Releases: netbirdio/netbird
v0.25.6
What's Changed
- Update bug-issue-report and feature request templates by @mlsmaycon in #1499
- Fix data dir creation permissions by @lixmal in #1503
- Fix iOS DNS timeout by @lixmal in #1504
- Restore dns on unclean shutdown by @lixmal in #1494
- getFirstListenerAvailable(): adjust logging levels and add success message by @nazarewk in #1513
- Extract peer real IP from Load Balancer when possible by @surik in #1510
- Export info log level setter for Android by @pappz in #1518
- Update port, ip choice logic in DNS service by @pappz in #1514
- Fix/resolv parser by @pappz in #1520
- Remove query parameter from policy endpoints by @surik in #1527
- Update grpc-middleware to bring changes related to realip by @surik in #1526
- Use dashboard v2 for getting started scripts by @mlsmaycon in #1530
Full Changelog: v0.25.5...v0.25.6
Contributors
Assets 44
v0.25.5
What's Changed
- Fix musl build by @xcf13363175 in #1480
- Bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @dependabot in #1401
- Add iOS build test by @pappz in #1412
- Upgrade integrations versions to 8a7c87accb22 by @mlsmaycon in #1482
- Fix preshared key not persisted in config by @pascal-fischer in #1474
- Add getGroupByName method by @pascal-fischer in #1481
- Fix race condition with JWT group sync by @mlsmaycon in #1486
- Extend netbird status command to include health information by @lixmal in #1471
- Tidy up mods by @lixmal in #1492
- Validate upstream reachability on first DNS configuration by @lixmal in #1489
- Support disabled resolved stub server mode by @pappz in #1493
- Allow service users with user role read-only access to all resources by @pascal-fischer in #1484
New Contributors
- @xcf13363175 made their first contribution in #1480
- @lixmal made their first contribution in #1471
Full Changelog: v0.25.4...v0.25.5
Contributors
Assets 43
v0.25.4
What's Changed
- Update user's last login when authenticating a peer by @mlsmaycon in #1437
- Update setup.env.example by @wisetux in #1433
- Integrate Rosenpass by @pascal-fischer in #1153
- Remove duplicated chain add by @pappz in #1444
- Update contribution and readme file by @pascal-fischer in #1447
- Use cached wintun zip package in github workflows by @pappz in #1448
- Allow iOS to connect to old management versions by @pascal-fischer in #1440
- Add external-ip support for coturn by @mlsmaycon in #1439
- Soft deprecate Rules API by @surik in #1454
- Fix allow netbird traffic for nftables and userspace by @pappz in #1446
- Fix client SSH server error log by @braginini in #1455
- Fix typo in iface/tun_usp_linux.go by @surik in #1457
- Update Android build env by @pappz in #1456
- Add support for setting interface name and wireguard port by @mlsmaycon in #1467
- Remove debug lines by @pappz in #1468
- Enable group propagation by default by @mlsmaycon in #1469
New Contributors
Full Changelog: v0.25.3...v0.25.4
Contributors
Assets 43
v0.25.3
What's Changed
- Fix quickstart script incompatibility with latest Zitadel version by @bcmmbaga in #1400
- Update cloud management URL to https://api.netbird.io:443 by @mlsmaycon in #1402
- Use integrated activity store by @mlsmaycon in #1421
- Remove the user from the cache without refreshing it by @mlsmaycon in #1422
- Update management-integrations/additions by @mlsmaycon in #1425
- Fix Windows name on WMI error by @mlsmaycon in #1426
- Fix Windows settings popup with mesa 3d openGL emulator by @mlsmaycon in #1428
- Add iOS support to README by @braginini in #1430
- Fix route change notifier by @pappz in #1431
- Netstack by @pappz in #1403
- Cancel peer expiration scheduled job when deleting account by @mlsmaycon in #1434
Full Changelog: v0.25.2...v0.25.3
Contributors
Assets 43
v0.25.2
v0.25.1
What's Changed
- Change docker base image by @pascal-fischer in #1405
Full Changelog: v0.25.0...v0.25.1
Contributors
Assets 43
v0.25.0
What's Changed
- Specify ref for sync tag workflow by @surik in #1365
- Fix ListUsers method in MockAccountManager by @surik in #1367
- Enable JWT group-based user authorization by @bcmmbaga in #1368
- Fix SaveOrAddUser and GetPeers methods in MockAccountManager by @surik in #1374
- Fix jwks validation and flag/config overriding by @mlsmaycon in #1380
- Fix nil pointer handling in get peers from group by @pascal-fischer in #1381
- Add JWT group-based access control for adding new peers by @bcmmbaga in #1383
- Support status filter by names by @mlsmaycon in #1387
- Allow removal of preshared keys by @pascal-fischer in #1385
- feat: organizing infrastructure_files folder and adds new envs by @diegocn in #1235
- Update .gitignore to exclude all generated files by @mlsmaycon in #1394
- Feature/add iOS support by @pascal-fischer in #1244
