You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6.5 KiB
6.5 KiB
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[v0.4.6]
- The docker compose file now works without a config file (it's optional)
[v0.4.5]
- Fixed a bug that caused devices to not correctly sync when using mysql or sqlite3
[v0.4.4]
Changed
- The default AllowedIPs setting was changed from "0.0.0.0/1, 128.0.0.0/1" to "0.0.0.0/0".
[v0.4.3]
Changed
- The device list on the website now updates a little less frequently.
- The device list now always shows the "last seen" field to hopefully better reflect what the "connected" status means.
- The metadata scraping loop has been updated to be more efficient when there are many disconnected peers compared to connected peers.
- The metadata scraping algorithm is now more friendly for HA deployments.
[v0.4.2]
Bug Fixes
- The vpn Allowed IPs setting is now correctly enforced.
[v0.4.1]
Bug Fixes
- Fixed a bug that caused devices to get disconnected intermittently
- The helm template now respects the "replicas" value
[v0.4.0]
Added
- High availability (HA) is now supported when using the
postgresql://
storage backend. You can now deploy multiple replicas of wg-access-server pointing to the same Postgres DB. - The wireguard service can now be disabled via the config file. Helpful for developing on Mac and Windows.
Removed
- The
file://
storage backend was deprecated in v0.3.0 and has now been removed. See the v0.3.0 changelog entry for more information about migrating your data.
[v0.3.0]
Added
- arm64 and arm/v7 docker image support + github actions thanks to @timtorChen
Changed
- the wireguard private key is now required when the storage backend is persistent (i.e. not
memory://
) - configuration flags, environment variables and file properties have been refactored for consistency
- all configuration file properties (excluding auth providers) can now be set via flags and environment variables
- all environment variables are prefixed with
WG_
to avoid collisions in hosted environments like Kubernetes - all flags & environment variables are named consistently
- breaking: no functionality has been removed but you'll need to update any flags/envvars that you're using
Deprecations
- deprecated support for having no admin account
- a config error will be thrown in v0.4.0 if an admin account is not configured
- see the README.md for examples on setting the admin account
- deprecated
file://
storage in favour ofsqlite3://
- will be removed in v0.4.0
- there is now a storage
migrate
command that you can use to move your data to a different storage backend - see the docs for migrating your data: https://place1.github.io/wg-access-server/3-storage/#example-file-to-sqlite3
[0.2.5]
Added
- Admin users can now delete devices from the "all devices" page (issue #57)
Bug Fixes
- Fixes website routing to solve 404s (issue #56)
[0.2.4]
Bug Fixes
[0.2.3]
Added
- Helm chart now supports configuring a LoadBalancer service for the web ui (@nqngo)
[0.2.2]
Changed
- Changed the default "AllowedIPs" to
0.0.0.0/0
[0.2.1]
Changed
- The "is connected" now shows devices as connected if they've been active within the last 3 minutes
- Improved handling of oidc/gitlab authentication with domain verification when a user hasn't set their email
[0.2.0]
Added
- New SQL storage backend supporting SQLite, MySQL and PostgreSQL (@halkeye)
- Support for mapping claims from an OIDC auth backend to wg-access-server claims using a simple rule syntax (@halkeye). You can use this feature to decide which user has the 'admin' claim based on your own OIDC claims.
- The VPN DNS proxy feature can now be disabled using config:
dns.enabled = false
- When disabled the
DNS
wireguard config value will be omitted from client wg config files - When disabled the DNSasd proxy will not be started server-side (i.e. port 53 won't be used)
- When disabled the
- Config options to change the web, wireguard and dns ports.
- Better instructions for connecting a linux device (@nfg)
- More helm chart flexibility (@halkeye)
Changes
- The admin UI will now show the device owner's name or email if available.
- The admin UI will now show the auth provider for a given device if more than 1 auth provider is in use.
- Bug fix: upstream dns now correctly configured using resolvconf if not set in config file, flag or envvar.
Removed
- dns port configuration was removed because wireguard client's only support port 53 for dns
How to upgrade
- If you've been using the
storage.directory="/some/path"
config value then you'll need to update it tostorage=file:///some/path
- If you've been using the
--storage-directory=/some/path
cli flag then you'll need to update it to--storage="file:///some/path"
- If you've been using the
STORAGE_DIRECTORY=/some/path
environment variable then you'll need to update it toSTORAGE="file:///some/path"
[0.1.1]
Changes
- Helm chart bug fixes and improvements
[0.1.0]
Added
- Added support for an admin account. An admin can see all devices registered with the server.
- Added support for configuring "AllowedIPs"
- New docker compose example (@antoniebou13)
- Added a helm chart
- Added a basic kubernetes quickstart.yaml manifest (based on helm template)
- Added a documentation site based on mkdocs. Hosted on github pages (still a wip!)
[0.0.9]
Changed
- Some UI/UX improvements
[0.0.8]
Added
- Added an embedded DNS proxy
Changed
- Completely re-implemented the auth subsystem to avoid trying to integrate with Dex. OIDC, Gitlab and Basic auth are supported.
[0.0.0] -> [0.0.7]
MVP :)