diff --git a/.github/workflows/_build_artifacts.yml b/.github/workflows/_build_artifacts.yml
index 4fa905a88..3cef7a4a5 100644
--- a/.github/workflows/_build_artifacts.yml
+++ b/.github/workflows/_build_artifacts.yml
@@ -40,7 +40,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
permissions:
# write permission is required to create a github release
@@ -175,7 +175,7 @@ jobs:
image_name: http-test-server
env:
# mark:automatic-version
- BINARY_DEST_PATH: ${{ matrix.name.artifact }}_1.0.3_${{ matrix.arch.shortname }}
+ BINARY_DEST_PATH: ${{ matrix.name.artifact }}_1.0.4_${{ matrix.arch.shortname }}
outputs:
client_image: ${{ steps.image-name.outputs.client_image }}
relay_image: ${{ steps.image-name.outputs.relay_image }}
diff --git a/.github/workflows/_deploy_production.yml b/.github/workflows/_deploy_production.yml
index 22899be07..7da4896ee 100644
--- a/.github/workflows/_deploy_production.yml
+++ b/.github/workflows/_deploy_production.yml
@@ -11,7 +11,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
concurrency:
group: "production-deploy"
diff --git a/.github/workflows/_tauri.yml b/.github/workflows/_tauri.yml
index ccc35629e..be7533de2 100644
--- a/.github/workflows/_tauri.yml
+++ b/.github/workflows/_tauri.yml
@@ -14,7 +14,7 @@ permissions:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
defaults:
run:
@@ -30,26 +30,26 @@ jobs:
include:
- runs-on: ubuntu-20.04
# mark:automatic-version
- binary-dest-path: firezone-client-gui-linux_1.0.3_x86_64
+ binary-dest-path: firezone-client-gui-linux_1.0.4_x86_64
rename-script: ../../scripts/build/tauri-rename-ubuntu.sh
upload-script: ../../scripts/build/tauri-upload-ubuntu.sh
# mark:automatic-version
- exe-artifact: rust/gui-client/firezone-client-gui-linux_1.0.3_x86_64
+ exe-artifact: rust/gui-client/firezone-client-gui-linux_1.0.4_x86_64
# mark:automatic-version
- syms-artifact: rust/gui-client/firezone-client-gui-linux_1.0.3_x86_64.dwp
+ syms-artifact: rust/gui-client/firezone-client-gui-linux_1.0.4_x86_64.dwp
# mark:automatic-version
- pkg-artifact: rust/gui-client/firezone-client-gui-linux_1.0.3_x86_64.deb
+ pkg-artifact: rust/gui-client/firezone-client-gui-linux_1.0.4_x86_64.deb
- runs-on: windows-2019
# mark:automatic-version
- binary-dest-path: firezone-client-gui-windows_1.0.3_x86_64
+ binary-dest-path: firezone-client-gui-windows_1.0.4_x86_64
rename-script: ../../scripts/build/tauri-rename-windows.sh
upload-script: ../../scripts/build/tauri-upload-windows.sh
# mark:automatic-version
- exe-artifact: rust/gui-client/firezone-client-gui-windows_1.0.3_x86_64.exe
+ exe-artifact: rust/gui-client/firezone-client-gui-windows_1.0.4_x86_64.exe
# mark:automatic-version
- syms-artifact: rust/gui-client/firezone-client-gui-windows_1.0.3_x86_64.pdb
+ syms-artifact: rust/gui-client/firezone-client-gui-windows_1.0.4_x86_64.pdb
# mark:automatic-version
- pkg-artifact: rust/gui-client/firezone-client-gui-windows_1.0.3_x86_64.msi
+ pkg-artifact: rust/gui-client/firezone-client-gui-windows_1.0.4_x86_64.msi
env:
BINARY_DEST_PATH: ${{ matrix.binary-dest-path }}
AZURE_KEY_VAULT_URI: ${{ secrets.AZURE_KEY_VAULT_URI }}
diff --git a/.github/workflows/_terraform.yml b/.github/workflows/_terraform.yml
index d901ccc01..9f1acf924 100644
--- a/.github/workflows/_terraform.yml
+++ b/.github/workflows/_terraform.yml
@@ -4,7 +4,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
jobs:
plan-deploy:
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 87115164d..68d5dcdd7 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -14,7 +14,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
jobs:
# Builds images that match what's default in docker-compose.yml for
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f898514e2..6c5120044 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
# Cancel old workflow runs if new code is pushed
concurrency:
