almeidapaulopt/tsdproxy v3.0.0-alpha.1

tsdproxy-v3.0.0-alpha.1

on GitHub

Changelog

New Features

• 543716b: feat(config): add TSDPROXY_TAILSCALE__CLIENTID env var overrides (@almeidapaulopt)
• db5d675: feat(config): add authRetry, reconcileInterval, preventDuplicates tri-state (@almeidapaulopt)
• 587cfa2: feat(config): add autoApproveDevices, fix env var loading order, relax services tags (@almeidapaulopt)
• beace2d: feat(dashboard): add status styles and filter buttons for new statuses (@almeidapaulopt)
• 87009af: feat(dashboard): handle AwaitingApproval status in UI and API (@almeidapaulopt)
• 9cda864: feat(dashboard): handle new proxy statuses in data builder, API, and webhooks (@almeidapaulopt)
• 509863b: feat(dev): add tailscale VIP Services example to dev environment (@almeidapaulopt)
• 3715cf2: feat(model): add AuthFailed, DeviceConflict, Reconciling proxy statuses (@almeidapaulopt)
• 16aadb7: feat(proxymanager): warn on provider change during proxy restart (@almeidapaulopt)
• 4280e6a: feat(tailscale): add TrafficExposure interface and remove stub files (@almeidapaulopt)
• 93960c2: feat(tailscale): add autoRemoveConflicts option for VIP service 409 recovery (@almeidapaulopt)
• 6eca792: feat(tailscale): implement TrafficExposure on all three exposure types (@almeidapaulopt)
• 9fa78b0: feat(tailscale): validate OAuth credentials at startup (@almeidapaulopt)
• 2a580c4: feat: shared tsnet server with custom domain DNS/TLS support (#440) (@almeidapaulopt)

Bug fixes

• 0ef268c: fix(ci): pass LATEST_TAG and DISABLE_PACKAGE_MANAGERS env vars to GoReleaser (@almeidapaulopt)
• 20844c5: fix(ci): pass LATEST_TAG and DISABLE_PACKAGE_MANAGERS env vars to GoReleaser (@almeidapaulopt)
• 5ab42dd: fix(ci): stop setting DISABLE_PACKAGE_MANAGERS=false that broke make_latest (@almeidapaulopt)
• b0dca17: fix(config): preserve ClientSecret in ClearSecrets for runtime OAuth operations (@almeidapaulopt)
• fc3e4d9: fix(config): use server proxyAccessLog setting as default for Docker and List providers (@almeidapaulopt)
• 41e106a: fix(docker): auto-enable adminAllowLocalhost inside containers and improve 403 guidance (@almeidapaulopt)
• 27a5377: fix(lint): resolve errcheck, gosec, shadow, and unused warnings in tailscale (@almeidapaulopt)
• 515c8a6: fix(lint): specify gosec linter in nolint directives (@almeidapaulopt)
• 682850a: fix(proxymanager): set X-Forwarded-Proto correctly for HTTPS ports behind TLS-terminating proxies (@almeidapaulopt)
• a88a6a1: fix(proxymanager): show proxies in dashboard during Tailscale auth (@almeidapaulopt)
• ee97cf6: fix(tailscale): add cert prefetch for VIP services to prevent CT errors (@almeidapaulopt)
• a111a77: fix(tailscale): add nolint directives for apiTimeout multiplier (@almeidapaulopt)
• 8671bfb: fix(tailscale): async VIP acquire, port stripping, ephemeral cleanup, status polling, TLS caching (@almeidapaulopt)
• 09757dd: fix(tailscale): delete offline exact-match devices on restart even with local state (@almeidapaulopt)
• 1575cf0: fix(tailscale): eliminate data races in services server tests (@almeidapaulopt)
• 305f270: fix(tailscale): harden proxy provider against leaks, races, and path traversal (@almeidapaulopt)
• 037d905: fix(tailscale): lifecycle leaks, context timeouts, and quality improvements (@almeidapaulopt)
• b4b27d7: fix(tailscale): plug goroutine, semaphore, and shutdown leaks (@almeidapaulopt)
• 850ca5a: fix(tailscale): recover from panic in OAuth key generation due to nil API response (@almeidapaulopt)
• fa9845d: fix(tailscale): remove recover() workaround for OAuth nil pointer panic (@almeidapaulopt)
• a1780f8: fix(tailscale): use errors.New for static error string (@almeidapaulopt)
• a42c68e: fix(tailscale): validate cert domains before prefetch to avoid 500 errors (@almeidapaulopt)

