Releases: netbirdio/netbird
v0.17.0
What's Changed
- Add route management for Android interface by @pappz in #801
- Remove unnecessary uapi open by @pappz in #807
- Send a status notification on offline peers change by @mlsmaycon in #821
- feat: add support for custom device hostname by @Thunderbottom in #789
- Merging full service user feature into main by @pascal-fischer in #819
New Contributors
- @Thunderbottom made their first contribution in #789
Full Changelog: v0.16.0...v0.17.0
Contributors
Assets 36
v0.16.0
Release Notes
This release brings performance improvements to userspace-based NetBird agents (any platforms that don't support kernel WireGuard, e.g., macOS, Windows, and old Linux). The implementation uses a custom wireguard-go Bind interface, eliminating the need for a local proxy that was decreasing performance dramatically.
Client
- Bind implementation (#779)
Full Changelog: v0.15.3...v0.16.0
v0.15.3
Release Notes
Due to performance reasons, this release reverts rego policy evaluation from the regular network map update that is sent to peers. We will review the policy specification and how to improve performance.
Management
- Use UTC to store date time data (#778)
- Fix network map fetch when adding a peer (#800)
- Rollback simple ACL rule processing (#803)
Client
- Update calculate server state (#796)
Misc
- Fix export path for certificate files (#794)
v0.15.2
v0.15.1
v0.15.0
Release Notes
The new version introduces Personal Access Tokens.
Personal Access Tokens (PATs) can be used to authenticate against Netbird’s Public API (coming soon).
Users can create as many tokens for themself as they need. Each token requires the user to set how long the token will be valid, we support token expiration between 1 and 365 days; after that, the token will be rejected.
All users can now access the Personal Settings section under the Dashboard > Settings tab. This section shows an overview of all the Personal Access Tokens belonging to a user, when they were created, when they were last used to authenticate, and when they will expire.
When adding a new token, you must provide a name and specify how long the token should be valid.
After successfully creating the token you will see the token in plain text to copy and store in a secure location. Once you close the window, there is no way to retrieve the plain token again.
You can use the new token to send API requests to the management API by adding the header Authorization: Token NEW_TOKEN, below you have an example of a request to the peer's endpoint of our Public API:
curl 'https://api.wiretrustee.com/api/users' -X GET -H "Authorization: Token nbp_61efTM2ZvmiLpaOa5mpx1MLnL5zXc13bcMhm”More API documentation will come soon!
Management
- Add API authentication with PATs (#774)
- Add activity events (#776)
- Add disable let's encrypt and traefik template (#747)
- Add token source and device flow audience variables (#780)
- Check multiple audience values (#781)
Client
Dashboard
- Use ID token payload when oidcUser is nil (netbirdio/dashboard#127)
- Handle additional activity events (netbirdio/dashboard#128)
- Feat add custom id claim (netbirdio/dashboard#129)
- Use peerID in the Routes view (netbirdio/dashboard#130)
Big thanks to our new contributors
Contributors
Assets 36
v0.14.6
What's Changed
- Add custom ice stdnet implementation by @pappz in #754
- Add ipv6 test for stdnet pkg by @pappz in #761
- Add fqdn and address for notification listener by @pappz in #757
- Fix nil pointer exception when create config by @pappz in #765
- Refactor the authentication part of mobile exports by @pappz in #759
- Add OnDisconnecting service callback by @pappz in #767
- Fix slice bounds out of range in msg decryption by @pappz in #768
- Fix pre-shared key query name for android wg configuration by @mlsmaycon in #773
- Feature/add rest endpoints for pat by @pascal-fischer in #766
- Fix broken auto-generated Rego rule by @gigovich in #769
Full Changelog: v0.14.5...v0.14.6
Contributors
Assets 36
v0.14.5
Key Release Notes
Management
- Introduce a new ACL engine based on Rego (Open Policy Agent) for firewall control (#700)
- Personal access tokens generation as a first iteration toward public API release (#725 and #745)
- Add Keycloak support as an IDP manager (#746)
Agent
- Introduce a Firewall interface to apply granular access control (e.g., connection direction, port, or protocol level) (#740)
- Make the agent run on Android (mobile support) (#735)
Changelog
- Feat rego default policy by @gigovich in #700
- Don't drop Rules from file storage after migration to Policies by @gigovich in #741
- Add version info command to signal server by @pappz in #739
- Feat firewall controller interface by @gigovich in #740
- Adding Personal Access Token generation by @pascal-fischer in #725
- Exchange proxy mode via signal by @mlsmaycon in #727
- Fix connstate indication by @pappz in #732
- Mobile by @pappz in #735
- PAT persistence by @pascal-fischer in #745
- Add Keycloak Idp Manager by @bcmmbaga in #746
- Adjustments for the change server flow by @mlsmaycon in #756
- Disable peer expiration of peers added with setup keys by @braginini in #758
- Add JWT middleware validation failure log by @mlsmaycon in #760
New Contributors
Full Changelog: v0.14.4...v0.14.5
Contributors
Assets 36
v0.14.4
v0.14.3
Release Notes
Bug fixes & refactor
Management
- Fix peer network map distribution that caused 0/0 peers to connect (#731)
- Remove Management close steps, in defer doing it already (#729)
- Report offline peers to agents (#728)
- Update ICE to version 2.3.1 (#720)
Agent
- Update ICE to version 2.3.1 to resolve TURN TLS issues (#720)