github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,853 Commits 1 Branch 0 Tags
7e85555da319b3e23fd65e23976d08e2e46db45d
Commit Graph

1853 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
7e85555da3 Bump credo from 1.6.6 to 1.6.7 (#948) 
Bumps [credo](https://github.com/rrrene/credo) from 1.6.6 to 1.6.7.
- [Release notes](https://github.com/rrrene/credo/releases)
- [Changelog](https://github.com/rrrene/credo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rrrene/credo/compare/v1.6.6...v1.6.7)

---
updated-dependencies:
- dependency-name: credo
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-07 14:34:13 -07:00
leriel
43537a50b1 Update alpine version to match one available for hexpm/elixir (#946) 2022-09-02 07:57:15 -07:00
Jamil
ea67535f9a Bump runtimes; deps; postgres 13.5 -> 13.8 (#944) 
* Bump deps; runtimes; pg to 13.8

* bump npm deps

* Bump nginx

* Use PCRE over PCRE2
 2022-09-01 21:08:37 -07:00
Jamil
9f862484df Redirect http -> https when acme is enabled (#942) 2022-08-30 14:28:37 -07:00
Jamil
f384db2444 Trim whitespace on string fields (#941) 
* Trim whitespace on string fields

* Update apps/fz_http/lib/fz_http/shared_validators.ex

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
 2022-08-30 14:26:40 -07:00
Gabi
40120b5b26 remove ct != established from rules (#940) 2022-08-30 13:18:33 -07:00
Jamil
a3f5e0613f Prevent autocompleting passwords in FF (#936) 2022-08-29 23:04:53 -07:00
Jamil
bc7bdb3386 Add ip exhaustion error to base to show when fields are hidden (#935) 
* Add ip exhaustion error to base to show when fields are hidden

* Add tmp as an empty dir

* Bump deps
 2022-08-29 22:32:05 -07:00
Jamil
0900a9fd86 Use dummy ACME cert initially; Reload nginx immediately before ACME issuance (#928) 
* Only inject cert if exists

* Generate a temporary self-signed cert until ACME issues one

* Fix typo

* Update omnibus/cookbooks/firezone/recipes/nginx.rb

Co-authored-by: Gabi <gabriel@firezone.dev>
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>

* Restart nginx immediately

* Remove redundant logic

* Use execute

* Update docs with note

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Gabi <gabriel@firezone.dev>
 2022-08-22 21:42:14 -07:00
dependabot[bot]
e4de365d14 Bump rubocop from 1.35.0 to 1.35.1 (#932) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.35.0 to 1.35.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.35.0...v1.35.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-22 11:40:10 -07:00
dependabot[bot]
01986bf8e7 Bump ex_doc from 0.28.4 to 0.28.5 (#933) 
Bumps [ex_doc](https://github.com/elixir-lang/ex_doc) from 0.28.4 to 0.28.5.
- [Release notes](https://github.com/elixir-lang/ex_doc/releases)
- [Changelog](https://github.com/elixir-lang/ex_doc/blob/v0.28.5/CHANGELOG.md)
- [Commits](https://github.com/elixir-lang/ex_doc/compare/v0.28.4...v0.28.5)

---
updated-dependencies:
- dependency-name: ex_doc
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-22 11:39:55 -07:00
Jamil
6e38fd558b Revert "(fixed) Don't listen on port 80 if ACME is disabled (#927)" (#930) 
This reverts commit bda920a065.
 2022-08-19 18:12:28 -07:00
Jamil
41ff3c3b3f Cache node deps; fix minor docs typos (#923) 
* Minor typo fixes

* cache node deps

* Remove unneeded script

* Remove unneeded script

* Remove redundant lint-docs step...

* Cache nodejs for static anal

* npm ci before use

* limit markdownlint to docs for now

* Move markdownlint config to root
 2022-08-18 21:01:04 -07:00
Jamil
bda920a065 (fixed) Don't listen on port 80 if ACME is disabled (#927) 
* don't listen on port 80 if acme is disabled

* restart nginx when changing acme settings
 2022-08-18 18:34:04 -07:00
Jamil
91b64638ea Revert "don't listen on port 80 if acme is disabled (#921)" (#925) 
This reverts commit c38f57ca16.
 2022-08-17 20:24:32 -07:00
Jamil
06e3956317 create-or-reset-admin resets admin role to :admin (#922) 2022-08-17 19:53:29 -07:00
Jamil
c38f57ca16 don't listen on port 80 if acme is disabled (#921) 2022-08-17 14:30:38 -07:00
dependabot[bot]
42923c3ebe Bump rubocop from 1.33.0 to 1.35.0 (#919) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.33.0 to 1.35.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.33.0...v1.35.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-15 20:24:52 -07:00
Jamil
5d113ba251 Fix rules form (#917) 2022-08-11 17:18:50 -07:00
Jamil
a4340be61e Fix endpoint placeholder & security overflow (#916) 
* Use consistent placeholders

