prettier: use standard config for all files including changelog (#2879)

.pre-commit-config.yaml

@@ -57,14 +57,6 @@ repos:
             sass,
             markdown,
           ]
-        exclude: ^CHANGELOG\.md$
-
-      # Prettier for CHANGELOG.md with special formatting
-      - id: prettier-changelog
-        name: prettier-changelog
-        entry: prettier --write --print-width 80 --prose-wrap always
-        language: system
-        files: ^CHANGELOG\.md$
 
       # golangci-lint for Go code quality
       - id: golangci-lint

CHANGELOG.md

@@ -4,6 +4,7 @@
 
 ### Changes
 
+- Add NixOS module in repository for faster iteration [#2857](https://github.com/juanfont/headscale/pull/2857)
 - Add favicon to webpages
   [#2858](https://github.com/juanfont/headscale/pull/2858)
 - Reclaim IPs from the IP allocator when nodes are deleted
@@ -15,31 +16,18 @@
 
 ### Changes
 
-- Expire nodes with a custom timestamp
+- Expire nodes with a custom timestamp [#2828](https://github.com/juanfont/headscale/pull/2828)
-  [#2828](https://github.com/juanfont/headscale/pull/2828)
+- Fix issue where node expiry was reset when tailscaled restarts [#2875](https://github.com/juanfont/headscale/pull/2875)
-- Fix issue where node expiry was reset when tailscaled restarts
+- Fix OIDC authentication when multiple login URLs are opened [#2861](https://github.com/juanfont/headscale/pull/2861)
-  [#2875](https://github.com/juanfont/headscale/pull/2875)
+- Fix node re-registration failing with expired auth keys [#2859](https://github.com/juanfont/headscale/pull/2859)
-- Fix OIDC authentication when multiple login URLs are opened
+- Remove old unused database tables and indices [#2844](https://github.com/juanfont/headscale/pull/2844) [#2872](https://github.com/juanfont/headscale/pull/2872)
-  [#2861](https://github.com/juanfont/headscale/pull/2861)
+- Ignore litestream tables during database validation [#2843](https://github.com/juanfont/headscale/pull/2843)
-- Fix node re-registration failing with expired auth keys
+- Fix exit node visibility to respect ACL rules [#2855](https://github.com/juanfont/headscale/pull/2855)
-  [#2859](https://github.com/juanfont/headscale/pull/2859)
+- Fix SSH policy becoming empty when unknown user is referenced [#2874](https://github.com/juanfont/headscale/pull/2874)
-- Remove old unused database tables and indices
+- Fix policy validation when using bypass-grpc mode [#2854](https://github.com/juanfont/headscale/pull/2854)
-  [#2844](https://github.com/juanfont/headscale/pull/2844)
+- Fix autogroup:self interaction with other ACL rules [#2842](https://github.com/juanfont/headscale/pull/2842)
-  [#2872](https://github.com/juanfont/headscale/pull/2872)
+- Fix flaky DERP map shuffle test [#2848](https://github.com/juanfont/headscale/pull/2848)
-- Ignore litestream tables during database validation
+- Use current stable base images for Debian and Alpine containers [#2827](https://github.com/juanfont/headscale/pull/2827)
-  [#2843](https://github.com/juanfont/headscale/pull/2843)
-- Fix exit node visibility to respect ACL rules
-  [#2855](https://github.com/juanfont/headscale/pull/2855)
-- Fix SSH policy becoming empty when unknown user is referenced
-  [#2874](https://github.com/juanfont/headscale/pull/2874)
-- Fix policy validation when using bypass-grpc mode
-  [#2854](https://github.com/juanfont/headscale/pull/2854)
-- Fix autogroup:self interaction with other ACL rules
-  [#2842](https://github.com/juanfont/headscale/pull/2842)
-- Fix flaky DERP map shuffle test
-  [#2848](https://github.com/juanfont/headscale/pull/2848)
-- Use current stable base images for Debian and Alpine containers
-  [#2827](https://github.com/juanfont/headscale/pull/2827)
 
 ## 0.27.0 (2025-10-27)
 
@@ -119,12 +107,9 @@ the code base over time and make it more correct and efficient.
 
 ### BREAKING
 
-- Remove support for 32-bit binaries
+- Remove support for 32-bit binaries [#2692](https://github.com/juanfont/headscale/pull/2692)
-  [#2692](https://github.com/juanfont/headscale/pull/2692)
+- Policy: Zero or empty destination port is no longer allowed [#2606](https://github.com/juanfont/headscale/pull/2606)
-- Policy: Zero or empty destination port is no longer allowed
+- Stricter hostname validation [#2383](https://github.com/juanfont/headscale/pull/2383)
-  [#2606](https://github.com/juanfont/headscale/pull/2606)
-- Stricter hostname validation
-  [#2383](https://github.com/juanfont/headscale/pull/2383)
   - Hostnames must be valid DNS labels (2-63 characters, alphanumeric and
     hyphens only, cannot start/end with hyphen)
   - **Client Registration (New Nodes)**: Invalid hostnames are automatically
@@ -140,53 +125,39 @@ the code base over time and make it more correct and efficient.
       starting/ending with hyphen are rejected
 
 ### Changes
-- **Database schema migration improvements for SQLite**
+
-  [#2617](https://github.com/juanfont/headscale/pull/2617)
+- **Database schema migration improvements for SQLite** [#2617](https://github.com/juanfont/headscale/pull/2617)
   - **IMPORTANT: Backup your SQLite database before upgrading**
   - Introduces safer table renaming migration strategy
   - Addresses longstanding database integrity issues
-- Add flag to directly manipulate the policy in the database
+- Add flag to directly manipulate the policy in the database [#2765](https://github.com/juanfont/headscale/pull/2765)
-  [#2765](https://github.com/juanfont/headscale/pull/2765)
+- DERPmap update frequency default changed from 24h to 3h [#2741](https://github.com/juanfont/headscale/pull/2741)
-- DERPmap update frequency default changed from 24h to 3h
-  [#2741](https://github.com/juanfont/headscale/pull/2741)
 - DERPmap update mechanism has been improved with retry, and is now failing
   conservatively, preserving the old map upon failure.
   [#2741](https://github.com/juanfont/headscale/pull/2741)
-- Add support for `autogroup:member`, `autogroup:tagged`
+- Add support for `autogroup:member`, `autogroup:tagged` [#2572](https://github.com/juanfont/headscale/pull/2572)
-  [#2572](https://github.com/juanfont/headscale/pull/2572)
+- Fix bug where return routes were being removed by policy [#2767](https://github.com/juanfont/headscale/pull/2767)
-- Fix bug where return routes were being removed by policy
-  [#2767](https://github.com/juanfont/headscale/pull/2767)
 - Remove policy v1 code [#2600](https://github.com/juanfont/headscale/pull/2600)
-- Refactor Debian/Ubuntu packaging and drop support for Ubuntu 20.04.
+- Refactor Debian/Ubuntu packaging and drop support for Ubuntu 20.04. [#2614](https://github.com/juanfont/headscale/pull/2614)
-  [#2614](https://github.com/juanfont/headscale/pull/2614)
+- Remove redundant check regarding `noise` config [#2658](https://github.com/juanfont/headscale/pull/2658)
-- Remove redundant check regarding `noise` config
+- Refactor OpenID Connect documentation [#2625](https://github.com/juanfont/headscale/pull/2625)
-  [#2658](https://github.com/juanfont/headscale/pull/2658)
+- Don't crash if config file is missing [#2656](https://github.com/juanfont/headscale/pull/2656)
-- Refactor OpenID Connect documentation
+- Adds `/robots.txt` endpoint to avoid crawlers [#2643](https://github.com/juanfont/headscale/pull/2643)
-  [#2625](https://github.com/juanfont/headscale/pull/2625)
+- OIDC: Use group claim from UserInfo [#2663](https://github.com/juanfont/headscale/pull/2663)
-- Don't crash if config file is missing
-  [#2656](https://github.com/juanfont/headscale/pull/2656)
-- Adds `/robots.txt` endpoint to avoid crawlers
-  [#2643](https://github.com/juanfont/headscale/pull/2643)
-- OIDC: Use group claim from UserInfo
-  [#2663](https://github.com/juanfont/headscale/pull/2663)
 - OIDC: Update user with claims from UserInfo _before_ comparing with allowed
   groups, email and domain
   [#2663](https://github.com/juanfont/headscale/pull/2663)
 - Policy will now reject invalid fields, making it easier to spot spelling
   errors [#2764](https://github.com/juanfont/headscale/pull/2764)
-- Add FAQ entry on how to recover from an invalid policy in the database
+- Add FAQ entry on how to recover from an invalid policy in the database [#2776](https://github.com/juanfont/headscale/pull/2776)
-  [#2776](https://github.com/juanfont/headscale/pull/2776)
+- EXPERIMENTAL: Add support for `autogroup:self` [#2789](https://github.com/juanfont/headscale/pull/2789)
-- EXPERIMENTAL: Add support for `autogroup:self`
+- Add healthcheck command [#2659](https://github.com/juanfont/headscale/pull/2659)
-  [#2789](https://github.com/juanfont/headscale/pull/2789)
-- Add healthcheck command
-  [#2659](https://github.com/juanfont/headscale/pull/2659)
 
