Releases: openwisp/openwisp-controller
Releases · openwisp/openwisp-controller
1.1.0 [2024-11-22]
Features
- Added support for ZeroTier.
- Added support for adding configuration templates and configuration variables to device groups.
- Implemented support for SNMP credentials.
- Added support for device deactivation and reactivation.
- Introduced an admin action to quickly move devices between groups.
- Added autocomplete support for filters in the admin interface.
- Added support to display configuration errors reported by the OpenWISP config agent.
- Enabled filtering of subnets by Subnet Division Rule type.
- Allowed limiting the number of devices per organization.
- Added support for defining organization-level variables.
- Enabled bulk import and export of devices.
- Added functionality to configure available commands for each organization.
- Added a dashboard chart showing the distribution of devices across different groups.
- Added filters to the REST API.
Changes
- Removing a VPN template from a device will not deleted the certificates associated with the
VPNClient
. Instead, the certificates will be marked as revoked. - Allowed reusing
VNI
across all the tunnels created using an instance VXLAN over WireGuard VPN. - Added a data migration for updating
hwmode
configuration option of radio to "band". Thehwmode
option is deprecated on OpenWrt > 21. - The configuration push update will not flag the configuration status as "applied". The status will be update once the OpenWISP Config agent on the device reports the status.
- Updated
DeviceConnection.connect
to attempt all available credentials. - Changed the
on_cascade
property ofBaseDeviceLocation.location
andBaseDeviceLocation.floorplan
fromPROTECTED
toCASCADE
. - Controller views will return
HTTP 404
response for devices belonging to disabled organizations. - Show a loading indicator for commands in progress.
- Added VPN subnet CIDR to device's system-defined variables.
- Allowed defining subnet and IP address for VPNs with OpenVPN backend.
- Changed the target link for configuration error notifications to the "Configuration" tab of the device.
- JSONSchema Editor widget allows to define extra CSS classes. It will ignore fields with
manual
class. - Increased the soft time limit for celery task that operates of bulk objects.
- Added notifications for background subnet division rule errors.
- Added [name]{.title-ref} and [mac_address]{.title-ref} to device list filters in the API.
- Use autocomplete fields for related fields.
Dependencies:
- Bumped
django-sortedm2m~=4.0.0
. - Bumped
django-reversion~=5.1.0
. - Bumped
django-taggit~=4.0.0
. - Bumped
netjsonconfig~=1.1.0
. - Bumped
django-x509~=1.2.0
. - Bumped
django-loci~=1.1.0
. - Bumped
django-flat-json-widget~=0.3.0
. - Bumped
openwisp-users~=1.1.0
. - Bumped
openwisp-utils[celery]~=1.1.1
. - Bumped
openwisp-notifications~=1.1.0
. - Bumped
openwisp-ipam~=1.1.0
. - Bumped
djangorestframework-gis~=1.1
. - Bumped
paramiko[ed25519]~=3.5.0
. - Bumped
scp~=0.15.0
. - Bumped
django-cache-memoize~=0.2.0
. - Bumped
shortuuid~=1.0.13
. - Bumped
netaddr~=1.3.0
. - Bumped
django-import-export~=3.3.0
. - Added support for Django
4.1.x
and4.2.x
. - Added support for Python
3.10
. - Dropped support for Python
3.7
. - Dropped support for Django
3.0.x
and3.1.x
.
Bugfixes
- Fixed bug for displaying relevant templates where the backend of the device's configuration template does not match.
- Fixed displaying the command widget when the user has write permissions.
- Fixed DeviceConnection.get_working_connection to handle scenario where the device has no credentials.
- User need to have required model permissions to perform admin actions.
- Fixed import device preview table when browser is set to dark mode.
- Fixed subnet division rule does not allow assigning only 1 ip in /32.
- Fixed Device._has_group() wrongly returning True.
- Fixed JS of history pages on config app.
- Fixed REST API can creates device configs inadvertently.
- Fixed broken shared template preview.
- Fixed command APIs permissions.
- Fixed deleting VpnClient result in deleting all provisioned subnets of the device.
- Fixed group templates re-creating VPN clients.
- Fixed DeviceListSerializer returning HTTP 500 instead of HTTP 400 reponse on invalid data.