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 8b15d0abc..b6e2797e0 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -7,7 +7,7 @@ on:
env:
# mark:automatic-version
- VERSION: "1.0.3"
+ VERSION: "1.0.4"
concurrency:
group: "publish-production-${{ github.event_name }}-${{ github.workflow }}-${{ github.ref }}"
diff --git a/elixir/VERSION b/elixir/VERSION
index 21e8796a0..ee90284c2 100644
--- a/elixir/VERSION
+++ b/elixir/VERSION
@@ -1 +1 @@
-1.0.3
+1.0.4
diff --git a/rust/Cargo.lock b/rust/Cargo.lock
index 5b6cc463d..d313b5233 100644
--- a/rust/Cargo.lock
+++ b/rust/Cargo.lock
@@ -1088,7 +1088,7 @@ dependencies = [
[[package]]
name = "connlib-client-android"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"connlib-client-shared",
"ip_network",
@@ -1107,7 +1107,7 @@ dependencies = [
[[package]]
name = "connlib-client-apple"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"connlib-client-shared",
"ip_network",
@@ -1126,7 +1126,7 @@ dependencies = [
[[package]]
name = "connlib-client-shared"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"async-trait",
@@ -1153,7 +1153,7 @@ dependencies = [
[[package]]
name = "connlib-shared"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"atomicwrites",
@@ -1845,7 +1845,7 @@ dependencies = [
[[package]]
name = "firezone-cli-utils"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"clap",
"tracing",
@@ -1856,7 +1856,7 @@ dependencies = [
[[package]]
name = "firezone-gateway"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"async-trait",
@@ -1889,7 +1889,7 @@ dependencies = [
[[package]]
name = "firezone-gui-client"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"arboard",
@@ -1943,7 +1943,7 @@ dependencies = [
[[package]]
name = "firezone-headless-client"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"clap",
@@ -1969,7 +1969,7 @@ dependencies = [
[[package]]
name = "firezone-linux-client"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"firezone-headless-client",
@@ -1977,7 +1977,7 @@ dependencies = [
[[package]]
name = "firezone-relay"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"backoff",
@@ -2018,7 +2018,7 @@ dependencies = [
[[package]]
name = "firezone-tunnel"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"async-trait",
"bimap",
@@ -2849,7 +2849,7 @@ dependencies = [
[[package]]
name = "http-health-check"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"axum 0.7.5",
"clap",
@@ -2864,7 +2864,7 @@ checksum = "21dec9db110f5f872ed9699c3ecf50cf16f423502706ba5c72462e28d3157573"
[[package]]
name = "http-test-server"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"axum 0.7.5",
@@ -3123,7 +3123,7 @@ dependencies = [
[[package]]
name = "ip-packet"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"pnet_packet",
]
@@ -4458,7 +4458,7 @@ dependencies = [
[[package]]
name = "phoenix-channel"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"backoff",
"base64 0.22.0",
@@ -5722,7 +5722,7 @@ dependencies = [
[[package]]
name = "snownet"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"backoff",
"boringtun",
@@ -5743,7 +5743,7 @@ dependencies = [
[[package]]
name = "snownet-tests"
-version = "1.0.3"
+version = "1.0.4"
dependencies = [
"anyhow",
"boringtun",
diff --git a/rust/connlib/clients/android/Cargo.toml b/rust/connlib/clients/android/Cargo.toml
index a252165f6..fe2b60662 100644
--- a/rust/connlib/clients/android/Cargo.toml
+++ b/rust/connlib/clients/android/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "connlib-client-android"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[lib]
diff --git a/rust/connlib/clients/apple/Cargo.toml b/rust/connlib/clients/apple/Cargo.toml
index deb1ffb45..8b646ea3a 100644
--- a/rust/connlib/clients/apple/Cargo.toml