Documentation updates

• b499a1b: docs(tailscale): update AGENTS.md for unified architecture (@almeidapaulopt)
• 1bb1c6f: docs(v3): document autoRemoveConflicts option for VIP service 409 recovery (@almeidapaulopt)
• e4bd75c: docs(v3): improve getting started OAuth flow and config clarity (@almeidapaulopt)
• 28138f8: docs: add AGENTS.md for docker target provider and dns providers (@almeidapaulopt)
• a0d64dc: docs: add v3 documentation with Services mode, auth retry, and new proxy statuses (@almeidapaulopt)
• 1304d82: docs: improve getting started config clarity and flow (@almeidapaulopt)
• 9c80d1e: docs: update AGENTS.md knowledge base with Services mode and new symbols (@almeidapaulopt)

Build process updates

• b73e952: build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp (#453) (@dependabot[bot])
• dcbe9e6: build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc (#450) (@dependabot[bot])
• 1915e2b: build(deps): bump tailscale.com from 1.98.3 to 1.98.4 (#459) (@dependabot[bot])
• a953688: build(deps): bump tailscale.com/client/tailscale/v2 (#464) (@dependabot[bot])
• f6bd190: build(deps): bump tailscale.com/client/tailscale/v2 from 2.9.0 to 2.10.0 (#460) (@dependabot[bot])

Other work

• f947b10: ci: push dev Docker images after snapshot build (@almeidapaulopt)
• e3c99d5: docs(core,dashboard): add AGENTS.md for core infrastructure and dashboard subsystems (@almeidapaulopt)
• 3084be9: refactor(dashboard): extract port entry and health formatting helpers (@almeidapaulopt)
• e67f81a: refactor(dashboard): replace inline filter radio buttons with select dropdowns (@almeidapaulopt)
• 102c3ec: refactor(e2e): rename env vars to TSDPROXY_E2E_* convention (@almeidapaulopt)
• 0047c56: refactor(proxymanager): extract UDP relay helpers to reduce complexity (@almeidapaulopt)
• 102984a: refactor(tailscale): cache TLS certs and deduplicate exposure getters (@almeidapaulopt)
• 73dc680: refactor(tailscale): decompose provider into lifecycle, auth, state, and status modules (@almeidapaulopt)
• f50891e: refactor(tailscale): extract backend state constants in status watcher (@almeidapaulopt)
• 1be43f7: refactor(tailscale): extract event-loop helpers to reduce complexity (@almeidapaulopt)
• c794aa9: refactor(tailscale): extract shared event loop and reconcile stale devices before VIP service creation (@almeidapaulopt)
• 1039810: refactor(tailscale): migrate from deprecated Tailscale v2 client APIs (@almeidapaulopt)
• 5cafe90: refactor(tailscale): reorder context.Context to first parameter (@almeidapaulopt)
• 27af2a6: refactor(tailscale): simplify preventDuplicates from tri-state to boolean (@almeidapaulopt)
• a6cbe36: refactor(tailscale): unified startup retry, reconcile, and device conflict handling (@almeidapaulopt)
• e034b04: refactor: reduce cyclomatic complexity in config validator and target providers (@almeidapaulopt)
• ad82a45: refactor: replace interface{} with any (@almeidapaulopt)
• efedb1d: style: align struct fields in config and exposure types (@almeidapaulopt)
• c73689f: test(tailscale): add tests for AuthFailed, DeviceConflict, Reconciling statuses (@almeidapaulopt)
• d6fd556: test(tailscale): update tests for event loop and lifecycle provider refactor (@almeidapaulopt)