Gabi
116de06bf4
Disallow netmasks in devices' ip to prevent overlaps in firewall ( #1140 )
...
* fix: disallow netmasks in devices' ip to prevent overlaps in firewall
/32 is still allowed for ipv4 and /128 is still allowed for ipv6.
No migration is needed since netmasks for devices ips were broken
before-hand.
* chore: rename `validate_single_ip` function and reword its error message
* Update pre-commit to allow slash
* fix restore cache
* Refactor a bit
* Fix clobbered restore-keys
* Break cache
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com >
2022-11-23 22:56:22 -08:00
Jamil
7e552ab06e
Add codespell ( #1142 )
...
* Add codespell
* Try codespell like this
* Use codespell config, not pre-commit
* ignore vendor
2022-11-23 22:31:32 -08:00
Kian-Meng Ang
ec5f0e24ae
Fix typos ( #1141 )
...
Found via `codespell -S omnibus,*.json,yarn.lock,seeds.exs -L keypair,keypairs,iif,statics,wee`
2022-11-23 21:42:54 -08:00
Jamil
11b24866ef
unless-stopped
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-23 21:22:16 -08:00
Jamil
71fa282274
unless-stopped
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-23 21:21:49 -08:00
Jamil
b13ece1e1c
Revert to on-failure
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-23 20:58:16 -08:00
Jamil
e0e9baf7bc
Revert to on-failure
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-23 20:57:47 -08:00
Jamil
1988cbe1de
Change restart policy to unless-stopped ( #1138 )
...
* restart: unless-stopped
* Use updated ruby action
2022-11-23 16:13:37 -08:00
Jamil
ddcbc4dbd5
Remove nodejs from test workflow ( #1131 )
2022-11-18 11:18:34 -08:00
Jamil
50b2ab83a0
Only test when view is mounted ( #1130 )
2022-11-18 11:18:17 -08:00
Jamil
5be9b2003b
Bump Elixir to 1.14.2, OTP to 25.1.2 ( #1129 )
...
* Bump Elixir to 1.14.2, OTP to 25.1.2
* bump tool versions
2022-11-18 09:55:54 -08:00
Jamil
340ec59109
Ensure phoenix 1.7 is in subproject ( #1128 )
2022-11-18 08:01:27 -08:00
Jason G
d11d553731
Add google SAML doc and update existing guides ( #1127 )
2022-11-17 17:29:14 -08:00
Jamil
a235b84aba
Add missing LOCAL_AUTH_ENABLED config ( #1124 )
2022-11-17 14:18:22 -08:00
Jamil
1054de6585
Fix intermittent assert_{patched,redirected} failures ( #1125 )
...
* Fix intermittent assert_{patched,redirected} failures
* Split into two
* Remove empty file dope
2022-11-17 11:58:58 -08:00
dependabot[bot]
529911fe7f
Bump remote_ip from 1.0.0 to 1.1.0 ( #1126 )
...
Bumps [remote_ip](https://github.com/ajvondrak/remote_ip ) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/ajvondrak/remote_ip/releases )
- [Commits](https://github.com/ajvondrak/remote_ip/compare/v1.0.0...v1.1.0 )
---
updated-dependencies:
- dependency-name: remote_ip
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-17 07:47:56 -08:00
Jamil
11695393f7
Update Phoenix to 1.7.0-rc.0 ( #1119 )
...
* Update Phoenix to 1.7.0-rc.0
* Should maybe compile without warnings now
* step 1: verified routes
* Use verified routes sigil
* Fix typos
* Formatter not working\?
* Fix formatter
* fix formatter file list
2022-11-17 07:06:39 -08:00
Tore Anderson
6a3fb2bfc2
Allow btree_gist extension to preexist ( #1122 )
...
This commit has the exact same rationale as cc280dae
2022-11-17 06:24:34 -08:00
Jamil
afe50ad248
Conventional Commits ( #1116 )
...
* chore: add conventional-commits
* Use branch for conventional commits
* Remove dupe workflow 🔨
2022-11-16 08:28:51 -08:00
Tore Anderson
cc280dae50
Allow pgcrypto extension to preexist ( #1114 )
...
The CREATE EXTENSION query requires superuser privileges, which means
that the Firezone container may not be allowed to execute it when
accessing an externally hosted database, resulting in the database
failing to initialise properly.
One potential workaround to this problem is to have the database admin
ascertain that the pgcrypto extension is already present and ready for
use, prior to starting the Firezone container for the first time.
