Releases: openziti/zrok
v0.4.45
CHANGELOG
FEATURE: Minimal support for "organizations". Site admin API endpoints provided to create, list, and delete "organizations". Site admin API endpoints provided to add, list, and remove "organization members" (zrok accounts) with the ability to mark accounts as a "organization admin". API endpoints provided for organization admins to list the members of their organizations, and to also see the overview (environments, shares, and accesses) for any account in their organization. API endpoint for end users to see which organizations their account is a member of (#537)
CHANGE: briefly mention the backend modes that apply to public and private share concepts
FIX: Update indirect dependency github.com/golang-jwt/jwt/v4 to version v4.5.1 (#794)
FIX: Document unique names
FIX: reduce Docker image sizes (#783)
FIX: Docker reserved private share startup error (#801)
FIX: Correct the download URL for the armv7 Linux release (#782)
v0.4.44
c527340
michaelquigley
Michael Quigley
CHANGELOG
CHANGE: Update github.com/openziti/sdk-golang to version v0.23.44. Remove old github.com/openziti/fabric dependency, instead pulling in the modern github.com/openziti/ziti dependency.
FIX: Bypass interstitial page for HTTP OPTIONS method (#777)
FIX: Fix for goreleaser build action to align with changed ARM64 build path.
v0.4.42
CHANGELOG
CHANGE: Switch all Dial operations made into the OpenZiti overlay to use DialWithOptions(..., &ziti.DialOptions{ConnectTimeout: 30 * time.Second}), switching to a 30 second timeout from a 5 second default (#772)
FIX: Removed the --basic-auth flag from zrok share private as this was ignored... even if zrok access private honored the ziti.proxy.v1 config to ask for basic auth, it would still be easy to write a custom SDK client that ignored the basic auth and accessed the share directly; better to remove the option than to allow confusing usage (#770)
FIX: always append common options like --headless and conditionally append --verbose --insecure if their respective env vars are set to when running in a service manager like systemd or Docker and wrapping the zrok command with the zrok-share.bash shell script (https://openziti.discourse.group/t/question-about-reserved-public-vs-temp-public-shares/3169)
FIX: Correct registration page CSS to ensure that the entire form is visible
v0.4.41
d050fb9
michaelquigley
Michael Quigley
v0.4.40
CHANGELOG
FEATURE: New endpoint for synchronizing grants for an account (#744). Useful for updating the zrok.proxy.v1 config objects containing interstitial setting when the skip_interstitial_grants table has been updated.
FIX: prune incorrect troubleshooting advice about listing Caddy's certificates
v0.4.39
CHANGELOG
FEATURE: New API endpoint allowing direct creation of accounts in the zrok database. Requires an admin token (specified in the controller configuration yaml) for authentication. See the OpenAPI spec for details of the API endpoint. The zrok admin create account CLI was also updated to call the API endpoint, rather than directly operating on the underlying database (#734). The Docker and Kubernetes zrok instance deployments were adapted to the new CLI parameter shape.
FEATURE: Support html_path directive in interstitial stanza of public frontend configuration to support using an external HTML file for the interstitial page (#716)
FEATURE: zrok access private now includes a --response-header flag to add headers to the response for HTTP-based backends. Add flag multiple times to add multiple headers to the response. Expects key:value header definitions in this format: --response-header "Access-Control-Allow-Origin: *" (#522)
CHANGE: Update github.com/openziti/sdk-golang (and related dependencies) to version v0.23.40.
CHANGE: upgrade to ziti v1.1.7 CLI in zrok container image
v0.4.38
CHANGELOG
FEATURE: Conditionally enable interstitial page based on User-Agent prefix list. See the frontend configuration template at etc/frontend.yml for details on the new configuration structure (#715)
CHANGE: The interstitial configuration has been modified from a simple interstitial: <bool> to a richer structure, but the config version has not been incremented; this feature has not been widely adopted yet. See the frontend configuration template at etc/frontend.yml for details on the new structure.
CHANGE: The registration page where a new user's password is set now includes a required checkbox, asking them to acknowledge the terms and conditions presented above the checkbox (#669)
FIX: The registration page where a new user's password is set now includes better styling of the error message <div/> to prevent the entire page from jumping when the message changes.
v0.4.37
v0.4.36
CHANGELOG
FEATURE: New interstitial pages that can be enabled per-frontend, and disabled per-account (#704)
CHANGE: Enable "declaration": true in tsconfig.json for Node SDK.
FIX: target the 32bit build for armhf to fix the FPE issue and the missing link issue
CHANGE: add cross-build instructions (includes new snapshot build target armel)
v0.4.35
CHANGELOG
FEATURE: Added import for github.com/greenpau/caddy-security to include that Caddy plugin to enable authentication, authorization, and credentials extensions for the caddy backend (#506)
FEATURE: Closed permission mode for Docker and Linux private shares
CHANGE: add example in ./etc/caddy to set X-Real-IP header to public share client IP
CHANGE: auto-update the ziti CLI version that is built in to the openziti/zrok container image
CHANGE: Docker examples set HOME to enable running CLI commands in the container
FIX: Fix for environment count inheritance when using a resource count class to override global environment count (#695)