Temporary workaround for a rare issue where many peers (> hundreds)
cause a timeout for the `GenServer.call` function, preventing the
`wireguard_public_key` from being set properly.
This will be removed in 0.8, so only an increased timeout is needed for
now.
1. When OIDC/SAML is deleted the state of the LV socket becomes invalid
and basically makes it looks like everything was deleted
2. When there is more than one OIDC/SAML config trying to delete it
leads to a crash
3. Updates of OIDC/SAML were messy and hard to follow, they are reworked
and more tests are added around them
Closes#1382
Regression was introduced in #1350: the path order did not allow auth
callback to be ever called.
Additionally, acceptance tests for SAML are added and we added a
blacklist of SAML config ids to prevent further route collisions.
Fixes#1362
Refs #1353
I was looking for a `refute_el` helper to check for `.modal.is-active`
*not* being on the page, but that would take time to write 😅
This checks to ensure the URL is updated, which should cause the
`@live_action` to change, the view to be patched, and the modal to be
dismissed, but isn't the most straightforward way to make sure the modal
isn't visible.
We've hit this problem twice before (am not successful this morning
finding the relevant issues):
* If the WebSocket is flapping, the event may not register. But usually
the browser will refresh if this is the case (we have a red indicator in
the upper-right to indicate if the websocket is not connected, i.e. the
views aren't "live")
* A CSS bug caused the click event to target the wrong LiveView PID (the
modal's parent I believe), which ended up crashing it because it didn't
have the "close" event handler defined. I believe the escape keydown
still closed the view though in that case.
This feels more like the first issue, given the acceptance test is
passing.
Co-authored-by: Andrew Dryga <andrew@dryga.com>
Ref: #1316
This additionally adds static-analysis and type-check steps to `test`
workflow. Even though they run in a separate workflow I feel like we
might want to remove dialyzer from pre-commit hook as it sometimes takes
a lot of time, especially if you do checkout between branches that
change deps often and slows down when you commit rapidly.
1. We enforce `last_used_at` to be not nil at the database level
2. The `name` is now unique to prevent ambiguity, it also can't be
longer than 255 chars
3. The MFA module was rewritten to follow the style applied to Users
before with much better test coverage, its API changed to be less
generic (like just create/update -> create/use_code)
4. The multi-step form was reworked to use new methods instead of
changeset and doing direct `Repo.insert/1`.
Closes#1323
This codepath was being skipped in the `test` env, which is no longer
necessary. This caused a runtime error that failed to show up in tests
because the codepath was being skipped.
Refs #1341
This edgecase happens when `WIREGUARD_IPV4_ENABLED` or
`WIREGUARD_IPV6_ENABLED` are set to `false`; when a new device is
generated, we don't allocate an IP for it. This causes a failed function
match, and should be handled instead by simply skipping the `nil` IP
from being added to the user's `nftables` group.
**Note**: This functionality will be removed with the release of the
gateway's eBPF packet filter in 0.8.
Fixes#1331
1. `auto_create_users` default value is removed. We want to avoid
situations when admins integrate OIDC/SAML providers and don't expect
anyone that has access to it to automatically gain access to VPN, which
is especially critical for providers like Google Workspace, where all
employees typically have access.
2. OpenID library was completely rewritten and a new version is
integrated. It will allow async tests and better scales for the cloud
version of the panel.
3. `Mox` was removed, we don't test modules by overriding them to
prevent breaking changes that tests can't capture.
4. Deps are reordered and unused ones are removed.
5. Browser/e2e tests are added to ensure we won't break UI features in
the future, allowing for front-end refactoring.
6. Users context was overhauled for better code clarity.
Adds a minimal supervision tree for making DB changes from the
`FzHttp.Release` module. This allows the `bin/create-or-reset-admin` and
`bin/create-api-token` commands to be with `docker compose exec` or
`docker compose run --rm` indiscriminately.
Starting the FzHttp.Repo directly is more involved it's not compiled
into the release as an OTP app.
The migration is edited in place. Otherwise, the users that partially
upgraded to 0.7 won't be able to proceed.
Another migration is added to add default values for every table that
did not have it to make things consistent and make sure that both users
that have failed migration executed and the ones that executed it
successfully will end up with the same schema.
Closes#1295
1. The test data is taken from tests, you can override attributes by
adding keyword params to `doc` macro;
2. Additionally, you can add a section title using a `@moduledoc` in a
controller and a controller action title using `@doc` on a controller
function. (It will be added to all instances of its usage).
3. To make parameters nice a helper was added to build it using
`DocHelper`, you can find an example in UserController.
Overall, the code is messy, I'll need to revisit it, but was doing it in
a rush so hope it's good enough for v0.
Results you can see at https://firezone.docs.apiary.io/.
To generate it locally run `DOC=1 mix test
test/fz_http_web/controllers/json`.
Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
Adds a mechanism for generating API tokens from the CLI. Requires the
default admin user to be present. From there the token can be used to
create additional admins. In the future, we could allow specifying a
user's email to generate the token for.
Generate like so:
```
docker compose run --rm firezone bin/create-api-token
```
Expose the most commonly-used SSL client options to our OIDC and
ConnectivityChecks HTTP clients. Resolves some lingering issues some
users were facing with OIDC where they needed a custom TLS version
enforced or cacert file used to fetch the `discovery_document` and
resulting keys.
SSL misconfiguration can be a security concern, so we intentionally puke
when an unexpected key is passed. This should result in a new GitHub
issue being opened and dialog created to learn more about the use-case.
Fixes#996
### TODO
- [x] "/v0"
- [x] Double-check migration order; re-timestamp if necessary
- [x] Move `sites` fields to `configurations` so they can be updated
from API
- [x] #1240 -- it introduces possible race conditions for API requests
- [x] #1249
- [ ] #1008
- [ ] Final review
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Andrew Dryga <andrew@dryga.com>
This PR also moves to `yarn` for docs package management for improved
speed, security, and developer experience. Docusaurus prefers yarn.
Refs firezone/marketing#126
Client configs will be generated based on runtime configuration
stored in the `sites` table, while server configuration (which
requires a restart of the server) will be configurable via ENV vars.
Refs #1270
