File netbird.changes of Package netbird
-------------------------------------------------------------------
Mon Feb 24 01:07:23 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.37.1:
- [client] Restart netbird-ui post-install in linux deb&rpm by
@mohamed-essam in #2992
- [client] Update local interface addresses when gathering
candidates by @lixmal in #3324
- [management] faster server bootstrap by @pnmcosta in #3365
- [client] fix privacy warning on macOS by @hurricanehrndz in
#3350
- [client] Disable notifications by default by @lixmal in #3375
-------------------------------------------------------------------
Sat Feb 22 14:26:34 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.37.0:
- [client] Normalize DNS record names to lowercase in local
handler update by @hakansa in #3323
- [signal] add pprof and message size metrics by @pascal-fischer
in #3337
- [management] Refactor users to use store methods by @bcmmbaga
in #2917
- [management] Add batching support for SaveUsers and SaveGroups
by @bcmmbaga in #3341
- [client][ui] added accessible tray icons by @karsa-mistmere in
#3335
- [misc] Run management benchmark jobs on file changes by
@mlsmaycon in #3343
- [client] [ui] issue when changing setting in GUI while peer
session is expired by @hakansa in #3334
- [signal] Fix registry not found by @pascal-fischer in #3342
- [management] remove gorm preparestmt from all DB connections by
@pascal-fischer in #3292
- [client] Set up local dns policy additionally if a gpo policy
is detected by @lixmal in #3336
- [management] optimize test execution by @pascal-fischer in
#3204
- [client][ui] Use go build to embed less icons by
@hurricanehrndz in #3351
- [misc] improvement(template): add traefik labels to relay by
@cesargoncalves in #3333
- [client] Add UI client event notifications by @lixmal in #3207
- [client, management] Support DNS Labels for Peer Addressing by
@hakansa in #3252
- [client] Add embeddable library by @lixmal in #3239
- [client] Skip CLI session expired notifcation if notifications
are disabled by @lixmal in #3266
- [management] refactor auth by @pnmcosta in #3296
- [client] Interface code cleaning by @pappz in #3358
- [misc] Update README.md by @braginini in #3360
- [management,client,signal] Update google.golang.org/api to
latest by @paralin in #3288
- [misc][Snyk] Security upgrade alpine from 3.21.0 to 3.21.3 by
@mlsmaycon in #3359
- [client] Add reverse dns zone by @lixmal in #3217
- [management] fix grpc new account by @pnmcosta in #3361
- [client] Add netbird ui improvements by @lixmal in #3222
- [client] Fix udp forwarder deadline by @lixmal in #3364
- [misc] Rename client tests in CI by @lixmal in #3366
-------------------------------------------------------------------
Thu Feb 13 19:51:04 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.7:
- [client] Fix priority handling by @pappz in #3313
- [client] Use GPO DNS Policy Config to configure DNS if present
by @lixmal in #3319
-------------------------------------------------------------------
Wed Feb 12 15:27:33 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.6:
- Bump golang.org/x/net from 0.30.0 to 0.33.0 by @dependabot in
#3218
- [client, server] Cleanup magiconair usage from repo by @pappz
in #3276
- Management REST Client Code by @mohamed-essam in #3278
- [client] use embedded root CA if system certpool is empty by
@hakansa in #3272
- [misc] Replace Wiretrustee with Netbird by @lixmal in #3267
- [client] Fix acl empty port range detection by @lixmal in #3285
- [relay] Use new upstream for nhooyr.io/websocket package by
@paralin in #3287
- [client] Fix grouping of peer ACLs with different port ranges
by @lixmal in #3289
- [client] Fix nil pointer exception when load empty list and try
to cast it by @pappz in #3282
- [management] Check groups when counting peers on networks list
by @pascal-fischer in #3284
- [management] add logs for grpc API by @pascal-fischer in #3298
- [client] Add experimental support for userspace routing by
@lixmal in #3134
- [signal] Fix context propagation in signal server by @4thel00z
in #3251
- [client, relay] Fix/wg watch by @pappz in #3261
- [client] Support dns upstream failover for nameserver groups
with same match domain by @lixmal in #3178
- [client] Fix dns handler chain test by @lixmal in #3307
- [client] Check for fwmark support and use fallback routing if
not supported by @lixmal in #3220
- [client] Enable userspace forwarder conditionally by @lixmal in
#3309
- fix integration tests by @pnmcosta in #3311
-------------------------------------------------------------------
Wed Jan 29 07:37:56 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.36.5:
- [client] Replace engine probes with direct calls by @lixmal in
#3195
- Update sign pipeline version by @mlsmaycon in #3246
- [client] Add missing peer ACL flush by @lixmal in #3247
-------------------------------------------------------------------
Tue Jan 28 09:18:53 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.4:
