Jamil
6e38fd558b
Revert "(fixed) Don't listen on port 80 if ACME is disabled ( #927 )" ( #930 )
...
This reverts commit bda920a065
2022-08-19 18:12:28 -07:00
Jamil
41ff3c3b3f
Cache node deps; fix minor docs typos ( #923 )
...
* Minor typo fixes
* cache node deps
* Remove unneeded script
* Remove unneeded script
* Remove redundant lint-docs step...
* Cache nodejs for static anal
* npm ci before use
* limit markdownlint to docs for now
* Move markdownlint config to root
2022-08-18 21:01:04 -07:00
Jamil
bda920a065
(fixed) Don't listen on port 80 if ACME is disabled ( #927 )
...
* don't listen on port 80 if acme is disabled
* restart nginx when changing acme settings
2022-08-18 18:34:04 -07:00
Jamil
91b64638ea
Revert "don't listen on port 80 if acme is disabled ( #921 )" ( #925 )
...
This reverts commit c38f57ca16
2022-08-17 20:24:32 -07:00
Jamil
06e3956317
create-or-reset-admin resets admin role to :admin ( #922 )
2022-08-17 19:53:29 -07:00
Jamil
c38f57ca16
don't listen on port 80 if acme is disabled ( #921 )
2022-08-17 14:30:38 -07:00
dependabot[bot]
42923c3ebe
Bump rubocop from 1.33.0 to 1.35.0 ( #919 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.33.0 to 1.35.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.33.0...v1.35.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-15 20:24:52 -07:00
Jamil
5d113ba251
Fix rules form ( #917 )
2022-08-11 17:18:50 -07:00
Jamil
a4340be61e
Fix endpoint placeholder & security overflow ( #916 )
...
* Use consistent placeholders
* Remove redundant text and overflow-x
2022-08-11 16:25:59 -07:00
Po Chen
6c2703869e
Use Dockerfile.prod ( #915 )
...
Signed-off-by: Po Chen <chenpaul914@gmail.com >
Signed-off-by: Po Chen <chenpaul914@gmail.com >
2022-08-11 11:19:04 -07:00
Jamil
db785d7ba2
Allow disabling the configuration of devices by unprivileged users ( #909 )
...
* Add all the config options, test should fail
* Don't show fields that can't be edited
* Remove unneeded leading match
* use str not ~r
* Choose Conf.get or @allow
* Add Docker env vars
2022-08-10 15:56:15 -07:00
Po Chen
c48ebcf9e7
Update image name and remove build ( #914 )
...
Signed-off-by: Po Chen <chenpaul914@gmail.com >
Signed-off-by: Po Chen <chenpaul914@gmail.com >
2022-08-10 15:56:00 -07:00
Jason G
36c605c36f
Docs fixes ( #911 )
...
* update architecture diagram
* fix edit this page link
* fix keywords not showing
* remove trailing slash
2022-08-10 14:51:20 -07:00
Jamil
5e60d2b442
Bump Wireguardex ( #912 )
2022-08-10 14:50:47 -07:00
Po Chen
9505d70f91
Prod image ( #887 )
...
* rename dockerfile
* use renamed dockerfile
* add Dockerfile.prod
* digest
* add publish image workflow
* add helper scripts
* start example docker compose
* fix workflow
* stage
* chmod
* stage
* nft
* must be root
* create path
* list address
* try alpine again
* remove nobody
* fix shared lib
* set wireguard endpoint
* config interface and route before starting server
* fix env var name
* move env var defaults into dockerfile
* persist private key
* migrate on start
* add create-or-reset-admin
* link env values
* clean up
* fix permission
* rename service
* add deploy
* persist pg data
* build version
* set version on build
* add gen_secrets
* fix typo
* move version to the end
* move up a little
* use map_join
* remove gen_secrets
* add gen-env
* cat
* gen more
* add telemetry
2022-08-10 14:42:38 -07:00
Andrew
be565a6897
Install script UX: ask to load wireguard mod & install missing deps for Debian repo ( #907 )
2022-08-09 14:23:29 -07:00
Jamil
ebb3d383d7
remove beta program ( #908 )
2022-08-09 11:37:54 -07:00
Jamil
0a7c16af17
Bump Wireguardex ( #906 )
2022-08-09 11:09:44 -07:00
Jason G
72e0458a73
Docs - add mfa instructions ( #904 )
...