 ## 0.26.1 (2025-06-06)
 
 ### Changes
 
-- Ensure nodes are matching both node key and machine key when connecting.
+- Ensure nodes are matching both node key and machine key when connecting. [#2642](https://github.com/juanfont/headscale/pull/2642)
-  [#2642](https://github.com/juanfont/headscale/pull/2642)
 
 ## 0.26.0 (2025-05-14)
 
@@ -220,12 +191,9 @@ ID | Hostname           | Approved        | Available       | Serving (Primary)
 Note that if an exit route is approved (0.0.0.0/0 or ::/0), both IPv4 and IPv6
 will be approved.
 
-- Route API and CLI has been removed
+- Route API and CLI has been removed [#2422](https://github.com/juanfont/headscale/pull/2422)
-  [#2422](https://github.com/juanfont/headscale/pull/2422)
+- Routes are now managed via the Node API [#2422](https://github.com/juanfont/headscale/pull/2422)
-- Routes are now managed via the Node API
+- Only routes accessible to the node will be sent to the node [#2561](https://github.com/juanfont/headscale/pull/2561)
-  [#2422](https://github.com/juanfont/headscale/pull/2422)
-- Only routes accessible to the node will be sent to the node
-  [#2561](https://github.com/juanfont/headscale/pull/2561)
 
 #### Policy v2
 
@@ -297,12 +265,9 @@ working in v1 and not tested might be broken in v2 (and vice versa).
 
 #### Other breaking changes
 
-- Disallow `server_url` and `base_domain` to be equal
+- Disallow `server_url` and `base_domain` to be equal [#2544](https://github.com/juanfont/headscale/pull/2544)
-  [#2544](https://github.com/juanfont/headscale/pull/2544)
+- Return full user in API for pre auth keys instead of string [#2542](https://github.com/juanfont/headscale/pull/2542)
-- Return full user in API for pre auth keys instead of string
+- Pre auth key API/CLI now uses ID over username [#2542](https://github.com/juanfont/headscale/pull/2542)
-  [#2542](https://github.com/juanfont/headscale/pull/2542)
-- Pre auth key API/CLI now uses ID over username
-  [#2542](https://github.com/juanfont/headscale/pull/2542)
 - A non-empty list of global nameservers needs to be specified via
   `dns.nameservers.global` if the configuration option `dns.override_local_dns`
   is enabled or is not specified in the configuration file. This aligns with
@@ -312,48 +277,37 @@ working in v1 and not tested might be broken in v2 (and vice versa).
 ### Changes
 
 - Use Go 1.24 [#2427](https://github.com/juanfont/headscale/pull/2427)
-- Add `headscale policy check` command to check policy
+- Add `headscale policy check` command to check policy [#2553](https://github.com/juanfont/headscale/pull/2553)
-  [#2553](https://github.com/juanfont/headscale/pull/2553)
+- `oidc.map_legacy_users` and `oidc.strip_email_domain` has been removed [#2411](https://github.com/juanfont/headscale/pull/2411)
-- `oidc.map_legacy_users` and `oidc.strip_email_domain` has been removed
+- Add more information to `/debug` endpoint [#2420](https://github.com/juanfont/headscale/pull/2420)
-  [#2411](https://github.com/juanfont/headscale/pull/2411)
-- Add more information to `/debug` endpoint
-  [#2420](https://github.com/juanfont/headscale/pull/2420)
   - It is now possible to inspect running goroutines and take profiles
   - View of config, policy, filter, ssh policy per node, connected nodes and
     DERPmap
-- OIDC: Fetch UserInfo to get EmailVerified if necessary
+- OIDC: Fetch UserInfo to get EmailVerified if necessary [#2493](https://github.com/juanfont/headscale/pull/2493)
-  [#2493](https://github.com/juanfont/headscale/pull/2493)
   - If a OIDC provider doesn't include the `email_verified` claim in its ID
     tokens, Headscale will attempt to get it from the UserInfo endpoint.
-- OIDC: Try to populate name, email and username from UserInfo
+- OIDC: Try to populate name, email and username from UserInfo [#2545](https://github.com/juanfont/headscale/pull/2545)
-  [#2545](https://github.com/juanfont/headscale/pull/2545)
 - Improve performance by only querying relevant nodes from the database for node
   updates [#2509](https://github.com/juanfont/headscale/pull/2509)
 - node FQDNs in the netmap will now contain a dot (".") at the end. This aligns
   with behaviour of tailscale.com
   [#2503](https://github.com/juanfont/headscale/pull/2503)
-- Restore support for "Override local DNS"
+- Restore support for "Override local DNS" [#2438](https://github.com/juanfont/headscale/pull/2438)
-  [#2438](https://github.com/juanfont/headscale/pull/2438)
+- Add documentation for routes [#2496](https://github.com/juanfont/headscale/pull/2496)
-- Add documentation for routes
-  [#2496](https://github.com/juanfont/headscale/pull/2496)
 
 ## 0.25.1 (2025-02-25)
 
 ### Changes
 
-- Fix issue where registration errors are sent correctly
+- Fix issue where registration errors are sent correctly [#2435](https://github.com/juanfont/headscale/pull/2435)
-  [#2435](https://github.com/juanfont/headscale/pull/2435)
+- Fix issue where routes passed on registration were not saved [#2444](https://github.com/juanfont/headscale/pull/2444)
-- Fix issue where routes passed on registration were not saved
+- Fix issue where registration page was displayed twice [#2445](https://github.com/juanfont/headscale/pull/2445)
-  [#2444](https://github.com/juanfont/headscale/pull/2444)
-- Fix issue where registration page was displayed twice
-  [#2445](https://github.com/juanfont/headscale/pull/2445)
 
 ## 0.25.0 (2025-02-11)
 
 ### BREAKING
 
-- Authentication flow has been rewritten
+- Authentication flow has been rewritten [#2374](https://github.com/juanfont/headscale/pull/2374) This change should be
-  [#2374](https://github.com/juanfont/headscale/pull/2374) This change should be
   transparent to users with the exception of some buxfixes that has been
   discovered and was fixed as part of the rewrite.
   - When a node is registered with _a new user_, it will be registered as a new
@@ -361,62 +315,44 @@ working in v1 and not tested might be broken in v2 (and vice versa).
     [#1310](https://github.com/juanfont/headscale/issues/1310)).
   - A logged out node logging in with the same user will replace the existing
     node.
-- Remove support for Tailscale clients older than 1.62 (Capability version 87)
+- Remove support for Tailscale clients older than 1.62 (Capability version 87) [#2405](https://github.com/juanfont/headscale/pull/2405)
-  [#2405](https://github.com/juanfont/headscale/pull/2405)
 