- [client] Allow freebsd to build netbird-ui by @lixmal in #3212
- [management] Refactor peers to use store methods by @bcmmbaga
in #2893
- [misc] Fix: typo in test output by @JinxCappa in #3216
- [management] remove peer from group on delete by
@pascal-fischer in #3223
- [management] disable prepareStmt for sqlite by @pascal-fischer
in #3228
- [client] Fix freebsd default routes by @lixmal in #3230
- [client] Use correct stdout/stderr log paths for debug bundle
on macOS by @lixmal in #3231
- [client] Back up corrupted state files and present them in the
debug bundle by @lixmal in #3227
- [client] Match more specific dns handler first by @lixmal in
#3226
- [client] Mark redirected traffic early to match input filters
on pre-DNAT ports by @lixmal in #3205
- [management] use account request buffer on sync by
@pascal-fischer in #3229
- [management/signal/relay] add metrics descriptions by
@pascal-fischer in #3233
- [client] Support port ranges in peer ACLs by @lixmal in #3232
- [client] Use dynamic dns route resolution on iOS by @lixmal in
#3243
- [management] copy source and destination resource on policyRule
copy by @pascal-fischer in #3235
-------------------------------------------------------------------
Fri Jan 17 23:40:28 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.3:
- [client] Close ice agent only if not nil by @mlsmaycon in #3210
-------------------------------------------------------------------
Fri Jan 17 12:05:04 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.2:
- [relay] Don't start relay quic listener on invalid TLS config
by @lixmal in #3202
- [management] Fix network migration issue in Postgres by
@bcmmbaga in #3198
- [management] add duration logs to Sync by @pascal-fischer in
#3203
-------------------------------------------------------------------
Thu Jan 16 22:35:38 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.1:
What's Changed
- [client] Fix windows info out of bounds panic by @lixmal in
#3196
-------------------------------------------------------------------
Thu Jan 16 18:47:37 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
- update to 0.36.0:
This release introduces initial support to QUIC as a protocol for
relay servers, MySQL support for store, and rootless container
support for the client running Netstack mode. We also added
support for disabling system flags in the client, and optional
ZITADEL PAT configuration in the management service among other
enhancements and bug fixes.
New features
QUIC Protocol Support
Added initial support for the QUIC protocol in the client and
relay server, improving connection reliability and performance.
For self-hosted admins that want to try this out, you should
ensure that the relay server has TLS certificates configured and
that the main listening port is available in both, TCP and UDP.
Rootless Container Support
Implemented rootless container support for the client running in
Netstack mode, enabling secure and compatible operation without
requiring privileged permissions or Linux capabilities.
You can use the images netbirdio/netbird:rootless-latest or
netbirdio/netbird:0.36.0-rootless for this mode.
Learn more about how to enable Netstack mode in the
documentation.
MySQL Support
Added MySQL support for the management service, allowing users to
store data in a MySQL database. This feature is particularly
useful for organizations that prefer MySQL as their database
backend.
If you want to start a new deployment with MySQL, you can use the
environment variable NETBIRD_STORE_CONFIG_ENGINE=mysql and
NETBIRD_STORE_ENGINE_MYSQL_DSN="<username>:<password>@tcp(127.0.0.1:3306)/<database>"
in the setup.env file.
We are counting on your feedback and community contributions to
improve documentation for this support.
Enhancements
New system flags to disable a few features on the client side We
are introducing a set of new flags that allow users to disable
specific features on the client side. This is particularly useful
for users who wants more control over their system
configurations.
The new flags are available with the netbird up command, see the
flags below:
--disable-client-routes Disable client routes. If enabled,
the client won't process client routes received from the
management service.
--disable-dns Disable DNS. If enabled, the client won't
configure DNS settings.
--disable-firewall Disable firewall configuration. If
enabled, the client won't modify firewall rules.
--disable-server-routes Disable server routes. If enabled,
the client won't act as a router for server routes
received from the management service.
Optional ZITADEL PAT Configuration Enabled optional configuration
of a Personal Access Token (PAT) for ZITADEL in the management
service, enhancing authentication options for users who want to
use ZITADEL as their identity provider.
To configure the ZITADEL PAT, you can use the environment
variable NETBIRD_IDP_MGMT_EXTRA_PAT=<secret> in the setup.env
file.
