mirror of
https://github.com/juanfont/headscale.git
synced 2025-11-15 23:41:39 +01:00
prettier: use standard config for all files including changelog (#2879)
This commit is contained in:
Kristoffer Dalby
GitHub
parent
218a8db1b9
commit
000d5c3b0c
@ -57,14 +57,6 @@ repos:
|
||||
sass,
|
||||
markdown,
|
||||
]
|
||||
exclude: ^CHANGELOG\.md$
|
||||
|
||||
# Prettier for CHANGELOG.md with special formatting
|
||||
- id: prettier-changelog
|
||||
name: prettier-changelog
|
||||
entry: prettier --write --print-width 80 --prose-wrap always
|
||||
language: system
|
||||
files: ^CHANGELOG\.md$
|
||||
|
||||
# golangci-lint for Go code quality
|
||||
- id: golangci-lint
|
||||
|
||||
597
CHANGELOG.md
597
CHANGELOG.md
@ -4,6 +4,7 @@
|
||||
|
||||
### Changes
|
||||
|
||||
- Add NixOS module in repository for faster iteration [#2857](https://github.com/juanfont/headscale/pull/2857)
|
||||
- Add favicon to webpages
|
||||
[#2858](https://github.com/juanfont/headscale/pull/2858)
|
||||
- Reclaim IPs from the IP allocator when nodes are deleted
|
||||
@ -15,31 +16,18 @@
|
||||
|
||||
### Changes
|
||||
|
||||
- Expire nodes with a custom timestamp
|
||||
[#2828](https://github.com/juanfont/headscale/pull/2828)
|
||||
- Fix issue where node expiry was reset when tailscaled restarts
|
||||
[#2875](https://github.com/juanfont/headscale/pull/2875)
|
||||
- Fix OIDC authentication when multiple login URLs are opened
|
||||
[#2861](https://github.com/juanfont/headscale/pull/2861)
|
||||
- Fix node re-registration failing with expired auth keys
|
||||
[#2859](https://github.com/juanfont/headscale/pull/2859)
|
||||
- Remove old unused database tables and indices
|
||||
[#2844](https://github.com/juanfont/headscale/pull/2844)
|
||||
[#2872](https://github.com/juanfont/headscale/pull/2872)
|
||||
- Ignore litestream tables during database validation
|
||||
[#2843](https://github.com/juanfont/headscale/pull/2843)
|
||||
- Fix exit node visibility to respect ACL rules
|
||||
[#2855](https://github.com/juanfont/headscale/pull/2855)
|
||||
- Fix SSH policy becoming empty when unknown user is referenced
|
||||
[#2874](https://github.com/juanfont/headscale/pull/2874)
|
||||
- Fix policy validation when using bypass-grpc mode
|
||||
[#2854](https://github.com/juanfont/headscale/pull/2854)
|
||||
- Fix autogroup:self interaction with other ACL rules
|
||||
[#2842](https://github.com/juanfont/headscale/pull/2842)
|
||||
- Fix flaky DERP map shuffle test
|
||||
[#2848](https://github.com/juanfont/headscale/pull/2848)
|
||||
- Use current stable base images for Debian and Alpine containers
|
||||
[#2827](https://github.com/juanfont/headscale/pull/2827)
|
||||
- Expire nodes with a custom timestamp [#2828](https://github.com/juanfont/headscale/pull/2828)
|
||||
- Fix issue where node expiry was reset when tailscaled restarts [#2875](https://github.com/juanfont/headscale/pull/2875)
|
||||
- Fix OIDC authentication when multiple login URLs are opened [#2861](https://github.com/juanfont/headscale/pull/2861)
|
||||
- Fix node re-registration failing with expired auth keys [#2859](https://github.com/juanfont/headscale/pull/2859)
|
||||
- Remove old unused database tables and indices [#2844](https://github.com/juanfont/headscale/pull/2844) [#2872](https://github.com/juanfont/headscale/pull/2872)
|
||||
- Ignore litestream tables during database validation [#2843](https://github.com/juanfont/headscale/pull/2843)
|
||||
- Fix exit node visibility to respect ACL rules [#2855](https://github.com/juanfont/headscale/pull/2855)
|
||||
- Fix SSH policy becoming empty when unknown user is referenced [#2874](https://github.com/juanfont/headscale/pull/2874)
|
||||
- Fix policy validation when using bypass-grpc mode [#2854](https://github.com/juanfont/headscale/pull/2854)
|
||||
- Fix autogroup:self interaction with other ACL rules [#2842](https://github.com/juanfont/headscale/pull/2842)
|
||||
- Fix flaky DERP map shuffle test [#2848](https://github.com/juanfont/headscale/pull/2848)
|
||||
- Use current stable base images for Debian and Alpine containers [#2827](https://github.com/juanfont/headscale/pull/2827)
|
||||
|
||||
## 0.27.0 (2025-10-27)
|
||||
|
||||
@ -119,12 +107,9 @@ the code base over time and make it more correct and efficient.
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Remove support for 32-bit binaries
|
||||
[#2692](https://github.com/juanfont/headscale/pull/2692)
|
||||
- Policy: Zero or empty destination port is no longer allowed
|
||||
[#2606](https://github.com/juanfont/headscale/pull/2606)
|
||||
- Stricter hostname validation
|
||||
[#2383](https://github.com/juanfont/headscale/pull/2383)
|
||||
- Remove support for 32-bit binaries [#2692](https://github.com/juanfont/headscale/pull/2692)
|
||||
- Policy: Zero or empty destination port is no longer allowed [#2606](https://github.com/juanfont/headscale/pull/2606)
|
||||
- Stricter hostname validation [#2383](https://github.com/juanfont/headscale/pull/2383)
|
||||
- Hostnames must be valid DNS labels (2-63 characters, alphanumeric and
|
||||
hyphens only, cannot start/end with hyphen)
|
||||
- **Client Registration (New Nodes)**: Invalid hostnames are automatically
|
||||
@ -140,53 +125,39 @@ the code base over time and make it more correct and efficient.
|
||||
starting/ending with hyphen are rejected
|
||||
|
||||
### Changes
|
||||
- **Database schema migration improvements for SQLite**
|
||||
[#2617](https://github.com/juanfont/headscale/pull/2617)
|
||||
|
||||
- **Database schema migration improvements for SQLite** [#2617](https://github.com/juanfont/headscale/pull/2617)
|
||||
- **IMPORTANT: Backup your SQLite database before upgrading**
|
||||
- Introduces safer table renaming migration strategy
|
||||
- Addresses longstanding database integrity issues
|
||||
- Add flag to directly manipulate the policy in the database
|
||||
[#2765](https://github.com/juanfont/headscale/pull/2765)
|
||||
- DERPmap update frequency default changed from 24h to 3h
|
||||
[#2741](https://github.com/juanfont/headscale/pull/2741)
|
||||
- Add flag to directly manipulate the policy in the database [#2765](https://github.com/juanfont/headscale/pull/2765)
|
||||
- DERPmap update frequency default changed from 24h to 3h [#2741](https://github.com/juanfont/headscale/pull/2741)
|
||||
- DERPmap update mechanism has been improved with retry, and is now failing
|
||||
conservatively, preserving the old map upon failure.
|
||||
[#2741](https://github.com/juanfont/headscale/pull/2741)
|
||||
- Add support for `autogroup:member`, `autogroup:tagged`
|
||||
[#2572](https://github.com/juanfont/headscale/pull/2572)
|
||||
- Fix bug where return routes were being removed by policy
|
||||
[#2767](https://github.com/juanfont/headscale/pull/2767)
|
||||
- Add support for `autogroup:member`, `autogroup:tagged` [#2572](https://github.com/juanfont/headscale/pull/2572)
|
||||
- Fix bug where return routes were being removed by policy [#2767](https://github.com/juanfont/headscale/pull/2767)
|
||||
- Remove policy v1 code [#2600](https://github.com/juanfont/headscale/pull/2600)
|
||||
- Refactor Debian/Ubuntu packaging and drop support for Ubuntu 20.04.