+++ b/rust/connlib/clients/apple/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "connlib-client-apple"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[features]
diff --git a/rust/connlib/clients/shared/Cargo.toml b/rust/connlib/clients/shared/Cargo.toml
index 55df16a84..7af7f0949 100644
--- a/rust/connlib/clients/shared/Cargo.toml
+++ b/rust/connlib/clients/shared/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "connlib-client-shared"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[features]
diff --git a/rust/connlib/shared/Cargo.toml b/rust/connlib/shared/Cargo.toml
index 22ae16b94..92e68db9b 100644
--- a/rust/connlib/shared/Cargo.toml
+++ b/rust/connlib/shared/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "connlib-shared"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/connlib/snownet/Cargo.toml b/rust/connlib/snownet/Cargo.toml
index c7669b964..5785af34f 100644
--- a/rust/connlib/snownet/Cargo.toml
+++ b/rust/connlib/snownet/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "snownet"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[dependencies]
diff --git a/rust/connlib/tunnel/Cargo.toml b/rust/connlib/tunnel/Cargo.toml
index 842c836ec..ca5dbd391 100644
--- a/rust/connlib/tunnel/Cargo.toml
+++ b/rust/connlib/tunnel/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-tunnel"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[dependencies]
diff --git a/rust/firezone-cli-utils/Cargo.toml b/rust/firezone-cli-utils/Cargo.toml
index 9b416b74a..bbeac73ea 100644
--- a/rust/firezone-cli-utils/Cargo.toml
+++ b/rust/firezone-cli-utils/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-cli-utils"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/gateway/Cargo.toml b/rust/gateway/Cargo.toml
index 631ada17f..b9f8dfb66 100644
--- a/rust/gateway/Cargo.toml
+++ b/rust/gateway/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-gateway"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/gui-client/src-tauri/Cargo.toml b/rust/gui-client/src-tauri/Cargo.toml
index fa62cab69..3ab121bd5 100644
--- a/rust/gui-client/src-tauri/Cargo.toml
+++ b/rust/gui-client/src-tauri/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-gui-client"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
description = "Firezone"
edition = "2021"
default-run = "firezone-gui-client"
diff --git a/rust/headless-client/Cargo.toml b/rust/headless-client/Cargo.toml
index 239f20652..62a226b93 100644
--- a/rust/headless-client/Cargo.toml
+++ b/rust/headless-client/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-headless-client"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
authors = ["Firezone, Inc."]
diff --git a/rust/http-health-check/Cargo.toml b/rust/http-health-check/Cargo.toml
index 41dc68bd0..7a40404bc 100644
--- a/rust/http-health-check/Cargo.toml
+++ b/rust/http-health-check/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "http-health-check"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/http-test-server/Cargo.toml b/rust/http-test-server/Cargo.toml
index 968fddd08..fa60af100 100644
--- a/rust/http-test-server/Cargo.toml
+++ b/rust/http-test-server/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "http-test-server"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/ip-packet/Cargo.toml b/rust/ip-packet/Cargo.toml
index ca15bb4a7..0fd12d448 100644
--- a/rust/ip-packet/Cargo.toml
+++ b/rust/ip-packet/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "ip-packet"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
authors = ["Firezone, Inc."]
publish = false
diff --git a/rust/linux-client/Cargo.toml b/rust/linux-client/Cargo.toml
index 2bdd4dafe..874a52ea1 100644
--- a/rust/linux-client/Cargo.toml
+++ b/rust/linux-client/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-linux-client"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
authors = ["Firezone, Inc."]