- Fixed re-ordering applied templates in device config.
- Fixed re-ordering templates on device add page.
- Fixed several issues with clone template feature.
- Fixed updating template organization puts devices in perennial "modified" state.
- Fixed user defined commands that do not require input.
- Fixed validation for SubnetDivisionRule.
- Fixed subnet division rule validation when master subnet is empty.
- Fixed validation in change device group admin action.
- Increased "timeoutInterval" for ReconnectingWebSocket.
- Added JS workaround for using mac address variable.
- Fixed same credential can be added to a device twice.
- Show reversion button to operators too.
- Fixed unsaved changes alert triggering on previewing configuration.
- Fixed dependency on the creation date in get_max_subnet method.
- Fixed Vpn.webhook_endpoint accepting invalid URL.
- Fixed object and config menu not opening in Device config editor.
1.0.3 [2022-08-03]
1.0.2 [2022-07-01]
Bugfixes
- Fixed device's "changed" signals emitting on the creation of new
device - Fixed django-reversion's recovery buttons were hidden from users
of the "Operator" group in the admin dashboard ofCertificate
and
CA
models - Removed hardcoded static URLs which created issues when static
files are served using an external service (e.g. S3 storage buckets) - Fixed permissions for "Operator" and "Administrator" groups to
access "OrganizationConfigSettings" objects - Fixed support for multiple wireguard tunnels on the same devices
- Fixed "/api/v1/controller/device/{id}/" REST API endpoint not
updating the device's configuration backend
1.0.1 [2022-05-11]
- Admin: show main group information in
DeviceGroupAdmin
list:- name
- organization
- modified
- created
- Fixed uncaught exception triggered on the deletion of
VPN client certificates - SSH connection: fixed OpenWrt <= 19 authentication failure
- The SSH connection is now explicitly closed when
the authentication fails to avoid leaving lingering SSH
connection objects open
1.0.0 [2022-04-29]
Features
- Added support for remotely executing shell commands on device
- Added automatic provisioning of Subnets and IPs
- Added support for WireGuard and VXLAN tunnels
- Added required templates
- Added support for generating configurations for OpenWrt 21
- Added REST API
- Added charts for config status, model, OS, hardware and
location type and a map for displaying the location of all devices - Added management_ip_changed and device_name_changed signals
- Added OPENWISP_CONTROLLER_DEVICE_NAME_UNIQUE setting to
conditionally enforce unique device names in an organization - Added caching for
DeviceChecksumView
- Added support for ED25519 SSH keys in
Credentials
- Added Device Groups to organize devices of a particular
organization - Configuration push updates now use the SIGUSR1 signal to reload
openwisp-config - The device list admin page now allows to search for location address
Changes
Backward incompatible changes
- Since django-sortedm2m, the widget we use to implement ordered
templates, clears all the many to many relationships every time it
has to make changes, we had to stop deletingVpnClient
instances
related to VPN templates onpost_clear
m2m signals If you wrote
any custom derivative which relies on calls like
device.config.templates.clear()
to delete relatedVpnClient
instances and their x509 certificates, you will have to update your
code to remove all the templates using their primary keys, instead
of usingclear()
- The default behavior for the resolution of conflicting management
IPs between devices of different organizations has been changed; by
default, in this new version, the system assumes it's using only 1
management tunnel for all the organizations, so different devices
from any organization will not have the same management IP to avoid
conflicts. The old behaviour can be restored by setting
OPENWISP_CONTROLLER_SHARED_MANAGEMENT_IP_ADDRESS_SPACE to
False
OPENWISP_CONTROLLER_BACKEND_DEVICE_LIST
has been renamed to
OPENWISP_CONTROLLER_CONFIG_BACKEND_FIELD_SHOWN
Device.check_management_ip_changed
has been changed to private API
Device._check_management_ip_changed
Dependencies
- Dropped support for Python 3.6
- Dropped support for Django 2.2
- Added support for Python 3.8 and 3.9
- Added support for Django 3.2 and 4.0
- Upgraded django-sortedm2m to 3.1.x
- Upgraded django-reversion to 4.0.x
- Upgraded django-taggit to 2.1.x
- Upgraded djangorestframework-gis to 0.18.0
- Upgraded paramiko[ed25519] to 2.10.3
- Upgraded scp to 0.14.2
- Upgraded django-flat-json-widget to 0.2.x
- Upgraded celery to 5.2.x
- Upgraded channels to 3.0.x