* Remove redundant text and overflow-x
 2022-08-11 16:25:59 -07:00
Po Chen
6c2703869e Use Dockerfile.prod (#915) 
Signed-off-by: Po Chen <chenpaul914@gmail.com>

Signed-off-by: Po Chen <chenpaul914@gmail.com>
 2022-08-11 11:19:04 -07:00
Jamil
db785d7ba2 Allow disabling the configuration of devices by unprivileged users (#909) 
* Add all the config options, test should fail

* Don't show fields that can't be edited

* Remove unneeded leading match

* use str not ~r

* Choose Conf.get or @allow

* Add Docker env vars
 2022-08-10 15:56:15 -07:00
Po Chen
c48ebcf9e7 Update image name and remove build (#914) 
Signed-off-by: Po Chen <chenpaul914@gmail.com>

Signed-off-by: Po Chen <chenpaul914@gmail.com>
 2022-08-10 15:56:00 -07:00
Jason G
36c605c36f Docs fixes (#911) 
* update architecture diagram

* fix edit this page link

* fix keywords not showing

* remove trailing slash
 2022-08-10 14:51:20 -07:00
Jamil
5e60d2b442 Bump Wireguardex (#912) 2022-08-10 14:50:47 -07:00
Po Chen
9505d70f91 Prod image (#887) 
* rename dockerfile

* use renamed dockerfile

* add Dockerfile.prod

* digest

* add publish image workflow

* add helper scripts

* start example docker compose

* fix workflow

* stage

* chmod

* stage

* nft

* must be root

* create path

* list address

* try alpine again

* remove nobody

* fix shared lib

* set wireguard endpoint

* config interface and route before starting server

* fix env var name

* move env var defaults into dockerfile

* persist private key

* migrate on start

* add create-or-reset-admin

* link env values

* clean up

* fix permission

* rename service

* add deploy

* persist pg data

* build version

* set version on build

* add gen_secrets

* fix typo

* move version to the end

* move up a little

* use map_join

* remove gen_secrets

* add gen-env

* cat

* gen more

* add telemetry
 2022-08-10 14:42:38 -07:00
Andrew
be565a6897 Install script UX: ask to load wireguard mod & install missing deps for Debian repo (#907) 2022-08-09 14:23:29 -07:00
Jamil
ebb3d383d7 remove beta program (#908) 2022-08-09 11:37:54 -07:00
Jamil
0a7c16af17 Bump Wireguardex (#906) 2022-08-09 11:09:44 -07:00
Jason G
72e0458a73 Docs - add mfa instructions (#904) 
* add mfa docs

* add client instructions

* ran npm in wrong folder

* grammar and titles

* broken link

* Update docs/docs/authenticate/multi-factor.md

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Jason G <jason@firez.one>

* Update docs/docs/authenticate/multi-factor.md

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Jason G <jason@firez.one>

* Update docs/docs/user-guides/client-instructions.md

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Jason G <jason@firez.one>

* Apply suggestions from code review

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Jason G <jason@firez.one>

* remove restart cmd

* update example on default.rb

* Update Gemfile.lock

* Update docs/docs/authenticate/README.md

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Signed-off-by: Jason G <jason@firez.one>

* fix errors

* Update docs/docs/authenticate/README.md

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2022-08-09 07:25:13 -07:00
Jamil
5617a72910 Clarify when UI config is overriding ENV config (#872) 
* Some minor clarification and UI polish

* Pull overrides from changeset
 2022-08-08 21:14:06 -07:00
dependabot[bot]
80c182941a Bump rubocop from 1.32.0 to 1.33.0 (#898) 
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.32.0 to 1.33.0.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.32.0...v1.33.0)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-08 13:25:31 -07:00
dependabot[bot]
32a1dd4b9d Bump httpoison from 1.8.1 to 1.8.2 (#899) 
Bumps [httpoison](https://github.com/edgurgel/httpoison) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/edgurgel/httpoison/releases)
- [Commits](https://github.com/edgurgel/httpoison/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: httpoison
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-08 13:25:09 -07:00
dependabot[bot]
62e3daaf8d Bump wireguardex from 0.3.2 to 0.3.3 (#900) 
Bumps [wireguardex](https://github.com/firezone/wireguardex) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/firezone/wireguardex/releases)
- [Commits](https://github.com/firezone/wireguardex/compare/v0.3.2...v0.3.3)

---
updated-dependencies:
- dependency-name: wireguardex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-08 13:24:54 -07:00
Gabi
f03617b07f nft rules match wireguard interface name (#901) 2022-08-08 12:56:33 -07:00
Jamil
4d73df77bc Fix wording (#895) 2022-08-08 10:47:13 -07:00
Jamil
a6927b87d2 Remove docs link for older versions 
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
 2022-08-06 12:32:42 -07:00
Gabi
038f025220 Re-add port-based rules and gate them behind kernel version (#890) 
* Revert "Revert "Add initial rough version of port based rules (#874)" (#888)"

This reverts commit 58e48457ad.