For all the details see:
https://github.com/netbirdio/netbird/releases/tag/v0.36.0
-------------------------------------------------------------------
Wed Jan 1 09:03:41 UTC 2025 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.35.2:
* [management] Add missing group usage checks for network
resources and routes access control by @bcmmbaga in #3117
* [management] remove ids from policy creation api by
@pascal-fischer in #2997
* [management] Fix networks net map generation with posture
checks by @mlsmaycon in #3124
* [management] add selfhosted metrics for networks by
@pascal-fischer in #3118
* [client] Ignore case when matching domains in handler chain by
@lixmal in #3133
[client] Allow inbound rosenpass port by @lixmal in #3109
* [management] Preserve jwt groups when accessing API with PAT by
@bcmmbaga in #3128
* [management] remove sorting from network map generation by
@pascal-fischer in #3126
* [management] Fix policy tests by @mlsmaycon in #3135
-------------------------------------------------------------------
Fri Dec 27 00:36:27 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.35.1:
* What's Changed:
- [client] Don't fail debug if log file is console by @lixmal in #3103
- [client] Fix inbound tracking in userspace firewall by @lixmal in #3111
-------------------------------------------------------------------
Mon Dec 23 22:46:31 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.35.0:
* Release notes:
- With this release, we are introducing a new concept in NetBird called
Networks. This concept improves the administration of routed resources
and provides greater visibility into what is shared with peers. Networks
are configuration containers that map your on-premise or cloud networks
in a logical set of configurations, making it easier to manage and share
routes with your peers based on your infrastructure.
* What's changed:
- [client] Add support for state manager on iOS by @pascal-fischer in #2996
- [client] Add peer conn init limit by @mlsmaycon in #3001
- [management] Remove peer needs login log message by @bcmmbaga in #3005
- [management] restructure api files by @pascal-fischer in #3013
- [Snyk] Security upgrade alpine from 3.20 to 3.21.0 by @mlsmaycon in #3019
- [client] Fix race condition with systray ready by @mohamed-essam in #2993
- [misc] split tests with management and rest by @mlsmaycon in #3051
- [misc] Handle dnf version 5 in install script by @mohamed-essam in #3026
- [client] fix: reformat IPv6 ICE addresses when hole punching by @jclds139
in #3050
- [misc] Upgrade x/crypto package by @mlsmaycon in #3055
- fix client unsupported h2 protocol when only 443 activated by @V-E-O
in #3009
- [client] Avoid using iota on mixed const block by @mlsmaycon in #3057
- [client, management] Add new network concept by @lixmal in #3047
- [client] Do not start DNS forwarder on client side by @pappz in #3094
- [management] Fix duplicate resource routes when routing peer is part of
the source group by @bcmmbaga in #3095
- [client] Reduce DNS handler chain lock contention by @lixmal in #3099
- [management] Run test sequential by @pascal-fischer in #3101
- [client] Add firewall rules to the debug bundle by @lixmal in #3089
- [client] Add stateful userspace firewall and remove egress filters
by @lixmal in #3093
-------------------------------------------------------------------
Thu Dec 5 16:54:45 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.34.1:
* [client] Cleanup status resources on engine stop by @mlsmaycon
in #2981
* [client] Don't return error in rule removal if protocol is not
supported by @lixmal in #2990
* [client] Init route selector early by @lixmal in #2989
* [client] Reduce max wait time to initialize peer connections
by @mlsmaycon in #2984
* [management] Update account peers on login on meta change by
@mohamed-essam in #2991
* [client] upgrade zcalusic/sysinfo to v1.1.3 (add serial support
for ARM arch) by @EdouardVanbelle in #2954
-------------------------------------------------------------------
Wed Dec 4 06:00:59 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.34.0:
* Enhancements:
- Persistent network route selection
This feature is handy for users who want to maintain a
specific network route selection across client restarts. The
client will now remember the network routes selected before
the restart and apply them after the restart.
* Bug fixes:
- Account different policy rules for route firewall rules
The network access control policy rules now account for peers
in source groups. This fix ensures that the rules are
correctly applied to the network routes.
