Releases: juanfont/headscale
Releases · juanfont/headscale
v0.19.0-beta1
Changelog
- f19e8aa Fix failing tests
- da5c051 Lint fix
- 5da0963 Migrate DB: rename namespace, automigrate user
- 9eaa8dd Migrate DB: rename table is plural, order matters
- b98bf19 Regenerate go from proto
- af1ec5a Rename .go namespace files
- e3a2593 Rename [Nn]amespace -> [Uu]ser in go code
- bf0b85f Rename acl test file
- 428d7c8 Rename namespace in protobuf files
- fb3e2dc Rename namespace to user in docs
- 86a7129 Update changelog, more explicit backup note
- 90287a6 gofumpt
- 81441af update changelog
v0.18.0
Changelog
- Reworked routing and added support for subnet router failover #1024
- Added an OIDC AllowGroups Configuration options and authorization check #1041
- Set
db_ssl
to false by default #1052 - Fix duplicate nodes due to incorrect implementation of the protocol #1058
- Report if a machine is online in CLI more accurately #1062
- Added config option for custom DNS records #1035
- Expire nodes based on OIDC token expiry #1067
- Remove ephemeral nodes on logout #1098
- Performance improvements in ACLs #1129
- OIDC client secret can be passed via a file #1127
v0.18.0-beta4
Changelog
- Reworked routing and added support for subnet router failover #1024
- Added an OIDC AllowGroups Configuration options and authorization check #1041
- Set
db_ssl
to false by default #1052 - Fix duplicate nodes due to incorrect implementation of the protocol #1058
- Report if a machine is online in CLI more accurately #1062
- Added config option for custom DNS records #1035
- Expire nodes based on OIDC token expiry #1067
- Remove ephemeral nodes on logout #1098
- Performance improvements in ACLs #1129
v0.18.0-beta3
- Reworked routing and added support for subnet router failover #1024
- Added an OIDC AllowGroups Configuration options and authorization check #1041
- Set
db_ssl
to false by default #1052 - Fix duplicate nodes due to incorrect implementation of the protocol #1058
- Report if a machine is online in CLI more accurately #1062
- Added config option for custom DNS records #1035
- Expire nodes based on OIDC token expiry #1067
- Remove ephemeral nodes on logout #1098
v0.18.0-beta2
Changelog
- Reworked routing and added support for subnet router failover #1024
- Added an OIDC AllowGroups Configuration options and authorization check #1041
- Set
db_ssl
to false by default #1052 - Fix duplicate nodes due to incorrect implementation of the protocol #1058
- Report if a machine is online in CLI more accurately #1062
v0.18.0-beta1
Changes
- Reworked routing and added support for subnet router failover #1024
- Added an OIDC AllowGroups Configuration options and authorization check #1041
- Set
db_ssl
to false by default #1052
Changelog
- 7b8cf5e Add 1.34.0 to integration tests
- fba77de Add Route DB model and migration from existing field
- 63cd312 Add breaking change about noise private path
- bd4b2da Add changelog entry to correct version
- 95d3062 Add github action updater
- 4de676c Add instructions for macOS GUI
- 70f2f5d Added an OIDC AllowGroups option for authorization.
- 6718ff7 Added helper methods for subnet failover + unit tests
- ac8bff7 Call processMachineRoutes when a new Map is received
- 5a70ea7 Correct typo on standalone (fixes #1021)
- 6c2d6fa Do not explicitly set the protocols when ommited in ACL
- 6f4c6c1 Ignore tparallel where it doesnt make sense
- 19f12f9 Make goreleaser use Nix
- 946d38e Minor linting fixes
- 4453728 Murder docker container and network before run
- 52862b8 Port integration tests routes CLI to v2
- 68c72d0 Prep changelog for new release
- b62acff Refactor machine.go, and move functionality to routes.go + unit tests
- 34631df Refactored route grpc glue code
- 8170f5e Removed unused code and linting fixes
- a506d0f Run handlePrimarySubnetFailover() with a ticker when Serve
- 134c72f Set db_ssl to false by default, fixes #1043
- 06f7e7c Tag dockerfiles to minor version so we dont have to care about patch
- a58a552 Update macos/windows doc
- 0db16c7 Update nix deps, get go 1.19.3 in
- 1b557ac Update protobuf definitions + support methods for the API
- 34107f9 Updated changelog
- 8fa9755 Updated generated pb code
- 86fa136 Upgrade go dependencies
- 1015bc3 Upgrade to Tailscale 1.34.0
- 78819be Use the new routes API from the CLI
- 89c1207 added changelog for 0.17.1
- d1bca10 docs(README): update contributors
- 638a3d4 fix nix run
- 54f701f generateACLPolicy() no longer a Headscale method
v0.17.1
v0.17.0
BREAKING
noise.private_key_path
has been added and is required for the new noise protocol.- Log level option
log_level
was moved to a distinctlog
config section and renamed tolevel
#768 - Removed Alpine Linux container image #962
Important Changes
- Added support for Tailscale TS2021 protocol #738
- Add experimental support for SSH ACL (see docs for limitations) #847
- Please note that this support should be considered partially implemented
- SSH ACLs status:
- Support
accept
andcheck
(SSH can be enabled and used for connecting and authentication) - Rejecting connections are not supported, meaning that if you enable SSH, then assume that all
ssh
connections will be allowed. - If you decied to try this feature, please carefully managed permissions by blocking port
22
with regular ACLs or do not set--ssh
on your clients. - We are currently improving our testing of the SSH ACLs, help us get an overview by testing and giving feedback.
