v0.18.0

Changelog

New Features

• 57e8eb3 feat: add support for external dns plugins

Bug fixes

• f8b0ece fix: add missing tags

Other work

• a0e1fcb add configuration page
• 65e446e fix incorrect env variables usage
• 924ddf1 minor updates
• d5a5a92 update docs
• 442d794 update docs
• 9483662 update docs
• 5b9da83 update docs
• 8fe4342 update docs and install script
• 776e3de updates docs

v0.17.0

⚠️ This release has some breaking changes, please backup your database before upgrading

Breaking Changes

New: environment variables substitutions in config file

Starting from this release, the ionscale server will no longer use environment variables unless explicitly set in the configuration file.
Update your configuration file accordingly when upgrading to this version.

Example:

keys:
  system_admin_key: "${IONSCALE_SYSTEM_ADMIN_KEY}"

...

auth:
  provider:
    client_id: "${OIDC_CLIENT_ID}"

Changelog

New Features

• 978b0ec feat: add environment variable substition in configuration, remove implicit use of env variables
• ed3e1eb feat: add /machine/update-health handler
• 28c5ff2 feat: add command to set name of a machine

Bug fixes

• 4394d44 fix: add support for autgroup:member when validating node attributes
• c1c7082 fix: improve session management and update channels, avoiding potential deadlocks
• a2fd56b fix: nil pointer when sonyflake is not properly configured
• 814335d fix: update auto-approved advertised routes when set after registration

v0.17.0-rc1

Changelog

New Features

• ed3e1eb feat: add /machine/update-health handler
• 28c5ff2 feat: add command to set name of a machine

Bug fixes

• 4394d44 fix: add support for autgroup:member when validating node attributes
• c1c7082 fix: improve session management and update channels, avoiding potential deadlocks

v0.16.0

Changelog

New Features

• 43c27a1 feat: add ssh recorder implementation
• 41de33d feat: add support for autogroup:danger-all
• 128a184 feat: only support tailscale clients >= 1.48
• 4bce1c3 feat: ssh recording

Bug fixes

• eadd42b fix: expand src wildcard alias to peer ip addresses
• 5adec31 fix: handle relative name and zones correctly
• 3d21630 fix: notify others when node is online

v0.15.0

⚠️ This release has some breaking changes, please backup your database before upgrading

Breaking Changes

New: Embedded DERP which is enabled by default

This embedded DERP can be disabled and additional DERP map sources can be set in the configuration, e.g.

derp:
  server:
    disabled: true
  sources:
    - https://controlplane.tailscale.com/derpmap/default

listener_addr and public_addr changes

The configuration for the listen_addr and server_url has been change:

• http_listen_addr and https_listen_addr is replaced with a single entry listen_addr
• server_url is replaced with public_addr (eg. server_url: https://ionscale.example.com becomes public_addr: ionscale.example.com:443

HuJson support for ACL and IAM policies

The API has changed to support this; make sure you use the same version for your server and your cli client

Changelog

New Features

• 248b75c feat: embedded derp
• a1debdf feat: use env variable for setting a default tailnet id when using a system admin key
• 6173621 feat: use hujson as data format for ACL and IAM policy

Other work

• d72ea03 improvement: change http(s) listener to web listener addr and a public web addr
• 1ffafee improvement: don't save tailnet and don't signal change when nothing is updated
• 0ecd005 improvement: graceful shutdown
• 68127b9 improvement: update layout

v0.14.0

Changelog

New Features

• 7c2d5f7 feat: add pprof endpoints

Bug fixes

• 91c62ee fix: correct check if dns provider is set
• 41b64ee fix: expired peer missing in peer list
• b098562 fix: log in with different use should create new machine entry
• 0eef9fa fix: show correct number of peers after switching accounts

Other work

• 84d29fd improvement: remove usage of deprecated echo prometheus integration
• e39eb58 improvement: set last authentication timestamp on user and use it to check ssh access

v0.13.0

Changelog

New Features

• d8f0492 feat: add device aliases
• 128ed22 feat: add support for search domains in dns config
• 5e43014 feat: remove inactive emphemeral machines when server starts; rename reaper to worker
• 9f3a6bb feat: save tokens for multiple ionscale servers
• 280ee7e feat: validate iam policy filters

Bug fixes

• 7eb808c fix: add ssh rules to default acl policy
• 5d1ac32 fix: check if tailnet with name already exists
• dea6027 fix: cli also accepts IONSCALE_KEYS_SYSTEM_ADMIN_KEY env variable
• 25203d3 fix: little layout issue
• 9748955 fix: some small logging fixes
• b8c752d fix: use default and additional scopes correctly

v0.12.0

Changelog

New Features

• 8f998b0 feat: acl grants
• 7fa31bd feat: add support for protocol in acl rules
• 3fccde2 feat: also accept hujson files
• 44b6b20 feat: store acme certificates in db

Bug fixes

• 8f2c198 fix: avoid peer lookup if not needed
• 123ca99 fix: mark query feature request as incomplete when necessary
• 980ab1b fix: send empty PacketFilter when no rules match

v0.11.0

Changelog

New Features

• 9b5f045 feat: add support for node attributes
• cbcbd61 feat: remove support for non-noise clients

Bug fixes

• 1b66b1e fix: incorrect index
• c1ea283 fix: incorrect splitting of alias and port ranges

v0.10.0

Changelog

New Features

• 9808860 feat: add support for 'always' value in ssh check period
• a303de7 feat: add support for autogroup:member
• 54fa423 feat: add support for autogroup:tagged

Bug fixes

• 2bc03b8 fix: add autogroup:member checks in ssh policies