Skip to content

v1.6.0-beta

Pre-release
Pre-release
Compare
Choose a tag to compare
@github-actions github-actions released this 10 Dec 09:29
· 82 commits to master since this release
v1.6.0-beta
929a9a6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Documentation : https://docs.bunkerweb.io/1.6.0-beta/

Docker tags :

  • BunkerWeb : bunkerity/bunkerweb:1.6.0-beta or ghcr.io/bunkerity/bunkerweb:1.6.0-beta
  • Scheduler : bunkerity/bunkerweb-scheduler:1.6.0-beta or ghcr.io/bunkerity/bunkerweb-scheduler:1.6.0-beta
  • Autoconf : bunkerity/bunkerweb-autoconf:1.6.0-beta or ghcr.io/bunkerity/bunkerweb-autoconf:1.6.0-beta
  • UI : bunkerity/bunkerweb-ui:1.6.0-beta or ghcr.io/bunkerity/bunkerweb-ui:1.6.0-beta

Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=1.6.0-beta&filter=all&dist=

Changelog :

  • [FEATURE] Add support for the Coreruleset plugins via the USE_MODSECURITY_CRS_PLUGINS and the MODSECURITY_CRS_PLUGIN_URLS settings (it automatically downloads and installs the plugins like with BunkerWeb's external plugins). plugins can also be added manually via custom configuration files
  • [FEATURE] Add X_DNS_PREFETCH_CONTROL setting to control the DNS prefetching behavior via the X-DNS-Prefetch-Control header (default is off)
  • [FEATURE] Add new securitytxt plugin to manage the security.txt file from settings and serve it
  • [FEATURE] Add new REVERSE_PROXY_PASS_REQUEST_BODY setting to control if the request body should be passed to the upstream server (default is yes)
  • [FEATURE] Jobs now have an history which the size can be controlled via the DATABASE_MAX_JOBS_RUNS setting (default is 10000) and it will be possible to see it in the web UI in a future release
  • [FEATURE] Add support for HTTP/3 connections limiting via the HTTP3_CONNECTIONS_LIMIT setting (default is 100) in the limit plugin
  • [FEATURE] Add new templating feature to allow to quickly override the default values of settings and custom configurations. You can also precise steps to follow in the UI to help the user configure services.
  • [FEATURE] Optimized the way the scheduler sends the configuration to the instances to make it faster and more reliable using a ThreadPoolExecutor
  • [FEATURE] Add the possibility to set a custom timezone for every service via the TZ environment variable (will apply to the logs and all date fields stored in the database). If not set, it will use the local timezone of the server.
  • [FEATURE] Add the possibility to run plugins job in async mode to avoid running them in order in the scheduler by setting the async key to true in the plugin job configuration (default is false)
  • [FEATURE] Add Let's Encrypt DNS challenges support !
  • [FEATURE] Add new REMOTE_PHP_PORT setting to control the port used by the remote PHP feature (default is 9000)
  • [SCHEDULER] Refactor the scheduler to use the BUNKERWEB_INSTANCES (previously known as OVERRIDE_INSTANCES) environment variable instead of an integration specific system
  • [AUTOCONF] Add new NAMESPACES environment variable to allow setting the namespaces to watch for the autoconf feature which makes it possible to use multiple autoconf instances in the same cluster while keeping the configuration separated
  • [AUTOCONF] Add new USE_KUBERNETES_FQDN environment variable to allow using the full qualified domain name of the services in Kubernetes instead of the ip address for the hostname of instances (default is yes)
  • [LINUX] Support Fedora 41 and drop support of Fedora 40
  • [UI] Start refactoring the UI to make it more modular and easier to maintain
  • [UI] Add a remember me feature to the login page so that the user can stay logged in for a longer period of time (expires after 31 days)
  • [UI] Add new TOTP_SECRETS setting to encrypt the TOTP secrets in the database (if not set, we generate a random amount of secrets via passlib.totp) - ⚠ We highly recommend setting this setting to a custom value to prevent the secrets from being erased when the volumes are deleted
  • [UI] Start adding roles and permissions to the UI to allow different users to have different permissions in a multi-user environment for the near future
  • [UI] Made 2FA feature more user-friendly and added recovery codes in case of lost access to the 2FA device
  • [UI] Refactored the way we handle logs in the UI to make it so that it no longer relies on Integration specific logics and instead always reads the files present in the /var/log/bunkerweb folder
  • [DOCS] Updated docs for all new features and changes
  • [MISC] Review security headers in the headers plugin to improve security
  • [MISC] Updated context of realip's USE_PROXY_PROTOCOL setting to global as it was always applied globally even if set only on a service
  • [DEPS] Updated lua-resty-core version to v0.1.30
  • [DEPS] Updated lua-resty-lrucache version to v0.15
  • [DEPS] Updated LuaJIT version to v2.1-20241113
  • [DEPS] Updated Mbed TLS version to v3.6.2
  • [DEPS] Updated coreruleset-v4 version to v4.9.0
Assets 3
Loading