DefGuard/defguard v2.0.0-beta1

on GitHub

🎉 Welcome to Defguard 2.0 Beta 1 🎉

📖 A comprehensive list of the changes implemented since Alpha 2 is documented in detail here: https://defguard.net/blog/defguard-2-0-release-beta-1/

🛠️ We highly recommend previewing it yourself. We prepared a guide explaining how to run the alpha2 before. To run the beta1 just use 2.0.0-beta1 image tags instead of 2.0.0-alpha2.

We want to get as much feedback as possible, so we encourage you to:
💬 open a GitHub discussion
🪲 report any missing features or bugs as issues

Known issues

Migration wizard (triggered when upgrading from an older version) will fail on the login screen. Before migrating (upgrading), make sure to be logged in to Defguard, as this issue doesn't happen to logged in accounts.

What's Changed

• Adoption logs UI tweaks by @j-chmielewski in #2289
• Change icon to text & add sorting by @jakub-tldr in #2292
• Show error in form on incorrect current password by @jakub-tldr in #2293
• Remove placeholder, add variable to Webhook by @jakub-tldr in #2297
• Add network device & openid deletion confirmation modals by @jakub-tldr in #2296
• fix cache invalidation for client behavior settings page by @j-chmielewski in #2294
• Require current password for self-edit, skip for admin non-self edits by @jakub-tldr in #2301
• Allow admin for editing users credentials by @jakub-tldr in #2302
• Fix spacing on restrictions section by @jakub-tldr in #2305
• change FormInput to FormTextarea to handle \n by @jakub-tldr in #2310
• fix app crash when clicking initiate enrollment button by @wojcik91 in #2312
• Change labels in migration one liner wizard by @jakub-tldr in #2313
• Implement UI fixes and improvements by @filipslezaklab in #2315
• Duplicate authentication keys / name checking by @jakub-tldr in #2318
• add confirm action modal by @filipslezaklab in #2308
• Add user device delete confirmation by @jakub-tldr in #2322
• Check for duplicate pubkey & check for duplicates during renaming auth keys by @jakub-tldr in #2324
• extend session manager test suite by @wojcik91 in #2325
• tables update 3 by @filipslezaklab in #2331
• Remove unnecessary toggle by @wojcik91 in #2339
• add missing images to license modals and welcome wizard screens by @filipslezaklab in #2341
• Allowed groups by @moubctez in #2332
• Add more tests for initial/migration/auto-adoption wizards by @t-aleksander in #2340
• Block adding device when there is no space in at least one subnet by @jakub-tldr in #2338
• Add missing variables to tests by @jakub-tldr in #2344
• Disable Submit when user has no devices to re-address by @moubctez in #2346
• fix modal scroll by @filipslezaklab in #2347
• Remove rp id from settings and derive it from defguard_url by @j-chmielewski in #2326
• fix modals on profile general tab by @filipslezaklab in #2349
• restore Disable MFA action in users table by @wojcik91 in #2350
• alias badge display fix by @wojcik91 in #2352
• add missing actions for rules table by @filipslezaklab in #2355
• Require both parameters for auto adoption wizard (adopt-edge adopt-gateway) by @t-aleksander in #2354
• Bug fixes by @moubctez in #2360
• Fix initial wizard always redirecting to vpn overview by @t-aleksander in #2358
• use qr-card component instead of plain qrcanvas by @filipslezaklab in #2364
• Info about licence limits by @moubctez in #2363
• Block adding network device when there are no available locations by @jakub-tldr in #2366
• add missing disconnect threshold input by @wojcik91 in #2365
• Cache invalidation fixes by @j-chmielewski in #2370
• Migrate defguard_url from config by @j-chmielewski in #2369
• add theme switch to top bar element by @filipslezaklab in #2386
• Update migration UI by @filipslezaklab in #2385
• Fix ACL form validation errors by @j-chmielewski in #2378
• Validate location address by @moubctez in #2388
• Update deployment helps by @t-aleksander in #2383
• make IP optional in activity log by @wojcik91 in #2394
• add 404 and migration auth error pages by @filipslezaklab in #2397
• Fix cache invalidation after MFA method setup by @j-chmielewski in #2396
• fix missing MFA session events by @wojcik91 in #2371
• Change label when creating device in full network by @jakub-tldr in #2399
• Send Gateway reconnect email by @moubctez in #2398
• Add missing delete confirmations by @jakub-tldr in #2403
• Add missing disable confirmations by @jakub-tldr in #2404
• add preshared key to VPN session model by @wojcik91 in #2402
• add user & device "online" indicator by @wojcik91 in #2409
• adoption form default ports & helpers by @j-chmielewski in #2410
• Use new validators by @jakub-tldr in #2408
• License upsell section by @j-chmielewski in #2401
• activity log event order fix by @wojcik91 in #2413
• Pagination by @moubctez in #2406
• extend ACL test coverage for new flags by @wojcik91 in #2411
• Limited pagination by @moubctez in #2417
• Autoadoption logs by @j-chmielewski in #2416
• Frontend validators tests by @jakub-tldr in #2429
• Adjust E2E tests to the new initial wizard and fix existing tests by @jakub-tldr in #2428
• use secret_key field from Settings to generate JWTs by @wojcik91 in #2434
• restore core gRPC server tests & add testing framework for gateway handlers by @wojcik91 in #2381
• fix API tokens page license handling by @wojcik91 in #2431
