236 Commits

Author	SHA1	Message	Date
Christoph Haas	a9f5190ab4	Merge branch 'refs/heads/master' into mikrotik_integration ... # Conflicts: # internal/app/wireguard/wireguard_peers.go	2025-08-09 16:09:39 +02:00
Christoph Haas	c20f17cddf	fix multi-peer generation, fix prefix handling (#491)	2025-08-09 15:55:29 +02:00
Christoph Haas	e10b4abec4	speed up mikrotik interactions	2025-08-09 15:21:17 +02:00
Christoph Haas	08373fa675	fix peer creation/update on mikrotik, add loading spinner to frontend for long running actions	2025-08-08 22:23:35 +02:00
Christoph Haas	ed7761a918	Merge branch 'master' into mikrotik_integration ... # Conflicts: # internal/app/api/v0/handlers/endpoint_config.go # internal/app/api/v0/model/models.go # internal/app/wireguard/statistics.go # internal/app/wireguard/wireguard_interfaces.go	2025-07-29 22:16:00 +02:00
Marcin Woźniak	3f76aa416f	chore(logs): added more debug logs and reformated those files using gofmt (#490)	2025-07-27 23:32:34 +02:00
Christoph Haas	1794b8653a	add retry handling for auth provider setup (#484)	2025-07-19 23:29:05 +02:00
h44z	f286840964	fix oauth domain check (#474) (#476)	2025-06-29 20:00:15 +02:00
h44z	edb88b5768	new webhook models (#444) (#471) ... warning: existing webhook receivers need to be adapted to the new models	2025-06-29 19:49:01 +02:00
h44z	588bbca141	only execute interface hooks if the state has changed (#469) (#472)	2025-06-29 19:48:46 +02:00
h44z	f08740991b	support for raw-wireguard and wg-quick style peer configurations (#441) (#473)	2025-06-29 19:47:53 +02:00
h44z	dd28a8dddf	allow to hide login form (#459) (#470) ... use the `hide_login_form` parameter in the `auth` settings to configure this feature	2025-06-27 13:50:38 +02:00
h44z	be29abd29a	add webhook event for peer state change (#444) (#468) ... * add webhook event for peer state change (#444) new event types: connect and disconnect example payload: ```json { "event": "connect", "entity": "peer", "identifier": "Fb5TaziAs1WrPBjC/MFbWsIelVXvi0hDKZ3YQM9wmU8=", "payload": { "PeerId": "Fb5TaziAs1WrPBjC/MFbWsIelVXvi0hDKZ3YQM9wmU8=", "IsConnected": true, "IsPingable": false, "LastPing": null, "BytesReceived": 1860, "BytesTransmitted": 10824, "LastHandshake": "2025-06-26T23:04:33.325216659+02:00", "Endpoint": "10.55.66.77:33874", "LastSessionStart": "2025-06-26T22:50:40.10221606+02:00" } } ``` * add webhook docs (#444)	2025-06-27 12:37:10 +02:00
h44z	94785c10ec	use website title in mail templates (#448) (#466) ... * use website title in mail templates (#448) * change button font color to white (#448)	2025-06-27 11:45:44 +02:00
S.J. Louw	f0be66aea4	Option to limit peer count that a normal user can create (#457)	2025-06-26 20:17:45 +02:00
Christoph Haas	e3b65ca337	improve logging of OAuth login issues, decrease auth-code exchange timeout (#451)	2025-06-10 17:51:45 +02:00
Christoph Haas	61d8aa6589	fix self-provisioned peer-generation (#452)	2025-06-08 11:17:04 +02:00
Christoph Haas	f086ba2605	wip: basic CRUD for peer (#426)	2025-06-06 22:21:47 +02:00
Christoph Haas	0724505ea1	wip: basic CRUD for interfaces (#426)	2025-06-01 11:40:05 +02:00
Christoph Haas	c612b5bbb1	wip: ping handler per backend (#426)	2025-06-01 09:50:46 +02:00
Christoph Haas	ea6da4114f	wip: create different backend handlers (#426)	2025-05-31 22:15:09 +02:00
Christoph Haas	e934232e0b	wip: implement mikrotik rest api client (#426)	2025-05-31 17:17:08 +02:00
Christoph Haas	15d035ec10	wip: create different backend handlers (#426)	2025-05-30 23:19:48 +02:00
Christoph Haas	33dcc80078	prepare frontend for different WireGuard backends (#426)	2025-05-18 19:49:59 +02:00
