Why:
* When navigating around the portal, the title in the browser tab would
not show the accurate title of the current page. This commit adds
`page_title` to all pages. The value of the page title has been
choosen to correspond with the portal's left hand nav menu.
Additional:
* Along with the page titles, the `vertical_table` component was updated
to make the left hand headers use a class of `w-1/5` for consistency
across pages and to move the info a little further left on each page to
try and align it closer with other info on the page.
Here's an example of before and after:
<img width="1060" alt="before"
src="https://github.com/firezone/firezone/assets/2646332/6c56b550-98a5-4331-b1d3-c65ed9e24330">
<img width="1058" alt="after"
src="https://github.com/firezone/firezone/assets/2646332/c4753fee-ddea-4c67-9d5e-5b924260ea20">
Also refactored to extract an auth state machine. The auth logic
previously was scattered throughout the GUI module, which would make it
hard to audit. Because of the refactoring I was able to add some simple
unit tests.
the way we were checking for subdomains in the gateways completely
broke, didn't detect it before because the deployed staging version for
gateways is too old.
~~Added a few CI tests so this doesn't' happen again.~~ seems like
github runners [doesn't support pinging the outside
world](https://github.com/actions/runner-images/issues/1519) so I'm
putting that off for now.
Fulfills #3141
It took a little longer than I expected but since I'll be leaving the
client running all the time even on my dev laptop, I want to easily see
what version I built, even if I've changed branches since building it.
This isn't hooked up to the GUI yet, it's a debug subcommand.
I overheard that the other clients rebuild the tunnel when they change
networks, I think? And this might be useful for debugging the issue
where Chrome / other browsers don't flush their TCP connections when the
tunnel comes up. It's also reference code for how to use COM interfaces
in Rust. The official samples are a little sparse. So I wanted to get
this checked in.
- [x] make sure that session cookie for client is stored separately from
session cookie for the portal (will close#2647 and #2032)
- [x] #2622
- [ ] #2501
- [ ] show identity tokens and allow rotating/deleting them (#2138)
- [ ] #2042
- [ ] use Tokens context for Relays and Gateways to remove duplication
- [x] #2823
- [ ] Expire LiveView sockets when subject is expired
- [ ] Service Accounts UI is ambiguous now because of token identity and
actual token shown
- [ ] Limit subject permissions based on token type
Closes#2924. Now we extend the lifetime for client tokens, but not for
browsers.
Bumps [clap](https://github.com/clap-rs/clap) from 4.4.11 to 4.4.13.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/releases">clap's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.13</h2>
<h2>[4.4.13] - 2024-01-04</h2>
<h3>Documentation</h3>
<ul>
<li>Fix link to structopt migration guide</li>
</ul>
<h2>v4.4.12</h2>
<h2>[4.4.12] - 2023-12-28</h2>
<h3>Performance</h3>
<ul>
<li>Only ask <code>TypedValueParser</code> for possible values if
needed</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's
changelog</a>.</em></p>
<blockquote>
<h2>[4.4.13] - 2024-01-04</h2>
<h3>Documentation</h3>
<ul>
<li>Fix link to structopt migration guide</li>
</ul>
<h2>[4.4.12] - 2023-12-28</h2>
<h3>Performance</h3>
<ul>
<li>Only ask <code>TypedValueParser</code> for possible values if
needed</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2ab48b295c"><code>2ab48b2</code></a>
chore: Release</li>
<li><a
href="7a06a8cd61"><code>7a06a8c</code></a>
docs: Update changelog</li>
<li><a
href="cca190efed"><code>cca190e</code></a>
docs: Correct link to StructOpt migration guide</li>
<li><a
href="5c31f453c1"><code>5c31f45</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5281">#5281</a>
from Manishearth/safety-docs</li>
<li><a
href="ddae7e6f41"><code>ddae7e6</code></a>
Correct safety docs</li>
<li><a
href="48d28aa689"><code>48d28aa</code></a>
chore: Release</li>
<li><a
href="748ce18cc2"><code>748ce18</code></a>
docs: Update changelog</li>
<li><a
href="adbe6ec4cb"><code>adbe6ec</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5278">#5278</a>
from henry-hsieh/fix-nosort</li>
<li><a
href="2b48858ba8"><code>2b48858</code></a>
fix: Skip nosort option below bash 4.4</li>
<li><a
href="777b744102"><code>777b744</code></a>
Merge pull request <a
href="https://redirect.github.com/clap-rs/clap/issues/5277">#5277</a>
from clap-rs/renovate/actions-setup-python-5.x</li>
<li>Additional commits viewable in <a
href="https://github.com/clap-rs/clap/compare/v4.4.11...v4.4.13">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This PR makes the Apple client use the scheme defined in #2823 so that
the portal can use a consistent scheme for all clients.
It's a draft because it hasn't been integration-tested with the related
portal changes.
---------
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Related to this discussion
https://github.com/firezone/firezone/pull/2990#discussion_r1439629571
Add a dependency on the `tracing-panic` crate. This is about 100 lines
of code that adds a panic handle so app panics get a line number, file
name, etc. in the logs. No backtrace I think since we stripe symbols for
release builds. I _think_ the line numbers are baked into the panic
macro so those might still stay.
@conectado I should remove the debug command before closing it, right?
- Fix permissions and caps on each start
- Fixes incompatibility with some systemd versions that barf at the
inline `ExecStartPre`
- Fixes erroneous error printed by iptables
- Fixes masquerading not working for wireless interfaces
- Single-step systemd copy-paste command
- Fixes#2944
- Fixes#3124
- Fixes#3112
Tested on CentOS 7 and Ubuntu 22.04
Why:
* The previous font being used in the portal (Source Sans Pro) did not
have multiple weights available, which meant that the `font-*` classes
on all html tags were not being used. Switching to Source Sans 3
allows all but 1 (`font-thin` or `100` is not present) of the Tailwind
font sizes to be used.
Closes#2893
Attempt to fix#2881.
I can't reproduce the exact issue anymore, but I'm guessing activating
the app causes the web view window to lose selectedness. So we don't do
that in the PR.
Also, this PR fixes the scenario where the app is quit while the web
view is shown -- we now close the webview window in that case.
This will fix#3114 and save about 13 seconds at startup, compared to
shelling out to Powershell.
I'm not 100% sure it works for IPv6 routes - I'm setting port, flowinfo,
and scope to 0 and just assuming that it's fine.
For some reason Windows wants a socket address in this API even though I
don't think the port is used for anything.
When the tunnel crashes, we won't have a chance to write why the tunnel
disconnected in a file in the tunnel process. In that case too, this PR
makes the app try to reconnect.
Fixes#2898
Fixing a potential race when we update the login status (looking into
the keychain) from the tunnel auth status.
This might have been a cause for #2928 as well.
* Remove PostHog from product
* Remove PostHog from website
* Add Mixpanel to website
Why? PostHog is a bit too much overhead for simple analytics for us for
now, and some of the bugs we hit prevented us from using certain
workflows.
We are still tracking `ping` events from legacy instances in PostHog.