 ### Changes
 
-- `oidc.map_legacy_users` is now `false` by default
+- `oidc.map_legacy_users` is now `false` by default [#2350](https://github.com/juanfont/headscale/pull/2350)
-  [#2350](https://github.com/juanfont/headscale/pull/2350)
+- Print Tailscale version instead of capability versions for outdated nodes [#2391](https://github.com/juanfont/headscale/pull/2391)
-- Print Tailscale version instead of capability versions for outdated nodes
+- Do not allow renaming of users from OIDC [#2393](https://github.com/juanfont/headscale/pull/2393)
-  [#2391](https://github.com/juanfont/headscale/pull/2391)
+- Change minimum hostname length to 2 [#2393](https://github.com/juanfont/headscale/pull/2393)
-- Do not allow renaming of users from OIDC
+- Fix migration error caused by nodes having invalid auth keys [#2412](https://github.com/juanfont/headscale/pull/2412)
-  [#2393](https://github.com/juanfont/headscale/pull/2393)
+- Pre auth keys belonging to a user are no longer deleted with the user [#2396](https://github.com/juanfont/headscale/pull/2396)
-- Change minimum hostname length to 2
+- Pre auth keys that are used by a node can no longer be deleted [#2396](https://github.com/juanfont/headscale/pull/2396)
-  [#2393](https://github.com/juanfont/headscale/pull/2393)
+- Rehaul HTTP errors, return better status code and errors to users [#2398](https://github.com/juanfont/headscale/pull/2398)
-- Fix migration error caused by nodes having invalid auth keys
+- Print headscale version and commit on server startup [#2415](https://github.com/juanfont/headscale/pull/2415)
-  [#2412](https://github.com/juanfont/headscale/pull/2412)
-- Pre auth keys belonging to a user are no longer deleted with the user
-  [#2396](https://github.com/juanfont/headscale/pull/2396)
-- Pre auth keys that are used by a node can no longer be deleted
-  [#2396](https://github.com/juanfont/headscale/pull/2396)
-- Rehaul HTTP errors, return better status code and errors to users
-  [#2398](https://github.com/juanfont/headscale/pull/2398)
-- Print headscale version and commit on server startup
-  [#2415](https://github.com/juanfont/headscale/pull/2415)
 
 ## 0.24.3 (2025-02-07)
 
 ### Changes
 
-- Fix migration error caused by nodes having invalid auth keys
+- Fix migration error caused by nodes having invalid auth keys [#2412](https://github.com/juanfont/headscale/pull/2412)
-  [#2412](https://github.com/juanfont/headscale/pull/2412)
+- Pre auth keys belonging to a user are no longer deleted with the user [#2396](https://github.com/juanfont/headscale/pull/2396)
-- Pre auth keys belonging to a user are no longer deleted with the user
+- Pre auth keys that are used by a node can no longer be deleted [#2396](https://github.com/juanfont/headscale/pull/2396)
-  [#2396](https://github.com/juanfont/headscale/pull/2396)
-- Pre auth keys that are used by a node can no longer be deleted
-  [#2396](https://github.com/juanfont/headscale/pull/2396)
 
 ## 0.24.2 (2025-01-30)
 
 ### Changes
 
-- Fix issue where email and username being equal fails to match in Policy
+- Fix issue where email and username being equal fails to match in Policy [#2388](https://github.com/juanfont/headscale/pull/2388)
-  [#2388](https://github.com/juanfont/headscale/pull/2388)
+- Delete invalid routes before adding a NOT NULL constraint on node_id [#2386](https://github.com/juanfont/headscale/pull/2386)
-- Delete invalid routes before adding a NOT NULL constraint on node_id
-  [#2386](https://github.com/juanfont/headscale/pull/2386)
 
 ## 0.24.1 (2025-01-23)
 
 ### Changes
 
-- Fix migration issue with user table for PostgreSQL
+- Fix migration issue with user table for PostgreSQL [#2367](https://github.com/juanfont/headscale/pull/2367)
-  [#2367](https://github.com/juanfont/headscale/pull/2367)
+- Relax username validation to allow emails [#2364](https://github.com/juanfont/headscale/pull/2364)
-- Relax username validation to allow emails
-  [#2364](https://github.com/juanfont/headscale/pull/2364)
 - Remove invalid routes and add stronger constraints for routes to avoid API
   panic [#2371](https://github.com/juanfont/headscale/pull/2371)
-- Fix panic when `derp.update_frequency` is 0
+- Fix panic when `derp.update_frequency` is 0 [#2368](https://github.com/juanfont/headscale/pull/2368)
-  [#2368](https://github.com/juanfont/headscale/pull/2368)
 
 ## 0.24.0 (2025-01-17)
 
@@ -553,12 +489,10 @@ This will also affect the way you
 
 ### BREAKING
 
-- Remove `dns.use_username_in_magic_dns` configuration option
+- Remove `dns.use_username_in_magic_dns` configuration option [#2020](https://github.com/juanfont/headscale/pull/2020),
-  [#2020](https://github.com/juanfont/headscale/pull/2020),
   [#2279](https://github.com/juanfont/headscale/pull/2279)
   - Having usernames in magic DNS is no longer possible.
-- Remove versions older than 1.56
+- Remove versions older than 1.56 [#2149](https://github.com/juanfont/headscale/pull/2149)
-  [#2149](https://github.com/juanfont/headscale/pull/2149)
   - Clean up old code required by old versions
 - User gRPC/API [#2261](https://github.com/juanfont/headscale/pull/2261):
   - If you depend on a Headscale Web UI, you should wait with this update until
@@ -571,27 +505,20 @@ This will also affect the way you
 
 - Improved compatibility of built-in DERP server with clients connecting over
   WebSocket [#2132](https://github.com/juanfont/headscale/pull/2132)
-- Allow nodes to use SSH agent forwarding
+- Allow nodes to use SSH agent forwarding [#2145](https://github.com/juanfont/headscale/pull/2145)
-  [#2145](https://github.com/juanfont/headscale/pull/2145)
+- Fixed processing of fields in post request in MoveNode rpc [#2179](https://github.com/juanfont/headscale/pull/2179)
-- Fixed processing of fields in post request in MoveNode rpc
-  [#2179](https://github.com/juanfont/headscale/pull/2179)
 - Added conversion of 'Hostname' to 'givenName' in a node with FQDN rules
   applied [#2198](https://github.com/juanfont/headscale/pull/2198)
-- Fixed updating of hostname and givenName when it is updated in HostInfo
+- Fixed updating of hostname and givenName when it is updated in HostInfo [#2199](https://github.com/juanfont/headscale/pull/2199)
-  [#2199](https://github.com/juanfont/headscale/pull/2199)
+- Fixed missing `stable-debug` container tag [#2232](https://github.com/juanfont/headscale/pull/2232)
-- Fixed missing `stable-debug` container tag
-  [#2232](https://github.com/juanfont/headscale/pull/2232)
 - Loosened up `server_url` and `base_domain` check. It was overly strict in some
   cases. [#2248](https://github.com/juanfont/headscale/pull/2248)
 - CLI for managing users now accepts `--identifier` in addition to `--name`,
   usage of `--identifier` is recommended
   [#2261](https://github.com/juanfont/headscale/pull/2261)
-- Add `dns.extra_records_path` configuration option
+- Add `dns.extra_records_path` configuration option [#2262](https://github.com/juanfont/headscale/issues/2262)
-  [#2262](https://github.com/juanfont/headscale/issues/2262)
+- Support client verify for DERP [#2046](https://github.com/juanfont/headscale/pull/2046)
-- Support client verify for DERP
+- Add PKCE Verifier for OIDC [#2314](https://github.com/juanfont/headscale/pull/2314)
-  [#2046](https://github.com/juanfont/headscale/pull/2046)
-- Add PKCE Verifier for OIDC
-  [#2314](https://github.com/juanfont/headscale/pull/2314)
 