|
||||
[#2614](https://github.com/juanfont/headscale/pull/2614)
|
||||
- Remove redundant check regarding `noise` config
|
||||
[#2658](https://github.com/juanfont/headscale/pull/2658)
|
||||
- Refactor OpenID Connect documentation
|
||||
[#2625](https://github.com/juanfont/headscale/pull/2625)
|
||||
- Don't crash if config file is missing
|
||||
[#2656](https://github.com/juanfont/headscale/pull/2656)
|
||||
- Adds `/robots.txt` endpoint to avoid crawlers
|
||||
[#2643](https://github.com/juanfont/headscale/pull/2643)
|
||||
- OIDC: Use group claim from UserInfo
|
||||
[#2663](https://github.com/juanfont/headscale/pull/2663)
|
||||
- Refactor Debian/Ubuntu packaging and drop support for Ubuntu 20.04. [#2614](https://github.com/juanfont/headscale/pull/2614)
|
||||
- Remove redundant check regarding `noise` config [#2658](https://github.com/juanfont/headscale/pull/2658)
|
||||
- Refactor OpenID Connect documentation [#2625](https://github.com/juanfont/headscale/pull/2625)
|
||||
- Don't crash if config file is missing [#2656](https://github.com/juanfont/headscale/pull/2656)
|
||||
- Adds `/robots.txt` endpoint to avoid crawlers [#2643](https://github.com/juanfont/headscale/pull/2643)
|
||||
- OIDC: Use group claim from UserInfo [#2663](https://github.com/juanfont/headscale/pull/2663)
|
||||
- OIDC: Update user with claims from UserInfo _before_ comparing with allowed
|
||||
groups, email and domain
|
||||
[#2663](https://github.com/juanfont/headscale/pull/2663)
|
||||
- Policy will now reject invalid fields, making it easier to spot spelling
|
||||
errors [#2764](https://github.com/juanfont/headscale/pull/2764)
|
||||
- Add FAQ entry on how to recover from an invalid policy in the database
|
||||
[#2776](https://github.com/juanfont/headscale/pull/2776)
|
||||
- EXPERIMENTAL: Add support for `autogroup:self`
|
||||
[#2789](https://github.com/juanfont/headscale/pull/2789)
|
||||
- Add healthcheck command
|
||||
[#2659](https://github.com/juanfont/headscale/pull/2659)
|
||||
- Add FAQ entry on how to recover from an invalid policy in the database [#2776](https://github.com/juanfont/headscale/pull/2776)
|
||||
- EXPERIMENTAL: Add support for `autogroup:self` [#2789](https://github.com/juanfont/headscale/pull/2789)
|
||||
- Add healthcheck command [#2659](https://github.com/juanfont/headscale/pull/2659)
|
||||
|
||||
## 0.26.1 (2025-06-06)
|
||||
|
||||
### Changes
|
||||
|
||||
- Ensure nodes are matching both node key and machine key when connecting.
|
||||
[#2642](https://github.com/juanfont/headscale/pull/2642)
|
||||
- Ensure nodes are matching both node key and machine key when connecting. [#2642](https://github.com/juanfont/headscale/pull/2642)
|
||||
|
||||
## 0.26.0 (2025-05-14)
|
||||
|
||||
@ -220,12 +191,9 @@ ID | Hostname | Approved | Available | Serving (Primary)
|
||||
Note that if an exit route is approved (0.0.0.0/0 or ::/0), both IPv4 and IPv6
|
||||
will be approved.
|
||||
|
||||
- Route API and CLI has been removed
|
||||
[#2422](https://github.com/juanfont/headscale/pull/2422)
|
||||
- Routes are now managed via the Node API
|
||||
[#2422](https://github.com/juanfont/headscale/pull/2422)
|
||||
- Only routes accessible to the node will be sent to the node
|
||||
[#2561](https://github.com/juanfont/headscale/pull/2561)
|
||||
- Route API and CLI has been removed [#2422](https://github.com/juanfont/headscale/pull/2422)
|
||||
- Routes are now managed via the Node API [#2422](https://github.com/juanfont/headscale/pull/2422)
|
||||
- Only routes accessible to the node will be sent to the node [#2561](https://github.com/juanfont/headscale/pull/2561)
|
||||
|
||||
#### Policy v2
|
||||
|
||||
@ -297,12 +265,9 @@ working in v1 and not tested might be broken in v2 (and vice versa).
|
||||
|
||||
#### Other breaking changes
|
||||
|
||||
- Disallow `server_url` and `base_domain` to be equal
|
||||
[#2544](https://github.com/juanfont/headscale/pull/2544)
|
||||
- Return full user in API for pre auth keys instead of string
|
||||
[#2542](https://github.com/juanfont/headscale/pull/2542)
|
||||
- Pre auth key API/CLI now uses ID over username
|
||||
[#2542](https://github.com/juanfont/headscale/pull/2542)
|
||||
- Disallow `server_url` and `base_domain` to be equal [#2544](https://github.com/juanfont/headscale/pull/2544)
|
||||
- Return full user in API for pre auth keys instead of string [#2542](https://github.com/juanfont/headscale/pull/2542)
|
||||
- Pre auth key API/CLI now uses ID over username [#2542](https://github.com/juanfont/headscale/pull/2542)
|
||||
- A non-empty list of global nameservers needs to be specified via
|
||||
`dns.nameservers.global` if the configuration option `dns.override_local_dns`
|
||||
is enabled or is not specified in the configuration file. This aligns with
|
||||
@ -312,48 +277,37 @@ working in v1 and not tested might be broken in v2 (and vice versa).
|
||||
### Changes
|
||||
|
||||
- Use Go 1.24 [#2427](https://github.com/juanfont/headscale/pull/2427)
|
||||
- Add `headscale policy check` command to check policy
|
||||
[#2553](https://github.com/juanfont/headscale/pull/2553)
|
||||
- `oidc.map_legacy_users` and `oidc.strip_email_domain` has been removed
|
||||
[#2411](https://github.com/juanfont/headscale/pull/2411)
|
||||
- Add more information to `/debug` endpoint
|
||||
[#2420](https://github.com/juanfont/headscale/pull/2420)
|
||||
- Add `headscale policy check` command to check policy [#2553](https://github.com/juanfont/headscale/pull/2553)
|
||||
- `oidc.map_legacy_users` and `oidc.strip_email_domain` has been removed [#2411](https://github.com/juanfont/headscale/pull/2411)
|
||||
- Add more information to `/debug` endpoint [#2420](https://github.com/juanfont/headscale/pull/2420)
|
||||
- It is now possible to inspect running goroutines and take profiles
|
||||
- View of config, policy, filter, ssh policy per node, connected nodes and
|
||||
DERPmap
|
||||
- OIDC: Fetch UserInfo to get EmailVerified if necessary
|
||||
[#2493](https://github.com/juanfont/headscale/pull/2493)
|
||||
- OIDC: Fetch UserInfo to get EmailVerified if necessary [#2493](https://github.com/juanfont/headscale/pull/2493)
|
||||
- If a OIDC provider doesn't include the `email_verified` claim in its ID
|
||||
tokens, Headscale will attempt to get it from the UserInfo endpoint.
|
||||
- OIDC: Try to populate name, email and username from UserInfo
|
||||
[#2545](https://github.com/juanfont/headscale/pull/2545)
|
||||
- OIDC: Try to populate name, email and username from UserInfo [#2545](https://github.com/juanfont/headscale/pull/2545)
|
||||
- Improve performance by only querying relevant nodes from the database for node
|
||||
updates [#2509](https://github.com/juanfont/headscale/pull/2509)
|
||||
- node FQDNs in the netmap will now contain a dot (".") at the end. This aligns
|
||||
with behaviour of tailscale.com
|
||||
[#2503](https://github.com/juanfont/headscale/pull/2503)
|
||||
- Restore support for "Override local DNS"
|
||||
[#2438](https://github.com/juanfont/headscale/pull/2438)
|
||||
- Add documentation for routes
|
||||
[#2496](https://github.com/juanfont/headscale/pull/2496)
|
||||
- Restore support for "Override local DNS" [#2438](https://github.com/juanfont/headscale/pull/2438)
|
||||
- Add documentation for routes [#2496](https://github.com/juanfont/headscale/pull/2496)
|
||||
|
||||
## 0.25.1 (2025-02-25)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix issue where registration errors are sent correctly
|
||||
[#2435](https://github.com/juanfont/headscale/pull/2435)
|
||||
- Fix issue where routes passed on registration were not saved
|
||||
[#2444](https://github.com/juanfont/headscale/pull/2444)
|
||||
- Fix issue where registration page was displayed twice
|
||||
[#2445](https://github.com/juanfont/headscale/pull/2445)
|
||||
- Fix issue where registration errors are sent correctly [#2435](https://github.com/juanfont/headscale/pull/2435)
|
||||
- Fix issue where routes passed on registration were not saved [#2444](https://github.com/juanfont/headscale/pull/2444)
|
||||
- Fix issue where registration page was displayed twice [#2445](https://github.com/juanfont/headscale/pull/2445)
|
||||
|
||||
## 0.25.0 (2025-02-11)
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Authentication flow has been rewritten
|
||||
[#2374](https://github.com/juanfont/headscale/pull/2374) This change should be
|
||||
- Authentication flow has been rewritten [#2374](https://github.com/juanfont/headscale/pull/2374) This change should be
|
||||
transparent to users with the exception of some buxfixes that has been
|
||||
discovered and was fixed as part of the rewrite.
