prepare for v2 release

2025-09-15 07:11:15 +00:00 · 2025-05-04 11:00:12 +02:00
parent 020ebb64e7
commit 2c8304417b
12 changed files with 64 additions and 39 deletions
--- a/docs/documentation/configuration/overview.md
+++ b/docs/documentation/configuration/overview.md
@@ -4,7 +4,7 @@ You can supply these configurations in a **YAML** file (e.g. `config.yaml`) when
 The path of the configuration file defaults to **config/config.yaml** (or config/config.yml) in the working directory of the executable.  
 It is possible to override configuration filepath using the environment variable `WG_PORTAL_CONFIG`.
 For example: `WG_PORTAL_CONFIG=/etc/wg-portal/config.yaml ./wg-portal`.  
-Also, environment variable substitution in config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs).
+Also, environment variable substitution in the config file is supported. Refer to [syntax](https://github.com/a8m/envsubst?tab=readme-ov-file#docs).

 Configuration examples are available on the [Examples](./examples.md) page.

@@ -15,6 +15,7 @@ Configuration examples are available on the [Examples](./examples.md) page.
 core:
  admin_user: admin@wgportal.local
  admin_password: wgportal
+  admin_api_token: ""
  editable_keys: true
  create_default_peer: false
  create_default_peer_on_creation: false
@@ -35,6 +36,7 @@ advanced:
  config_storage_path: ""
  expiry_check_interval: 15m
  rule_prio_offset: 20000
+  route_table_offset: 20000
  api_admin_only: true

 database:
@@ -42,6 +44,7 @@ database:
  slow_query_threshold: "0"
  type: sqlite
  dsn: data/sqlite.db
+  encryption_passphrase: ""

 statistics:
  use_ping_checks: true
@@ -79,6 +82,7 @@ web:
  session_secret: very_secret
  csrf_secret: extremely_secret
  request_logging: false
+  expose_host_info: false
  cert_file: ""
  key_File: ""

@@ -607,6 +611,10 @@ Without a valid `external_url`, the login process may fail due to CSRF protectio
 - **Default:** `false`
 - **Description:** Log all HTTP requests.

+### `expose_host_info`
+- **Default:** `false`
+- **Description:** Expose the hostname and version of the WireGuard Portal server in an HTTP header. This is useful for debugging but may expose sensitive information.
+
 ### `cert_file`
 - **Default:** *(empty)*
 - **Description:** (Optional) Path to the TLS certificate file.
--- a/docs/documentation/getting-started/binaries.md
+++ b/docs/documentation/getting-started/binaries.md
@@ -3,23 +3,31 @@ These binary versions can be manually downloaded and installed.

 ## Download

+Make sure that you download the correct binary for your architecture. The available binaries are:
+
+- `wg-portal_linux_amd64` - Linux x86_64
+- `wg-portal_linux_arm64` - Linux ARM 64-bit
+- `wg-portal_linux_arm_v7` - Linux ARM 32-bit
+
 With `curl`:

-  ```shell
-  curl -L -o wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64 
-  ```
+```shell
+curl -L -o wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64 
+```

 With `wget`:

-  ```shell
-  wget -O wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64
-  ```
+```shell
+wget -O wg-portal https://github.com/h44z/wg-portal/releases/download/${WG_PORTAL_VERSION}/wg-portal_linux_amd64
+```

 with `gh cli`:

-  ```shell
-  gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64'
-  ```
+```shell
+gh release download ${WG_PORTAL_VERSION} --repo h44z/wg-portal --output wg-portal --pattern '*amd64'
+```
+
+

 ## Install

@@ -28,7 +36,7 @@ sudo mkdir -p /opt/wg-portal
 sudo install wg-portal /opt/wg-portal/
 ```

-## Unreleased
+## Unreleased versions (master branch builds)
+
+Unreleased versions can be fetched directly from the artifacts section of the [GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster).

-Unreleased versions could be downloaded from
-[GitHub Workflow](https://github.com/h44z/wg-portal/actions/workflows/docker-publish.yml?query=branch%3Amaster) artifacts also.
--- a/docs/documentation/getting-started/docker.md
+++ b/docs/documentation/getting-started/docker.md
@@ -10,7 +10,7 @@ The recommended method for deploying WireGuard Portal is via Docker Compose for
 A sample docker-compose.yml (managing WireGuard interfaces directly on the host) is provided below:

 ```yaml
--8<-- "docker-compose.yml::17"
+--8<-- "docker-compose.yml::18"
 ```

 By default, the webserver is listening on port **8888**.
@@ -39,7 +39,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
   ```yaml
   services:
     wg-portal:
-       image: wgportal/wg-portal:latest
+       image: wgportal/wg-portal:v2
       container_name: wg-portal
       ...
       cap_add:
@@ -65,7 +65,7 @@ WireGuard Portal supports managing WireGuard interfaces through three distinct d
   ```yaml
   services:
     wg-portal:
-       image: wgportal/wg-portal:latest
+       image: wgportal/wg-portal:v2
       container_name: wg-portal
       ...
       cap_add:
@@ -118,11 +118,11 @@ These are official releases of WireGuard Portal. They correspond to the GitHub t

 Once these tags show up in this repository, they will never change.

-For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:1.0.19**, instead of the latest or canary tags.
+For production deployments of WireGuard Portal, we strongly recommend using one of these tags, e.g. **wgportal/wg-portal:2.0.0**, instead of the latest or canary tags.

-If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v1` or `1.0`.
+If you only want to stay at the same major or major+minor version, use either `v[MAJOR]` or `[MAJOR].[MINOR]` tags. For example `v2` or `2.0`.

-Version **1** is currently **stable**, version **2** is in **development**.
+Version **2** is the current stable release. Version **1** has moved to legacy status and is no longer recommended.

 #### latest

--- a/docs/documentation/getting-started/reverse-proxy.md
+++ b/docs/documentation/getting-started/reverse-proxy.md
@@ -44,7 +44,7 @@ services:
      - 'traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https'

  wg-portal:
-    image: wgportal/wg-portal:latest
+    image: wgportal/wg-portal:v2
    container_name: wg-portal
    restart: unless-stopped
    logging:
--- a/docs/documentation/monitoring/prometheus.md
+++ b/docs/documentation/monitoring/prometheus.md
@@ -13,7 +13,7 @@ By default, WG-Portal exposes Prometheus metrics on port `8787` if interface/pee

 ## Prometheus Config

-Add following scrape job to your Prometheus config file:
+Add the following scrape job to your Prometheus config file:

 ```yaml
 # prometheus.yaml
--- a/docs/documentation/overview.md
+++ b/docs/documentation/overview.md
@@ -1 +1 @@
--8<-- "README.md:20:47"
+--8<-- "README.md:12:41"
--- a/docs/documentation/upgrade/v1.md
+++ b/docs/documentation/upgrade/v1.md
@@ -1,5 +1,4 @@
-For production deployments of WireGuard Portal, we strongly recommend using version 1.
-If you want to use version 2, please be aware that it is still a release candidate and not yet fully stable.
+Major upgrades between different versions may require special procedures, which are described in the following sections.

 ## Upgrade from v1 to v2

@@ -29,7 +28,7 @@ If you are using Docker, you can adapt the docker-compose.yml file to start the
 ```yaml
 services:
  wg-portal:
-    image: wgportal/wg-portal:latest
+    image: wgportal/wg-portal:v2
    # ... other settings
    restart: no
    command: ["-migrateFrom=/app/data/wg_portal.db"]