  • 52a323b Add SSH capability advertisement
  • d4e3bf1 Add experimental flag to unit test
  • c6d3174 Add feature flag for SSH, and warning
  • cfaa36e Add method to expose container id
  • e28d308 Add negative tests
  • 36b8862 Add notes about current ssh status
  • 91ed6e2 Allow WithEnv to be passed multiple times
  • 8a79c2e Do not retry on permission denied in ssh
  • 22da5bf Enable SSH for tests
  • d207c30 Ensure we have ssh in container
  • 3695284 Make simple initial test case
  • d71aef3 Mark all tests with Parallel
  • c02e105 Mark the flag properly experimental
  • 519f22f SSH integration test setup
  • fd6d25b SSH: Lint and typos
  • f610be6 SSH: add test between namespaces
  • f34e7c3 Strip newline from hostname
  • eb072a1 mark some changes as more important

v0.17.0-beta5

25 Nov 21:57
Compare
Choose a tag to compare
v0.17.0-beta5 Pre-release
Pre-release

BREAKING

  • Log level option log_level was moved to a distinct log config section and renamed to level #768
  • Removed Alpine Linux container image #962

Changes

  • Added support for Tailscale TS2021 protocol #738
  • Add ability to specify config location via env var HEADSCALE_CONFIG #674
  • Target Go 1.19 for Headscale #778
  • Target Tailscale v1.30.0 to build Headscale #780
  • Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
  • Fix subnet routers with Primary Routes #811
  • Added support for JSON logs #653
  • Sanitise the node key passed to registration url #823
  • Add support for generating pre-auth keys with tags #767
  • Add support for evaluating autoApprovers ACL entries when a machine is registered #763
  • Add config flag to allow Headscale to start if OIDC provider is down #829
  • Fix prefix length comparison bug in AutoApprovers route evaluation #862
  • Random node DNS suffix only applied if names collide in namespace. #766
  • Remove ip_prefix configuration option and warning #899
  • Add dns_config.override_local_dns option #905
  • Fix some DNS config issues #660
  • Make it possible to disable TS2019 with build flag #928
  • Fix OIDC registration issues #960 and #971
  • Add support for specifying NextDNS DNS-over-HTTPS resolver #940
  • Make more sslmode available for postgresql connection #927

v0.17.0-beta4

15 Nov 22:47
Compare
Choose a tag to compare
v0.17.0-beta4 Pre-release
Pre-release

CHANGELOG

0.17.0 (2022-XX-XX)

BREAKING

  • Log level option log_level was moved to a distinct log config section and renamed to level #768
  • Removed Alpine Linux container image #962

Changes

  • Added support for Tailscale TS2021 protocol #738
  • Add ability to specify config location via env var HEADSCALE_CONFIG #674
  • Target Go 1.19 for Headscale #778
  • Target Tailscale v1.30.0 to build Headscale #780
  • Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
  • Fix subnet routers with Primary Routes #811
  • Added support for JSON logs #653
  • Sanitise the node key passed to registration url #823
  • Add support for generating pre-auth keys with tags #767
  • Add support for evaluating autoApprovers ACL entries when a machine is registered #763
  • Add config flag to allow Headscale to start if OIDC provider is down #829
  • Fix prefix length comparison bug in AutoApprovers route evaluation #862
  • Random node DNS suffix only applied if names collide in namespace. #766
  • Remove ip_prefix configuration option and warning #899
  • Add dns_config.override_local_dns option #905
  • Fix some DNS config issues #660
  • Make it possible to disable TS2019 with build flag #928
  • Fix OIDC registration issues #960 and #971