diff --git a/rust/phoenix-channel/Cargo.toml b/rust/phoenix-channel/Cargo.toml
index e6e3d5a58..71cc1340f 100644
--- a/rust/phoenix-channel/Cargo.toml
+++ b/rust/phoenix-channel/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "phoenix-channel"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/rust/relay/Cargo.toml b/rust/relay/Cargo.toml
index 8356ec3b4..263adf3ee 100644
--- a/rust/relay/Cargo.toml
+++ b/rust/relay/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "firezone-relay"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[dependencies]
diff --git a/rust/snownet-tests/Cargo.toml b/rust/snownet-tests/Cargo.toml
index e8a4d1542..a16d63823 100644
--- a/rust/snownet-tests/Cargo.toml
+++ b/rust/snownet-tests/Cargo.toml
@@ -1,7 +1,7 @@
[package]
name = "snownet-tests"
# mark:automatic-version
-version = "1.0.3"
+version = "1.0.4"
edition = "2021"
[dependencies]
diff --git a/scripts/Makefile b/scripts/Makefile
index af48d6fbd..69a3c267d 100644
--- a/scripts/Makefile
+++ b/scripts/Makefile
@@ -1,12 +1,19 @@
# Format: Semver
# See discussion here: https://github.com/firezone/firezone/issues/2041
# and PR changing it here: https://github.com/firezone/firezone/pull/2949
+
+# These should track the upcoming release for Apple/Android
apple-version = 1.0.5
android-version = 1.0.3
-cargo-version = 1.0.3
-website-version = 1.0.2
-elixir-version = 1.0.3
-ci-version = 1.0.3
+
+# Set this to the current latest published release for the Windows/Linux/Gateway packages so
+# that links from the website will work
+website-version = 1.0.3
+
+# Set this to the upcoming release for the Windows/Linux/Gateway packages
+cargo-version = 1.0.4
+elixir-version = 1.0.4
+ci-version = 1.0.4
.PHONY: version apple-version android-version cargo-version ci-version elixir-version
diff --git a/website/public/images/blog/may-2024-update/traffic-restriction.png b/website/public/images/blog/may-2024-update/traffic-restriction.png
new file mode 100644
index 000000000..4448bc42c
Binary files /dev/null and b/website/public/images/blog/may-2024-update/traffic-restriction.png differ
diff --git a/website/redirects.js b/website/redirects.js
index ee8e20090..04da1270d 100644
--- a/website/redirects.js
+++ b/website/redirects.js
@@ -11,7 +11,7 @@ module.exports = [
source: "/dl/firezone-client-gui-windows/latest/x86_64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-gui-windows_1.0.2_x86_64.msi",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-gui-windows_1.0.3_x86_64.msi",
permanent: false,
},
// versioned
@@ -31,35 +31,35 @@ module.exports = [
source: "/dl/firezone-client-gui-linux/latest/x86_64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-gui-linux_1.0.2_x86_64.deb",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-gui-linux_1.0.3_x86_64.deb",
permanent: false,
},
{
source: "/dl/firezone-client-gui-linux/latest/aarch64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-gui-linux_1.0.2_aarch64.deb",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-gui-linux_1.0.3_aarch64.deb",
permanent: false,
},
{
source: "/dl/firezone-client-headless-linux/latest/x86_64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-headless-linux_1.0.2_x86_64",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-headless-linux_1.0.3_x86_64",
permanent: false,
},
{
source: "/dl/firezone-client-headless-linux/latest/aarch64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-headless-linux_1.0.2_aarch64",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-headless-linux_1.0.3_aarch64",
permanent: false,
},
{
source: "/dl/firezone-client-headless-linux/latest/armv7",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-client-headless-linux_1.0.2_armv7",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-client-headless-linux_1.0.3_armv7",
permanent: false,
},
// versioned
@@ -103,21 +103,21 @@ module.exports = [
source: "/dl/firezone-gateway/latest/x86_64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-gateway_1.0.2_x86_64",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-gateway_1.0.3_x86_64",
permanent: false,