* What's Changed
- [misc] Update Caddyfile and Docker Compose to support HTTP3
#2822
- [client] Refactor initial Relay connection #2800
- [client] Don't return error in userspace mode without
firewall when setting legacy #2924
- [client] Test nftables for incompatible iptables rules #2948
- [client] Set up sysctl and routing table name only if routing
rules are available #2933
- [client] Allow routing to fallback to exclusion routes if
rules are not supported #2909
- [client] Code cleaning in net pkg #2932
- [client] Unspecified address: default
NetworkTypeUDP4+NetworkTypeUDP6 #2804
- [client] Add pprof build tag #2964
- [client] Persist route selection #2810
- [client] Add state file to debug bundle #2969
- [client] Fix debug bundle state anonymization test #2976
- [client] Pass IP instead of net to Rosenpass #2975
- [client] Get static system info once #2965
- [client] Add netbird.err and netbird.out to debug bundle
#2971
- [client] Add network map to debug bundle #2966
- [client] Don't choke on non-existent interface in route
updates #2922
- [client] Add state handling cmdline options #2821
- [management] Refactor posture check to use store methods
#2874
- [management] Refactor policy to use store methods #2878
- [management] Refactor DNS settings to use store methods #2883
- [management] Refactor nameserver groups to use store methods
#2888
- [management] refactor to use account object instead of
separate db calls for peer update #2957
- [management] Add performance test for login and sync calls
#2960
- [management] Add guide when signing key is not found #2942
- [management] Account different policy rules for route
firewall rules #2939
- [management] Add missing parentheses on iphone hostname
generation condition #2977
- [management] merge update account peers in sync call #2978
-------------------------------------------------------------------
Sat Nov 30 21:22:35 UTC 2024 - Richard Rahl <rrahl0@opensuse.org>
- fix SLE_15_SP4 build by using go1.23
- remove %suse_update_desktop_file
- remove the go1.21 hack, as we enabled the :Update repos
- use pkgconfig for BuildRequires
-------------------------------------------------------------------
Fri Nov 22 19:36:51 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.33.0:
* [misc] Introducing NetBird Guru on Gurubase.io by @kursataktas
in #2778
* [misc] use google domain for tests by @mlsmaycon in #2902
* [misc] Update signing pipeline version by @mlsmaycon in #2900
* [management] Add transaction metrics and exclude getAccount
time from peers update by @pascal-fischer in #2904
* [client] Add NB_SKIP_SOCKET_MARK & fix crash instead of
returing an error by @nazarewk in #2899
* [management] Fix process posture check evaluation on Sync by
@pascal-fischer in #2911
* [management] Add metric for peer meta update by @pascal-fischer
in #2913
* [management] Add activity events to group propagation flow by
@pascal-fischer in #2916
* [client] Fix allow netbird rule verdict by @lixmal in #2925
* [management] Fix getSetupKey call by @pascal-fischer in #2927
-------------------------------------------------------------------
Mon Nov 18 00:08:49 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.32.0:
* [management] Refactor setup key to use store methods by
@bcmmbaga in #2861
* [management] Add more logs to the peer update processes
by @pascal-fischer in #2881
* [client] Improve state write timeout and abort work early
on timeout by @lixmal in #2882
* [relay-server] Always close ws conn when work thread exit
by @pappz in #2879
* [client] Update route calculation tests by @mlsmaycon in #2884
* [client] Handle panic on nil wg interface by @lixmal in #2891
* [management] Fix limited peer view groups by @pascal-fischer
in #2894
* [client/management] add peer lock to peer meta update and fix
isEqual func by @pascal-fischer in #2840
* [management] Limit the setup-key update operation by
@pascal-fischer in #2841
* [management] Refactor group to use store methods by @bcmmbaga
in #2867
* [management] Fix the Inactivity Expiration problem. by
@ismail0234 in #2865
* [client] Fix state manager race conditions by @lixmal in #2890
* [client] Move state updates outside the refcounter by @lixmal
in #2897
* [client] Fix error state race on mgmt connection error by
@lixmal in #2892
-------------------------------------------------------------------
Mon Nov 11 20:07:48 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.31.1:
* [management] Fix add peer all group network map update
by @pascal-fischer in #2830
* [misc] Avoid failing all other matrix tests if one fails
by @mlsmaycon in #2839
* [client] Fix cached device flow oauth by @mlsmaycon in #2833
* [management] Fix network map update on peer validation by
@pascal-fischer in #2849
* [client] Use the prerouting chain to mark for masquerading to
support older systems by @lixmal in #2808
* [relay-server] Use X-Real-IP in case of reverse proxy by @pappz
in #2848
* [client] Exclude split default route ip addresses from anonymization
by @lixmal in #2853
* [management] Enforce max conn of 1 for sqlite setups by
@pascal-fischer in #2855
* [management] Fix potential panic on inactivity expiration log
message by @pascal-fischer in #2854
* [management] Add benchmark tests to get account with claims
by @mlsmaycon in #2761
* [client] Use offload in WireGuard bind receiver by @pappz in #2815
* [management] Remove context from database calls by @pascal-fischer
in #2863
* [management] Add peer lock to grpc server by @pascal-fischer in #2859
* [management] Fix api error message typo peers_group by @lixmal in #2862
* [client] Remove loop after route calculation by @pappz in #2856
* [client] fix/proxy close by @pappz in #2873
* [client] Fix race conditions by @lixmal in #2869
-------------------------------------------------------------------
Fri Nov 1 16:19:12 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.31.0:
Because of a database migration where the setup-keys are being
hashed, a downgrade is no longer possible without restoring a
backup. So, testing and making sure a backup is done before
upgrading is highly recommended. See backup docs here:
https://docs.netbird.io/selfhosted/selfhosted-guide#backup
* [management] Setup key improvements #2775
- We added support to setup-key deletion, allowing account
cleanup of revoked or expired keys.