 ## 0.23.0 (2024-09-18)
 
@@ -655,28 +582,22 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
   - Old structure has been remove and the configuration _must_ be converted.
   - Adds additional configuration for PostgreSQL for setting max open, idle
     connection and idle connection lifetime.
-- API: Machine is now Node
+- API: Machine is now Node [#1553](https://github.com/juanfont/headscale/pull/1553)
-  [#1553](https://github.com/juanfont/headscale/pull/1553)
+- Remove support for older Tailscale clients [#1611](https://github.com/juanfont/headscale/pull/1611)
-- Remove support for older Tailscale clients
-  [#1611](https://github.com/juanfont/headscale/pull/1611)
   - The oldest supported client is 1.42
-- Headscale checks that _at least_ one DERP is defined at start
+- Headscale checks that _at least_ one DERP is defined at start [#1564](https://github.com/juanfont/headscale/pull/1564)
-  [#1564](https://github.com/juanfont/headscale/pull/1564)
   - If no DERP is configured, the server will fail to start, this can be because
     it cannot load the DERPMap from file or url.
-- Embedded DERP server requires a private key
+- Embedded DERP server requires a private key [#1611](https://github.com/juanfont/headscale/pull/1611)
-  [#1611](https://github.com/juanfont/headscale/pull/1611)
   - Add a filepath entry to
     [`derp.server.private_key_path`](https://github.com/juanfont/headscale/blob/b35993981297e18393706b2c963d6db882bba6aa/config-example.yaml#L95)
-- Docker images are now built with goreleaser (ko)
+- Docker images are now built with goreleaser (ko) [#1716](https://github.com/juanfont/headscale/pull/1716)
-  [#1716](https://github.com/juanfont/headscale/pull/1716)
   [#1763](https://github.com/juanfont/headscale/pull/1763)
   - Entrypoint of container image has changed from shell to headscale, require
     change from `headscale serve` to `serve`
   - `/var/lib/headscale` and `/var/run/headscale` is no longer created
     automatically, see [container docs](./docs/setup/install/container.md)
-- Prefixes are now defined per v4 and v6 range.
+- Prefixes are now defined per v4 and v6 range. [#1756](https://github.com/juanfont/headscale/pull/1756)
-  [#1756](https://github.com/juanfont/headscale/pull/1756)
   - `ip_prefixes` option is now `prefixes.v4` and `prefixes.v6`
   - `prefixes.allocation` can be set to assign IPs at `sequential` or `random`.
     [#1869](https://github.com/juanfont/headscale/pull/1869)
@@ -691,30 +612,23 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
     note that this option _will be removed_ when tags are fixed.
     - dns.base_domain can no longer be the same as (or part of) server_url.
     - This option brings Headscales behaviour in line with Tailscale.
-- YAML files are no longer supported for headscale policy.
+- YAML files are no longer supported for headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
-  [#1792](https://github.com/juanfont/headscale/pull/1792)
   - HuJSON is now the only supported format for policy.
-- DNS configuration has been restructured
+- DNS configuration has been restructured [#2034](https://github.com/juanfont/headscale/pull/2034)
-  [#2034](https://github.com/juanfont/headscale/pull/2034)
   - Please review the new [config-example.yaml](./config-example.yaml) for the
     new structure.
 
 ### Changes
 
-- Use versioned migrations
+- Use versioned migrations [#1644](https://github.com/juanfont/headscale/pull/1644)
-  [#1644](https://github.com/juanfont/headscale/pull/1644)
+- Make the OIDC callback page better [#1484](https://github.com/juanfont/headscale/pull/1484)
-- Make the OIDC callback page better
-  [#1484](https://github.com/juanfont/headscale/pull/1484)
 - SSH support [#1487](https://github.com/juanfont/headscale/pull/1487)
-- State management has been improved
+- State management has been improved [#1492](https://github.com/juanfont/headscale/pull/1492)
-  [#1492](https://github.com/juanfont/headscale/pull/1492)
+- Use error group handling to ensure tests actually pass [#1535](https://github.com/juanfont/headscale/pull/1535) based on
-- Use error group handling to ensure tests actually pass
-  [#1535](https://github.com/juanfont/headscale/pull/1535) based on
   [#1460](https://github.com/juanfont/headscale/pull/1460)
 - Fix hang on SIGTERM [#1492](https://github.com/juanfont/headscale/pull/1492)
   taken from [#1480](https://github.com/juanfont/headscale/pull/1480)
-- Send logs to stderr by default
+- Send logs to stderr by default [#1524](https://github.com/juanfont/headscale/pull/1524)
-  [#1524](https://github.com/juanfont/headscale/pull/1524)
 - Fix [TS-2023-006](https://tailscale.com/security-bulletins/#ts-2023-006)
   security UPnP issue [#1563](https://github.com/juanfont/headscale/pull/1563)
 - Turn off gRPC logging [#1640](https://github.com/juanfont/headscale/pull/1640)
@@ -722,21 +636,15 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 - Added the possibility to manually create a DERP-map entry which can be
   customized, instead of automatically creating it.
   [#1565](https://github.com/juanfont/headscale/pull/1565)
-- Add support for deleting api keys
+- Add support for deleting api keys [#1702](https://github.com/juanfont/headscale/pull/1702)
-  [#1702](https://github.com/juanfont/headscale/pull/1702)
 - Add command to backfill IP addresses for nodes missing IPs from configured
   prefixes. [#1869](https://github.com/juanfont/headscale/pull/1869)
-- Log available update as warning
+- Log available update as warning [#1877](https://github.com/juanfont/headscale/pull/1877)
-  [#1877](https://github.com/juanfont/headscale/pull/1877)
+- Add `autogroup:internet` to Policy [#1917](https://github.com/juanfont/headscale/pull/1917)
-- Add `autogroup:internet` to Policy
+- Restore foreign keys and add constraints [#1562](https://github.com/juanfont/headscale/pull/1562)
-  [#1917](https://github.com/juanfont/headscale/pull/1917)
-- Restore foreign keys and add constraints
-  [#1562](https://github.com/juanfont/headscale/pull/1562)
 - Make registration page easier to use on mobile devices
-- Make write-ahead-log default on and configurable for SQLite
+- Make write-ahead-log default on and configurable for SQLite [#1985](https://github.com/juanfont/headscale/pull/1985)
-  [#1985](https://github.com/juanfont/headscale/pull/1985)
+- Add APIs for managing headscale policy. [#1792](https://github.com/juanfont/headscale/pull/1792)
-- Add APIs for managing headscale policy.
-  [#1792](https://github.com/juanfont/headscale/pull/1792)
 - Fix for registering nodes using preauthkeys when running on a postgres
   database in a non-UTC timezone.
   [#764](https://github.com/juanfont/headscale/issues/764)
@@ -744,33 +652,25 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 - CLI commands (all except `serve`) only requires minimal configuration, no more
   errors or warnings from unset settings
   [#2109](https://github.com/juanfont/headscale/pull/2109)
-- CLI results are now concistently sent to stdout and errors to stderr
+- CLI results are now concistently sent to stdout and errors to stderr [#2109](https://github.com/juanfont/headscale/pull/2109)
-  [#2109](https://github.com/juanfont/headscale/pull/2109)
+- Fix issue where shutting down headscale would hang [#2113](https://github.com/juanfont/headscale/pull/2113)
-- Fix issue where shutting down headscale would hang
-  [#2113](https://github.com/juanfont/headscale/pull/2113)
 