},
{
source: "/dl/firezone-gateway/latest/aarch64",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-gateway_1.0.2_aarch64",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-gateway_1.0.3_aarch64",
permanent: false,
},
{
source: "/dl/firezone-gateway/latest/armv7",
destination:
// mark:automatic-version
- "https://www.github.com/firezone/firezone/releases/download/1.0.2/firezone-gateway_1.0.2_armv7",
+ "https://www.github.com/firezone/firezone/releases/download/1.0.3/firezone-gateway_1.0.3_armv7",
permanent: false,
},
// versioned
diff --git a/website/src/app/blog/may-2024-update/_page.tsx b/website/src/app/blog/may-2024-update/_page.tsx
new file mode 100644
index 000000000..f3b75743c
--- /dev/null
+++ b/website/src/app/blog/may-2024-update/_page.tsx
@@ -0,0 +1,17 @@
+"use client";
+import Post from "@/components/Blog/Post";
+import Content from "./readme.mdx";
+
+export default function _Page() {
+ return (
+
+
+
+ );
+}
diff --git a/website/src/app/blog/may-2024-update/page.tsx b/website/src/app/blog/may-2024-update/page.tsx
new file mode 100644
index 000000000..3f704c4e3
--- /dev/null
+++ b/website/src/app/blog/may-2024-update/page.tsx
@@ -0,0 +1,11 @@
+import { Metadata } from "next";
+import _Page from "./_page";
+
+export const metadata: Metadata = {
+ title: "May 2024 Update • Firezone Blog",
+ description: "May 2024 Update: GA",
+};
+
+export default function Page() {
+ return <_Page />;
+}
diff --git a/website/src/app/blog/may-2024-update/readme.mdx b/website/src/app/blog/may-2024-update/readme.mdx
new file mode 100644
index 000000000..4c1c58fc8
--- /dev/null
+++ b/website/src/app/blog/may-2024-update/readme.mdx
@@ -0,0 +1,270 @@
+import Image from "next/image";
+
+
+
+---
+
+## In this update:
+
+- Restrict access to specific ports and protocols
+
+### Firezone 1.0 GA
+
+After months of beta testing with our early adopters, today we're announcing
+that Firezone 1.0 is now generally available. We couldn't be more excited for
+you to try it.
+
+[Sign up now](https://app.firezone.dev/sign_up) to get started.
+
+#### The road to 1.0
+
+This release marks a significant milestone for Firezone.
+
+When we [announced](/blog/firezone-1-0) Firezone 1.0 was coming last July, we
+knew we had our work cut out for us. Until that point, Firezone was a simple web
+app into a single Docker image. Although a great fit for homelabbers and small
+groups, it wasn't suited to address the remote access needs of larger
+organizations.
+
+It was easy to get up and running quickly with Firezone, but as the number of
+users, devices, and networks to protect grew within an organization, so did the
+complexity of managing it all.
+
+So we went back to the whiteboard to reimagine how Firezone would look if we
+rebuilt it from the ground up The Right Way™ -- with scalability and ease of
+use in mind.
+
+
+
+
+
+
+{/* Wrapping in JSX to avoid MDX from inserting p tags */}
+
+{(
+
+
+ We don't always work together IRL, but when we do, we rearchitect
+ everything.
+
+
)}
+
+We spent the next several months prototyping, testing, and iterating on a new
+architecture that would allow Firezone to scale to hundreds of thousands of
+users and millions of devices.
+
+#### The stack
+
+We weren't going to squander a good opportunity to rethink our stack choice, but
+it remained largely the same: the new Firezone would be built with Elixir for
+the control plane and Rust for the data plane.
+
+Why?
+
+Elixir has been getting lots of acclaim in recent years for its concurrency
+model and fault-tolerance features. And for good reason: it runs on Erlang's
+BEAM VM, the same technology that powers the telecom industry's most reliable
+systems. There's a good chance the device you're reading this on has an IP
+address handed out by an Erlang-powered telecom switch.
+
+As it turns out, managing connections for a remote access product is _a lot_
+like managing messages across a telecom network:
+
+```
+1. Peer A wants to connect to Peer B.
+2. Is it allowed?
+ Yes: here are their addresses and keys to secure the connection.
