Hello everyone,
I've just pushed a new update, version 3.0.4. This release is focused on fixing several key bugs that many of you have reported, along with some nice quality-of-life improvements for the UI.
Bug Fixes and Stability Improvements
Thanks to some very helpful and detailed bug reports from the community, I was able to track down and fix a few significant issues:
- Agent Management is working again: A couple of key features on the Agents page were broken. Trying to roll an agent's API key was causing a network error, and attempting to redeploy a tunnel container would result in a 500 error from the server (fixes #274). Both of these issues have been resolved, and those actions should now work as expected.
- Access Policy editing is fixed: There was an annoying bug where, after saving a policy with country restrictions, the selected countries wouldn't be displayed correctly when you went back to edit it. This has been fixed (addressing #275), so you should be able to see and modify your selections properly now.
- Multi-hostname Access Policies fixed: I fixed an edge case where if you assigned the same access group to multiple hostnames on a single container (like
www.domain.comanddomain.com), only the first rule would be secured correctly. Subsequent hostnames would incorrectly bypass authentication. This is now resolved, and the policy will be applied to all hostnames as expected (addressing #276). - Better security validation: I've added some important checks to prevent accidentally creating an insecure Access Policy. The system will now make sure you specify required email addresses when using an Identity Provider and will warn you if you're only using geo-restrictions without any real authentication.
- Prevents duplicate system policies: DockFlare is now smarter about checking if the default system policies already exist before trying to create them on startup. This should prevent duplicate policies from being created if you happen to run multiple instances.
UI Improvements
One thing that has bothered me for a while was the use of the default browser popups for alerts and confirmations. They were functional, but they didn't really fit DockFlare's style. I went through and replaced all 53 of them with custom modals that match the DaisyUI theme, which I think makes for a much cleaner and more consistent experience.
I also made a few other small improvements to the UI:
- I added a new sort option to the Dashboard so you can group your ingress rules by their assigned Access Policy. This should make it a bit easier to audit which services are using which policies.
- The Agents page got a small visual refresh to match the style of the Access Policies page.
A New Tool for Advanced Users
Finally, I've included a new command-line utility in this release. To be honest, I originally built this tool for myself. While testing and fixing the agent bugs, I had to run multiple DockFlare instances, which left my Cloudflare account with a lot of duplicate policies. This tool was my way of cleaning that up safely. It has a --dry-run mode to let you see what it will do before it makes any changes. I decided to leave it in the project in case it might be useful for anyone else who runs into a similar situation. You can find more details on how to use it in the CLI_USAGE.md file.
As always, thank you for using DockFlare and for all the valuable feedback. For a more detailed breakdown of all the changes, you can refer to the full changelog. Let me know if you run into any issues with this new version.
Cheers,
Chris