 ## 0.22.3 (2023-05-12)
 
 ### Changes
 
-- Added missing ca-certificates in Docker image
+- Added missing ca-certificates in Docker image [#1463](https://github.com/juanfont/headscale/pull/1463)
-  [#1463](https://github.com/juanfont/headscale/pull/1463)
 
 ## 0.22.2 (2023-05-10)
 
 ### Changes
 
-- Add environment flags to enable pprof (profiling)
+- Add environment flags to enable pprof (profiling) [#1382](https://github.com/juanfont/headscale/pull/1382)
-  [#1382](https://github.com/juanfont/headscale/pull/1382)
   - Profiles are continuously generated in our integration tests.
-- Fix systemd service file location in `.deb` packages
+- Fix systemd service file location in `.deb` packages [#1391](https://github.com/juanfont/headscale/pull/1391)
-  [#1391](https://github.com/juanfont/headscale/pull/1391)
+- Improvements on Noise implementation [#1379](https://github.com/juanfont/headscale/pull/1379)
-- Improvements on Noise implementation
+- Replace node filter logic, ensuring nodes with access can see each other [#1381](https://github.com/juanfont/headscale/pull/1381)
-  [#1379](https://github.com/juanfont/headscale/pull/1379)
+- Disable (or delete) both exit routes at the same time [#1428](https://github.com/juanfont/headscale/pull/1428)
-- Replace node filter logic, ensuring nodes with access can see each other
-  [#1381](https://github.com/juanfont/headscale/pull/1381)
-- Disable (or delete) both exit routes at the same time
-  [#1428](https://github.com/juanfont/headscale/pull/1428)
 - Ditch distroless for Docker image, create default socket dir in
   `/var/run/headscale` [#1450](https://github.com/juanfont/headscale/pull/1450)
 
@@ -778,65 +678,49 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 
 ### Changes
 
-- Fix issue where systemd could not bind to port 80
+- Fix issue where systemd could not bind to port 80 [#1365](https://github.com/juanfont/headscale/pull/1365)
-  [#1365](https://github.com/juanfont/headscale/pull/1365)
 
 ## 0.22.0 (2023-04-20)
 
 ### Changes
 
-- Add `.deb` packages to release process
+- Add `.deb` packages to release process [#1297](https://github.com/juanfont/headscale/pull/1297)
-  [#1297](https://github.com/juanfont/headscale/pull/1297)
+- Update and simplify the documentation to use new `.deb` packages [#1349](https://github.com/juanfont/headscale/pull/1349)
-- Update and simplify the documentation to use new `.deb` packages
+- Add 32-bit Arm platforms to release process [#1297](https://github.com/juanfont/headscale/pull/1297)
-  [#1349](https://github.com/juanfont/headscale/pull/1349)
-- Add 32-bit Arm platforms to release process
-  [#1297](https://github.com/juanfont/headscale/pull/1297)
 - Fix longstanding bug that would prevent "\*" from working properly in ACLs
   (issue [#699](https://github.com/juanfont/headscale/issues/699))
   [#1279](https://github.com/juanfont/headscale/pull/1279)
-- Fix issue where IPv6 could not be used in, or while using ACLs (part of
+- Fix issue where IPv6 could not be used in, or while using ACLs (part of [#809](https://github.com/juanfont/headscale/issues/809))
-  [#809](https://github.com/juanfont/headscale/issues/809))
   [#1339](https://github.com/juanfont/headscale/pull/1339)
-- Target Go 1.20 and Tailscale 1.38 for Headscale
+- Target Go 1.20 and Tailscale 1.38 for Headscale [#1323](https://github.com/juanfont/headscale/pull/1323)
-  [#1323](https://github.com/juanfont/headscale/pull/1323)
 
 ## 0.21.0 (2023-03-20)
 
 ### Changes
 
-- Adding "configtest" CLI command.
+- Adding "configtest" CLI command. [#1230](https://github.com/juanfont/headscale/pull/1230)
-  [#1230](https://github.com/juanfont/headscale/pull/1230)
+- Add documentation on connecting with iOS to `/apple` [#1261](https://github.com/juanfont/headscale/pull/1261)
-- Add documentation on connecting with iOS to `/apple`
+- Update iOS compatibility and added documentation for iOS [#1264](https://github.com/juanfont/headscale/pull/1264)
-  [#1261](https://github.com/juanfont/headscale/pull/1261)
+- Allow to delete routes [#1244](https://github.com/juanfont/headscale/pull/1244)
-- Update iOS compatibility and added documentation for iOS
-  [#1264](https://github.com/juanfont/headscale/pull/1264)
-- Allow to delete routes
-  [#1244](https://github.com/juanfont/headscale/pull/1244)
 
 ## 0.20.0 (2023-02-03)
 
 ### Changes
 
-- Fix wrong behaviour in exit nodes
+- Fix wrong behaviour in exit nodes [#1159](https://github.com/juanfont/headscale/pull/1159)
-  [#1159](https://github.com/juanfont/headscale/pull/1159)
+- Align behaviour of `dns_config.restricted_nameservers` to tailscale [#1162](https://github.com/juanfont/headscale/pull/1162)
-- Align behaviour of `dns_config.restricted_nameservers` to tailscale
+- Make OpenID Connect authenticated client expiry time configurable [#1191](https://github.com/juanfont/headscale/pull/1191)
-  [#1162](https://github.com/juanfont/headscale/pull/1162)
-- Make OpenID Connect authenticated client expiry time configurable
-  [#1191](https://github.com/juanfont/headscale/pull/1191)
   - defaults to 180 days like Tailscale SaaS
   - adds option to use the expiry time from the OpenID token for the node (see
     config-example.yaml)
-- Set ControlTime in Map info sent to nodes
+- Set ControlTime in Map info sent to nodes [#1195](https://github.com/juanfont/headscale/pull/1195)
-  [#1195](https://github.com/juanfont/headscale/pull/1195)
+- Populate Tags field on Node updates sent [#1195](https://github.com/juanfont/headscale/pull/1195)
-- Populate Tags field on Node updates sent
-  [#1195](https://github.com/juanfont/headscale/pull/1195)
 
 ## 0.19.0 (2023-01-29)
 
 ### BREAKING
 
-- Rename Namespace to User
+- Rename Namespace to User [#1144](https://github.com/juanfont/headscale/pull/1144)
-  [#1144](https://github.com/juanfont/headscale/pull/1144)
   - **BACKUP your database before upgrading**
 - Command line flags previously taking `--namespace` or `-n` will now require
   `--user` or `-u`
@@ -845,35 +729,23 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 
 ### Changes
 
-- Reworked routing and added support for subnet router failover
+- Reworked routing and added support for subnet router failover [#1024](https://github.com/juanfont/headscale/pull/1024)
-  [#1024](https://github.com/juanfont/headscale/pull/1024)
+- Added an OIDC AllowGroups Configuration options and authorization check [#1041](https://github.com/juanfont/headscale/pull/1041)
-- Added an OIDC AllowGroups Configuration options and authorization check
+- Set `db_ssl` to false by default [#1052](https://github.com/juanfont/headscale/pull/1052)
-  [#1041](https://github.com/juanfont/headscale/pull/1041)
+- Fix duplicate nodes due to incorrect implementation of the protocol [#1058](https://github.com/juanfont/headscale/pull/1058)
-- Set `db_ssl` to false by default
+- Report if a machine is online in CLI more accurately [#1062](https://github.com/juanfont/headscale/pull/1062)
-  [#1052](https://github.com/juanfont/headscale/pull/1052)
+- Added config option for custom DNS records [#1035](https://github.com/juanfont/headscale/pull/1035)
-- Fix duplicate nodes due to incorrect implementation of the protocol
+- Expire nodes based on OIDC token expiry [#1067](https://github.com/juanfont/headscale/pull/1067)
-  [#1058](https://github.com/juanfont/headscale/pull/1058)
+- Remove ephemeral nodes on logout [#1098](https://github.com/juanfont/headscale/pull/1098)
-- Report if a machine is online in CLI more accurately
+- Performance improvements in ACLs [#1129](https://github.com/juanfont/headscale/pull/1129)
-  [#1062](https://github.com/juanfont/headscale/pull/1062)
+- OIDC client secret can be passed via a file [#1127](https://github.com/juanfont/headscale/pull/1127)
-- Added config option for custom DNS records
-  [#1035](https://github.com/juanfont/headscale/pull/1035)
-- Expire nodes based on OIDC token expiry
-  [#1067](https://github.com/juanfont/headscale/pull/1067)
-- Remove ephemeral nodes on logout
-  [#1098](https://github.com/juanfont/headscale/pull/1098)
-- Performance improvements in ACLs
-  [#1129](https://github.com/juanfont/headscale/pull/1129)
-- OIDC client secret can be passed via a file
-  [#1127](https://github.com/juanfont/headscale/pull/1127)
 