+ No: drop the connection.
+```
+
+And Elixir's concurrency model makes it easy to manage thousands of these
+connection "intents" on very little hardware -- just a few tiny VMs orchestrate
+all connections across all our customers, globally.
+
+And what about the data plane? For that, we turned to Rust.
+
+Rust forms the network backbone of Firezone, handling all the heavy lifting of
+encrypting and decrypting packets as they flow between Clients and Gateways. As
+far as systems languages go, Rust couldn't be a better fit for the job. Its
+memory safety guarantees eliminate entire classes of bugs that plague other
+systems languages, making it a great choice for a security-critical application
+like Firezone.
+
+And it has build targets for just about every platform under the sun. Our
+[core connectivity library](https://github.com/firezone/firezone/tree/main/rust/connlib),
+for example, runs reliably on iOS, Android, Windows, Linux, and macOS.
+
+We'll be sharing more about our stack choices in future blog posts, but suffice
+to say, we're very happy with the results so far.
+
+### What's unique about Firezone?
+
+There are a lot of remote access solutions out there, so what makes Firezone
+different?
+
+For starters, Firezone uses [WireGuard®](https://www.wireguard.com/) under the
+hood -- a new VPN protocol that's
+[faster](https://www.wireguard.com/performance) and
+[more secure](https://www.wireguard.com/formal-verification/) than traditional
+VPNs. But that's just the start.
+
+We learned from Firezone 0.x that organizations grappling with remote access at
+scale needed things like integrations with identity providers that keep
+directory information in sync, high availability features, and an easier way to
+manage access policies that don't require a PhD in network security.
+
+Firezone 1.0 delivers on all of that and more.
+
+#### Core concepts in 1.0
+
+Before we dive into the new features, let's first cover some core concepts new
+to Firezone:
+
+- **Resource**: A [Resource](/kb/deploy/resources) is any DNS name, IP, or
+ network (CIDR range) you wish to manage access for. DNS-based Resources can be
+ used to manage access to internal or external applications and optionally be
+ configured to match all subdomains as well. CIDR-based Resources can be used
+ to manage access for an entire subnets, similar to a traditional VPN.
+- **Gateway**: [Gateways](/kb/deploy/gateways) are Firezone servers that run on
+ your infrastructure. Gateways must be defined within a Site, and any traffic
+ to/from Resources associated with a Site will pass through one of that Site’s
+ Gateways. Gateways are designed to be lightweight and don't require persistent
+ storage to function.
+- **Site**: [Sites](/kb/deploy/sites) are user-created environments where admins
+ can manage Resources and the Gateways that enable access to those Resources. A
+ typical Site name might be `SJC lab 1`, `Chicago office`, or
+ `Testbench subnet`. All Gateways and Resources in a Site are assumed to be
+ able to reach each other in a shared network context such as a VPC or LAN.
+
+For a more detailed overview of these concepts, check out the
+[FAQ](/kb/reference/faq) and [glossary](/kb/reference/glossary) sections of our
+documentation.
+
+#### High availability
+
+The first major feature in 1.0 we should discuss is high availability. Firezone
+achieves high availability by allowing you to deploy multiple Gateways within a
+given Site.
+
+Each Firezone Gateway is a tiny, self-contained binary that needs
+[only a single environment](/kb/deploy/gateways) variable to function. Throw it
+in a VM, a container, or on an IoT device -- it's lightweight enough to run
+everywhere. Its sole purpose is to shuttle encrypted packets between Clients and
+Resources.
+
+After you [create a Site](/kb/deploy/sites), you can deploy as many Gateways
+into that Site as you'd like. All Gateways in the Site will work in unison to
+provide load balancing and automatic failover for all connections to Resources
+in the Site.
+
+If a Gateway goes offline or becomes overloaded, any Clients connected to it
+will automatically migrate their connections to a healthy Gateway in the Site.
+This process is completely transparent to the user and happens in most cases
+within a few seconds.