- The max expiration time was removed, allowing users to define
any date for key expiration.
- Setup-keys are now stored as hashs, improving security for
systems.
* Improvements
- [client] Make native firewall init fail firewall creation
#2784
- [misc] Update Zitadel from v2.54.10 to v2.64.1 #2793
- [client] allow relay leader on iOS #2795
- [management] remove network map diff calculations #2820
- [management] Add DB access duration to logs for context
cancel #2781
- [client] Log windows panics #2829
* Bug fixes
- [client] Ignore route rules with no sources instead of
erroring out #2786
- [client] Fix multiple peer name filtering in netbird status
command #2798
- [client] Fix the broken dependency gvisor.dev/gvisor #2789
- [management] Fix peer meta isEqual #2807
- [client] Nil check on ICE remote conn #2806
- [client] Allocate new buffer for every package #2823
- [client] Fix unused servers cleanup #2826
- [client] Remove legacy forwarding rules in userspace mode
#2782
-------------------------------------------------------------------
Thu Oct 24 15:07:12 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- update to 0.30.3:
* [management] Fix domain information is up to date check by
@mlsmaycon in #2754
* Fix decompress zip path by @mlsmaycon in #2755
* Update sign workflow version by @mlsmaycon in #2756
* Release global lock on early error by @mlsmaycon in #2760
* Replace suite tests with regular go tests by @mlsmaycon
in #2762
* [management] Fix context cancellation with JWT group sync
enabled by @bcmmbaga in #2767
* [client] Eliminate UDP proxy in user-space mode by @pappz
in #2712
* [management] Optimize network map updates by @bcmmbaga in #2718
* [management] Fix session inactivity response by @pascal-fischer
in #2770
* [relay-client] Log exposed address by @pappz in #2771
* [client] Cleanup dns and route states on startup by @lixmal
in #2757
* [client] Fix controller re-connection by @pappz in #2758
* [client] Cleanup firewall state on startup by @lixmal in #2768
-------------------------------------------------------------------
Wed Oct 16 17:13:21 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.30.2:
* [relay, client] Relay/fix/wg roaming by @pappz in #2691
* [management] Refactor getAccountIDWithAuthorizationClaims by
@mlsmaycon in #2715
* [client] Add table filter rules using iptables by @lixmal in
#2727
* [relay-server] Move the handshake logic to a separated struct
by @pappz in #2648
* [management] Add session expire functionality based on
inactivity by @ctrl-zzz in #2326
* [client] Add universal bin build and update sign workflow
version by @mlsmaycon in #2738
* [client] Exclude loopback from NAT by @lixmal in #2747
* [misc] Update Zitadel version on quickstart script by @eoksum
in #2744
* [management] Fix JSON function compatibility for SQLite and
PostgreSQL by @bcmmbaga in #2746
-------------------------------------------------------------------
Fri Oct 11 09:12:53 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- update to 0.30.1:
* [management] Remove admin check on getAccountByID by
@pascal-fischer in #2699
* [management] Validate peer ownership during login by @bcmmbaga
in #2704
* [client] Limit P2P attempts and restart on specific events by
@lixmal in #2657
* [management] Propagate error in store errors by @pascal-fischer
in #2709
* [misc] Add Link to the Lawrence Systems video by @braginini in
#2711
* [management] Make max open db conns configurable by
@pascal-fischer in #2713
* [management] Add support to envsub go management configurations
by @mlsmaycon in #2708
* [management] Move testdata to sql files by @pascal-fischer in
#2693
* [client] Improve route acl by @lixmal in #2705
* [signal] new signal dispatcher version by @pascal-fischer in
#2722
-------------------------------------------------------------------
Sun Oct 6 16:47:04 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
- convert to using obs_scm
- update to 0.30.0:
* What's New
- Access Control for Network Routes
Starting with version 0.30.0, users can assign access control
groups to network routes, offering improved security and
traffic restrictions. Route access is now unidirectional,
ensuring traffic complies with the specified policies before
authorization. This feature enhances the flexibility of
network management.