|
||||
- When a node is registered with _a new user_, it will be registered as a new
|
||||
@ -361,62 +315,44 @@ working in v1 and not tested might be broken in v2 (and vice versa).
|
||||
[#1310](https://github.com/juanfont/headscale/issues/1310)).
|
||||
- A logged out node logging in with the same user will replace the existing
|
||||
node.
|
||||
- Remove support for Tailscale clients older than 1.62 (Capability version 87)
|
||||
[#2405](https://github.com/juanfont/headscale/pull/2405)
|
||||
- Remove support for Tailscale clients older than 1.62 (Capability version 87) [#2405](https://github.com/juanfont/headscale/pull/2405)
|
||||
|
||||
### Changes
|
||||
|
||||
- `oidc.map_legacy_users` is now `false` by default
|
||||
[#2350](https://github.com/juanfont/headscale/pull/2350)
|
||||
- Print Tailscale version instead of capability versions for outdated nodes
|
||||
[#2391](https://github.com/juanfont/headscale/pull/2391)
|
||||
- Do not allow renaming of users from OIDC
|
||||
[#2393](https://github.com/juanfont/headscale/pull/2393)
|
||||
- Change minimum hostname length to 2
|
||||
[#2393](https://github.com/juanfont/headscale/pull/2393)
|
||||
- Fix migration error caused by nodes having invalid auth keys
|
||||
[#2412](https://github.com/juanfont/headscale/pull/2412)
|
||||
- Pre auth keys belonging to a user are no longer deleted with the user
|
||||
[#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Pre auth keys that are used by a node can no longer be deleted
|
||||
[#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Rehaul HTTP errors, return better status code and errors to users
|
||||
[#2398](https://github.com/juanfont/headscale/pull/2398)
|
||||
- Print headscale version and commit on server startup
|
||||
[#2415](https://github.com/juanfont/headscale/pull/2415)
|
||||
- `oidc.map_legacy_users` is now `false` by default [#2350](https://github.com/juanfont/headscale/pull/2350)
|
||||
- Print Tailscale version instead of capability versions for outdated nodes [#2391](https://github.com/juanfont/headscale/pull/2391)
|
||||
- Do not allow renaming of users from OIDC [#2393](https://github.com/juanfont/headscale/pull/2393)
|
||||
- Change minimum hostname length to 2 [#2393](https://github.com/juanfont/headscale/pull/2393)
|
||||
- Fix migration error caused by nodes having invalid auth keys [#2412](https://github.com/juanfont/headscale/pull/2412)
|
||||
- Pre auth keys belonging to a user are no longer deleted with the user [#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Pre auth keys that are used by a node can no longer be deleted [#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Rehaul HTTP errors, return better status code and errors to users [#2398](https://github.com/juanfont/headscale/pull/2398)
|
||||
- Print headscale version and commit on server startup [#2415](https://github.com/juanfont/headscale/pull/2415)
|
||||
|
||||
## 0.24.3 (2025-02-07)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix migration error caused by nodes having invalid auth keys
|
||||
[#2412](https://github.com/juanfont/headscale/pull/2412)
|
||||
- Pre auth keys belonging to a user are no longer deleted with the user
|
||||
[#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Pre auth keys that are used by a node can no longer be deleted
|
||||
[#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Fix migration error caused by nodes having invalid auth keys [#2412](https://github.com/juanfont/headscale/pull/2412)
|
||||
- Pre auth keys belonging to a user are no longer deleted with the user [#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
- Pre auth keys that are used by a node can no longer be deleted [#2396](https://github.com/juanfont/headscale/pull/2396)
|
||||
|
||||
## 0.24.2 (2025-01-30)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix issue where email and username being equal fails to match in Policy
|
||||
[#2388](https://github.com/juanfont/headscale/pull/2388)
|
||||
- Delete invalid routes before adding a NOT NULL constraint on node_id
|
||||
[#2386](https://github.com/juanfont/headscale/pull/2386)
|
||||
- Fix issue where email and username being equal fails to match in Policy [#2388](https://github.com/juanfont/headscale/pull/2388)
|
||||
- Delete invalid routes before adding a NOT NULL constraint on node_id [#2386](https://github.com/juanfont/headscale/pull/2386)
|
||||
|
||||
## 0.24.1 (2025-01-23)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix migration issue with user table for PostgreSQL
|
||||
[#2367](https://github.com/juanfont/headscale/pull/2367)
|
||||
- Relax username validation to allow emails
|
||||
[#2364](https://github.com/juanfont/headscale/pull/2364)
|
||||
- Fix migration issue with user table for PostgreSQL [#2367](https://github.com/juanfont/headscale/pull/2367)
|
||||
- Relax username validation to allow emails [#2364](https://github.com/juanfont/headscale/pull/2364)
|
||||
- Remove invalid routes and add stronger constraints for routes to avoid API
|
||||
panic [#2371](https://github.com/juanfont/headscale/pull/2371)
|
||||
- Fix panic when `derp.update_frequency` is 0
|
||||
[#2368](https://github.com/juanfont/headscale/pull/2368)
|
||||
- Fix panic when `derp.update_frequency` is 0 [#2368](https://github.com/juanfont/headscale/pull/2368)
|
||||
|
||||
## 0.24.0 (2025-01-17)
|
||||
|
||||
@ -553,12 +489,10 @@ This will also affect the way you
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Remove `dns.use_username_in_magic_dns` configuration option
|
||||
[#2020](https://github.com/juanfont/headscale/pull/2020),
|
||||
- Remove `dns.use_username_in_magic_dns` configuration option [#2020](https://github.com/juanfont/headscale/pull/2020),
|
||||
[#2279](https://github.com/juanfont/headscale/pull/2279)
|
||||
- Having usernames in magic DNS is no longer possible.
|
||||
- Remove versions older than 1.56
|
||||
[#2149](https://github.com/juanfont/headscale/pull/2149)
|
||||
- Remove versions older than 1.56 [#2149](https://github.com/juanfont/headscale/pull/2149)
|
||||
- Clean up old code required by old versions
|
||||
- User gRPC/API [#2261](https://github.com/juanfont/headscale/pull/2261):
|
||||
- If you depend on a Headscale Web UI, you should wait with this update until
|
||||
@ -571,27 +505,20 @@ This will also affect the way you
|
||||
|
||||
- Improved compatibility of built-in DERP server with clients connecting over
|
||||
WebSocket [#2132](https://github.com/juanfont/headscale/pull/2132)
|
||||
- Allow nodes to use SSH agent forwarding
|
||||
[#2145](https://github.com/juanfont/headscale/pull/2145)
|
||||
- Fixed processing of fields in post request in MoveNode rpc
|
||||
[#2179](https://github.com/juanfont/headscale/pull/2179)
|
||||
- Allow nodes to use SSH agent forwarding [#2145](https://github.com/juanfont/headscale/pull/2145)
|
||||
- Fixed processing of fields in post request in MoveNode rpc [#2179](https://github.com/juanfont/headscale/pull/2179)
|
||||
- Added conversion of 'Hostname' to 'givenName' in a node with FQDN rules
|
||||
applied [#2198](https://github.com/juanfont/headscale/pull/2198)
|
||||
- Fixed updating of hostname and givenName when it is updated in HostInfo
|
||||
[#2199](https://github.com/juanfont/headscale/pull/2199)
|
||||
- Fixed missing `stable-debug` container tag
|
||||
[#2232](https://github.com/juanfont/headscale/pull/2232)
|
||||
- Fixed updating of hostname and givenName when it is updated in HostInfo [#2199](https://github.com/juanfont/headscale/pull/2199)
|
||||
- Fixed missing `stable-debug` container tag [#2232](https://github.com/juanfont/headscale/pull/2232)
|
||||
- Loosened up `server_url` and `base_domain` check. It was overly strict in some
|
||||
cases. [#2248](https://github.com/juanfont/headscale/pull/2248)
|
||||
- CLI for managing users now accepts `--identifier` in addition to `--name`,
|
||||
usage of `--identifier` is recommended
|
||||
[#2261](https://github.com/juanfont/headscale/pull/2261)
|
||||
- Add `dns.extra_records_path` configuration option
|
||||
[#2262](https://github.com/juanfont/headscale/issues/2262)
|
||||
- Support client verify for DERP
|
||||
[#2046](https://github.com/juanfont/headscale/pull/2046)
|
||||
- Add PKCE Verifier for OIDC
|
||||
[#2314](https://github.com/juanfont/headscale/pull/2314)
|
||||
- Add `dns.extra_records_path` configuration option [#2262](https://github.com/juanfont/headscale/issues/2262)
|
||||
- Support client verify for DERP [#2046](https://github.com/juanfont/headscale/pull/2046)
|
||||
- Add PKCE Verifier for OIDC [#2314](https://github.com/juanfont/headscale/pull/2314)
|
||||
|
||||
## 0.23.0 (2024-09-18)
|
||||
|
||||
@ -655,28 +582,22 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
- Old structure has been remove and the configuration _must_ be converted.