• remove gRPC Auth service by @wojcik91 in #2437
• update ACL rules table columns by @wojcik91 in #2441
• Mail templates by @moubctez in #2430
• Ensure settings are initialized before running wizards by @j-chmielewski in #2447
• Prevent creating network which can't contain already existing devices & Hostname validator tweak by @jakub-tldr in #2444
• fix last connected IP column value in Users table by @wojcik91 in #2443
• Plain text mail by @moubctez in #2451
• Enrollment settings by @j-chmielewski in #2433
• New support page by @jakub-tldr in #2452
• Fix license upsell sections spacing by @j-chmielewski in #2456
• ACL rule generator by @moubctez in #2459
• Squash migrations by @j-chmielewski in #2229
• New version notification by @jakub-tldr in #2460
• Change text in Support page / Make field nullable in LDAP form by @jakub-tldr in #2472
• Prevent setting gateway address to network or broadcast address by @jakub-tldr in #2478
• ACL rules table audit columns by @wojcik91 in #2474
• Fix redirect after openid authorization by @jakub-tldr in #2479
• Fix padding on VPN overview page by @jakub-tldr in #2480
• Make wizard modals scrollable by @jakub-tldr in #2481
• Add tooltips on deploy edge/gateway step by @jakub-tldr in #2482
• add missing translation keys by @wojcik91 in #2477
• Enrollment styling by @j-chmielewski in #2486
• show warning if editing a location could cause VPN sessions to disconnect by @wojcik91 in #2473
• Add wizard dividers by @jakub-tldr in #2492
• update firewall rule labels by @wojcik91 in #2489
• Redirect to app if user already logged in by @j-chmielewski in #2490
• add empty helper translation keys by @wojcik91 in #2494
• location form all groups toggle fix by @wojcik91 in #2497
• defguard_certs: do not depend on sqlx by @moubctez in #2501
• Locate groups by ID instead of name by @jakub-tldr in #2493
• warn user before deleting edge which is disconnected by @jakub-tldr in #2502
• Fix error messages by @jakub-tldr in #2506
• Clear field on "any" option by @jakub-tldr in #2509
• Extend UserInfo by @moubctez in #2507
• Faster cargo-deny by @moubctez in #2510
• Change error message on welcome mail templates by @jakub-tldr in #2513
• Provision HTTPS certificates for Core and Proxy by @t-aleksander in #2464
• add video support widget by @wojcik91 in #2496
• Unify device configs by @moubctez in #2519
• Fix MFA code label by @moubctez in #2524
• Add support type to license proto and display it in license settings by @j-chmielewski in #2498
• Standardise welcome page dividers by @jakub-tldr in #2580
• properly validate ACL rules which use just Aliases to populate fields by @wojcik91 in #2577
• add missing helper translation keys by @wojcik91 in #2578
• Hide option in support page & Fix init-dev-env tool by @jakub-tldr in #2583
• Adjust private_key warning messages by @jakub-tldr in #2585
• Fix for network device config by @moubctez in #2587
• Remove "back" option from adopt wizard + minor tweaks by @jakub-tldr in #2590
• Change ova download links by @t-aleksander in #2596
• Set correct step after general configuration by @jakub-tldr in #2592
• Use DEFGUARD_PROXY_URL instead of DEFGUARD_ENROLLMENT_URL during migration wizard + sort locations by name by @jakub-tldr in #2591
• Fix show config for missing configs by @moubctez in #2598
• Auto correct internal/public url by @t-aleksander in #2597
• Change default CA common name, email address by @t-aleksander in #2601
• bump min supported proxy & gateway versions by @wojcik91 in #2599
• Fix proxy_url parsing by @jakub-tldr in #2610
• Change endpoint, validate network size when editing location by @jakub-tldr in #2614
• Proxy manager tests by @wojcik91 in #2594
• Fix setting 2nd mfa method by @t-aleksander in #2619
• fix MFA configured email subject by @wojcik91 in #2622
• Fix setting default MFA by @t-aleksander in #2626
• video tutorials modal by @wojcik91 in #2593
• Remove mobile client info from enrollment email by @t-aleksander in #2634
• Make LDAP auxiliary object classes nullable by @t-aleksander in #2641
• Correct URL correction logic by @t-aleksander in #2646
• Remove checkbox from certificate authority section by @t-aleksander in #2645
• update login image by @filipslezaklab in #2649
• Change wizard wording by @t-aleksander in #2652
• enable remote enrollment for LDAP users by @wojcik91 in #2609
• Don't block dev builds by @t-aleksander in #2654
• Certificate settings by @j-chmielewski in #2500
• support protobuf versioning by @wojcik91 in #2458
• Reload settings after setup, guess cookie insecure if not provided by @t-aleksander in #2660
• fix example gateway port in migration wizard by @wojcik91 in #2662
• Email templates fixes by @jakub-tldr in #2659
• Reload config after wizard by @t-aleksander in #2664
• Inform the user to update urls after cert configuration by @j-chmielewski in #2666
• Handle GatewayHandler abort by @moubctez in #2667
• Disable user device actions according to permissions by @moubctez in #2669
• Display too many login attempts by @moubctez in #2671
• Fix trivy by @t-aleksander in #2672
• Better gRPC error handling by @moubctez in #2675
• Migration wizard video guide by @j-chmielewski in #2670
• improve component adoption URL parsing by @wojcik91 in #2674
• add workflow to tag image as latest on release publish by @wojcik91 in #2676

Full Changelog: v2.0.0-alpha2...v2.0.0-beta1