🐛 Bug Fixes

• Favor live redirects over patches @jamilbk (#985)

🧰 Maintenance

• Bump postgrex from 0.16.4 to 0.16.5 @dependabot (#982)

🐛 Bug Fixes

• Upgrade to LiveView 0.18 and use replace: true @jamilbk (#980)

🧰 Maintenance

• Bump ueberauth from 0.10.2 to 0.10.3 @dependabot (#972)

📝 Documentation

• Add Zitadel to OIDC Docs (#1) @sebastianbuechler (#969)
• Turn on contextualSearch @jamilbk (#974)
• Add websocket connection troubleshooting section @jamilbk (#977)

🐛 Bug Fixes

• Fix redirect always happening when issuing cert @jamilbk (#968)

✨ Features

• Add subscribe for updates link @jamilbk (#958)

🐛 Bug Fixes

• Open in new tab @jamilbk (#966)
• Fix management->configuration @jamilbk (#965)

🧰 Maintenance

• Update alpine version to match one available for hexpm/elixir @leriel (#946)
• Add admin_count and active_device_count @jamilbk (#956)
• Bump Jason for improved JSON serialization performance @jamilbk (#955)
• (Supercedes #950) Bump elixir @jamilbk (#953)
• Bump actions/checkout from 2 to 3 @dependabot (#951)
• Bump phoenix from 1.6.11 to 1.6.12 @dependabot (#952)
• Bump guardian from 2.2.4 to 2.3.0 @dependabot (#947)
• Bump credo from 1.6.6 to 1.6.7 @dependabot (#948)
• Bump runtimes; deps; postgres 13.5 -> 13.8 @jamilbk (#944)

📝 Documentation

• Add star history chart to README @jamilbk (#954)

🐛 Bug Fixes

• remove ct != established from rules @conectado (#940)
• Redirect http -> https when acme is enabled @jamilbk (#942)
• Trim whitespace on string fields @jamilbk (#941)
• Prevent autocompleting passwords in FF @jamilbk (#936)
• Add ip exhaustion error to base to show when fields are hidden @jamilbk (#935)
• Use dummy ACME cert initially; Reload nginx immediately before ACME issuance @jamilbk (#928)
• (fixed) Don't listen on port 80 if ACME is disabled @jamilbk (#927)
• Revert "(fixed) Don't listen on port 80 if ACME is disabled" @jamilbk (#930)

🧰 Maintenance

• Bump rubocop from 1.35.0 to 1.35.1 @dependabot (#932)
• Bump ex_doc from 0.28.4 to 0.28.5 @dependabot (#933)
• Cache node deps; fix minor docs typos @jamilbk (#923)

📝 Documentation

• Cache node deps; fix minor docs typos @jamilbk (#923)

• Revert "Don't listen on port 80 if acme is disabled" @jamilbk (#925)

🐛 Bug Fixes

• create-or-reset-admin should reset admin role to 'admin' @jamilbk (#922)

🐛 Bug Fixes

• Don't listen on port 80 if acme is disabled @jamilbk (#921)

🧰 Maintenance

• Bump rubocop from 1.33.0 to 1.35.0 @dependabot (#919)

🐛 Bug Fixes

• Fix rules form layout @jamilbk (#917)
• Fix endpoint placeholder & security overflow @jamilbk (#916)

🧰 Maintenance

• Use Dockerfile.prod @princemaple (#915)

✨ Features

• Allow disabling the configuration of devices by unprivileged users @jamilbk (#909)
• Rules apply only to Firezone's wireguard interface @conectado (#901)
• Enable HSTS for Nginx @jamilbk (#889)
• Add notifications live view. @akrousset (#867)
• Add initial rough version of port based rules @conectado (#874)

🐛 Bug Fixes

• Clarify when UI config is overriding ENV config @jamilbk (#872)
• Install script UX: ask to load wireguard mod & install missing deps for Debian repo @akrousset (#907)
• Re-add port-based rules and gate them behind kernel version @conectado (#890)
• Fix algolia searchbar @jamilbk (#884)

🧰 Maintenance

• Move page subheaders under titles; minor polish to notifications @jamilbk (#892)
• Update image name and remove build @princemaple (#914)
• Prod image @princemaple (#887)
• Bump rubocop from 1.32.0 to 1.33.0 @dependabot (#898)
• Bump httpoison from 1.8.1 to 1.8.2 @dependabot (#899)
• Bump wireguardex from 0.3.2 to 0.3.3 @dependabot (#900)
• Open documentation in new tab from admin UI @princemaple (#893)
• Bumps and dev tweaks @princemaple (#886)
• Bump docusaurus @princemaple (#882)
• Trigger events on device/rule/user insert and delete instead of from UI actions. @akrousset (#835)
• Bump postgrex from 0.16.3 to 0.16.4 @dependabot (#880)
• Bump credo from 1.6.5 to 1.6.6 @dependabot (#881)
• Bump Wireguardex to 0.3.5 @jamilbk (#912)
• Remove beta program from CLI @jamilbk (#908)
• Bump Wireguardex to support older glibc @jamilbk (#906)

