github tale/headplane 0.5.10
v0.5.10
on GitHub

latest releases: v0.6.2-beta.3, v0.6.2-beta.2, v0.6.2-beta.1...
8 months ago

Changes

  • Persistent Storage:

    • Headplane now writes data to disk at /var/lib/headplane by default.
    • Docker users: mount this directory to retain data across restarts.
    • Non-Docker: ensure the directory exists and is writable by the Headplane user.

  • User Permissions:

    • If you were previously using Google's public OIDC, please update ASAP as otherwise anyone with a gmail.com address can access your Tailnet via Headplane.
    • A permission system, inspired by Tailscale, is now available when using OIDC.
    • Use the same OAuth2 client for both Headscale and Headplane for this to work properly.
    • User data is stored in /var/lib/headplane/users.json (configurable via oidc.user_storage_file).
    • Users appear in the UI only after signing in to both Headscale and Headplane (because Headplane cannot create OIDC users in Headscale directly).
    • The first OIDC login post-upgrade becomes the Owner (non-transferable).
    • Others default to Member, limiting UI access.
    • IT Admins & Admins can manage roles via the users page in the menu dropdown.
    • IT Admins can change any role except the Owner (fix coming in a future release).

  • Onboarding Flow:

    • When you sign in with OIDC for the first time, you will be directed to an onboarding page.
    • You can skip this onboarding page by clicking the button below the onboarding flow.
    • Onboarding looks for devices linked to the same OIDC account in Headscale (similar to how permissions works above).

Fixes

  • Disabled renaming OIDC users as Headscale prevents changing their name.
  • Fixed integrations not correctly loading in certain environments.
  • The ACL page no longer spams blank updates to the Headscale database (#151).
  • OIDC logout with disable_api_key_login set to true will not automatically login again (#149).
  • Copying commands with copy buttons will not include random blank spaces (#161).
  • Loosened the required Headscale config schema (this is an ongoing effort).
  • Fixed an issue where opening a dialog would refocus the first input every 3 seconds.
  • Hide the "Version" tab from showing in the machines page if the agent is not available.
Check out latest releases or
releases around tale/headplane 0.5.10

Don't miss a new headplane release

NewReleases is sending notifications on new releases.

Get notifications