DefGuard/proxy v2.0.0

on GitHub

🎉 Welcome to Defguard 2.0 🎉

It’s a significant step up from version 1.x, featuring:

🎨 a completely redesigned UI,
📦 a new and easy deployment approach (and component communication security),
🛠️ and some other major architectural changes.

More details with videos in this blogpost.

⬆︎ If you will be upgrading from 1.x - here you can find relevant documentation about the upgrade.
🚅 If you would like to test Defguard - we offer a quick and easy One-line install script.

We want to get as much feedback as possible, so we encourage you to:

💬 open a GitHub discussion

🪲 report any missing features or bugs as issues

What's Changed

• Disable latest Docker tag in release workflow by @wojcik91 in #221
• Disable APT repository signing/upload by @jakub-tldr in #225
• Core certificate authority, part 1: Proxy by @t-aleksander in #223
• Multiproxy private cookies by @j-chmielewski in #229
• http healthcheck endpoints always respond by @j-chmielewski in #234
• Cookie key proto by @j-chmielewski in #235
• Implement proxy wizard by @t-aleksander in #233
• Implement remote MFA with new, separate RPC message by @j-chmielewski in #238
• Fix proxy healthceck endpoint availability when waiting for setup by @t-aleksander in #239
• include lsb_release in Docker image by @wojcik91 in #240
• bump version 2.0.0 by @wojcik91 in #248
• Crl by @j-chmielewski in #250
• Open desktop app page by @moubctez in #254
• More user friendly certificate permission denied errors by @t-aleksander in #256
• deprecate callback/redirect URL settings by @wojcik91 in #255
• Use proper file permission for certificates by @moubctez in #257
• Unadopted UI by @j-chmielewski in #259
• Prepare Alpha Two by @moubctez in #260
• Show link-invalid when using disabled user token by @jakub-tldr in #261
• Provision HTTPS certificates for Core and Proxy by @t-aleksander in #263
• Faster cargo deny and update dependencies by @moubctez in #264
• Handle ClearHttpsCerts message by @j-chmielewski in #265
• support protobuf versioning by @wojcik91 in #262
• update minimum core version to 2.0.0 by @wojcik91 in #266
• add workflow to tag latest image on release by @wojcik91 in #267
• copy APT repo update workflow from main by @wojcik91 in #268
• Get rid of cross-rs by @moubctez in #270
• Fix FreeBSD package name by @moubctez in #272
• Auto adoption time limit by @jakub-tldr in #274
• Preserve old package versions on APT repository by @jakub-tldr in #276
• Ensure acme server is stopped when challenge fails by @j-chmielewski in #275
• add core client cert validation by @wojcik91 in #273
• Add defaults when parsing toml by @t-aleksander in #279
• Build packages with custom user by @moubctez in #278
• Use CAP_NET_BIND_SERVICE by @moubctez in #281
• Save certificates before completing setup, test write access by @t-aleksander in #280
• Fine tune packages by @moubctez in #283
• improve baseline HTTP security for no-reverse proxy deployment scenarios by @wojcik91 in #282
• adjust rate limiter config by @wojcik91 in #284
• use Docker registry as build cache by @wojcik91 in #286
• make rate limiter opt-in by @wojcik91 in #287
• Fix minor 2.0 bugs by @t-aleksander in #289
• Inform user about common causes of invalid let's encrypt order status by @t-aleksander in #290
• update core deps in preparation for 2.0 release by @wojcik91 in #291

Full Changelog: v1.6.0...v2.0.0