e096ec39d5
Enable roaming for mobile ( #827 )
2023-04-28 16:26:54 +02:00
7f5e1c623e
Use forked Wireguard-go for custom bind ( #823 )
...
Update go version to 1.20
Use forked wireguard-go repo because of custom Bind implementation
2023-04-27 17:50:45 +02:00
afaa3fbe4f
Use local time zone for display last update changes ( #825 )
...
* Use local time zone for display last update changes
* using TZ UTC for testing purposes
* use init func
2023-04-27 16:02:00 +02:00
6fec0c682e
Merging full service user feature into main ( #819 )
...
Merging full feature branch into main.
Adding full support for service users including backend objects, persistence, verification and api endpoints.
2023-04-22 12:57:51 +02:00
45224e76d0
fallback to olde keys if failing to fetch refreshed keys
2023-04-21 13:34:52 +03:00
c2e90a2a97
feat: add support for custom device hostname ( #789 )
...
Configure via --hostname (or -n) flag in the `up` and `login` commands
---------
Signed-off-by: Chinmay D. Pai <chinmay.pai@zerodha.com >
2023-04-20 16:00:22 +02:00
118880b6f7
Send a status notification on offline peers change ( #821 )
...
Sum offline peers too
2023-04-20 15:59:07 +02:00
90c8cfd863
synchronize access to the signing keys
2023-04-19 17:11:38 +03:00
bb147c2a7c
Remove unnecessary uapi open ( #807 )
...
Remove unnecessary uapi open from Android implementation
2023-04-17 11:50:12 +02:00
4616bc5258
Add route management for Android interface ( #801 )
...
Support client route management feature on Android
2023-04-17 11:15:37 +02:00
f7196cd9a5
refactoring
2023-04-15 03:44:42 +03:00
1803cf3678
Fix error handling in case of the port is in used ( #810 )
2023-04-14 16:18:00 +02:00
9f35a7fb8d
Ignore ipv6 labeled address ( #809 )
...
Ignore ipv6 labeled address
2023-04-14 15:40:27 +02:00
53d78ad982
make variable unexported
2023-04-14 13:16:01 +03:00
9f352c1b7e
validate keys for idp's with key rotation mechanism
2023-04-14 12:20:34 +03:00
a89808ecae
initialize jwt validator with keys rotation state
2023-04-14 12:17:28 +03:00
c6190fa2ba
add use-key-cache-headers flag to management command
2023-04-13 20:19:04 +03:00
2eeed55c18
Bind implementation ( #779 )
...
This PR adds supports for the WireGuard userspace implementation
using Bind interface from wireguard-go.
The newly introduced ICEBind struct implements Bind with UDPMux-based
structs from pion/ice to handle hole punching using ICE.
The core implementation was taken from StdBind of wireguard-go.
The result is a single WireGuard port that is used for host and server reflexive candidates.
Relay candidates are still handled separately and will be integrated in the following PRs.
ICEBind checks the incoming packets for being STUN or WireGuard ones
and routes them to UDPMux (to handle hole punching) or to WireGuard respectively.
2023-04-13 17:00:01 +02:00
0343c5f239
Rollback simple ACL rules processing. ( #803 )
2023-04-12 09:39:17 +02:00
251f2d7bc2
Pass newly generated ID to network map when adding peer ( #800 )
2023-04-11 14:28:22 +02:00
306e02d32b
Update calculate server state ( #796 )
...
Refactored updateServerStates and calculateState
added some checks to ensure we are not sending connecting on context canceled
removed some state updates from the RunClient function
2023-04-10 18:22:25 +02:00
8375491708
Merge pull request #778 from netbirdio/fix/consistent_time_format_for_pat
...
fix/use_utc_for_time_operations
2023-04-10 18:11:41 +02:00
e197b89ac3
remove UTC from some not store related operations
2023-04-10 11:09:27 +02:00
6aba28ccb7
remove UTC from some not store related operations
2023-04-10 10:54:23 +02:00
8f9826b207
Fix export path for certificate files ( #794 )
...
assign the value for NETBIRD_LETSENCRYPT_DOMAIN
in the base.setup.env file
2023-04-07 10:34:17 +02:00
0aad9169e9
Fix nil pointer exception ( #790 )
...
