π Welcome to Defguard 2.0 Beta 2 π
This is the final beta before the stable release. Our primary focus has been on stabilising the platform and ensuring everything is ready for a smooth, production-grade launch.
π A comprehensive list of the changes implemented since Alpha 2 is documented in detail here: https://defguard.net/blog/defguard-2-0-release-beta-1/.
π οΈ We highly recommend previewing it yourself. We prepared a guide explaining how to run the alpha2 before. To run the beta2 just use 2.0.0-beta2 image tags instead of 2.0.0-alpha2.
β οΈ Important notice for beta1 early adopters: beta2 introduces a breaking change that requires removing and re-adding the Edge and Gateway components.
We want to get as much feedback as possible, so we encourage you to:
π¬ open a GitHub discussion
πͺ² report any missing features or bugs as issues
What's Changed
- Rules & OpenID provider form fixes by @jakub-tldr in #2680
- Disable Back button after Edge adoption in migration wizard by @moubctez in #2678
- Cleanup Wizard by @moubctez in #2677
- Fix migrator login by @t-aleksander in #2688
- actually store updated ip and port in migration wizard by @wojcik91 in #2692
- Certificate settings tweaks by @j-chmielewski in #2694
- add missing non-default table sorting functions by @wojcik91 in #2693
- Get rid of cross-rs by @moubctez in #2700
- Fix E2E tests, make them 8x faster by @t-aleksander in #2722
- Update core/edge url when changing cert configuration by @j-chmielewski in #2725
- Update environmental variables by @jakub-tldr in #2721
- Update dev instance when updating branch "release/**" by @jakub-tldr in #2732
- Make unit tests 8x faster by @t-aleksander in #2723
- Use AWS ecr repo for e2e postgres image by @t-aleksander in #2738
- Always restart defguard service by @moubctez in #2729
- add missing API endpoint for fetching user device WireGuard configs by @wojcik91 in #2739
- Bulk assign / users table empty state fix by @jakub-tldr in #2747
- Fix PersistentKeepalive in WireGuard config by @moubctez in #2750
- validate duplicate Gateway/Edge names in forms by @wojcik91 in #2741
- Save version after migration/wizard by @t-aleksander in #2734
- Cert expiry by @moubctez in #2744
- Automatic Letsencrypt certificate refresh by @j-chmielewski in #2730
- Preserve old package versions on APT repository by @jakub-tldr in #2761
- Step-aware wizard video tutorial section by @j-chmielewski in #2749
- Rename migrations by @t-aleksander in #2763
- Donβt fail for email errors during the enrolment by @moubctez in #2764
- Render markdown in emails by @t-aleksander in #2760
- add mTLS for gateway & proxy communication by @wojcik91 in #2726
- Sanitize LDAP errors (2.0) by @t-aleksander in #2682
- update final gw wizard step text according to the new design by @filipslezaklab in #2769
- LDAP: escape critical characters in DN by @moubctez in #2768
- add missing handlers in wizard API by @wojcik91 in #2773
- show contextual help on settings pages by @wojcik91 in #2766
- New json schema by @j-chmielewski in #2765
- Use RSA keys for openid token signing by @j-chmielewski in #2777
- fix network capacity validator function by @wojcik91 in #2780
- Fix cert settings by @j-chmielewski in #2784
- improve baseline HTTP security for no-reverse proxy deployment scenarios by @wojcik91 in #2782
- Remaining wizard e2e tests by @t-aleksander in #2776
- Better package by @moubctez in #2783
- adjust rate limiter config by @wojcik91 in #2787
- make rate limiter opt-in by @wojcik91 in #2792
Full Changelog: v2.0.0-beta1...v2.0.0-beta2