|
||||
- Adds additional configuration for PostgreSQL for setting max open, idle
|
||||
connection and idle connection lifetime.
|
||||
- API: Machine is now Node
|
||||
[#1553](https://github.com/juanfont/headscale/pull/1553)
|
||||
- Remove support for older Tailscale clients
|
||||
[#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||
- API: Machine is now Node [#1553](https://github.com/juanfont/headscale/pull/1553)
|
||||
- Remove support for older Tailscale clients [#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||
- The oldest supported client is 1.42
|
||||
- Headscale checks that _at least_ one DERP is defined at start
|
||||
[#1564](https://github.com/juanfont/headscale/pull/1564)
|
||||
- Headscale checks that _at least_ one DERP is defined at start [#1564](https://github.com/juanfont/headscale/pull/1564)
|
||||
- If no DERP is configured, the server will fail to start, this can be because
|
||||
it cannot load the DERPMap from file or url.
|
||||
- Embedded DERP server requires a private key
|
||||
[#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||
- Embedded DERP server requires a private key [#1611](https://github.com/juanfont/headscale/pull/1611)
|
||||
- Add a filepath entry to
|
||||
[`derp.server.private_key_path`](https://github.com/juanfont/headscale/blob/b35993981297e18393706b2c963d6db882bba6aa/config-example.yaml#L95)
|
||||
- Docker images are now built with goreleaser (ko)
|
||||
[#1716](https://github.com/juanfont/headscale/pull/1716)
|
||||
- Docker images are now built with goreleaser (ko) [#1716](https://github.com/juanfont/headscale/pull/1716)
|
||||
[#1763](https://github.com/juanfont/headscale/pull/1763)
|
||||
- Entrypoint of container image has changed from shell to headscale, require
|
||||
change from `headscale serve` to `serve`
|
||||
- `/var/lib/headscale` and `/var/run/headscale` is no longer created
|
||||
automatically, see [container docs](./docs/setup/install/container.md)
|
||||
- Prefixes are now defined per v4 and v6 range.
|
||||
[#1756](https://github.com/juanfont/headscale/pull/1756)
|
||||
- Prefixes are now defined per v4 and v6 range. [#1756](https://github.com/juanfont/headscale/pull/1756)
|
||||
- `ip_prefixes` option is now `prefixes.v4` and `prefixes.v6`
|
||||
- `prefixes.allocation` can be set to assign IPs at `sequential` or `random`.
|
||||
[#1869](https://github.com/juanfont/headscale/pull/1869)
|
||||
@ -691,30 +612,23 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
note that this option _will be removed_ when tags are fixed.
|
||||
- dns.base_domain can no longer be the same as (or part of) server_url.
|
||||
- This option brings Headscales behaviour in line with Tailscale.
|
||||
- YAML files are no longer supported for headscale policy.
|
||||
[#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||
- YAML files are no longer supported for headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||
- HuJSON is now the only supported format for policy.
|
||||
- DNS configuration has been restructured
|
||||
[#2034](https://github.com/juanfont/headscale/pull/2034)
|
||||
- DNS configuration has been restructured [#2034](https://github.com/juanfont/headscale/pull/2034)
|
||||
- Please review the new [config-example.yaml](./config-example.yaml) for the
|
||||
new structure.
|
||||
|
||||
### Changes
|
||||
|
||||
- Use versioned migrations
|
||||
[#1644](https://github.com/juanfont/headscale/pull/1644)
|
||||
- Make the OIDC callback page better
|
||||
[#1484](https://github.com/juanfont/headscale/pull/1484)
|
||||
- Use versioned migrations [#1644](https://github.com/juanfont/headscale/pull/1644)
|
||||
- Make the OIDC callback page better [#1484](https://github.com/juanfont/headscale/pull/1484)
|
||||
- SSH support [#1487](https://github.com/juanfont/headscale/pull/1487)
|
||||
- State management has been improved
|
||||
[#1492](https://github.com/juanfont/headscale/pull/1492)
|
||||
- Use error group handling to ensure tests actually pass
|
||||
[#1535](https://github.com/juanfont/headscale/pull/1535) based on
|
||||
- State management has been improved [#1492](https://github.com/juanfont/headscale/pull/1492)
|
||||
- Use error group handling to ensure tests actually pass [#1535](https://github.com/juanfont/headscale/pull/1535) based on
|
||||
[#1460](https://github.com/juanfont/headscale/pull/1460)
|
||||
- Fix hang on SIGTERM [#1492](https://github.com/juanfont/headscale/pull/1492)
|
||||
taken from [#1480](https://github.com/juanfont/headscale/pull/1480)
|
||||
- Send logs to stderr by default
|
||||
[#1524](https://github.com/juanfont/headscale/pull/1524)
|
||||
- Send logs to stderr by default [#1524](https://github.com/juanfont/headscale/pull/1524)
|
||||
- Fix [TS-2023-006](https://tailscale.com/security-bulletins/#ts-2023-006)
|
||||
security UPnP issue [#1563](https://github.com/juanfont/headscale/pull/1563)
|
||||
- Turn off gRPC logging [#1640](https://github.com/juanfont/headscale/pull/1640)
|
||||
@ -722,21 +636,15 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
- Added the possibility to manually create a DERP-map entry which can be
|
||||
customized, instead of automatically creating it.
|
||||
[#1565](https://github.com/juanfont/headscale/pull/1565)
|
||||
- Add support for deleting api keys
|
||||
[#1702](https://github.com/juanfont/headscale/pull/1702)
|
||||
- Add support for deleting api keys [#1702](https://github.com/juanfont/headscale/pull/1702)
|
||||
- Add command to backfill IP addresses for nodes missing IPs from configured
|
||||
prefixes. [#1869](https://github.com/juanfont/headscale/pull/1869)
|
||||
- Log available update as warning
|
||||
[#1877](https://github.com/juanfont/headscale/pull/1877)
|
||||
- Add `autogroup:internet` to Policy
|
||||
[#1917](https://github.com/juanfont/headscale/pull/1917)
|
||||
- Restore foreign keys and add constraints
|
||||
[#1562](https://github.com/juanfont/headscale/pull/1562)
|
||||
- Log available update as warning [#1877](https://github.com/juanfont/headscale/pull/1877)
|
||||
- Add `autogroup:internet` to Policy [#1917](https://github.com/juanfont/headscale/pull/1917)
|
||||
- Restore foreign keys and add constraints [#1562](https://github.com/juanfont/headscale/pull/1562)
|
||||
- Make registration page easier to use on mobile devices
|
||||
- Make write-ahead-log default on and configurable for SQLite
|
||||
[#1985](https://github.com/juanfont/headscale/pull/1985)
|
||||
- Add APIs for managing headscale policy.
|
||||
[#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||
- Make write-ahead-log default on and configurable for SQLite [#1985](https://github.com/juanfont/headscale/pull/1985)
|
||||
- Add APIs for managing headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
|
||||
- Fix for registering nodes using preauthkeys when running on a postgres
|
||||
database in a non-UTC timezone.
|
||||
[#764](https://github.com/juanfont/headscale/issues/764)
|
||||
@ -744,33 +652,25 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
- CLI commands (all except `serve`) only requires minimal configuration, no more
|
||||
errors or warnings from unset settings
|
||||
[#2109](https://github.com/juanfont/headscale/pull/2109)
|
||||
- CLI results are now concistently sent to stdout and errors to stderr
|
||||
[#2109](https://github.com/juanfont/headscale/pull/2109)
|
||||
- Fix issue where shutting down headscale would hang
|
||||
[#2113](https://github.com/juanfont/headscale/pull/2113)
|
||||
- CLI results are now concistently sent to stdout and errors to stderr [#2109](https://github.com/juanfont/headscale/pull/2109)
|
||||
- Fix issue where shutting down headscale would hang [#2113](https://github.com/juanfont/headscale/pull/2113)
|
||||
|
||||
## 0.22.3 (2023-05-12)
|
||||
|
||||
### Changes
|
||||
|
||||
- Added missing ca-certificates in Docker image
|
||||
[#1463](https://github.com/juanfont/headscale/pull/1463)
|
||||
- Added missing ca-certificates in Docker image [#1463](https://github.com/juanfont/headscale/pull/1463)
|
||||
|
||||
## 0.22.2 (2023-05-10)
|
||||
|
||||
### Changes
|
||||
|
||||
- Add environment flags to enable pprof (profiling)
|
||||
[#1382](https://github.com/juanfont/headscale/pull/1382)
|
||||
- Add environment flags to enable pprof (profiling) [#1382](https://github.com/juanfont/headscale/pull/1382)
|
||||
- Profiles are continuously generated in our integration tests.
