Skip to content

v8.0.0-beta Clustering

Pre-release
Pre-release
Compare
Choose a tag to compare
@NHAS NHAS released this 03 May 00:09
· 105 commits to main since this release

This is a huge release that contains a number of fundamental changes to the inner workings of Wag to allow for high availability and clustering.
Additionally it also includes changes to the eBPF interactions which drastically increase the speed of changing firewall rules (#84).

It is highly likely that due to the large number of changes that this release contains that there are bugs, broken functionality and other issues. So until this release has been tested it is released as an beta release.

Wag has moved from using sqlite3 and an config.json file to using etcd as the backend for storing users and managing rules. This allows multiple Wag instances to be deployed and managed as one unit.

This release will attempt to perform a migration from sqlite3 into etcd on first run.

Features:

  • The wireguard peer diagnostics page now shows number of bytes sent/received #94
  • Webauthn keys will hopefully no longer prompt for pin code #89
  • Add clustering admin UI page for adding wag nodes to cluster #24
  • wag start now supports the -join flag for taking a cluster join token
  • ServerPersistentKeepAlive now configures the keep alives set by the server to the client to resolve #64
  • Wag now has a notifications system for the admin UI that will now node failures, policy apply failures and updates

Changes:

  • Improved new wireguard device IP address selection
  • Admin UI now has Debug mode available in config for development

Bug Fixes:

  • Fix gen-config returning null for a number of values #97
  • Rules with a domain name will be skipped if they are unsolvable rather than causing rule parsing to fail #86
  • Fix performance issues with moderate number of clients #84
  • Fix issue where custom templates/js could not be loaded due to bad path #76
  • Fix rendering issue on change password page #79

Security Fixes:

  • X-Forwarded-For is now correctly parsed