Release Notes for v0.29.0
What's New
Relay Feature Integration
We are moving away from the TURN relay (coturn) to our own relay implementation based on WebSocket. This new system will ensure that all relayed connections utilize a single TCP port instead of allocating one port per connection as before. It enables the client to attempt a P2P connection in the background while using the Relay for a fast connection between nodes during bootstrap.
We've created an open thread to discuss the new implementation. Feel free to reach out here: #2566
Relay change notes:
- The Advanced Infrastructure scripts and Getting Started scripts have been updated to include support for the new relay.
- Your clients need to be running the updated client versions to take full advantage of the new relay, but don’t worry—these new agents are fully compatible with older nodes.
- Cloud support for the new relay feature is coming soon*.
- iOS and Android support are coming soon.
To deploy the new relay on existing installations, you can follow the steps below:
- Run a backup of your deployment as documented here: Advanced guide - Backup or Quickstart guide - backup
- Update your docker-compose.yml, by adding the new service as follows:
# Relay
relay:
image: netbirdio/relay:latest
restart: unless-stopped
environment:
- NB_LOG_LEVEL=info
- NB_LISTEN_ADDRESS=:<PORT>
- NB_EXPOSED_ADDRESS=<DOMAIN>:<PORT>
- NB_AUTH_SECRET=<AUTH_SECRET>
ports:
- <PORT>:<PORT>
logging:
driver: "json-file"
options:
max-size: "500m"
max-file: "2"
Replace
PORT
andDOMAIN
according to your deployment. ForAUTH_SECRET
we recommend using a unique key, you can use a command likeopenssl rand -base64 32 | sed 's/=//g'
to generate it.
- Update your management.json with the new configuration below:
"Relay": {
"Addresses": ["rel://<DOMAIN>:<PORT>"],
"CredentialsTTL": "24h",
"Secret": "<AUTH_SECRET>"
},
Update
PORT
,DOMAIN
andAUTH_SECRET
with the same values configured in your docker-compose.yml file.
- Update your environment and redeploy:
docker compose pull
docker compose up -d --force-recreate
Improvements
- Auto Update Geolite: Added automatic updates for Geolite data. #2297
@benniekiss made this amazing contribution that allows the management service to update the geolocation databases when starting up.
In case you are running NetBird management in restricted locations like China, you can use add the flag
--disable-geolite-update
to the management command flags to disable the update.
-
Support for ECDSA Public Keys: Added support for ECDSA public keys in management. #2461
@HarryKodden made their first contribution in this change to support ECDSA public keys. -
RPM-Ostree Support: Added installation script support for rpm-ostree-based distros. #2508
@M0Rf30 made their first contribution in this change to support installations for rpm-ostree-based distros. -
Signal Dispatcher: Introduced signal dispatcher for better signaling. #2373
-
PostgreSQL Store Test: Improved test infrastructure for files generation using PostgreSQL store. #2478
-
X-Frame-Options Header: Updated dashboard to use
X-Frame-Options
with thesameorigin
header. #2547 -
Retry on TUN Creation for Darwin: Improved client handling by retrying TUN creation for Darwin systems. #2564
-
Security Upgrade: Upgraded Alpine version from 3.19 to 3.20 to address security concerns. #2548
Bug Fixes
- Fix Deadlock on Auto Connect: Avoided deadlock in client auto-connect with early exit handling. #2528
- Destroy WG Interface on Timeout: Addressed issue where WireGuard interface wasn't destroyed on down timeout. #2435
- Fix Service Down: Corrected the service-down issue in the client. #2519
- Prevent Client Panic: Fixed client panic when there was no connection. #2541
- Error Handling in OpenConnVia: Improved error handling in the openConnVia function. #2560
- Fix Lock on Down: Fixed a lock issue when the service was brought down. #2546
Documentation
- Route API Docs: Updated route API documentation with a new maximum domain number. #2516
Other Changes
- Test Log Reduction: Reduced test log verbosity. #2550
- Update Slack URL: Updated Slack URL in documentation. #2544
- TestRecreation Test: Added
TestRecreation
unit test in the client. #2558
New Contributors
- @HarryKodden made their first contribution in #2461
- @M0Rf30 made their first contribution in #2508
Full Changelog: v0.28.9...v0.29.0