- Improve release workflows speed by @mlsmaycon in #1397
New Contributors
Full Changelog: v0.24.4...v0.24.5
Contributors
Assets 43
v0.24.4
What's Changed
- Update signing pipelines to version 0.0.10 by @mlsmaycon in #1329
- Add Windows version to correct system info field by @mlsmaycon in #1330
- Prepare regexps on compile time by @surik in #1327
- Add gocritic linter by @surik in #1324
- Fix panic on empty username for invites by @mlsmaycon in #1334
- Add account deletion endpoint by @mlsmaycon in #1331
- Fix group membership for peers API response by @mlsmaycon in #1337
- Fix the inability to set hostname with the flag in daemon mode by @bcmmbaga in #1339
- Fix IPv6 format for DNS address received from android by @mlsmaycon in #1350
- add owner role support by @mlsmaycon in #1340
- Add gosec linter by @surik in #1342
- Extend add peer event meta with setup key name by @pascal-fischer in #1353
- Add peer and settings validation by @pascal-fischer in #1341
- Chore: clean gomod reference by @pascal-fischer in #1355
- Implement lightweight method to check is peer has update channel by @surik in #1351
- Fix tests after peer validation by @pascal-fischer in #1358
- Add sync-main.yml GitHub workflow by @surik in #1359
- Fix/acl for forward by @pappz in #1305
- Add sync-tag.yml GitHub workflow by @surik in #1362
- Update API descriptions and examples by @mlsmaycon in #1364
- Add Dev Container Support section in contributing guideline by @surik in #1363
Full Changelog: v0.24.3...v0.24.4
Contributors
Assets 44
v0.24.3
Release notes
New features
Client update notification
Now, GUI clients will notify users of the new version available to download:
The client will redirect Linux and homebrew users to the installation doc.
Enhancements
Network routes default gateway handling
Network routes now handle ranges that contain the IP address of the local system's default gateway. Instead of not configuring the route, the client checks if the range is smaller than the existing one and adds a backup route to the default gateway using the local range.
What's Changed
- Log auth0 batch length by @mlsmaycon in (#1255)
- Fix Windows firewall message check by @mlsmaycon in (#1254)
- Pass JWT Claims Extractor to Integrations by @surik in (#1258)
- Fix network route adding rule to filter table by @mlsmaycon in (#1266)
- Feature/update check by @pappz in (#1232)
- Extends management user and group structure by @bcmmbaga in (#1268)
- Remove logging of User names on Debug level by @surik in (#1275)
- fix some typo spotted with codespell by @Fantu in (#1278)
- Add integration reference field to group by @bcmmbaga in (#1283)
- Feature/search domain for android by @pappz in (#1256)
- Fix black icon background on Win by @pappz in (#1269)
- Parse original resolv.conf by @pappz in (#1270)
- Bump golang.org/x/image from 0.5.0 to 0.10.0 by @dependabot in (#1285)
- Bump google.golang.org/grpc from 1.55.0 to 1.56.3 by @dependabot in (#1252)
- Add basic support of devcontainer by @surik in (#1280)
- Extend devcontainer with dind and go features by @surik in (#1292)
- Add integration activity events by @bcmmbaga in (#1293)
- Add codespell job by @mlsmaycon in (#1281)
- Extend API with accessible peers by @pappz in (#1284)
- Enable deletion of integration resources by @bcmmbaga in (#1294)
- Export account manager events store by @bcmmbaga in (#1295)
- Log access control error by @mlsmaycon in (#1299)
- Extend linter rules by @surik in (#1300)
- Extend AccountManager with external cache and group/user management methods by @surik in (#1289)
- Allow to update IntegrationReference for user by @surik in (#1308)
- Fix PAT copy for GetUserByTokenID in SQLite store by @surik in (#1312)
- Add non-deletable service user by @bcmmbaga in (#1311)
- Use email address for iphone name generation by @pascal-fischer in (#1315)
- Add metrics for PeersUpdateManager by @surik in (#1310)
- Fix duplicated Activity events shown by @pascal-fischer in (#1309)
- Improve Account cache reload condition by @surik in (#1319)
- Optimize IdP user deletion by @bcmmbaga in (#1320)
- Fix lookupCache to work when idp has more users by @surik in (#1321)
- Add tenv linter by @surik in (#1322)
- Add client UI shortcut links for standard users in Windows by @bcmmbaga in (#1323)
- Fix windows os info by @pascal-fischer in (#1326)
- systemd units for the client, management & signal services by @hg in (#1318)
- Remove the gateway check for routes by @mlsmaycon in (#1317)
Big thanks to our new contributors
Contributors
Assets 43
v0.24.2
Release notes
These release notes summarize what happened in the previous, 0.23, and now with the 0.24 release. There are cool new features and long-awaited enhancements that we want to share.