* gate port rule depending on kernel version

* fix version comparision

* allow for no port-related values when creating rule event

* Fix struct accessor

* fix getting port type in rule list component

* small fix

* oops

* hide port-related display on disabled port-rules

* Gate table headers

* update port-based rule for boot-up only and update ui

* fix tests

* fix disable button

* Minor UI and wording update

* Add firewall functional tests

* fix functional testing

* add debug log for functional debugging

* fix

* Fix functional testing by preventing overlap

* remove sudo from functional firewall tests

* fix error message

* fix firewall ci

* re-adding sudo to functional test

* fix expected results in functional test

* Apply suggestions

* Update apps/fz_http/lib/fz_http_web/live/rule_live/rule_list_component.html.heex

Signed-off-by: Jamil <jamilbk@users.noreply.github.com>

Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
 2022-08-05 16:11:33 -07:00
Po Chen
4a2ab72eec target blank (#893) 2022-08-05 08:53:53 -07:00
Jamil
d821ce8bf4 Move page subheaders under titles; minor cleanup (#892) 2022-08-04 09:30:42 -07:00
Jamil
30cc7d2552 Enable HSTS for Nginx (#889) 
* Enable HSTS for Nginx

* Fix nesting hash
 2022-08-03 16:16:51 -07:00
Jamil
58e48457ad Revert "Add initial rough version of port based rules (#874)" (#888) 
This reverts commit 55a311adec.
 2022-08-03 12:34:30 -07:00
Po Chen
2a5466a0fb bumps and dev tweaks (#886) 2022-08-02 18:11:28 -07:00
Andrew
4ef461a7d0 Add notifications live view. (#867) 
* Remove events module from UI and trigger events on DB notifies

* Add tests and take out error flash from ui for now.

* Use FzHttp.Devices.decode in devices/rules tests and remove commented line

* address PR feedback & fix race condition in interface test

* Clean up events & notifier based on PR feedback

* Add notifications live view, broadcast them through the notification channel

* Notification improvements (#869)

* Flatten Notifications to make it more general and add timestamp

* Remove wildcard from notification channel in UserSocket

* Implement clear button for clearing notifications. Add icon helper

* Add broadcast helper

* UI fixes for notifications badge

* Add notifications live view tests

* Fix tests

* fix docs link, deleted wrong one in the merge!

* clean up tests based on pr feedback

Co-authored-by: Po Chen <chenpaul914@gmail.com>
 2022-08-01 21:16:31 -07:00
Gabi
55a311adec Add initial rough version of port based rules (#874) 
* Add initial rough version of port based rules

* fix tests

* nftables refactor

* UI/database improvements

* UI and Int4Range improvements

* Multiple improvements

* Add tests for port rules

* minor refactor and update error message

* Fix error message for tests

* int4range refactor
 2022-08-01 20:57:55 -07:00
Jamil
34902052eb Fix algolia searchbar (#884) 2022-08-01 20:36:33 -07:00
Jamil
01fa25548e Fix API key (#883) 2022-08-01 20:08:05 -07:00
Po Chen
89d74ba683 bump docusaurus (#882) 2022-08-01 19:51:41 -07:00
Andrew
2c88653c9a Trigger events on device/rule/user insert and delete instead of from UI actions. (#835) 
* Remove events module from UI and trigger events on DB notifies

* Add tests and take out error flash from ui for now.

* Use FzHttp.Devices.decode in devices/rules tests and remove commented line

* address PR feedback & fix race condition in interface test

* Clean up events & notifier based on PR feedback

* Reduce wait time for pg notifies

* Test Notifier event handling instead of using unboxed sandbox runs
 2022-08-01 15:02:46 -07:00
dependabot[bot]
030fffa3d7 Bump postgrex from 0.16.3 to 0.16.4 (#880) 
Bumps [postgrex](https://github.com/elixir-ecto/postgrex) from 0.16.3 to 0.16.4.
- [Release notes](https://github.com/elixir-ecto/postgrex/releases)
- [Changelog](https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/elixir-ecto/postgrex/compare/v0.16.3...v0.16.4)

---
updated-dependencies:
- dependency-name: postgrex
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-08-01 10:53:21 -07:00