|
||||
- Fix systemd service file location in `.deb` packages
|
||||
[#1391](https://github.com/juanfont/headscale/pull/1391)
|
||||
- Improvements on Noise implementation
|
||||
[#1379](https://github.com/juanfont/headscale/pull/1379)
|
||||
- Replace node filter logic, ensuring nodes with access can see each other
|
||||
[#1381](https://github.com/juanfont/headscale/pull/1381)
|
||||
- Disable (or delete) both exit routes at the same time
|
||||
[#1428](https://github.com/juanfont/headscale/pull/1428)
|
||||
- Fix systemd service file location in `.deb` packages [#1391](https://github.com/juanfont/headscale/pull/1391)
|
||||
- Improvements on Noise implementation [#1379](https://github.com/juanfont/headscale/pull/1379)
|
||||
- Replace node filter logic, ensuring nodes with access can see each other [#1381](https://github.com/juanfont/headscale/pull/1381)
|
||||
- Disable (or delete) both exit routes at the same time [#1428](https://github.com/juanfont/headscale/pull/1428)
|
||||
- Ditch distroless for Docker image, create default socket dir in
|
||||
`/var/run/headscale` [#1450](https://github.com/juanfont/headscale/pull/1450)
|
||||
|
||||
@ -778,65 +678,49 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix issue where systemd could not bind to port 80
|
||||
[#1365](https://github.com/juanfont/headscale/pull/1365)
|
||||
- Fix issue where systemd could not bind to port 80 [#1365](https://github.com/juanfont/headscale/pull/1365)
|
||||
|
||||
## 0.22.0 (2023-04-20)
|
||||
|
||||
### Changes
|
||||
|
||||
- Add `.deb` packages to release process
|
||||
[#1297](https://github.com/juanfont/headscale/pull/1297)
|
||||
- Update and simplify the documentation to use new `.deb` packages
|
||||
[#1349](https://github.com/juanfont/headscale/pull/1349)
|
||||
- Add 32-bit Arm platforms to release process
|
||||
[#1297](https://github.com/juanfont/headscale/pull/1297)
|
||||
- Add `.deb` packages to release process [#1297](https://github.com/juanfont/headscale/pull/1297)
|
||||
- Update and simplify the documentation to use new `.deb` packages [#1349](https://github.com/juanfont/headscale/pull/1349)
|
||||
- Add 32-bit Arm platforms to release process [#1297](https://github.com/juanfont/headscale/pull/1297)
|
||||
- Fix longstanding bug that would prevent "\*" from working properly in ACLs
|
||||
(issue [#699](https://github.com/juanfont/headscale/issues/699))
|
||||
[#1279](https://github.com/juanfont/headscale/pull/1279)
|
||||
- Fix issue where IPv6 could not be used in, or while using ACLs (part of
|
||||
[#809](https://github.com/juanfont/headscale/issues/809))
|
||||
- Fix issue where IPv6 could not be used in, or while using ACLs (part of [#809](https://github.com/juanfont/headscale/issues/809))
|
||||
[#1339](https://github.com/juanfont/headscale/pull/1339)
|
||||
- Target Go 1.20 and Tailscale 1.38 for Headscale
|
||||
[#1323](https://github.com/juanfont/headscale/pull/1323)
|
||||
- Target Go 1.20 and Tailscale 1.38 for Headscale [#1323](https://github.com/juanfont/headscale/pull/1323)
|
||||
|
||||
## 0.21.0 (2023-03-20)
|
||||
|
||||
### Changes
|
||||
|
||||
- Adding "configtest" CLI command.
|
||||
[#1230](https://github.com/juanfont/headscale/pull/1230)
|
||||
- Add documentation on connecting with iOS to `/apple`
|
||||
[#1261](https://github.com/juanfont/headscale/pull/1261)
|
||||
- Update iOS compatibility and added documentation for iOS
|
||||
[#1264](https://github.com/juanfont/headscale/pull/1264)
|
||||
- Allow to delete routes
|
||||
[#1244](https://github.com/juanfont/headscale/pull/1244)
|
||||
- Adding "configtest" CLI command. [#1230](https://github.com/juanfont/headscale/pull/1230)
|
||||
- Add documentation on connecting with iOS to `/apple` [#1261](https://github.com/juanfont/headscale/pull/1261)
|
||||
- Update iOS compatibility and added documentation for iOS [#1264](https://github.com/juanfont/headscale/pull/1264)
|
||||
- Allow to delete routes [#1244](https://github.com/juanfont/headscale/pull/1244)
|
||||
|
||||
## 0.20.0 (2023-02-03)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix wrong behaviour in exit nodes
|
||||
[#1159](https://github.com/juanfont/headscale/pull/1159)
|
||||
- Align behaviour of `dns_config.restricted_nameservers` to tailscale
|
||||
[#1162](https://github.com/juanfont/headscale/pull/1162)
|
||||
- Make OpenID Connect authenticated client expiry time configurable
|
||||
[#1191](https://github.com/juanfont/headscale/pull/1191)
|
||||
- Fix wrong behaviour in exit nodes [#1159](https://github.com/juanfont/headscale/pull/1159)
|
||||
- Align behaviour of `dns_config.restricted_nameservers` to tailscale [#1162](https://github.com/juanfont/headscale/pull/1162)
|
||||
- Make OpenID Connect authenticated client expiry time configurable [#1191](https://github.com/juanfont/headscale/pull/1191)
|
||||
- defaults to 180 days like Tailscale SaaS
|
||||
- adds option to use the expiry time from the OpenID token for the node (see
|
||||
config-example.yaml)
|
||||
- Set ControlTime in Map info sent to nodes
|
||||
[#1195](https://github.com/juanfont/headscale/pull/1195)
|
||||
- Populate Tags field on Node updates sent
|
||||
[#1195](https://github.com/juanfont/headscale/pull/1195)
|
||||
- Set ControlTime in Map info sent to nodes [#1195](https://github.com/juanfont/headscale/pull/1195)
|
||||
- Populate Tags field on Node updates sent [#1195](https://github.com/juanfont/headscale/pull/1195)
|
||||
|
||||
## 0.19.0 (2023-01-29)
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Rename Namespace to User
|
||||
[#1144](https://github.com/juanfont/headscale/pull/1144)
|
||||
- Rename Namespace to User [#1144](https://github.com/juanfont/headscale/pull/1144)
|
||||
- **BACKUP your database before upgrading**
|
||||
- Command line flags previously taking `--namespace` or `-n` will now require
|
||||
`--user` or `-u`
|
||||
@ -845,35 +729,23 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
|
||||
### Changes
|
||||
|
||||
- Reworked routing and added support for subnet router failover
|
||||
[#1024](https://github.com/juanfont/headscale/pull/1024)
|
||||
- Added an OIDC AllowGroups Configuration options and authorization check
|
||||
[#1041](https://github.com/juanfont/headscale/pull/1041)
|
||||
- Set `db_ssl` to false by default
|
||||
[#1052](https://github.com/juanfont/headscale/pull/1052)
|
||||
- Fix duplicate nodes due to incorrect implementation of the protocol
|
||||
[#1058](https://github.com/juanfont/headscale/pull/1058)
|
||||
- Report if a machine is online in CLI more accurately
|
||||
[#1062](https://github.com/juanfont/headscale/pull/1062)
|
||||
- Added config option for custom DNS records
|
||||
[#1035](https://github.com/juanfont/headscale/pull/1035)
|
||||
- Expire nodes based on OIDC token expiry
|
||||
[#1067](https://github.com/juanfont/headscale/pull/1067)
|
||||
- Remove ephemeral nodes on logout
|
||||
[#1098](https://github.com/juanfont/headscale/pull/1098)
|
||||
- Performance improvements in ACLs
|
||||
[#1129](https://github.com/juanfont/headscale/pull/1129)
|
||||
- OIDC client secret can be passed via a file
|
||||
[#1127](https://github.com/juanfont/headscale/pull/1127)
|
||||
- Reworked routing and added support for subnet router failover [#1024](https://github.com/juanfont/headscale/pull/1024)
|
||||
- Added an OIDC AllowGroups Configuration options and authorization check [#1041](https://github.com/juanfont/headscale/pull/1041)
|
||||
- Set `db_ssl` to false by default [#1052](https://github.com/juanfont/headscale/pull/1052)
|
||||
- Fix duplicate nodes due to incorrect implementation of the protocol [#1058](https://github.com/juanfont/headscale/pull/1058)
|
||||
- Report if a machine is online in CLI more accurately [#1062](https://github.com/juanfont/headscale/pull/1062)
|
||||
- Added config option for custom DNS records [#1035](https://github.com/juanfont/headscale/pull/1035)
|
||||
- Expire nodes based on OIDC token expiry [#1067](https://github.com/juanfont/headscale/pull/1067)
|
||||
- Remove ephemeral nodes on logout [#1098](https://github.com/juanfont/headscale/pull/1098)
|
||||
- Performance improvements in ACLs [#1129](https://github.com/juanfont/headscale/pull/1129)
|
||||
- OIDC client secret can be passed via a file [#1127](https://github.com/juanfont/headscale/pull/1127)
|
||||
|
||||
## 0.17.1 (2022-12-05)
|
||||
|
||||
### Changes
|
||||
|
||||
- Correct typo on macOS standalone profile link
|
||||
[#1028](https://github.com/juanfont/headscale/pull/1028)
|
||||
- Update platform docs with Fast User Switching
|
||||
[#1016](https://github.com/juanfont/headscale/pull/1016)
|
||||
- Correct typo on macOS standalone profile link [#1028](https://github.com/juanfont/headscale/pull/1028)
|
||||
- Update platform docs with Fast User Switching [#1016](https://github.com/juanfont/headscale/pull/1016)
|
||||
|
||||
## 0.17.0 (2022-11-26)
|
||||
|
||||
@ -883,13 +755,11 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
protocol.