Nil pointer exception fix. The error handling was in wrong order.
2023-04-06 18:15:55 +02:00
1057cd211d
Add scope and id token environment variables ( #785 )
2023-04-05 21:57:47 +02:00
32b345991a
Support remote scope and use id token configuration ( #784 )
...
Some IDP requires different scope requests and
issue access tokens for different purposes
This change allow for remote configurable scopes
and the use of ID token
2023-04-05 17:46:34 +02:00
e903522f8c
Configurable port defaults from setup.env ( #783 )
...
Allow configuring management and signal ports from setup.env
Allow configuring Coturn range from setup.env
2023-04-05 15:22:06 +02:00
ea88ec6d27
Roolback configurable port defaults from setup.env
2023-04-05 11:42:14 +02:00
2be1a82f4a
Configurable port defaults from setup.env
...
Allow configuring management and signal ports from setup.env
Allow configuring Coturn range from setup.env
2023-04-05 11:39:22 +02:00
fe1ea4a2d0
Check multiple audience values ( #781 )
...
Some IDP use different audience for different clients.
This update checks HTTP and Device authorization flow audience values.
---------
Co-authored-by: Givi Khojanashvili <gigovich@gmail.com >
2023-04-04 16:40:56 +02:00
f14f34cf2b
Add token source and device flow audience variables ( #780 )
...
Supporting new dashboard option to configure a source token.
Adding configuration support for setting
a different audience for device authorization flow.
fix custom id claim variable
2023-04-04 15:56:02 +02:00
109481e26d
Use first available package manager ( #782 )
2023-04-04 14:26:17 +02:00
18098e7a7d
Add single line installer ( #775 )
...
detect OS package manager
If a supported package manager is not available,
use binary installation
Check if desktop environment is available
Skip installing the UI client if SKIP_UI_APP is set to true
added tests for Ubuntu and macOS tests
2023-04-04 00:35:54 +02:00
5993982cca
Add disable letsencrypt ( #747 )
...
Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt
Organize the setup.env.example variables into sections
Add traefik example
2023-04-04 00:21:40 +02:00
86f9051a30
Fix/connection listener ( #777 )
...
Fix add/remove connection listener
In case we call the RemoveConnListener from Java then
we lose the reference from the original instance
2023-04-03 16:59:13 +02:00
489892553a
use UTC everywhere in server
2023-04-03 15:09:35 +02:00
b05e30ac5a
do not use UTC for time to stay consistent
2023-04-03 12:44:55 +02:00
769388cd21
Merge pull request #776 from netbirdio/feature/activity_events_for_pat
...
feature/activity_events_for_pat
2023-04-03 12:27:51 +02:00
c54fb9643c
Merge pull request #774 from netbirdio/feature/add_pat_middleware
...
Feature/add pat middleware
2023-04-03 12:09:11 +02:00
5dc0ff42a5
Fix broken auto-generated Rego rule ( #769 )
...
Default Rego policy generated from the rules in some cases is broken.
This change fixes the Rego template for rules to generate policies.
Also, file store load constantly regenerates policy objects from rules.
It allows updating/fixing of the default Rego template during releases.
2023-04-01 12:02:08 +02:00
45badd2c39
add event store to user tests
2023-04-01 11:11:30 +02:00
d3de035961
error responses always lower case + duplicate error response fix
2023-04-01 11:04:21 +02:00
b2da0ae70f
add activity events on PAT creation and deletion
2023-03-31 17:41:22 +02:00
931c20c8fe
fix test name
2023-03-31 12:45:10 +02:00
2eaf4aa8d7
add test for auth middleware
2023-03-31 12:44:22 +02:00
110067c00f
change order for access control checks and aquire account lock after global lock
2023-03-31 12:03:53 +02:00
32c96c15b8
disable linter errors by comment
2023-03-31 10:30:05 +02:00
ca1dc5ac88
disable access control for token endpoint
2023-03-30 19:03:44 +02:00
