github tale/headplane v0.6.2
on GitHub

7 hours ago

Changes

Headplane 0.6.2 works with Headscale 0.28.0.

  • Re-worked the configuration loading system with several enhancements:
    • It is now possible to skip a configuration file and only use environment variables (closes #150).
    • Secret path loading has been reworked from the ground up to be more reliable (closes #334).
    • Added better testing and validation for configuration loading
  • Re-worked the OIDC integration to adhere to the correct standards and surface more errors to the user.
    • Deprecated oidc.redirect_uri and automated callback URL detection in favor of setting server.base_url correctly.
    • Explicitly added oidc.use_pkce to correctly determine PKCE configuration.
    • oidc.token_endpoint_auth_method is now optional and will attempt to be auto-detected, defaulting to client_secret_basic if unavailable (closes #410).
    • Added oidc.enabled config option to explicitly control OIDC availability (via #463).
  • Added search and sortable columns to the machines list page (closes #351).
  • Allow conditionally compiling the SSH WASM integration when building (closes #337).
  • Implemented the ability to customize the build with a custom script (see ./build.sh --help for more information).
  • Attempt to warn against misconfigured cookie settings on the login page.
  • Made server.cookie_max_age and server.cookie_domain configurable (closes #348).
  • Enhanced the node tag dialog to show a dropdown of assignable tags (via #362).
  • Added an /admin/api/info route that can expose sensitive information if server.info_secret is set in the configuration (closes #324).
  • Machine key registration no longer works if the key isn't 24 characters long (closes #415).
  • Added a Docker healthcheck to the container (closes #411).
  • Strengthened the validation for the /proc integration to correctly discover the Headscale PID.
  • Added lazy retry logic for OIDC providers if they initially fail to respond (closes #423).
  • Pre-auth keys are now listed without a user filter on Headscale 0.28+, with a fallback to per-user fetching on older versions (via #466).
  • Adapted to the removal of Node Ownership Change in Headscale 0.28 (via #436).
  • Improved the no-access user page on the UI (via #469).

Fixes

  • Bundle all node_modules aside from native ones to reduce bundle and container size (closes #331).
  • Removed several unnecessarily verbose or spammy log messages.
  • Updated the minimum Docker API used to support the latest Docker versions (via #370).
  • Correctly handle invalid ACL policy inserts on Headscale 0.27+ (closes #383).
  • Prevent a machine from changing its owner to itself (closes #373).
  • Fixed an issue where the website favicon would not load correctly (closes #323).
  • Fixed API key login on Headscale 0.28.0-beta.1+ (closes #429).
  • Fixed an issue that prevented the pre-auth-key UI from being usable on Headscale 0.28 and later.
  • Added support for creating tag-only pre-auth keys on Headscale 0.28+ (via #465).
  • Fixed pre-auth keys not showing for OIDC users without a username (via #470).
  • Fixed truncated pre-auth key display with longer Headscale 0.28 bcrypt tokens (closes #435).
  • Fixed Nix systemd service to use user-specified package (via #454).
  • Version displayed in the UI is now derived from git tags and build args instead of package.json, fixing incorrect versions shown on beta and nightly builds.
  • Fixed handling of tag-only nodes that have no user on Headscale 0.28+ (via #467).
  • Fixed some mobile CSS issues across the application (closes #401).
  • Correctly apply Gravatar profile pictures on the user page if applicable (closes #405).

New Contributors

Full Changelog: v0.6.1...v0.6.2

Check out latest releases or
releases around tale/headplane v0.6.2

Don't miss a new headplane release

NewReleases is sending notifications on new releases.

Get notifications