To configure this, follow the documentation: Configuring
routes with access control.
https://docs.netbird.io/how-to/configuring-routes-with-access-control
* Improvements
- Add Access Control for Network Routes: [management, client]
Add access control support to network routes #2100
- Remove Redundant Account Token Calls: [management] Remove
redundant get account calls in GetAccountFromToken #2615
- Refactor User JWT Group Synchronization: [management]
Refactor User JWT group sync #2690
* Bug Fixes
- Anonymize Relay Address in Peers View: [client] Anonymize
relay address in status peers view #2640
- Check WireGuard Interface Instead of Engine Context: [client]
Check wginterface instead of engine ctx #2676
- Close Remote Connection in Proxy: [client] Close the remote
conn in proxy #2626
- Fix eBPF Close Function: [client] Fix ebpf close function
#2672
- Fix Relay Disconnection Handling: [client] Fix Relay
disconnection handling #2680
- Restrict Peer Access for Non-Admins: [management] Restrict
accessible peers to user-owned peers for non-admins #2618
* Other Changes
- Adjust Relay Worker Log Levels: [client] Adjust relay worker
log level and message #2683
- Improve Error Count Formatting: [client] Fix error count
formatting #2641
- Refactor Interface Package: [client] Refactor/iface pkg #2646
- Remove Custom Localhost Dialer: [client] Remove usage of
custom dialer for localhost #2639
- Add Account Existence Check to AccountManager: [management]
Add AccountExists to AccountManager #2694
- Add DB Retrieval Method: [management] Add get DB method to
store #2650
- Fix Account Manager Mock Implementation: [management] Fix
account manager mock #2695
- Propagate Management Metrics: [management] Propagate metrics
#2667
- Remove File Store in Management: [management] Remove file
store #2689
- Update Management Docker Image: [management] Update
management base docker image #2687
- Improve ZITADEL IDP Error Handling: [management] improve
zitadel idp error response detail #2634
- Add Log Setting to Caddy Container: [misc] Add log setting to
Caddy container #2684
- Fix IP Range Posture Check Example: [misc] Fix ip range
posture check example in API doc #2628
- Update to Goreleaser Version 2: [misc] Specify goreleaser
version and update to 2 #2673
- Use Packages to Fetch Latest Version: [misc] Use the pkgs to
get the latest version #2682
- Move Signal Message Handling into Dispatcher: [signal] Move
dummy signal message handling into dispatcher #2686
- Propagate Signal Metrics: [signal] Propagate metrics #2668
- Add Context to Signal Dispatcher: [signal] add context to
signal-dispatcher #2662
-------------------------------------------------------------------
Sat Sep 21 00:34:28 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to 0.29.4
- Selected notes from https://github.com/netbird/releases/tag/v0.29.4:
* Do not block the msg receiving if the wg proxy does not operate by @pappz in #2617
* Exit from processConnResults after all tries by @pappz in #2621
-------------------------------------------------------------------
Wed Sep 18 16:32:34 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.29.3
- Selected notes from https://github.com/netbird/releases/tag/v0.29.3:
* [client] Ensure engine is stopped before starting it back by @hurricanehrndz in #2565
* [relay] Change heartbeat timeout by @pappz in #2598
* [client] Fix blocked net.Conn Close call by @pappz in #2600
* [management] Add command flag to set metrics port for signal and relay service, and
update management port by @benniekiss in #2599
* [client] Fix get management and signal state race condition by @mlsmaycon in #2570
* [management] fix legacy decrypting of empty values by @bcmmbaga in #2595
* [signal] Fix signal active peers metrics by @pascal-fischer in #2591
* [management] Add transaction to addPeer by @pascal-fischer in #2469
* [client] Fix leaked server connections by @pappz in #2596
* [relay] Add health check attempt threshold by @mlsmaycon in #2609
* [client] Fix race condition while read/write conn status in peer conn by @pappz in #2607
* [client] Cancel the context of wg watcher when the go routine exit by @pappz in #2612
- Packaging changes:
* Fixed leap 15.6 and SLE builds, cleaned up some redundancy from specfile
-------------------------------------------------------------------
Sat Sep 14 22:02:02 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.29.2
- Selected notes from https://github.com/netbird/releases/tag/v0.29.2:
* [management] Add GCM encryption and migrate legacy encrypted events by @bcmmbaga in #2569
* [management] Add accessible peers endpoint by @bcmmbaga in #2579
* [client] fix: install.sh: avoid call of netbird executable after rpm-ostree installation by @M0Rf30 in #2589
* [client] Fix wg handshake checking by @pappz in #2590
* [misc] Support configurable max log size with var NB_LOG_MAX_SIZE_MB by @mlsmaycon in #2592