 ## 0.17.1 (2022-12-05)
 
 ### Changes
 
-- Correct typo on macOS standalone profile link
+- Correct typo on macOS standalone profile link [#1028](https://github.com/juanfont/headscale/pull/1028)
-  [#1028](https://github.com/juanfont/headscale/pull/1028)
+- Update platform docs with Fast User Switching [#1016](https://github.com/juanfont/headscale/pull/1016)
-- Update platform docs with Fast User Switching
-  [#1016](https://github.com/juanfont/headscale/pull/1016)
 
 ## 0.17.0 (2022-11-26)
 
@@ -883,13 +755,11 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
   protocol.
 - Log level option `log_level` was moved to a distinct `log` config section and
   renamed to `level` [#768](https://github.com/juanfont/headscale/pull/768)
-- Removed Alpine Linux container image
+- Removed Alpine Linux container image [#962](https://github.com/juanfont/headscale/pull/962)
-  [#962](https://github.com/juanfont/headscale/pull/962)
 
 ### Important Changes
 
-- Added support for Tailscale TS2021 protocol
+- Added support for Tailscale TS2021 protocol [#738](https://github.com/juanfont/headscale/pull/738)
-  [#738](https://github.com/juanfont/headscale/pull/738)
 - Add experimental support for
   [SSH ACL](https://tailscale.com/kb/1018/acls/#tailscale-ssh) (see docs for
   limitations) [#847](https://github.com/juanfont/headscale/pull/847)
@@ -909,81 +779,57 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 
 ### Changes
 
-- Add ability to specify config location via env var `HEADSCALE_CONFIG`
+- Add ability to specify config location via env var `HEADSCALE_CONFIG` [#674](https://github.com/juanfont/headscale/issues/674)
-  [#674](https://github.com/juanfont/headscale/issues/674)
+- Target Go 1.19 for Headscale [#778](https://github.com/juanfont/headscale/pull/778)
-- Target Go 1.19 for Headscale
+- Target Tailscale v1.30.0 to build Headscale [#780](https://github.com/juanfont/headscale/pull/780)
-  [#778](https://github.com/juanfont/headscale/pull/778)
-- Target Tailscale v1.30.0 to build Headscale
-  [#780](https://github.com/juanfont/headscale/pull/780)
 - Give a warning when running Headscale with reverse proxy improperly configured
   for WebSockets [#788](https://github.com/juanfont/headscale/pull/788)
-- Fix subnet routers with Primary Routes
+- Fix subnet routers with Primary Routes [#811](https://github.com/juanfont/headscale/pull/811)
-  [#811](https://github.com/juanfont/headscale/pull/811)
+- Added support for JSON logs [#653](https://github.com/juanfont/headscale/issues/653)
-- Added support for JSON logs
+- Sanitise the node key passed to registration url [#823](https://github.com/juanfont/headscale/pull/823)
-  [#653](https://github.com/juanfont/headscale/issues/653)
+- Add support for generating pre-auth keys with tags [#767](https://github.com/juanfont/headscale/pull/767)
-- Sanitise the node key passed to registration url
-  [#823](https://github.com/juanfont/headscale/pull/823)
-- Add support for generating pre-auth keys with tags
-  [#767](https://github.com/juanfont/headscale/pull/767)
 - Add support for evaluating `autoApprovers` ACL entries when a machine is
   registered [#763](https://github.com/juanfont/headscale/pull/763)
-- Add config flag to allow Headscale to start if OIDC provider is down
+- Add config flag to allow Headscale to start if OIDC provider is down [#829](https://github.com/juanfont/headscale/pull/829)
-  [#829](https://github.com/juanfont/headscale/pull/829)
+- Fix prefix length comparison bug in AutoApprovers route evaluation [#862](https://github.com/juanfont/headscale/pull/862)
-- Fix prefix length comparison bug in AutoApprovers route evaluation
+- Random node DNS suffix only applied if names collide in namespace. [#766](https://github.com/juanfont/headscale/issues/766)
-  [#862](https://github.com/juanfont/headscale/pull/862)
+- Remove `ip_prefix` configuration option and warning [#899](https://github.com/juanfont/headscale/pull/899)
-- Random node DNS suffix only applied if names collide in namespace.
+- Add `dns_config.override_local_dns` option [#905](https://github.com/juanfont/headscale/pull/905)
-  [#766](https://github.com/juanfont/headscale/issues/766)
+- Fix some DNS config issues [#660](https://github.com/juanfont/headscale/issues/660)
-- Remove `ip_prefix` configuration option and warning
+- Make it possible to disable TS2019 with build flag [#928](https://github.com/juanfont/headscale/pull/928)
-  [#899](https://github.com/juanfont/headscale/pull/899)
+- Fix OIDC registration issues [#960](https://github.com/juanfont/headscale/pull/960) and
-- Add `dns_config.override_local_dns` option
-  [#905](https://github.com/juanfont/headscale/pull/905)
-- Fix some DNS config issues
-  [#660](https://github.com/juanfont/headscale/issues/660)
-- Make it possible to disable TS2019 with build flag
-  [#928](https://github.com/juanfont/headscale/pull/928)
-- Fix OIDC registration issues
-  [#960](https://github.com/juanfont/headscale/pull/960) and
   [#971](https://github.com/juanfont/headscale/pull/971)
-- Add support for specifying NextDNS DNS-over-HTTPS resolver
+- Add support for specifying NextDNS DNS-over-HTTPS resolver [#940](https://github.com/juanfont/headscale/pull/940)
-  [#940](https://github.com/juanfont/headscale/pull/940)
+- Make more sslmode available for postgresql connection [#927](https://github.com/juanfont/headscale/pull/927)
-- Make more sslmode available for postgresql connection
-  [#927](https://github.com/juanfont/headscale/pull/927)
 
 ## 0.16.4 (2022-08-21)
 
 ### Changes
 
-- Add ability to connect to PostgreSQL over TLS/SSL
+- Add ability to connect to PostgreSQL over TLS/SSL [#745](https://github.com/juanfont/headscale/pull/745)
-  [#745](https://github.com/juanfont/headscale/pull/745)
+- Fix CLI registration of expired machines [#754](https://github.com/juanfont/headscale/pull/754)
-- Fix CLI registration of expired machines
-  [#754](https://github.com/juanfont/headscale/pull/754)
 
 ## 0.16.3 (2022-08-17)
 
 ### Changes
 
-- Fix issue with OIDC authentication
+- Fix issue with OIDC authentication [#747](https://github.com/juanfont/headscale/pull/747)
-  [#747](https://github.com/juanfont/headscale/pull/747)
 
