Releases: openziti/zrok
v0.4.45
CHANGELOG
FEATURE: Minimal support for "organizations". Site admin API endpoints provided to create, list, and delete "organizations". Site admin API endpoints provided to add, list, and remove "organization members" (zrok accounts) with the ability to mark accounts as a "organization admin". API endpoints provided for organization admins to list the members of their organizations, and to also see the overview (environments, shares, and accesses) for any account in their organization. API endpoint for end users to see which organizations their account is a member of (#537)
CHANGE: briefly mention the backend modes that apply to public and private share concepts
FIX: Update indirect dependency github.com/golang-jwt/jwt/v4
to version v4.5.1
(#794)
FIX: Document unique names
FIX: reduce Docker image sizes (#783)
FIX: Docker reserved private share startup error (#801)
FIX: Correct the download URL for the armv7 Linux release (#782)
v0.4.44
CHANGELOG
CHANGE: Update github.com/openziti/sdk-golang
to version v0.23.44
. Remove old github.com/openziti/fabric
dependency, instead pulling in the modern github.com/openziti/ziti
dependency.
FIX: Bypass interstitial page for HTTP OPTIONS
method (#777)
FIX: Fix for goreleaser build action to align with changed ARM64 build path.
v0.4.42
CHANGELOG
CHANGE: Switch all Dial
operations made into the OpenZiti overlay to use DialWithOptions(..., &ziti.DialOptions{ConnectTimeout: 30 * time.Second})
, switching to a 30 second timeout from a 5 second default (#772)
FIX: Removed the --basic-auth
flag from zrok share private
as this was ignored... even if zrok access private
honored the ziti.proxy.v1
config to ask for basic auth, it would still be easy to write a custom SDK client that ignored the basic auth and accessed the share directly; better to remove the option than to allow confusing usage (#770)
FIX: always append common options like --headless
and conditionally append --verbose --insecure
if their respective env vars are set to when running in a service manager like systemd or Docker and wrapping the zrok
command with the zrok-share.bash
shell script (https://openziti.discourse.group/t/question-about-reserved-public-vs-temp-public-shares/3169)
FIX: Correct registration page CSS to ensure that the entire form is visible
v0.4.41
v0.4.40
CHANGELOG
FEATURE: New endpoint for synchronizing grants for an account (#744). Useful for updating the zrok.proxy.v1
config objects containing interstitial setting when the skip_interstitial_grants
table has been updated.
FIX: prune incorrect troubleshooting advice about listing Caddy's certificates
v0.4.39
CHANGELOG
FEATURE: New API endpoint allowing direct creation of accounts in the zrok database. Requires an admin token (specified in the controller configuration yaml) for authentication. See the OpenAPI spec for details of the API endpoint. The zrok admin create account
CLI was also updated to call the API endpoint, rather than directly operating on the underlying database (#734). The Docker and Kubernetes zrok instance deployments were adapted to the new CLI parameter shape.
FEATURE: Support html_path
directive in interstitial
stanza of public frontend configuration to support using an external HTML file for the interstitial page (#716)
FEATURE: zrok access private
now includes a --response-header
flag to add headers to the response for HTTP-based backends. Add flag multiple times to add multiple headers to the response. Expects key:value
header definitions in this format: --response-header "Access-Control-Allow-Origin: *"
(#522)
CHANGE: Update github.com/openziti/sdk-golang
(and related dependencies) to version v0.23.40
.
CHANGE: upgrade to ziti v1.1.7 CLI in zrok container image
v0.4.38
CHANGELOG
FEATURE: Conditionally enable interstitial page based on User-Agent
prefix list. See the frontend configuration template at etc/frontend.yml
for details on the new configuration structure (#715)
CHANGE: The interstitial configuration has been modified from a simple interstitial: <bool>
to a richer structure, but the config version has not been incremented; this feature has not been widely adopted yet. See the frontend configuration template at etc/frontend.yml
for details on the new structure.
CHANGE: The registration page where a new user's password is set now includes a required checkbox, asking them to acknowledge the terms and conditions presented above the checkbox (#669)
FIX: The registration page where a new user's password is set now includes better styling of the error message <div/>
to prevent the entire page from jumping when the message changes.
v0.4.37
v0.4.36
CHANGELOG
FEATURE: New interstitial pages that can be enabled per-frontend, and disabled per-account (#704)
CHANGE: Enable "declaration": true
in tsconfig.json
for Node SDK.
FIX: target the 32bit build for armhf to fix the FPE issue and the missing link issue
CHANGE: add cross-build instructions (includes new snapshot build target armel
)
v0.4.35
CHANGELOG
FEATURE: Added import for github.com/greenpau/caddy-security
to include that Caddy plugin to enable authentication, authorization, and credentials extensions for the caddy
backend (#506)
FEATURE: Closed permission mode for Docker and Linux private shares
CHANGE: add example in ./etc/caddy to set X-Real-IP header to public share client IP
CHANGE: auto-update the ziti CLI version that is built in to the openziti/zrok container image
CHANGE: Docker examples set HOME to enable running CLI commands in the container
FIX: Fix for environment count inheritance when using a resource count class to override global environment count (#695)