- Update to version 0.29.1
- Selected release notes from https://github.com/netbird/releases/tag/v0.29.1:
* [client] Don't overwrite allowed IPs when updating the wg peer's endpoint address by @lixmal in #2578
* [relay] Improve relay messages by @lixmal in #2574
* [relay] change log levels by @pappz in #2580
* Remove pre-release step from workflow by @mlsmaycon in #2583
- Packaging changes:
* Fixed blank desktop icon for netbird-applet
* Added package for new experimental relay feature
* Removed stripping flags to allow debug builds to be generated
* Better organization of specfile
-------------------------------------------------------------------
Wed Sep 11 01:17:59 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.29.0
- Selected release notes from https://github.com/netbirdio/netbird/releases/tag/v0.29.0:
* New relay implementation utilizing WebSockets available for testing in self-hosted server
* Signal Dispatcher: Introduced signal dispatcher for better signaling. #2373
* Support for ECDSA Public Keys: Added support for ECDSA public keys in management. #2461
* Fix Deadlock on Auto Connect: Avoided deadlock in client auto-connect with early exit handling. #2528
* Destroy WG Interface on Timeout: Addressed issue where WireGuard interface wasn't destroyed on down timeout. #2435
* Fix Service Down: Corrected the service-down issue in the client. #2519
* Prevent Client Panic: Fixed client panic when there was no connection. #2541
* Error Handling in OpenConnVia: Improved error handling in the openConnVia function. #2560
* Fix Lock on Down: Fixed a lock issue when the service was brought down. #2546
-------------------------------------------------------------------
Sun Aug 25 17:35:54 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.28.9
- Release notes from https://github.com/netbirdio/netbird/releases/tag/v0.28.9:
* [management] Rename request buffer and update default interval by @pascal-fischer in #2459
* [client] Add test for SetFlagsFromEnvVars by @mlsmaycon in #2460
* [client] Refactor free port function by @mlsmaycon in #2455
* [misc] Bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible by @dependabot in #2426
* [misc] Add support for NETBIRD_STORE_ENGINE_POSTGRES_DSN environment variable in setup.env by @arosberg in #2462
* [management] Refactor HTTP metrics by @bcmmbaga in #2476
- Update to version 0.28.8
- Selected release notes from https://github.com/netbirdio/netbird/releases/tag/v0.28.8:
* [misc] Use docker compose command by @mlsmaycon in #2382
* [management] Skip network map check if not regular user by @mlsmaycon in #2402
* [management] Improve mgmt sync performance by @lixmal in #2363
* [client] Update dependencies and switch systray library by @bcmmbaga in #2309
* [management] Add batch delete for groups and users by @bcmmbaga in #2370
* [client] Allow setup keys to be provided in a file by @moosetheory in #2337
* [misc] Update bug-issue-report.md to include netbird debug cmd by @lixmal in #2413
* [client] Parse data from setup key by @mlsmaycon in #2411
* [misc] Update bug-issue-report.md to include anon flag by @lixmal in #2412
* [management] Prevent removal of All group from peers during user groups propagation by @bcmmbaga in #2410
* [client] Upgrade fyne version to fix freezing routes window by @mlsmaycon in #2417
* [client] Mtls support by @Foosec in #2188
* [client] Update PNG systray disconnected icon by @lixmal in #2428
* [misc] Fix linting Issues by @bcmmbaga in #2427
* [management] Split DB calls in peer login by @pascal-fischer in #2439
* [misc] Loading tun module for synology in install.sh by @pascal-fischer in #2423
* [misc] Use clearer wording on issue template by @lixmal in #2443
* [management] Fix logging out peers on deletion by @lixmal in #2453
* [management] Add buffering for getAccount requests during login by @pascal-fischer in #2449
-------------------------------------------------------------------
Sat Aug 3 19:26:36 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.28.7
- Release notes from https://github.com/netbirdio/netbird/releases/tag/v0.28.7:
* Fix error handling by @pappz in #2316
* add save peer status test for connected peers by @mlsmaycon in #2321
* Add SavePeer method to prevent a possible account inconsistency by @mlsmaycon in #2296
* Fix race in set listener by @pappz in #2332
* Save daemon address on service install by @mlsmaycon in #2328
* Remove redundant check for empty JWT groups by @bcmmbaga in #2323
* Refactor login with store.SavePeer by @mlsmaycon in #2334
* fix(tests): freebsd should be red on error by @skillcoder in #2346
* Add write lock for peer when saving its connection status by @mlsmaycon in #2359
* Save account on saving users and groups by @bcmmbaga in #2362
* Move write peer lock by @mlsmaycon in #2364
* Freebsd test all root component by @skillcoder in #2361