|
||||
- Log level option `log_level` was moved to a distinct `log` config section and
|
||||
renamed to `level` [#768](https://github.com/juanfont/headscale/pull/768)
|
||||
- Removed Alpine Linux container image
|
||||
[#962](https://github.com/juanfont/headscale/pull/962)
|
||||
- Removed Alpine Linux container image [#962](https://github.com/juanfont/headscale/pull/962)
|
||||
|
||||
### Important Changes
|
||||
|
||||
- Added support for Tailscale TS2021 protocol
|
||||
[#738](https://github.com/juanfont/headscale/pull/738)
|
||||
- Added support for Tailscale TS2021 protocol [#738](https://github.com/juanfont/headscale/pull/738)
|
||||
- Add experimental support for
|
||||
[SSH ACL](https://tailscale.com/kb/1018/acls/#tailscale-ssh) (see docs for
|
||||
limitations) [#847](https://github.com/juanfont/headscale/pull/847)
|
||||
@ -909,81 +779,57 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
|
||||
### Changes
|
||||
|
||||
- Add ability to specify config location via env var `HEADSCALE_CONFIG`
|
||||
[#674](https://github.com/juanfont/headscale/issues/674)
|
||||
- Target Go 1.19 for Headscale
|
||||
[#778](https://github.com/juanfont/headscale/pull/778)
|
||||
- Target Tailscale v1.30.0 to build Headscale
|
||||
[#780](https://github.com/juanfont/headscale/pull/780)
|
||||
- Add ability to specify config location via env var `HEADSCALE_CONFIG` [#674](https://github.com/juanfont/headscale/issues/674)
|
||||
- Target Go 1.19 for Headscale [#778](https://github.com/juanfont/headscale/pull/778)
|
||||
- Target Tailscale v1.30.0 to build Headscale [#780](https://github.com/juanfont/headscale/pull/780)
|
||||
- Give a warning when running Headscale with reverse proxy improperly configured
|
||||
for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
|
||||
- Fix subnet routers with Primary Routes
|
||||
[#811](https://github.com/juanfont/headscale/pull/811)
|
||||
- Added support for JSON logs
|
||||
[#653](https://github.com/juanfont/headscale/issues/653)
|
||||
- Sanitise the node key passed to registration url
|
||||
[#823](https://github.com/juanfont/headscale/pull/823)
|
||||
- Add support for generating pre-auth keys with tags
|
||||
[#767](https://github.com/juanfont/headscale/pull/767)
|
||||
- Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811)
|
||||
- Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653)
|
||||
- Sanitise the node key passed to registration url [#823](https://github.com/juanfont/headscale/pull/823)
|
||||
- Add support for generating pre-auth keys with tags [#767](https://github.com/juanfont/headscale/pull/767)
|
||||
- Add support for evaluating `autoApprovers` ACL entries when a machine is
|
||||
registered [#763](https://github.com/juanfont/headscale/pull/763)
|
||||
- Add config flag to allow Headscale to start if OIDC provider is down
|
||||
[#829](https://github.com/juanfont/headscale/pull/829)
|
||||
- Fix prefix length comparison bug in AutoApprovers route evaluation
|
||||
[#862](https://github.com/juanfont/headscale/pull/862)
|
||||
- Random node DNS suffix only applied if names collide in namespace.
|
||||
[#766](https://github.com/juanfont/headscale/issues/766)
|
||||
- Remove `ip_prefix` configuration option and warning
|
||||
[#899](https://github.com/juanfont/headscale/pull/899)
|
||||
- Add `dns_config.override_local_dns` option
|
||||
[#905](https://github.com/juanfont/headscale/pull/905)
|
||||
- Fix some DNS config issues
|
||||
[#660](https://github.com/juanfont/headscale/issues/660)
|
||||
- Make it possible to disable TS2019 with build flag
|
||||
[#928](https://github.com/juanfont/headscale/pull/928)
|
||||
- Fix OIDC registration issues
|
||||
[#960](https://github.com/juanfont/headscale/pull/960) and
|
||||
- Add config flag to allow Headscale to start if OIDC provider is down [#829](https://github.com/juanfont/headscale/pull/829)
|
||||
- Fix prefix length comparison bug in AutoApprovers route evaluation [#862](https://github.com/juanfont/headscale/pull/862)
|
||||
- Random node DNS suffix only applied if names collide in namespace. [#766](https://github.com/juanfont/headscale/issues/766)
|
||||
- Remove `ip_prefix` configuration option and warning [#899](https://github.com/juanfont/headscale/pull/899)
|
||||
- Add `dns_config.override_local_dns` option [#905](https://github.com/juanfont/headscale/pull/905)
|
||||
- Fix some DNS config issues [#660](https://github.com/juanfont/headscale/issues/660)
|
||||
- Make it possible to disable TS2019 with build flag [#928](https://github.com/juanfont/headscale/pull/928)
|
||||
- Fix OIDC registration issues [#960](https://github.com/juanfont/headscale/pull/960) and
|
||||
[#971](https://github.com/juanfont/headscale/pull/971)
|
||||
- Add support for specifying NextDNS DNS-over-HTTPS resolver
|
||||
[#940](https://github.com/juanfont/headscale/pull/940)
|
||||
- Make more sslmode available for postgresql connection
|
||||
[#927](https://github.com/juanfont/headscale/pull/927)
|
||||
- Add support for specifying NextDNS DNS-over-HTTPS resolver [#940](https://github.com/juanfont/headscale/pull/940)
|
||||
- Make more sslmode available for postgresql connection [#927](https://github.com/juanfont/headscale/pull/927)
|
||||
|
||||
## 0.16.4 (2022-08-21)
|
||||
|
||||
### Changes
|
||||
|
||||
- Add ability to connect to PostgreSQL over TLS/SSL
|
||||
[#745](https://github.com/juanfont/headscale/pull/745)
|
||||
- Fix CLI registration of expired machines
|
||||
[#754](https://github.com/juanfont/headscale/pull/754)
|
||||
- Add ability to connect to PostgreSQL over TLS/SSL [#745](https://github.com/juanfont/headscale/pull/745)
|
||||
- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754)
|
||||
|
||||
## 0.16.3 (2022-08-17)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix issue with OIDC authentication
|
||||
[#747](https://github.com/juanfont/headscale/pull/747)
|
||||
- Fix issue with OIDC authentication [#747](https://github.com/juanfont/headscale/pull/747)
|
||||
|
||||
## 0.16.2 (2022-08-14)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fixed bugs in the client registration process after migration to NodeKey
|
||||
[#735](https://github.com/juanfont/headscale/pull/735)
|
||||
- Fixed bugs in the client registration process after migration to NodeKey [#735](https://github.com/juanfont/headscale/pull/735)
|
||||
|
||||
## 0.16.1 (2022-08-12)
|
||||
|
||||
### Changes
|
||||
|
||||
- Updated dependencies (including the library that lacked armhf support)
|
||||
[#722](https://github.com/juanfont/headscale/pull/722)
|
||||
- Fix missing group expansion in function `excludeCorrectlyTaggedNodes`
|
||||
[#563](https://github.com/juanfont/headscale/issues/563)
|
||||
- Updated dependencies (including the library that lacked armhf support) [#722](https://github.com/juanfont/headscale/pull/722)
|
||||
- Fix missing group expansion in function `excludeCorrectlyTaggedNodes` [#563](https://github.com/juanfont/headscale/issues/563)
|
||||
- Improve registration protocol implementation and switch to NodeKey as main
|
||||
identifier [#725](https://github.com/juanfont/headscale/pull/725)
|
||||
- Add ability to connect to PostgreSQL via unix socket
|
||||
[#734](https://github.com/juanfont/headscale/pull/734)
|
||||
- Add ability to connect to PostgreSQL via unix socket [#734](https://github.com/juanfont/headscale/pull/734)
|
||||
|
||||
## 0.16.0 (2022-07-25)
|
||||
|
||||
@ -996,44 +842,30 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
|
||||
### Changes
|
||||
|
||||
- **Drop** armhf (32-bit ARM) support.