- Upgraded django-x509 to 1.1.x
- Upgraded django-loci to 1.0.x
- Upgraded netjsonconfig to 1.0.x
- Upgraded openwisp-utils to 1.0.x
- Upgraded openwisp-users to 1.0.x
- Upgraded openwisp-notifications to 1.0.x
- Upgraded openwisp-ipam to 1.0.x
- Added shortuuid 1.0.x
- Added netaddr 0.8.x
- Added django-cache-memoize to 0.1
Other changes
- Reworked implementation of config_modified signal:
- the signal is now always emitted on templates changes m2m
events, also ifconfig.status
is modified, with the
differences that only post_add and post_remove m2m events are
used, whilepost_clear
is ignored, which fixes the duplicate
signal emission caused by the implementation of sortedm2m; - added
action
andprevious_status
arguments, which allow to
understand where theconfig_modified
signal is being emitted
from, this allows more advanced usage of the signal by custom
implementations
- the signal is now always emitted on templates changes m2m
- Context variable follows template order: If two or more applied
templates have "default_values" with the same keys, then the context
variables of the template which comes later in the order will be
used - New credentials created with
auto_add
set toTrue
will get added
to the existing devices in a background task. This improves the
responsiveness of the web application - Decoupled admin LogEntry from Template model
- Device admin only lists relevant templates, i.e. templates that are
shared or belong to the device's organization - Improved UX of system-defined variables
- Name of objects is unique only within the same organization and
within the shared objects - The system does not sends connection notifications if the
connectivity of the device changes - Allowed searching devices using their location address in Device
admin. - Removed deprecated
api/device-location/<pk>
endpoint - Made device name unique per organization instead of unique system
wide - Added time limits to background celery tasks
Bugfixes
- Fixed a bug which caused
VpnClient
instances to be recreated every
time the configuration templates of a device were changed, which
caused x590 certificates to be destroyed and recreated as well - Hardened config validation of OpenVPN backend. The validation fails
if theopenvpn
key is missing from the configuration - Fixed a bug that caused issues in updating related
Config
whenever
a template'sdefault_values
were changed - Fixed pop-up view of CA and Cert not displaying data
- Fixed config status stays
applied
after clearing all device
templates - Fixed
VpnClient
not created when multiple VPN templates are added - Fixed configuration editor raising validation error when using
variables in fields withmaxLength
set - Fixed connection notifications reporting outdated status
- Fixed migrations referencing non-swappable OpenWISP modules that
broke OpenWISP's extensibility - Fixed bugs in restoring deleted devices using
django-reversion
- Fixed cloning of shared templates
- Disallowed blank values for
key_length
ordigest
fields forCA
andCert
objects - Fixed template ordering bug in the configuration preview on Device
admin The order of templates was not always retained when generating
the preview of a config object
0.8.4 [2021-04-09]
Bugfixes
- Fixed bug in connection module that raised
UnicodeDecodeError
, improved logging and ignored unicode conversion issues - Fixed context loading from default values of templates overwriting system defined variables in device admin
- Fixed default template selection not updating after changing backend field in device admin
- Fixed JSONSchema widget to enable working with a single schema
- Fixed related configuration not getting updated after template "default_values" are changed
- Fixed bug which caused the unsaved changes alert in device admin when location of device is present
- Fixed bug replacing manually entered device information with empty string
- Fixed multiple requests for fetching default template values in device admin
Security
- Patched security bugs in internal HTTP endpoints which allowed to obtain UUID
of other organizations and other sensitive information
0.8.3 [2020-12-18]
Bugfixes
- Increased minimum openwisp-users version to ~=0.5.1, which fixes an issue in the production setup
0.8.2 [2020-12-11]
Bugfixes
- Fixed the bug that prevented users from adding/editing access credentials.
Changes
- Increased django-x509 version to 0.9.2
- Increased django-flat-json-widget version to 0.1.2
- Changed the preview button colors for better readability
- Added help text for device name field
0.8.1 [2020-12-02]
Bugfixes
- Fixed tests that were dependent on specific settings of the Django project.