Unfortunately, however, this currently fails in the following manner:
14:42:44.731 [info] execute "CREATE EXTENSION pgcrypto"
** (Postgrex.Error) ERROR 42710 (duplicate_object) extension "pgcrypto" already exists
Adding the IF NOT EXISTS condition to the CREATE EXTENSION query should
allow it to succeed.
2022-11-16 07:28:06 -08:00
Jamil
a994f3f350
Update esaml to properly parse signed assertions ( #1113 )
...
* Update esaml to properly parse signed assertions
* Add Jumpcloud SAML doc
* Add required fields to config
* Add required fields to config
* Fix typo
* Formatting
* Minor fixes
* More clarifying
* yet more typo fixes
* Fix test
2022-11-15 21:34:31 -08:00
Jamil
1df5db4251
Support end_session_uri, custom redirect_uri and PKCE ( #1110 )
...
* Checkpoint PKCE; Refactor state
* tests passing
* id_token_hint working
* Fix WGAdapter setting
* what happened to redirect_uri
* Add redirect_uri custom
* Remove dbg
* Fix nil logout
* session cleanup
* Remove unneeded fixtures
* redis disable
* Fix tests
2022-11-15 18:28:26 -08:00
Jason G
d4063e3032
Add onelogin and okta SAML docs ( #1108 )
...
* add onelogin doc
* add okta doc
* add okta and onelogin to main README
* wording and grammar
* remove SLO for now
* lint and table formatting
* trailing whitespace
* Update docs/docs/authenticate/saml/okta.mdx
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* Apply suggestions from code review
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* move provider support to top
Signed-off-by: Jason G <jason@firez.one >
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-15 12:55:01 -08:00
dependabot[bot]
9b531dd19b
Bump rubocop from 1.38.0 to 1.39.0 ( #1106 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.38.0 to 1.39.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.38.0...v1.39.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 09:06:25 -08:00
thermionic
eae4f1d9e5
Updated upgrade.mdx "docker-compose" to "docker compose" ( #1112 )
...
as docker compose v2 is now required for the install script, it makes sense to use the same in the docs...
Signed-off-by: thermionic <thermionic@lovius.net >
Signed-off-by: thermionic <thermionic@lovius.net >
2022-11-15 09:05:48 -08:00
Jamil
245f3d2d93
Backlink config reference to configure guide ( #1107 )
...
* add note on configuring
* typo
* Backlink to configure guide
* add note to docker
2022-11-15 08:52:03 -08:00
Jamil
911a82ce05
Update README.mdx
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-09 07:29:59 -08:00
Jamil
7bbf993eed
Update README.mdx
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-09 07:29:38 -08:00
Jamil
9b1982c408
Fix omnibus install link
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-09 00:18:11 -08:00
Jamil
c56bd7f85b
Add AsyncAPI WIP ( #1104 )
...
* Add AsyncAPI WIP
* Gateway asyncapi
2022-11-08 17:14:25 -08:00
dependabot[bot]
83ffc153e7
Bump rubocop from 1.37.1 to 1.38.0 ( #1096 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.37.1 to 1.38.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.37.1...v1.38.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-07 15:51:58 -08:00
dependabot[bot]
47a6eedb17
Bump floki from 0.33.1 to 0.34.0 ( #1097 )
...
Bumps [floki](https://github.com/philss/floki ) from 0.33.1 to 0.34.0.
- [Release notes](https://github.com/philss/floki/releases )
- [Changelog](https://github.com/philss/floki/blob/main/CHANGELOG.md )
- [Commits](https://github.com/philss/floki/compare/v0.33.1...v0.34.0 )
---
updated-dependencies:
- dependency-name: floki
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-07 15:51:37 -08:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
4de45306be
fetch logo from config instead of default image ( #1098 )
...
Signed-off-by: (╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW <mostafa.hussein91@gmail.com >
Signed-off-by: (╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW <mostafa.hussein91@gmail.com >
2022-11-07 09:55:26 -08:00
Jamil
a9cf51bcf8
Use IP for firezone ( #1102 )
2022-11-07 09:41:43 -08:00
Jamil
5d545da398
double-quote ( #1095 )
2022-11-05 15:01:05 -07:00
Jamil
4f4556d1c8
tlsOpts ( #1094 )
2022-11-05 14:51:34 -07:00
Jamil
5f14b1ab30
use tls opts ( #1093 )
2022-11-05 11:56:22 -07:00
Gabi
029891c69e
Build/fix no prefix ( #1089 )
...
