Skip to content

v2.9.0

Latest
Latest

Choose a tag to compare

View all tags
@rschmied rschmied released this 25 Jul 07:49
· 2 commits to main since this release
v2.9.0
This tag was signed with the committer’s verified signature.
rschmied Ralph Schmieder
GPG key ID: A6CE0C5473F6DCEF
Verified
Learn about vigilant mode.
b32edd5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

Breaking change
With this release, the cfg.common.allowed_ipv4_subnets has been split into
two variables:

  1. cfg.common.allowed_ipv4_subnets.mgmt which allows access to management
    ports tcp/22 (SSH) and tcp/9090 (Cockpit)
  2. cfg.common.allowed_ipv4_subnets.cml2 which allows access to the CML2
    application on tcp/80, tcp/443 and tcp/1122. This gets also applied to
    the PATty port range, if PATty is enabled

The default for both is ["0.0.0.0/0"] (e.g. "any"). However, it is advisable
(and maybe even enforced by your policy) to restrict management access to a
specific subnet or a list of subnets.

  • fix AWS 24.04 noble image name for the AWS mini variant (closes #32)
  • fix certificate installation for 2.8 and newer in 03-letsencrypt.sh
  • mandate CML TF provider 0.8.0 or newer
  • make licensing a bit more robust (license.py)
  • additional code to install Docker related dependencies (for 2.9)
  • change stabilization timer code location to match 2.8 and newer in
    04-customize.sh
  • updated config.yml to include newest reference platform node definitions
    and images. Some are commented -- need to adapt before deploying to match
    what is actually needed
  • updated and reformatted documentation

Full Changelog: v2.8.0...v2.9.0

Contributors

rschmied
Assets 2
Loading