 ## 0.16.2 (2022-08-14)
 
 ### Changes
 
-- Fixed bugs in the client registration process after migration to NodeKey
+- Fixed bugs in the client registration process after migration to NodeKey [#735](https://github.com/juanfont/headscale/pull/735)
-  [#735](https://github.com/juanfont/headscale/pull/735)
 
 ## 0.16.1 (2022-08-12)
 
 ### Changes
 
-- Updated dependencies (including the library that lacked armhf support)
+- Updated dependencies (including the library that lacked armhf support) [#722](https://github.com/juanfont/headscale/pull/722)
-  [#722](https://github.com/juanfont/headscale/pull/722)
+- Fix missing group expansion in function `excludeCorrectlyTaggedNodes` [#563](https://github.com/juanfont/headscale/issues/563)
-- Fix missing group expansion in function `excludeCorrectlyTaggedNodes`
-  [#563](https://github.com/juanfont/headscale/issues/563)
 - Improve registration protocol implementation and switch to NodeKey as main
   identifier [#725](https://github.com/juanfont/headscale/pull/725)
-- Add ability to connect to PostgreSQL via unix socket
+- Add ability to connect to PostgreSQL via unix socket [#734](https://github.com/juanfont/headscale/pull/734)
-  [#734](https://github.com/juanfont/headscale/pull/734)
 
 ## 0.16.0 (2022-07-25)
 
@@ -996,44 +842,30 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 
 ### Changes
 
-- **Drop** armhf (32-bit ARM) support.
+- **Drop** armhf (32-bit ARM) support. [#609](https://github.com/juanfont/headscale/pull/609)
-  [#609](https://github.com/juanfont/headscale/pull/609)
+- Headscale fails to serve if the ACL policy file cannot be parsed [#537](https://github.com/juanfont/headscale/pull/537)
-- Headscale fails to serve if the ACL policy file cannot be parsed
+- Fix labels cardinality error when registering unknown pre-auth key [#519](https://github.com/juanfont/headscale/pull/519)
-  [#537](https://github.com/juanfont/headscale/pull/537)
+- Fix send on closed channel crash in polling [#542](https://github.com/juanfont/headscale/pull/542)
-- Fix labels cardinality error when registering unknown pre-auth key
+- Fixed spurious calls to setLastStateChangeToNow from ephemeral nodes [#566](https://github.com/juanfont/headscale/pull/566)
-  [#519](https://github.com/juanfont/headscale/pull/519)
+- Add command for moving nodes between namespaces [#362](https://github.com/juanfont/headscale/issues/362)
-- Fix send on closed channel crash in polling
-  [#542](https://github.com/juanfont/headscale/pull/542)
-- Fixed spurious calls to setLastStateChangeToNow from ephemeral nodes
-  [#566](https://github.com/juanfont/headscale/pull/566)
-- Add command for moving nodes between namespaces
-  [#362](https://github.com/juanfont/headscale/issues/362)
 - Added more configuration parameters for OpenID Connect (scopes, free-form
   parameters, domain and user allowlist)
-- Add command to set tags on a node
+- Add command to set tags on a node [#525](https://github.com/juanfont/headscale/issues/525)
-  [#525](https://github.com/juanfont/headscale/issues/525)
+- Add command to view tags of nodes [#356](https://github.com/juanfont/headscale/issues/356)
-- Add command to view tags of nodes
+- Add --all (-a) flag to enable routes command [#360](https://github.com/juanfont/headscale/issues/360)
-  [#356](https://github.com/juanfont/headscale/issues/356)
+- Fix issue where nodes was not updated across namespaces [#560](https://github.com/juanfont/headscale/pull/560)
-- Add --all (-a) flag to enable routes command
+- Add the ability to rename a nodes name [#560](https://github.com/juanfont/headscale/pull/560)
-  [#360](https://github.com/juanfont/headscale/issues/360)
-- Fix issue where nodes was not updated across namespaces
-  [#560](https://github.com/juanfont/headscale/pull/560)
-- Add the ability to rename a nodes name
-  [#560](https://github.com/juanfont/headscale/pull/560)
   - Node DNS names are now unique, a random suffix will be added when a node
     joins
   - This change contains database changes, remember to **backup** your database
     before upgrading
-- Add option to enable/disable logtail (Tailscale's logging infrastructure)
+- Add option to enable/disable logtail (Tailscale's logging infrastructure) [#596](https://github.com/juanfont/headscale/pull/596)
-  [#596](https://github.com/juanfont/headscale/pull/596)
   - This change disables the logs by default
 - Use [Prometheus]'s duration parser, supporting days (`d`), weeks (`w`) and
   years (`y`) [#598](https://github.com/juanfont/headscale/pull/598)
-- Add support for reloading ACLs with SIGHUP
+- Add support for reloading ACLs with SIGHUP [#601](https://github.com/juanfont/headscale/pull/601)
-  [#601](https://github.com/juanfont/headscale/pull/601)
 - Use new ACL syntax [#618](https://github.com/juanfont/headscale/pull/618)
-- Add -c option to specify config file from command line
+- Add -c option to specify config file from command line [#285](https://github.com/juanfont/headscale/issues/285)
-  [#285](https://github.com/juanfont/headscale/issues/285)
   [#612](https://github.com/juanfont/headscale/pull/601)
 - Add configuration option to allow Tailscale clients to use a random WireGuard
   port. [kb/1181/firewalls](https://tailscale.com/kb/1181/firewalls)
@@ -1041,19 +873,14 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 - Improve obtuse UX regarding missing configuration
   (`ephemeral_node_inactivity_timeout` not set)
   [#639](https://github.com/juanfont/headscale/pull/639)
-- Fix nodes being shown as 'offline' in `tailscale status`
+- Fix nodes being shown as 'offline' in `tailscale status` [#648](https://github.com/juanfont/headscale/pull/648)
-  [#648](https://github.com/juanfont/headscale/pull/648)
+- Improve shutdown behaviour [#651](https://github.com/juanfont/headscale/pull/651)
-- Improve shutdown behaviour
-  [#651](https://github.com/juanfont/headscale/pull/651)
 - Drop Gin as web framework in Headscale
   [648](https://github.com/juanfont/headscale/pull/648)
   [677](https://github.com/juanfont/headscale/pull/677)
-- Make tailnet node updates check interval configurable
+- Make tailnet node updates check interval configurable [#675](https://github.com/juanfont/headscale/pull/675)
-  [#675](https://github.com/juanfont/headscale/pull/675)
+- Fix regression with HTTP API [#684](https://github.com/juanfont/headscale/pull/684)
-- Fix regression with HTTP API
+- nodes ls now print both Hostname and Name(Issue [#647](https://github.com/juanfont/headscale/issues/647) PR
-  [#684](https://github.com/juanfont/headscale/pull/684)
-- nodes ls now print both Hostname and Name(Issue
-  [#647](https://github.com/juanfont/headscale/issues/647) PR
   [#687](https://github.com/juanfont/headscale/pull/687))
 