* add mfa docs
* add client instructions
* ran npm in wrong folder
* grammar and titles
* broken link
* Update docs/docs/authenticate/multi-factor.md
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* Update docs/docs/authenticate/multi-factor.md
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* Update docs/docs/user-guides/client-instructions.md
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* Apply suggestions from code review
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* remove restart cmd
* update example on default.rb
* Update Gemfile.lock
* Update docs/docs/authenticate/README.md
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
Signed-off-by: Jason G <jason@firez.one >
* fix errors
* Update docs/docs/authenticate/README.md
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-08-09 07:25:13 -07:00
Jamil
5617a72910
Clarify when UI config is overriding ENV config ( #872 )
...
* Some minor clarification and UI polish
* Pull overrides from changeset
2022-08-08 21:14:06 -07:00
dependabot[bot]
80c182941a
Bump rubocop from 1.32.0 to 1.33.0 ( #898 )
...
Bumps [rubocop](https://github.com/rubocop/rubocop ) from 1.32.0 to 1.33.0.
- [Release notes](https://github.com/rubocop/rubocop/releases )
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rubocop/rubocop/compare/v1.32.0...v1.33.0 )
---
updated-dependencies:
- dependency-name: rubocop
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 13:25:31 -07:00
dependabot[bot]
32a1dd4b9d
Bump httpoison from 1.8.1 to 1.8.2 ( #899 )
...
Bumps [httpoison](https://github.com/edgurgel/httpoison ) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/edgurgel/httpoison/releases )
- [Commits](https://github.com/edgurgel/httpoison/compare/v1.8.1...v1.8.2 )
---
updated-dependencies:
- dependency-name: httpoison
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 13:25:09 -07:00
dependabot[bot]
62e3daaf8d
Bump wireguardex from 0.3.2 to 0.3.3 ( #900 )
...
Bumps [wireguardex](https://github.com/firezone/wireguardex ) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/firezone/wireguardex/releases )
- [Commits](https://github.com/firezone/wireguardex/compare/v0.3.2...v0.3.3 )
---
updated-dependencies:
- dependency-name: wireguardex
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 13:24:54 -07:00
Gabi
f03617b07f
nft rules match wireguard interface name ( #901 )
2022-08-08 12:56:33 -07:00
Jamil
4d73df77bc
Fix wording ( #895 )
2022-08-08 10:47:13 -07:00
Jamil
a6927b87d2
Remove docs link for older versions
...
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
2022-08-06 12:32:42 -07:00
Gabi
038f025220
Re-add port-based rules and gate them behind kernel version ( #890 )
...
* Revert "Revert "Add initial rough version of port based rules (#874 )" (#888 )"
This reverts commit 58e48457adjamilbk@users.noreply.github.com >
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-08-05 16:11:33 -07:00
Po Chen
4a2ab72eec
target blank ( #893 )
2022-08-05 08:53:53 -07:00
Jamil
d821ce8bf4
Move page subheaders under titles; minor cleanup ( #892 )
2022-08-04 09:30:42 -07:00
Jamil
30cc7d2552
Enable HSTS for Nginx ( #889 )
...
* Enable HSTS for Nginx
* Fix nesting hash
2022-08-03 16:16:51 -07:00
Jamil
58e48457ad
Revert "Add initial rough version of port based rules ( #874 )" ( #888 )
...
This reverts commit 55a311adec
2022-08-03 12:34:30 -07:00
Po Chen
2a5466a0fb
bumps and dev tweaks ( #886 )
2022-08-02 18:11:28 -07:00
Andrew
4ef461a7d0
Add notifications live view. ( #867 )
...
* Remove events module from UI and trigger events on DB notifies
* Add tests and take out error flash from ui for now.
* Use FzHttp.Devices.decode in devices/rules tests and remove commented line
* address PR feedback & fix race condition in interface test
* Clean up events & notifier based on PR feedback
* Add notifications live view, broadcast them through the notification channel
* Notification improvements (#869 )
* Flatten Notifications to make it more general and add timestamp
* Remove wildcard from notification channel in UserSocket
* Implement clear button for clearing notifications. Add icon helper
* Add broadcast helper
* UI fixes for notifications badge
* Add notifications live view tests
* Fix tests
* fix docs link, deleted wrong one in the merge!
* clean up tests based on pr feedback
Co-authored-by: Po Chen <chenpaul914@gmail.com >
2022-08-01 21:16:31 -07:00
Gabi
55a311adec
Add initial rough version of port based rules ( #874 )
...