+
+Armed with this ability, admins can now enjoy a simple maintenance process: (1)
+take a Gateway down, (2) upgrade it, and (3) bring it back up. _That's it_. No
+more lengthy maintenance windows, backing up configurations, or worrying about
+extended downtime.
+
+A nice side effect of this architecture is that it provides near infinite
+horizontal scalability, which works as follows:
+
+When a Client wants to connect to a protected resource, it sends a connection
+intent message to the control plane API. If the intent is approved, the control
+plane responds with a healthy Gateway to connect to. If there are multiple
+healthy Gateways, the control plane will round-robin between them, effectively
+splitting the load across all Gateways in the Site.
+
+Need more throughput? Simple: deploy more Gateways. The control plane will
+automatically distribute the load across all of them.
+
+We think high availability is such a core feature in a remote access solution
+that we made failover and load balancing available **on all plans**, including
+the Starter tier. [Read more](/kb/deploy/gateways) about how it works in our
+documentation.
+
+#### Firewall hole-punching
+
+You know what's not fun? Configuring firewalls.
+
+More precisely, configuring your organization's cloud or corporate firewalls to
+allow incoming connections from the internet. Not only is it a pain to manage at
+scale, it also exposes your organization to all kinds of security risks.
+
+So we rearchitected Firezone to include the same NAT traversal techniques that
+WebRTC applications have enjoyed for years now:
+[STUN](https://www.rfc-editor.org/rfc/rfc8489.html) and
+[TURN](https://www.rfc-editor.org/rfc/rfc8553), known collectively as
+[ICE](https://datatracker.ietf.org/doc/html/rfc8445).
+
+As you can probably surmise from the above links, these are well-established
+standards for doing reliable NAT traversal. These have been battle-tested in the
+field for years across all kinds of products -- Firezone is only the latest to
+benefit from them.
+
+What does this mean for you? It means you can deploy Firezone without touching a
+single firewall configuration and still enjoy the same level of performance as
+if you did. Attack surface is minimized and connections are direct. It's a
+win-win.
+
+For the curious readers, you can find our implementation of ICE, aptly named
+"snownet", in our repository
+[here](https://github.com/firezone/firezone/tree/main/rust/connlib/snownet).
+
+#### Directory sync
+
+The last feature we want to highlight in this announcement is directory sync.
+Firezone currently supports directory sync for [Okta](https://www.okta.com/),
+[Entra ID](https://azure.microsoft.com/en-us/services/active-directory/), and
+[Google Workspace](https://workspace.google.com/), with more providers on the
+way.
+
+Anyone who's ever managed a large organization knows the pain of keeping user
+and group information in sync across multiple systems. It's a nightmare to
+manage manually. And it's error-prone, leading to security risks and compliance
+issues.
+
+Experienced admins will now be thinking, "But what about
+[SCIM](https://datatracker.ietf.org/doc/html/rfc7644)? Doesn't that make this
+easy?". Sadly, SCIM today is one of those standards that isn't. Entire
+[business models](https://www.workos.com) have been optimized to leverage
+inconsistencies in SCIM implementations across different identity providers.
+
+So Firezone doesn't use SCIM. Instead, we
+[built our very own directory sync engine](https://github.com/firezone/firezone/tree/main/elixir/apps/domain/lib/domain/auth)
+that can be extended to virtually any source of identity data, regardless of
+whether they support SCIM. If it has a REST API, we can probably sync with it.
+
+Directory sync is available only for the Enterprise plan so we can be sure it'll
+work reliably for your organization.
+[Read more](/kb/authenticate/directory-sync) about how it works or
+[contact sales](/contact/sales) if you'd like a first-hand demo.
+
+### What's next?
+
+We covered only a fraction of what's new in Firezone in this post. Go
+[sign up](https://app.firezone.dev/sign_up) and see what else is new for
+yourself, or [request a demo](/contact/sales) if you'd like to better understand
+how Firezone can help your organization.
+
+We have more to announce in the coming weeks, so
+[subscribe to our newsletter](/product/newsletter) below to stay in the loop.