The sidebar was missing a conditional check when displaying the API
Clients link. This was only a bug in the sidebar UI as visiting the
actual API clients URL path showed a `404` as expected when the REST API
feature was disabled.
The client authentication had previously been using liveview and passing
params around using URL query params. One of the issues with using
liveview for this task was that there edge case issues on certain
clients with the websocket connection. Along with that, to have even
more security during the login process, the query param values that were
passed after the client was authenticated have been moved to an HTTP
cookie with very strict flags set.
The deep link redirection now uses a new HTTP endpoint that returns a
302 with the deep link as the location, which is triggered using a
`<meta http-equiv="refresh">` tag on the client.
`relays` will be removed from `prepare_connection` in a few weeks after
we release a version that reads them from `init` message. Keep in mind
technically `relays` list can be empty, it would be nice if clients
would log an error or show it in such cases.
- Add logs export example, fixes#4051
- Use brand color palette for `pre` blocks
These have been updated to match our colorscheme.
Code blocks (\`\`\`elixir) will pull in the syntax highlighting but
these simple ones will use our color palette:
<img width="780" alt="Screenshot 2024-04-10 at 7 18 02 PM"
src="https://github.com/firezone/firezone/assets/167144/166cd5a7-c8cd-456b-a1c1-5faeab20d0f8">
Why:
* As work on the portal REST API has begun, there was a need to easily
provision API tokens to allow testing of the new API endpoints being
created. Adding the API Client UI allows for this to be done very easily
and will also be used once the API is ready to be consumed by customers.
Closes#2368
Why:
* When creating or editing an actor, the previous form had a
multi-select input that would list all groups in the account. In order
to select or deselect groups, you would need to hold down ctrl or cmd on
the keyboard and click a given group. This worked when there were a very
small number of groups, but if an account had a moderate number of
groups it became very difficult. Along with that, it was also easy to
accidentally forget to hold down ctrl/cmd and click a group, which would
clear all previously selected groups. This commit moves the group
selection out from the new/edit actor pages and creates a new actor
group edit page that allows a user to search for groups as well as
making it easy to select which group should be added or removed.
Fixes#4372
<img width="1008" alt="Screenshot 2024-04-03 at 1 37 25 AM"
src="https://github.com/firezone/firezone/assets/2646332/bca9163b-bbaf-49ef-b3b9-8c6770e8c307">
Why:
* When viewing an actor in the portal, all of the groups were listed in
the top info table. This works for a small number of groups, but becomes
difficult to use when an actor is in a large number of groups. This
commit moves that information to it's own `live_table` element so that
it's easier to parse and can be paginated.
Why:
* This commit was not intended to be a sweeping UI change, but rather a
quick pass over the portal to make sure things were consistent and also
to update small UI elements that were discussed offline.
Why:
* A bug was present in the actor edit page that prevented updating an
actor due to managed and synced groups being sent as part of the form
submission. Along with that, if a user manually removed the managed
group(s) from the form submission, the actor being edited would be
removed from the managed group, which should not be allowed.
* There was also another small bug which prevent an admin actor from
being updated at all if they were the only admin in the account.
Fixes issues from logs.
Closes#4274 and similar issues for activities.
Simplifies error handling for live tables (we just reset filters with a
message when they are invalid because just showing an error 422 is not
actionable).
- [x] Updated log level string for client and gateways to info or higher
- [x] Update logs to hide DNS information
I also removed `hickory_resolve` errors which could contain sensitive
info from our general error and hide the logs that specifically relates
to them.
@bmanifold double checking that the log levels in the gateway's `*.tf`
files are just used for our own gateways.
Also, the relays still have `debug`, since only we see that I think that
makes sense but double checking with @jamilbk
Fixes: #3618.
---------
Signed-off-by: Gabi <gabrielalejandro7@gmail.com>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
This example will work once our latest gateway is pushed to GitHub
Container Registry, but to test it for now a few overrides can be added
to the `main.tf` to use our Google Artifact Registry and local module
instead:
```diff
module "gateways" {
-- source = "github.com/firezone/firezone/terraform/modules/google-cloud/apps/gateway-region-instance-group"
++ source = "../../../modules/google-cloud/apps/gateway-region-instance-group"
...
++ container_registry = "us-east1-docker.pkg.dev"
++ image_repo = "firezone-prod/firezone"
++ image = "gateway"
}
```
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Andrew Dryga <andrew@dryga.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Why:
* In order to allow easy testing of billing / Stripe integration, the
staging environment needs to allow members of the Firezone team access
to create new accounts, while disallowing the general public to create
accounts. The account creation override functionality allows for
multiple domains to be set by ENV variable by passing a comma separated
string of domains.
---------
Co-authored-by: Andrew Dryga <andrew@dryga.com>
@bmanifold fixed a few instances in #3739 but I went ahead and replaced
all of them, once we merge it and rebase #3739 on top of it the diff
should be minimal.