* Add initial rough version of port based rules
* fix tests
* nftables refactor
* UI/database improvements
* UI and Int4Range improvements
* Multiple improvements
* Add tests for port rules
* minor refactor and update error message
* Fix error message for tests
* int4range refactor
2022-08-01 20:57:55 -07:00
Jamil
34902052eb
Fix algolia searchbar ( #884 )
2022-08-01 20:36:33 -07:00
Jamil
01fa25548e
Fix API key ( #883 )
2022-08-01 20:08:05 -07:00
Po Chen
89d74ba683
bump docusaurus ( #882 )
2022-08-01 19:51:41 -07:00
Andrew
2c88653c9a
Trigger events on device/rule/user insert and delete instead of from UI actions. ( #835 )
...
* Remove events module from UI and trigger events on DB notifies
* Add tests and take out error flash from ui for now.
* Use FzHttp.Devices.decode in devices/rules tests and remove commented line
* address PR feedback & fix race condition in interface test
* Clean up events & notifier based on PR feedback
* Reduce wait time for pg notifies
* Test Notifier event handling instead of using unboxed sandbox runs
2022-08-01 15:02:46 -07:00
dependabot[bot]
030fffa3d7
Bump postgrex from 0.16.3 to 0.16.4 ( #880 )
...
Bumps [postgrex](https://github.com/elixir-ecto/postgrex ) from 0.16.3 to 0.16.4.
- [Release notes](https://github.com/elixir-ecto/postgrex/releases )
- [Changelog](https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md )
- [Commits](https://github.com/elixir-ecto/postgrex/compare/v0.16.3...v0.16.4 )
---
updated-dependencies:
- dependency-name: postgrex
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-01 10:53:21 -07:00
dependabot[bot]
66b760474b
Bump credo from 1.6.5 to 1.6.6 ( #881 )
...
Bumps [credo](https://github.com/rrrene/credo ) from 1.6.5 to 1.6.6.
- [Release notes](https://github.com/rrrene/credo/releases )
- [Changelog](https://github.com/rrrene/credo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rrrene/credo/compare/v1.6.5...v1.6.6 )
---
updated-dependencies:
- dependency-name: credo
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-01 10:53:09 -07:00
Jamil
e0e780b7fa
Go easy on the x-forwarded-for header ( #877 )
2022-07-29 17:17:00 -07:00
Gabi
b2e292d4fd
remove http-related nginx config ( #866 )
...
* remove http-related nginx config
* Add more details about Nginx and reverse proxies to upgrade notes
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com >
2022-07-29 11:50:31 -07:00
Po Chen
30876da922
Reduce cast coverage ( #851 )
...
* remove cast role in create
* remove cast in update
this will fail
* Revert "remove cast role in create"
This reverts commit 217c62170f1f09987c6adbf7a5b3f467dd84034c.
* remove role in generic cast
* separate role and sign in token out from generic update
* handle empty value in put_password_hash
* separate last signed in at
* remove usage of removed changeset function
* fix clear sign in token
* improve tests
* fix tests
* split update user
* require password change
* fix test
* remove unused env var
2022-07-29 08:44:25 -07:00
Po Chen
4ba93bdce2
Fix config ui out of sync ( #875 )
...
* fix config ui out of sync
* fix and add more tests
* simplify tests
2022-07-29 08:22:27 -07:00
Jamil
d0499ae592
Don't fail fast for publishing to Cloudsmith ( #870 )
2022-07-28 14:41:34 -07:00
Andrew
5487a36e79
Restore the manual install steps to install server docs. ( #873 )
...
* Improve install docs some & restore the manual install steps
* Fix docs lint
* Remove space in RedHat
* fix typo
2022-07-28 14:39:00 -07:00
Gabi
493709858d
fixes parsing for ipv6 ( #871 )
2022-07-28 14:38:13 -07:00
Jamil
0c50ac677d
Fix new docs links ( #865 )
2022-07-27 20:48:39 -07:00
Gabi
01cb023cc2
detect force_ssl config and error out ( #864 )
...
* detect force_ssl config and error out
* Update omnibus/package-scripts/firezone/preinst
Signed-off-by: Jamil <jamilbk@users.noreply.github.com >
Co-authored-by: Jamil <jamilbk@users.noreply.github.com >
2022-07-27 19:08:21 -07:00
Jamil
c81650a49f
Add uid ( #861 )
2022-07-27 17:28:14 -07:00