📝 Documentation

• Docs fixes @gongjason (#911)
• Docs - add mfa instructions @gongjason (#904)
• Fix wording @jamilbk (#895)
• Fix algolia searchbar @jamilbk (#884)
• Fix API key @jamilbk (#883)

🐛 Bug Fixes

• remove http-related nginx config @conectado (#866)
• Fixes parsing for ipv6 @conectado (#871)
• Go easy on the x-forwarded-for header @jamilbk (#877)
• Fix config ui out of sync @princemaple (#875)
• Don't fail fast for publishing to Cloudsmith @jamilbk (#870)

📝 Documentation

• Restore the manual install steps to install server docs. @akrousset (#873)

🐛 Bug Fixes

• docs older versions @jamilbk (#860)
• Fix docs build @jamilbk (#858)
• Fix new docs links @jamilbk (#865)
• detect force_ssl config and error out @conectado (#864)
• Fix minor mistakes @jamilbk (#859)

🧰 Maintenance

• Add uid @jamilbk (#861)

🎉 Release 0.5.0 🎉

Firezone 0.5.0 introduces a new beta program! Check our blog post to learn more and register.

Changelog

For an overview of the new features and additions in 0.5.0, see our blog post announcing the release.

✨ Features

• Option to disable masquerade @jamilbk (#769)
• Display flash error when creating device results in interface error @jamilbk (#747)

🐛 Bug Fixes

• Fix #761 - Deprecated nginx SSL directive @gbe0 (#762)
• Fix error message matching @princemaple (#760)
• Disable changing password when local_auth is disabled @jamilbk (#751)
• Fix google redirect uri @jamilbk (#774)

🧰 Maintenance

• Remove unused workflow; don't run release_drafter except on master @jamilbk (#775)
• Telemetry ping service @jamilbk (#771)
• re-add logger require in fz_http Devices module @akrousset (#752)
• Remove wireguard-tools from firezone. @akrousset (#748)

📝 Documentation

• Linux clients - nmcli instructions @gbe0 (#756)
• Add Firewall section to the reference docs area with firewall template @gbe0 (#758)
• Database backup instructions (pg_dump) @gbe0 (#754)
• Remove note about install connectivity issue @jamilbk (#749)

🐛 Bug Fixes

• Restart phoenix on setcap; only pick the latest erts path @jamilbk (#740)

🧰 Maintenance

• Add user_count, device_count, users_with_mfa_count @jamilbk (#741)
• set default MTU to 1280 @jamilbk (#742)

✨ Features

• Add debugging statements to OpenID Connect failures @jamilbk (#738)
• Allow option to disable auto-creating OIDC users @jamilbk (#728)
• Refactor fz_vpn with Wireguardex @akrousset (#718)
• Update install script to support Ubuntu 22.04 @jamilbk (#733)

🐛 Bug Fixes

• Dont error for failed capture calls @jamilbk (#735)

• Allow disabling the VPN session disabling through OIDC @jamilbk (#727)

✨ Features

• Improve OIDC connection UX @princemaple (#725)

🐛 Bug Fixes

• Minor usability fixes @jamilbk (#723)

• Decrease OIDC refresh interval to 10 minutes @jamilbk (#720)

✨ Features

• Add display and copy MFA key @princemaple (#714)
• Add source ip option for fz_wall @conectado (#715)

🧰 Maintenance

• Esbuild @princemaple (#716)
• Expose convenience env vars for running Firezone live in the dev env @jamilbk (#711)

📝 Documentation

• Code Highlight Changes @chetanverma16 (#712)
• docs- removed sentence and updated heading @lilibobear (#709)

Firezone 0.4.0 adds optional TOTP-based 2FA to email/pass authentication and adds a variety of usability improvements to OIDC authentication, among many small bug fixes and improvements not listed below.

NOTE: We've deprecated the old Google- and Okta-specific method for configuring your authentication provider in favor of the new generic OIDC-based approach. We highly recommend switching your configuration over to this new method using the guide found here: https://docs.firezone.dev/docs/authenticate/

✨ Features

• 0.4.0 @jamilbk (#688)
• Add manual refresh @princemaple (#705)

🐛 Bug Fixes

• Hide unused MFA methods @jamilbk (#707)
• Hide footer content @princemaple (#695)
• Execute migrations on the correct database @salemgolemugoo (#698)
• Fix conflicting cache-control header @jamilbk (#707)

📝 Documentation

• Docs - OIDC instructions @gongjason (#615)

✨ Features

• Prevent last admin from being deleted @princemaple (#694)
• Bump OTP to 25.0.1 @jamilbk (#692)

🐛 Bug Fixes

• Migrate refresh token to text @princemaple (#693)

📝 Documentation

• Docs style update @gongjason (#674)
• Improve deployment docs @gongjason (#673)

✨ Features

• Add cookie encryption salt to session @conectado (#671)

🐛 Bug Fixes

• Clarify file and directory locations @jamilbk (#682)
• Fix runtime.exs when DNS is nil @conectado (#675)

🧰 Maintenance

• Add wireguardex dependency to fz_vpn @akrousset (#676)
• Lock wireguardex version @conectado (#686)
• Fix lint error introduced in #617 @conectado (#672)

📝 Documentation

• Clarify file and directory locations @jamilbk (#682)