0.8.0 [2020-11-23]
Features
- Added possibility to extend openwisp-controller
- Added flat JSON widget for configuration variables
- Added JSON Schema widget to credentials admin
- Added
device_registered
signal - Added OpenWISP Notifications module as a dependency, which
brings support for web and email notifications for important events - Allow using a different device model in update_config: his allows OpenWISP Monitoring to override the
can_be_updated
method to take into account the monitoring status, so that push updates won't be attempted - Added notifications for changes of
is_working
status of credentials - UX, automatically add/remove default values to device context: automatically add or remove default values of templates to the configuration context (a.k.a. configuration variables) when templates are added or removed from devices
- UX: added system defined variables section
Changes
- Backward incompatible: the code of django-netjsonconfig was
merged in openwisp-controller to simplify maintenance - Changed API of
device_location
view for consistency:/api/device-location/{id}/
becomes/api/v1/device/{id}/location/
, the old URL is kept for backward compatibility but will be removed in the future - Backward incompatible change: schema url endpoint changed to
<controller-url>/config/schema.json
and it's now in config namespace instead of admin namespace - Changed VPN DH length to 2048 and moved its generation to the background because it's a lot slower
- Admin: Order Device, Template and VPN alphabetically by default
- Admin: Added
mac_address
field to the device list page (DeviceAdmin.list_display
) - Increased
max_length
of common name to64
- Changed the config apply logic to avoid restarting the openwisp-config deamon if the configuration apply procedure is already being run
- Made template
config
field required in most cases - Changed
DeviceConnection.failure_reason
field toTextField
, this avoids possible exception iffailed_reason
is very long, which may happen in some corner cases - Made Device
verbose_name
configurable, seeOPENWISP_CONTROLLER_DEVICE_VERBOSE_NAME
- Increased netjsonconfig version to 0.9.x (which brings support for new interface types, see the change log of netjsonconfig for more information)
- Increased django-x509 version to 0.9.x
- Increased django-loci version to 0.4.x (which brings many bug fixes to the mapping feature, as long as support for geo-coding and reverse geo-coding, see the change log of django-loci for more information)
- Increased openwisp-users version from 0.2.x to 0.5.x (which brings many interesting improvements to multi-tenancy, see the
change log of openwisp-users for more information) - Increased django-taggit version to 1.3.x
- Increased openwisp-utils version to 0.7.x
- Increased django-rest-framework-gis version to 0.16.x
- Added support for django 3.1
Bugfixes
- Fixed JSON validation error when dealing with OpenVPN configuration
- Ensured
unique
inHARDWARE_ID_OPTIONS
defaults toFalse
- Avoid need of migration if
HARDWARE_ID_OPTIONS
is changed - JS: prevent crash if backend value is empty
- Do not execute default template selection if device exists
- Close preview overlay on errors
- Avoid triggering
config_modified
signal during registration - UI: Fixed whitespace after overview tab in in device page
- Validate
Config.context
andTemplate.default_values
:Config.context
andTemplate.default_values
must always be a dictionary, falsy values will be converted to empty dictionary automatically - Fixed failures in
update_config
operation: theupdate_config
operation will be executed only when the transaction is committed to the database; also handled rare but possible error conditions - Handled device not existing case in
update_config
task - Fixed auto cert feature failure when device name is too long
- UI: avoid showing main scrollbar in preview mode
- Fixed
OPENWISP_CONTROLLER_BACKEND_DEVICE_LIST = False
- UI fixed advanced mode bugs: positioning is done using css instead of js. Removed body scrollbar when in advanced mode. Back to normal mode with ESC key. Hidden netjsonconfig docs hint on narrow screens
- Avoid simultaneous
update_config
tasks: since now the launch of the task is executed when the transaction is committed to the database - Fixed
OPENWISP_CONTROLLER_CONTEXT
setting getting modified at run time - Fixed z-index of preview overlay: the z-index is increased so it's higher than the main navigation menu to avoid the possibility of triggering the main menu inadvertently
- Prevent sending
config_modified
signal multiple times - Fix timeout when changing template: slow operations are moved to the background
- Fixed variablle validation: now all the available context (device variables, system variables) are taken into account when performing validation
- Removed unnecessary
static()
call from media assets