- Support
- This feature should be considered dangerous and it is disabled by default. Enable by setting
HEADSCALE_EXPERIMENTAL_FEATURE_SSH=1
.
Changes
- Add ability to specify config location via env var
HEADSCALE_CONFIG
#674 - Target Go 1.19 for Headscale #778
- Target Tailscale v1.30.0 to build Headscale #780
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
- Fix subnet routers with Primary Routes #811
- Added support for JSON logs #653
- Sanitise the node key passed to registration url #823
- Add support for generating pre-auth keys with tags #767
- Add support for evaluating
autoApprovers
ACL entries when a machine is registered #763 - Add config flag to allow Headscale to start if OIDC provider is down #829
- Fix prefix length comparison bug in AutoApprovers route evaluation #862
- Random node DNS suffix only applied if names collide in namespace. #766
- Remove
ip_prefix
configuration option and warning #899 - Add
dns_config.override_local_dns
option #905 - Fix some DNS config issues #660
- Make it possible to disable TS2019 with build flag #928
- Fix OIDC registration issues #960 and #971
- Add support for specifying NextDNS DNS-over-HTTPS resolver #940
- Make more sslmode available for postgresql connection #927
Commits
- c28ca27 Add SSH ACL to changelog
- 52a323b Add SSH capability advertisement
- d4e3bf1 Add experimental flag to unit test
- c6d3174 Add feature flag for SSH, and warning
- cfaa36e Add method to expose container id
- e28d308 Add negative tests
- 36b8862 Add notes about current ssh status
- 91ed6e2 Allow WithEnv to be passed multiple times
- 8a79c2e Do not retry on permission denied in ssh
- 22da5bf Enable SSH for tests
- d207c30 Ensure we have ssh in container
- 3695284 Make simple initial test case
- d71aef3 Mark all tests with Parallel
- c02e105 Mark the flag properly experimental
- 519f22f SSH integration test setup
- fd6d25b SSH: Lint and typos
- f610be6 SSH: add test between namespaces
- f34e7c3 Strip newline from hostname
- eb072a1 mark some changes as more important
v0.17.0-beta5
BREAKING
- Log level option
log_level
was moved to a distinctlog
config section and renamed tolevel
#768 - Removed Alpine Linux container image #962
Changes
- Added support for Tailscale TS2021 protocol #738
- Add ability to specify config location via env var
HEADSCALE_CONFIG
#674 - Target Go 1.19 for Headscale #778
- Target Tailscale v1.30.0 to build Headscale #780
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
- Fix subnet routers with Primary Routes #811
- Added support for JSON logs #653
- Sanitise the node key passed to registration url #823
- Add support for generating pre-auth keys with tags #767
- Add support for evaluating
autoApprovers
ACL entries when a machine is registered #763 - Add config flag to allow Headscale to start if OIDC provider is down #829
- Fix prefix length comparison bug in AutoApprovers route evaluation #862
- Random node DNS suffix only applied if names collide in namespace. #766
- Remove
ip_prefix
configuration option and warning #899 - Add
dns_config.override_local_dns
option #905 - Fix some DNS config issues #660
- Make it possible to disable TS2019 with build flag #928
- Fix OIDC registration issues #960 and #971
- Add support for specifying NextDNS DNS-over-HTTPS resolver #940
- Make more sslmode available for postgresql connection #927
v0.17.0-beta4
CHANGELOG
0.17.0 (2022-XX-XX)
BREAKING
- Log level option
log_level
was moved to a distinctlog
config section and renamed tolevel
#768 - Removed Alpine Linux container image #962
Changes
- Added support for Tailscale TS2021 protocol #738
- Add ability to specify config location via env var
HEADSCALE_CONFIG
#674 - Target Go 1.19 for Headscale #778
- Target Tailscale v1.30.0 to build Headscale #780
- Give a warning when running Headscale with reverse proxy improperly configured for WebSockets #788
- Fix subnet routers with Primary Routes #811
- Added support for JSON logs #653
- Sanitise the node key passed to registration url #823
- Add support for generating pre-auth keys with tags #767
- Add support for evaluating
autoApprovers
ACL entries when a machine is registered #763 - Add config flag to allow Headscale to start if OIDC provider is down #829
- Fix prefix length comparison bug in AutoApprovers route evaluation #862
- Random node DNS suffix only applied if names collide in namespace. #766
- Remove
ip_prefix
configuration option and warning #899 - Add
dns_config.override_local_dns
option #905 - Fix some DNS config issues #660
- Make it possible to disable TS2019 with build flag #928
- Fix OIDC registration issues #960 and #971