Christoph Haas	7fd2bbad02	Merge branch 'passkey_support'	2025-05-17 19:22:44 +02:00
Christoph Haas	e9005b1b90	add minimum password length check	2025-05-16 09:55:35 +02:00
Christoph Haas	8816165260	fix duplicate creation of default peer (#437)	2025-05-15 17:59:00 +02:00
Christoph Haas	ab9995350f	sanitize external_url, remove trailing slashes	2025-05-15 17:58:34 +02:00
Christoph Haas	1394be2341	add webauthn (passkey) support	2025-05-12 22:53:43 +02:00
Christoph Haas	6a96925be7	add API endpoints to prepare fresh interfaces and peers (#432)	2025-05-09 16:19:36 +02:00
Vladimir Dombrovski	3eb84f0ee9	Enable allowed_domains in oauth and oidc providers (#416) ... * Enable allowed_domains in oauth and oidc providers Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co> * Domain check code cleanup * Run gofmt on domain validation code --------- Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>	2025-05-05 18:26:19 +02:00
Christoph Haas	b4aa6f8ef3	fix gorm error if no encryption is used (#427)	2025-05-04 17:42:13 +02:00
Christoph Haas	923d4a6188	docs: add reverse-proxy example, improve docker examples, fix slow_query_threshold documentation; feat: allow config.yml and config.yaml as configuration files	2025-05-03 22:21:56 +02:00
Christoph Haas	b9c4ca04f5	allow to encrypt keys in db, add browser-only key generator, add hints that private keys are stored on the server (#420)	2025-05-02 18:48:35 +02:00
Christoph Haas	b06c03ef8e	fix missing error check (#419)	2025-05-01 19:12:19 +02:00
Vladimir Dombrovski	62f3c8d4a1	Implement EditableKeys parameter (#417) ... Signed-off-by: Vladimir DOMBROVSKI <vladimir.dombrovski@bso.co>	2025-04-30 22:05:40 +02:00
Christoph	059234d416	never publish pointer payloads on message bus (#411)	2025-04-21 16:42:35 +02:00
Christoph	e2966d32ea	fix user creation (#411)	2025-04-21 15:29:53 +02:00
Christoph	9354a1d9d3	add simple webhook feature for peer, interface and user events (#398)	2025-04-19 21:29:26 +02:00
Christoph	6681dfa96f	generate interface and peer configuration filenames in backend only (#395)	2025-04-19 13:12:31 +02:00
Christoph	37904f96fb	run initial LDAP sync on startup (#407)	2025-04-19 12:12:45 +02:00
Christoph Haas	b938bc8c4c	fix: fix peer audit event	2025-03-30 23:16:10 +02:00
Christoph Haas	87bf5da5bd	fix: fix session handling (remove IdleTimeout)	2025-03-30 23:14:49 +02:00
Christoph Haas	3723e4cc75	fix: fix csrf token handling after login	2025-03-29 17:21:54 +01:00
Christoph Haas	6cbccf6d43	feat: add simple audit ui	2025-03-29 16:42:31 +01:00
Christoph Haas	7d0da4e7ad	chore: use interfaces for all other services	2025-03-23 23:09:47 +01:00
Christoph Haas	02ed7b19df	chore: use interfaces for web related services	2025-03-09 21:48:38 +01:00
Christoph Haas	678b6c6456	Merge branch 'master' into chore-code-cleanup ... # Conflicts: # go.mod # go.sum	2025-03-09 21:17:47 +01:00
Christoph Haas	0206952182	chore: replace gin with standard lib net/http	2025-03-09 21:16:42 +01:00
klmmr	53bae9d194	config: validate mail configuration certificates by default (#388) ... Before this commit, the default was to not validate TLS certificates of the SMTP server. This is perhaps a rather unexpected default and can be considered insecure. This commit activates mail server TLS cert validation by default. This change might break some users' email configuration, if they did not explicitly set the `mail.cert_validation` config variable. Nonetheless, I think that the secure option should be the default option (e.g., to prevent man-in-the-middle attacks and breaching mail server login credentials). Signed-off-by: klmmr <35450576+klmmr@users.noreply.github.com>	2025-03-05 19:20:57 +01:00