 ## 0.15.0 (2022-03-20)
@@ -1065,8 +892,7 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 - Boundaries between Namespaces has been removed and all nodes can communicate
   by default [#357](https://github.com/juanfont/headscale/pull/357)
   - To limit access between nodes, use [ACLs](./docs/ref/acls.md).
-- `/metrics` is now a configurable host:port endpoint:
+- `/metrics` is now a configurable host:port endpoint: [#344](https://github.com/juanfont/headscale/pull/344). You must update your
-  [#344](https://github.com/juanfont/headscale/pull/344). You must update your
   `config.yaml` file to include:
   ```yaml
   metrics_listen_addr: 127.0.0.1:9090
@@ -1074,23 +900,18 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
 
 ### Features
 
-- Add support for writing ACL files with YAML
+- Add support for writing ACL files with YAML [#359](https://github.com/juanfont/headscale/pull/359)
-  [#359](https://github.com/juanfont/headscale/pull/359)
+- Users can now use emails in ACL's groups [#372](https://github.com/juanfont/headscale/issues/372)
-- Users can now use emails in ACL's groups
+- Add shorthand aliases for commands and subcommands [#376](https://github.com/juanfont/headscale/pull/376)
-  [#372](https://github.com/juanfont/headscale/issues/372)
-- Add shorthand aliases for commands and subcommands
-  [#376](https://github.com/juanfont/headscale/pull/376)
 - Add `/windows` endpoint for Windows configuration instructions + registry file
   download [#392](https://github.com/juanfont/headscale/pull/392)
-- Added embedded DERP (and STUN) server into Headscale
+- Added embedded DERP (and STUN) server into Headscale [#388](https://github.com/juanfont/headscale/pull/388)
-  [#388](https://github.com/juanfont/headscale/pull/388)
 
 ### Changes
 
 - Fix a bug were the same IP could be assigned to multiple hosts if joined in
   quick succession [#346](https://github.com/juanfont/headscale/pull/346)
-- Simplify the code behind registration of machines
+- Simplify the code behind registration of machines [#366](https://github.com/juanfont/headscale/pull/366)
-  [#366](https://github.com/juanfont/headscale/pull/366)
   - Nodes are now only written to database if they are registered successfully
 - Fix a limitation in the ACLs that prevented users to write rules with `*` as
   source [#374](https://github.com/juanfont/headscale/issues/374)
@@ -1099,8 +920,7 @@ part of adopting [#1460](https://github.com/juanfont/headscale/pull/1460).
   [#371](https://github.com/juanfont/headscale/pull/371)
 - Apply normalization function to FQDN on hostnames when hosts registers and
   retrieve information [#363](https://github.com/juanfont/headscale/issues/363)
-- Fix a bug that prevented the use of `tailscale logout` with OIDC
+- Fix a bug that prevented the use of `tailscale logout` with OIDC [#508](https://github.com/juanfont/headscale/issues/508)
-  [#508](https://github.com/juanfont/headscale/issues/508)
 - Added Tailscale repo HEAD and unstable releases channel to the integration
   tests targets [#513](https://github.com/juanfont/headscale/pull/513)
 
@@ -1127,13 +947,11 @@ behaviour.
 
 ### Features
 
-- Add support for configurable mTLS [docs](./docs/ref/tls.md)
+- Add support for configurable mTLS [docs](./docs/ref/tls.md) [#297](https://github.com/juanfont/headscale/pull/297)
-  [#297](https://github.com/juanfont/headscale/pull/297)
 
 ### Changes
 
-- Remove dependency on CGO (switch from CGO SQLite to pure Go)
+- Remove dependency on CGO (switch from CGO SQLite to pure Go) [#346](https://github.com/juanfont/headscale/pull/346)
-  [#346](https://github.com/juanfont/headscale/pull/346)
 
 **0.13.0 (2022-02-18):**
 
@@ -1152,25 +970,18 @@ behaviour.
 
 ### Changes
 
-- `ip_prefix` is now superseded by `ip_prefixes` in the configuration
+- `ip_prefix` is now superseded by `ip_prefixes` in the configuration [#208](https://github.com/juanfont/headscale/pull/208)
-  [#208](https://github.com/juanfont/headscale/pull/208)
+- Upgrade `tailscale` (1.20.4) and other dependencies to latest [#314](https://github.com/juanfont/headscale/pull/314)
-- Upgrade `tailscale` (1.20.4) and other dependencies to latest
+- fix swapped machine<->namespace labels in `/metrics` [#312](https://github.com/juanfont/headscale/pull/312)
-  [#314](https://github.com/juanfont/headscale/pull/314)
+- remove key-value based update mechanism for namespace changes [#316](https://github.com/juanfont/headscale/pull/316)
-- fix swapped machine<->namespace labels in `/metrics`
-  [#312](https://github.com/juanfont/headscale/pull/312)
-- remove key-value based update mechanism for namespace changes
-  [#316](https://github.com/juanfont/headscale/pull/316)
 
 **0.12.4 (2022-01-29):**
 
 ### Changes
 
-- Make gRPC Unix Socket permissions configurable
+- Make gRPC Unix Socket permissions configurable [#292](https://github.com/juanfont/headscale/pull/292)
-  [#292](https://github.com/juanfont/headscale/pull/292)
+- Trim whitespace before reading Private Key from file [#289](https://github.com/juanfont/headscale/pull/289)
-- Trim whitespace before reading Private Key from file
+- Add new command to generate a private key for `headscale` [#290](https://github.com/juanfont/headscale/pull/290)
-  [#289](https://github.com/juanfont/headscale/pull/289)
-- Add new command to generate a private key for `headscale`
-  [#290](https://github.com/juanfont/headscale/pull/290)
 - Fixed issue where hosts deleted from control server may be written back to the
   database, as long as they are connected to the control server
   [#278](https://github.com/juanfont/headscale/pull/278)
@@ -1180,8 +991,7 @@ behaviour.
 ### Changes
 
 - Added Alpine container [#270](https://github.com/juanfont/headscale/pull/270)
-- Minor updates in dependencies
+- Minor updates in dependencies [#271](https://github.com/juanfont/headscale/pull/271)
-  [#271](https://github.com/juanfont/headscale/pull/271)
 
 ## 0.12.2 (2022-01-11)
 
@@ -1200,8 +1010,7 @@ tagging)
 
 ### BREAKING
 
-- Upgrade to Tailscale 1.18
+- Upgrade to Tailscale 1.18 [#229](https://github.com/juanfont/headscale/pull/229)
-  [#229](https://github.com/juanfont/headscale/pull/229)
   - This change requires a new format for private key, private keys are now
     generated automatically:
     1. Delete your current key
@@ -1210,25 +1019,19 @@ tagging)
 
 ### Changes
 
-- Unify configuration example
+- Unify configuration example [#197](https://github.com/juanfont/headscale/pull/197)
-  [#197](https://github.com/juanfont/headscale/pull/197)
+- Add stricter linting and formatting [#223](https://github.com/juanfont/headscale/pull/223)
-- Add stricter linting and formatting
-  [#223](https://github.com/juanfont/headscale/pull/223)
 
 ### Features
 
-- Add gRPC and HTTP API (HTTP API is currently disabled)
+- Add gRPC and HTTP API (HTTP API is currently disabled) [#204](https://github.com/juanfont/headscale/pull/204)
-  [#204](https://github.com/juanfont/headscale/pull/204)
+- Use gRPC between the CLI and the server [#206](https://github.com/juanfont/headscale/pull/206),
-- Use gRPC between the CLI and the server
-  [#206](https://github.com/juanfont/headscale/pull/206),
   [#212](https://github.com/juanfont/headscale/pull/212)
-- Beta OpenID Connect support
+- Beta OpenID Connect support [#126](https://github.com/juanfont/headscale/pull/126),
-  [#126](https://github.com/juanfont/headscale/pull/126),
   [#227](https://github.com/juanfont/headscale/pull/227)
 
 ## 0.11.0 (2021-10-25)
 
 ### BREAKING
 
-- Make headscale fetch DERP map from URL and file
+- Make headscale fetch DERP map from URL and file [#196](https://github.com/juanfont/headscale/pull/196)
-  [#196](https://github.com/juanfont/headscale/pull/196)

Makefile

@@ -64,7 +64,6 @@ fmt-go: check-deps $(GO_SOURCES)
 fmt-prettier: check-deps $(DOC_SOURCES)
 	@echo "Formatting documentation and config files..."
 	prettier --write '**/*.{ts,js,md,yaml,yml,sass,css,scss,html}'
-	prettier --write --print-width 80 --prose-wrap always CHANGELOG.md
 
 .PHONY: fmt-proto
 fmt-proto: check-deps $(PROTO_SOURCES)