New features
Mark match domains as search domains
We added support to mark a match domain as a search domain in your peers' systems. See the configuration option below:
The client support was added as part of the release v0.24.0.
This option makes ping or accessing internal nodes easier by simply using their hostname. See example below:
ping -c 4 server
PING server.corporate.internal (10.75.251.48): 56 data bytes
64 bytes from 10.75.251.48: icmp_seq=0 ttl=64 time=239.124 ms
64 bytes from 10.75.251.48: icmp_seq=1 ttl=64 time=240.239 ms
64 bytes from 10.75.251.48: icmp_seq=2 ttl=64 time=238.940 ms
64 bytes from 10.75.251.48: icmp_seq=3 ttl=64 time=235.171 ms
--- server.corporate.internal ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 235.171/238.368/240.239/1.912 msEphemeral peers
When creating a setup key, you can enable an option to make all peers activated by the setup key ephemeral peer. See the option below:
Ephemeral peers will be deleted from the management system after 10 minutes of disconnection. This feature allows for use cases like running agents on containers, auto-scaling groups, and even CI/CD; checkout this great contribution from @Alemiz112: https://github.com/marketplace/actions/netbird-connect
Routing groups
We have added support to routing group in the network routes feature; it allows administrators to configure groups, combined with setup keys auto-groups to automatically assign new peers as routers for a specific network range. Combine this with ephemeral peers to have stateless routers:
SQLite store
We added experimental support to SQLite for the Management service store. See docs at https://docs.netbird.io/selfhosted/sqlite-store
This store is note recommended for production
JWT group sync
For self-hosted deployments, we made available an option to synchronize user groups from their JWT tokens. See image below:
Each IDP has its way of configuring JWT claims, but the only requirement from our side is to send the list of groups in a single claim. We are looking for contributions to update our documentation for the various IDPs that can be integrated with NetBird.
Talking about that, we added support to JumpCloud IDP; see docs here: https://docs.netbird.io/selfhosted/identity-providers#jump-cloud
Enhancements:
Refresh button
Now you can refresh the list of resources in your account by using a refresh button:
User deletion
Account administrators can now delete users. See example below:
Be aware that the peers that belong to the deleted user will be removed from the account.
User group propagation
We now support group propagation from users to the peers they own:
> After enabling this option, you must trigger a group update for the user for this to take effect.
What's Changed
- Implement SQLite Store using gorm and relational approach by @surik in (#1065)
- Move StoreKind under own StoreConfig configuration and rename to Engine by @surik in (#1219)
- chore: pkg import only once by @testwill in (#1222)
- Update contribution guide with go version and Windows driver by @mlsmaycon in (#1226)
- Use account creator as inviter as a fallback by @mlsmaycon in (#1225)
- Add management-integrations by @surik in (#1227)
- Make possible set IdpSignKeyRefreshEnabled from setup.env by @Fantu in (#1230)
- Contribution guide - Explicitly disable CGO for client by @mlsmaycon in (#1228)
- Update grpc clients' keepalive interval by @mlsmaycon in (#1231)
- Fix update script's failure to update netbird-ui in binary installation by @bcmmbaga in (#1218)
- Add search domains support by @mlsmaycon in (#1224)
- Update management.json template with all existing configuration parameters by @pascal-fischer in (#1182)
- Log store engine type by @mlsmaycon in (#1234)
- Fix SaveUserLastLogin in SQLite store by @surik in #1241
- Fix GetAccountByPrivateDomain for SQLite by @surik in #1242
- Support pinning version during binary install by @glemsom in #1237
- Bump golang.org/x/net from 0.10.0 to 0.17.0 by @dependabot in #1214
- Log client version on startup by @mlsmaycon in #1240
- Fix redirect urls template processing by @mlsmaycon in #1251
New Contributors
Full Changelog: v0.23.9...v0.24.0