|
||||
[#609](https://github.com/juanfont/headscale/pull/609)
|
||||
- Headscale fails to serve if the ACL policy file cannot be parsed
|
||||
[#537](https://github.com/juanfont/headscale/pull/537)
|
||||
- Fix labels cardinality error when registering unknown pre-auth key
|
||||
[#519](https://github.com/juanfont/headscale/pull/519)
|
||||
- Fix send on closed channel crash in polling
|
||||
[#542](https://github.com/juanfont/headscale/pull/542)
|
||||
- Fixed spurious calls to setLastStateChangeToNow from ephemeral nodes
|
||||
[#566](https://github.com/juanfont/headscale/pull/566)
|
||||
- Add command for moving nodes between namespaces
|
||||
[#362](https://github.com/juanfont/headscale/issues/362)
|
||||
- **Drop** armhf (32-bit ARM) support. [#609](https://github.com/juanfont/headscale/pull/609)
|
||||
- Headscale fails to serve if the ACL policy file cannot be parsed [#537](https://github.com/juanfont/headscale/pull/537)
|
||||
- Fix labels cardinality error when registering unknown pre-auth key [#519](https://github.com/juanfont/headscale/pull/519)
|
||||
- Fix send on closed channel crash in polling [#542](https://github.com/juanfont/headscale/pull/542)
|
||||
- Fixed spurious calls to setLastStateChangeToNow from ephemeral nodes [#566](https://github.com/juanfont/headscale/pull/566)
|
||||
- Add command for moving nodes between namespaces [#362](https://github.com/juanfont/headscale/issues/362)
|
||||
- Added more configuration parameters for OpenID Connect (scopes, free-form
|
||||
parameters, domain and user allowlist)
|
||||
- Add command to set tags on a node
|
||||
[#525](https://github.com/juanfont/headscale/issues/525)
|
||||
- Add command to view tags of nodes
|
||||
[#356](https://github.com/juanfont/headscale/issues/356)
|
||||
- Add --all (-a) flag to enable routes command
|
||||
[#360](https://github.com/juanfont/headscale/issues/360)
|
||||
- Fix issue where nodes was not updated across namespaces
|
||||
[#560](https://github.com/juanfont/headscale/pull/560)
|
||||
- Add the ability to rename a nodes name
|
||||
[#560](https://github.com/juanfont/headscale/pull/560)
|
||||
- Add command to set tags on a node [#525](https://github.com/juanfont/headscale/issues/525)
|
||||
- Add command to view tags of nodes [#356](https://github.com/juanfont/headscale/issues/356)
|
||||
- Add --all (-a) flag to enable routes command [#360](https://github.com/juanfont/headscale/issues/360)
|
||||
- Fix issue where nodes was not updated across namespaces [#560](https://github.com/juanfont/headscale/pull/560)
|
||||
- Add the ability to rename a nodes name [#560](https://github.com/juanfont/headscale/pull/560)
|
||||
- Node DNS names are now unique, a random suffix will be added when a node
|
||||
joins
|
||||
- This change contains database changes, remember to **backup** your database
|
||||
before upgrading
|
||||
- Add option to enable/disable logtail (Tailscale's logging infrastructure)
|
||||
[#596](https://github.com/juanfont/headscale/pull/596)
|
||||
- Add option to enable/disable logtail (Tailscale's logging infrastructure) [#596](https://github.com/juanfont/headscale/pull/596)
|
||||
- This change disables the logs by default
|
||||
- Use [Prometheus]'s duration parser, supporting days (`d`), weeks (`w`) and
|
||||
years (`y`) [#598](https://github.com/juanfont/headscale/pull/598)
|
||||
- Add support for reloading ACLs with SIGHUP
|
||||
[#601](https://github.com/juanfont/headscale/pull/601)
|
||||
- Add support for reloading ACLs with SIGHUP [#601](https://github.com/juanfont/headscale/pull/601)
|
||||
- Use new ACL syntax [#618](https://github.com/juanfont/headscale/pull/618)
|
||||
- Add -c option to specify config file from command line
|
||||
[#285](https://github.com/juanfont/headscale/issues/285)
|
||||
- Add -c option to specify config file from command line [#285](https://github.com/juanfont/headscale/issues/285)
|
||||
[#612](https://github.com/juanfont/headscale/pull/601)
|
||||
- Add configuration option to allow Tailscale clients to use a random WireGuard
|
||||
port. [kb/1181/firewalls](https://tailscale.com/kb/1181/firewalls)
|
||||
@ -1041,19 +873,14 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
- Improve obtuse UX regarding missing configuration
|
||||
(`ephemeral_node_inactivity_timeout` not set)
|
||||
[#639](https://github.com/juanfont/headscale/pull/639)
|
||||
- Fix nodes being shown as 'offline' in `tailscale status`
|
||||
[#648](https://github.com/juanfont/headscale/pull/648)
|
||||
- Improve shutdown behaviour
|
||||
[#651](https://github.com/juanfont/headscale/pull/651)
|
||||
- Fix nodes being shown as 'offline' in `tailscale status` [#648](https://github.com/juanfont/headscale/pull/648)
|
||||
- Improve shutdown behaviour [#651](https://github.com/juanfont/headscale/pull/651)
|
||||
- Drop Gin as web framework in Headscale
|
||||
[648](https://github.com/juanfont/headscale/pull/648)
|
||||
[677](https://github.com/juanfont/headscale/pull/677)
|
||||
- Make tailnet node updates check interval configurable
|
||||
[#675](https://github.com/juanfont/headscale/pull/675)
|
||||
- Fix regression with HTTP API
|
||||
[#684](https://github.com/juanfont/headscale/pull/684)
|
||||
- nodes ls now print both Hostname and Name(Issue
|
||||
[#647](https://github.com/juanfont/headscale/issues/647) PR
|
||||
- Make tailnet node updates check interval configurable [#675](https://github.com/juanfont/headscale/pull/675)
|
||||
- Fix regression with HTTP API [#684](https://github.com/juanfont/headscale/pull/684)
|
||||
- nodes ls now print both Hostname and Name(Issue [#647](https://github.com/juanfont/headscale/issues/647) PR
|
||||
[#687](https://github.com/juanfont/headscale/pull/687))
|
||||
|
||||
## 0.15.0 (2022-03-20)
|
||||
@ -1065,8 +892,7 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
- Boundaries between Namespaces has been removed and all nodes can communicate
|
||||
by default [#357](https://github.com/juanfont/headscale/pull/357)
|
||||
- To limit access between nodes, use [ACLs](./docs/ref/acls.md).