* Use accountID retrieved from the sync call to acquire read lock sooner by @mlsmaycon in #2369
* Handling invalid UTF-8 character in sys info by @pappz in #2360
* When creating new setup key, "revoked" field doesn't do anything by @pappz in #2357
* Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible by @dependabot in #2356
* fix(util): syslog output contains duplicated timestamp by @mrl5 in #2292
* Allow route updates even if some domains failed resolution by @lixmal in #2368
* Adding geolocation download log message. by @keac in #2085
* Add extra auth audience field on HttpConfig for automation user to authorize via zitadel by @dfry in #2350
* Extend client debug bundle by @lixmal in #2341
* Move Bundle to before netbird down by @mlsmaycon in #2377
* Fix Windows file version by @mlsmaycon in #2380
* Remove Codacy badge as it is broken by @braginini in #2379
* Fix DNS resolution for routes on iOS by @pascal-fischer in #2378
* Add sonar badge by @pascal-fischer in #2381
- Fix patch to handle changes in client/cmd/service_installer.go
- Change _service to use ref tag instead of parent tag (thanks to rrahl0 for recommendation)
-------------------------------------------------------------------
Fri Jul 26 02:58:37 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.28.6
- Release notes from https://github.com/netbirdio/netbird/releases/tag/v0.28.6:
* Minor fix local dns search domain by @hurricanehrndz in #2287
* Remove default allow for UDP on unmatched packet by @mlsmaycon in #2300
* Retry management connection only on context canceled by @mlsmaycon in #2301
* Ignore network monitor checks for software interfaces by @mlsmaycon in #2302
-------------------------------------------------------------------
Sat Jul 20 20:02:52 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Update to version 0.28.5
- Release notes from https://github.com/netbirdio/netbird/releases/tag/v0.28.5:
* Sort routes by ID and remove DNS routes from overlapping list by @mlsmaycon in #2234
* Fix issue with canceled context before pushing metrics and decreasing pushing interval by @mlsmaycon in #2235
* Avoid empty domain overwrite by @pascal-fischer in #2252
* Add release version to windows binaries and update sign pipeline version by @mlsmaycon in #2256
* Get client ui locale on windows natively by @lixmal in #2251
* Bump google.golang.org/grpc from 1.64.0 to 1.64.1 by @dependabot in #2248
* Fix parameter limit issue for Postgres store by @mlsmaycon in #2261
* Support DNS routes on iOS by @pascal-fischer in #2254
* fix 2260: fallback serial to Board by @EdouardVanbelle in #2263
* Add logging option for WG device by @pappz in #2271
* Limit GUI process execution to one per UID by @mlsmaycon in #2267
* Add batch save/update for groups and users by @bcmmbaga in #2245
* fix forwarded metrics by @mlsmaycon in #2273
* Ignore non unique route updates by @hurricanehrndz in #2266
* feat(client): send logs to syslog by @mrl5 in #2259
* refactor(util): fix sonarcube issues by @mrl5 in #2276
* Add get_registration_delay_milliseconds metric by @mlsmaycon in #2275
* Fix metric label typo by @mlsmaycon in #2278
* fix: save peer status correctly in sqlstore by @ctrl-zzz in #2262
* Support custom SSL certificates for the signal service by @benniekiss in #2257
* Wait on daemon down by @pascal-fischer in #2279
* Don't add exclusion routes for IPs that are part of connected networks by @lixmal in #2258
* Add faster availability DNS probe and update test domain to .com by @mlsmaycon in #2280
* Check if route interface is a Microsoft ISATAP device by @mlsmaycon in #2282
* Remove copy functions from signal by @mlsmaycon in #2285
* Refactor macOS system DNS configuration by @hurricanehrndz in #2284
* Fix macOS DNS unclean shutdown restore call on startup by @mlsmaycon in #2286
-------------------------------------------------------------------
Tue Jul 9 03:19:08 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Improved formatting in error message when attempting to use patched out
netbird service commands
-------------------------------------------------------------------
Mon Jul 8 01:29:42 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Modified service-install-cli-change.patch to remove CLI service
install/uninstall functionality
-------------------------------------------------------------------
Sun Jul 7 06:51:29 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Added patch service-install-cli-change.patch
to make error messages align with best practices (#boo:1181400)
-------------------------------------------------------------------
Sat Jul 6 08:03:15 UTC 2024 - Joshua Smith <smolsheep@opensuse.org>
- Enable tests
-------------------------------------------------------------------
Tue Jul 2 04:40:24 UTC 2024 - Holden Fried <holdenrf2021@gmail.com>
- Initial packaging of netbird 0.28.4