* fix: use caddy in host network_mode and make sure urls have a scheme
* fix: remove unnecesary exposed ports
* fix: remove support for hostnames begining with // since caddy doesn't support it
* Fix schemeless external URLs; error on invalid ones (#1090 )
* Fix schemeless external URLs; error on invalid ones
* use different dockerfile for linux vs non-linux
* Use conditional EXTERNAL_URL defaults
* suppress empty warning
* postgres volume location
* Use inline Caddyfile
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-03 19:36:37 -07:00
Andrew Austin
85494de270
Allow RELEASE_NAME to be overridden in environment ( #1087 )
...
RELEASE_NAME was locked to a static value which prevented multiple
instances of Firezone from running in the same network namespace
(i.e. using net=host in a container). This change uses the value of
the RELEASE_NAME environment variable and defaults to the current
static value if not set.
2022-11-03 19:31:45 -07:00
Jamil
368ff3e55c
Add restart note ( #1085 )
...
* Update README.mdx
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
* Update docs/docs/deploy/docker/README.mdx
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-03 11:58:19 -07:00
Jamil
81ea2a3763
remove rest api reference ( #1088 )
2022-11-03 11:52:08 -07:00
Andrew
85359bdb11
Add a building from source doc for Firezone ( #1078 )
...
* Add a building from source doc for Firezone
* Apply suggestions from code review
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Andrew Rousset <andrew@firezone.dev >
Signed-off-by: Andrew Rousset <andrew@firezone.dev >
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-01 12:48:57 -07:00
Jamil
b77eb394b3
check for docker compose before docker-compose ( #1084 )
...
* check for docker compose before docker-compose
* fix docker compose check
* formatting
2022-11-01 11:35:59 -07:00
dependabot[bot]
8333d4a97f
Bump plug_cowboy from 2.5.2 to 2.6.0 ( #1082 )
...
Bumps [plug_cowboy](https://github.com/elixir-plug/plug_cowboy ) from 2.5.2 to 2.6.0.
- [Release notes](https://github.com/elixir-plug/plug_cowboy/releases )
- [Changelog](https://github.com/elixir-plug/plug_cowboy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/elixir-plug/plug_cowboy/compare/v2.5.2...v2.6.0 )
---
updated-dependencies:
- dependency-name: plug_cowboy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-11-01 10:47:22 -07:00
dependabot[bot]
de4a010e7a
Bump andstor/file-existence-action from 1 to 2 ( #1080 )
...
Bumps [andstor/file-existence-action](https://github.com/andstor/file-existence-action ) from 1 to 2.
- [Release notes](https://github.com/andstor/file-existence-action/releases )
- [Commits](https://github.com/andstor/file-existence-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: andstor/file-existence-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 10:46:23 -07:00
dependabot[bot]
6c0f8b8b58
Bump plug from 1.13.6 to 1.14.0 ( #1083 )
...
Bumps [plug](https://github.com/elixir-plug/plug ) from 1.13.6 to 1.14.0.
- [Release notes](https://github.com/elixir-plug/plug/releases )
- [Changelog](https://github.com/elixir-plug/plug/blob/main/CHANGELOG.md )
- [Commits](https://github.com/elixir-plug/plug/compare/v1.13.6...v1.14.0 )
---
updated-dependencies:
- dependency-name: plug
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 09:32:19 -07:00
dependabot[bot]
3b1c2eef6a
Bump phoenix_live_reload from 1.3.3 to 1.4.0 ( #1081 )
...
Bumps [phoenix_live_reload](https://github.com/phoenixframework/phoenix_live_reload ) from 1.3.3 to 1.4.0.
- [Release notes](https://github.com/phoenixframework/phoenix_live_reload/releases )
- [Changelog](https://github.com/phoenixframework/phoenix_live_reload/blob/master/CHANGELOG.md )
- [Commits](https://github.com/phoenixframework/phoenix_live_reload/commits )
---
updated-dependencies:
- dependency-name: phoenix_live_reload
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-01 08:50:12 -07:00
Jamil
e085f5dffb
specify caddy-opts ( #1077 )
2022-10-28 17:35:11 -07:00
Jamil
22fe7861e9
Use named volume for postgres ( #1076 )
2022-10-28 17:31:32 -07:00
Jamil
45ef146532
Fix links related to ignoreSlash ( #1075 )
2022-10-28 13:59:06 -07:00