|
||||
- `/metrics` is now a configurable host:port endpoint:
|
||||
[#344](https://github.com/juanfont/headscale/pull/344). You must update your
|
||||
- `/metrics` is now a configurable host:port endpoint: [#344](https://github.com/juanfont/headscale/pull/344). You must update your
|
||||
`config.yaml` file to include:
|
||||
```yaml
|
||||
metrics_listen_addr: 127.0.0.1:9090
|
||||
@ -1074,23 +900,18 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
|
||||
### Features
|
||||
|
||||
- Add support for writing ACL files with YAML
|
||||
[#359](https://github.com/juanfont/headscale/pull/359)
|
||||
- Users can now use emails in ACL's groups
|
||||
[#372](https://github.com/juanfont/headscale/issues/372)
|
||||
- Add shorthand aliases for commands and subcommands
|
||||
[#376](https://github.com/juanfont/headscale/pull/376)
|
||||
- Add support for writing ACL files with YAML [#359](https://github.com/juanfont/headscale/pull/359)
|
||||
- Users can now use emails in ACL's groups [#372](https://github.com/juanfont/headscale/issues/372)
|
||||
- Add shorthand aliases for commands and subcommands [#376](https://github.com/juanfont/headscale/pull/376)
|
||||
- Add `/windows` endpoint for Windows configuration instructions + registry file
|
||||
download [#392](https://github.com/juanfont/headscale/pull/392)
|
||||
- Added embedded DERP (and STUN) server into Headscale
|
||||
[#388](https://github.com/juanfont/headscale/pull/388)
|
||||
- Added embedded DERP (and STUN) server into Headscale [#388](https://github.com/juanfont/headscale/pull/388)
|
||||
|
||||
### Changes
|
||||
|
||||
- Fix a bug were the same IP could be assigned to multiple hosts if joined in
|
||||
quick succession [#346](https://github.com/juanfont/headscale/pull/346)
|
||||
- Simplify the code behind registration of machines
|
||||
[#366](https://github.com/juanfont/headscale/pull/366)
|
||||
- Simplify the code behind registration of machines [#366](https://github.com/juanfont/headscale/pull/366)
|
||||
- Nodes are now only written to database if they are registered successfully
|
||||
- Fix a limitation in the ACLs that prevented users to write rules with `*` as
|
||||
source [#374](https://github.com/juanfont/headscale/issues/374)
|
||||
@ -1099,8 +920,7 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
|
||||
[#371](https://github.com/juanfont/headscale/pull/371)
|
||||
- Apply normalization function to FQDN on hostnames when hosts registers and
|
||||
retrieve information [#363](https://github.com/juanfont/headscale/issues/363)
|
||||
- Fix a bug that prevented the use of `tailscale logout` with OIDC
|
||||
[#508](https://github.com/juanfont/headscale/issues/508)
|
||||
- Fix a bug that prevented the use of `tailscale logout` with OIDC [#508](https://github.com/juanfont/headscale/issues/508)
|
||||
- Added Tailscale repo HEAD and unstable releases channel to the integration
|
||||
tests targets [#513](https://github.com/juanfont/headscale/pull/513)
|
||||
|
||||
@ -1127,13 +947,11 @@ behaviour.
|
||||
|
||||
### Features
|
||||
|
||||
- Add support for configurable mTLS [docs](./docs/ref/tls.md)
|
||||
[#297](https://github.com/juanfont/headscale/pull/297)
|
||||
- Add support for configurable mTLS [docs](./docs/ref/tls.md) [#297](https://github.com/juanfont/headscale/pull/297)
|
||||
|
||||
### Changes
|
||||
|
||||
- Remove dependency on CGO (switch from CGO SQLite to pure Go)
|
||||
[#346](https://github.com/juanfont/headscale/pull/346)
|
||||
- Remove dependency on CGO (switch from CGO SQLite to pure Go) [#346](https://github.com/juanfont/headscale/pull/346)
|
||||
|
||||
**0.13.0 (2022-02-18):**
|
||||
|
||||
@ -1152,25 +970,18 @@ behaviour.
|
||||
|
||||
### Changes
|
||||
|
||||
- `ip_prefix` is now superseded by `ip_prefixes` in the configuration
|
||||
[#208](https://github.com/juanfont/headscale/pull/208)
|
||||
- Upgrade `tailscale` (1.20.4) and other dependencies to latest
|
||||
[#314](https://github.com/juanfont/headscale/pull/314)
|
||||
- fix swapped machine<->namespace labels in `/metrics`
|
||||
[#312](https://github.com/juanfont/headscale/pull/312)
|
||||
- remove key-value based update mechanism for namespace changes
|
||||
[#316](https://github.com/juanfont/headscale/pull/316)
|
||||
- `ip_prefix` is now superseded by `ip_prefixes` in the configuration [#208](https://github.com/juanfont/headscale/pull/208)
|
||||
- Upgrade `tailscale` (1.20.4) and other dependencies to latest [#314](https://github.com/juanfont/headscale/pull/314)
|
||||
- fix swapped machine<->namespace labels in `/metrics` [#312](https://github.com/juanfont/headscale/pull/312)
|
||||
- remove key-value based update mechanism for namespace changes [#316](https://github.com/juanfont/headscale/pull/316)
|
||||
|
||||
**0.12.4 (2022-01-29):**
|
||||
|
||||
### Changes
|
||||
|
||||
- Make gRPC Unix Socket permissions configurable
|
||||
[#292](https://github.com/juanfont/headscale/pull/292)
|
||||
- Trim whitespace before reading Private Key from file
|
||||
[#289](https://github.com/juanfont/headscale/pull/289)
|
||||
- Add new command to generate a private key for `headscale`
|
||||
[#290](https://github.com/juanfont/headscale/pull/290)
|
||||
- Make gRPC Unix Socket permissions configurable [#292](https://github.com/juanfont/headscale/pull/292)
|
||||
- Trim whitespace before reading Private Key from file [#289](https://github.com/juanfont/headscale/pull/289)
|
||||
- Add new command to generate a private key for `headscale` [#290](https://github.com/juanfont/headscale/pull/290)
|
||||
- Fixed issue where hosts deleted from control server may be written back to the
|
||||
database, as long as they are connected to the control server
|
||||
[#278](https://github.com/juanfont/headscale/pull/278)
|
||||
@ -1180,8 +991,7 @@ behaviour.
|
||||
### Changes
|
||||
|
||||
- Added Alpine container [#270](https://github.com/juanfont/headscale/pull/270)
|
||||
- Minor updates in dependencies
|
||||
[#271](https://github.com/juanfont/headscale/pull/271)
|
||||
- Minor updates in dependencies [#271](https://github.com/juanfont/headscale/pull/271)
|
||||
|
||||
## 0.12.2 (2022-01-11)
|
||||
|
||||
@ -1200,8 +1010,7 @@ tagging)
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Upgrade to Tailscale 1.18
|
||||
[#229](https://github.com/juanfont/headscale/pull/229)
|
||||
- Upgrade to Tailscale 1.18 [#229](https://github.com/juanfont/headscale/pull/229)
|
||||
- This change requires a new format for private key, private keys are now
|
||||
generated automatically:
|
||||
1. Delete your current key
|
||||
@ -1210,25 +1019,19 @@ tagging)
|
||||
|
||||
### Changes
|
||||
|
||||
- Unify configuration example
|
||||
[#197](https://github.com/juanfont/headscale/pull/197)
|
||||
- Add stricter linting and formatting
|
||||
[#223](https://github.com/juanfont/headscale/pull/223)
|
||||
- Unify configuration example [#197](https://github.com/juanfont/headscale/pull/197)
|
||||
- Add stricter linting and formatting [#223](https://github.com/juanfont/headscale/pull/223)
|
||||
|
||||
### Features
|
||||
|
||||
- Add gRPC and HTTP API (HTTP API is currently disabled)
|
||||
[#204](https://github.com/juanfont/headscale/pull/204)
|
||||
- Use gRPC between the CLI and the server
|
||||
[#206](https://github.com/juanfont/headscale/pull/206),
|
||||
- Add gRPC and HTTP API (HTTP API is currently disabled) [#204](https://github.com/juanfont/headscale/pull/204)
|
||||
- Use gRPC between the CLI and the server [#206](https://github.com/juanfont/headscale/pull/206),
|
||||
[#212](https://github.com/juanfont/headscale/pull/212)
|
||||
- Beta OpenID Connect support
|
||||
[#126](https://github.com/juanfont/headscale/pull/126),
|
||||
- Beta OpenID Connect support [#126](https://github.com/juanfont/headscale/pull/126),
|
||||
[#227](https://github.com/juanfont/headscale/pull/227)
|
||||
|
||||
## 0.11.0 (2021-10-25)
|
||||
|
||||
### BREAKING
|
||||
|
||||
- Make headscale fetch DERP map from URL and file
|
||||
[#196](https://github.com/juanfont/headscale/pull/196)
|
||||
- Make headscale fetch DERP map from URL and file [#196](https://github.com/juanfont/headscale/pull/196)
|
||||
|
||||
1
Makefile
1
Makefile
@ -64,7 +64,6 @@ fmt-go: check-deps $(GO_SOURCES)
|
||||
fmt-prettier: check-deps $(DOC_SOURCES)
|
||||
@echo "Formatting documentation and config files..."
|
||||
prettier --write '**/*.{ts,js,md,yaml,yml,sass,css,scss,html}'
|
||||
prettier --write --print-width 80 --prose-wrap always CHANGELOG.md
|
||||
|
||||
.PHONY: fmt-proto
|
||||
fmt-proto: check-deps $(PROTO_SOURCES)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user