CHANGES.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149

Platform 0.9
--------------------------------------

The focus for Platform 0.9 was to clean house: we replaced the annoying system
of puppet submodules, we cleaned up the directory structure, we removed many of
the gem dependencies, and we fixed a lot of bugs.

New Features:

* `leap vm` -- Support for managing remote virtual servers (AWS only, for now)
* `leap cert renew` -- Integration with Let's Encrypt
* `leap open monitor` -- for handy access to nagios
* improved documentation -- open docs/index.html to see

Notable Changes:

* 86 bugs fixed
* Fixed security issues with VPN
* More tests
* Replaced git submodules with git subrepo
* Nearly all the leap_cli code has been moved to leap_platform.git
* Command-line leap_cli cleanup to be more logically consistent
* Better organization of the leap_platform.git directory structure
* Removed ugly dependency on Capistrano
* Enabled DANE/TLSA validation
* Anti-spam improvements
* Performance improvements for couchdb
* Change from httpredir.debian.org to deb.debian.org
* Reduce duplicated logging

Upgrading:

You will need the new version of leap_cli:

    workstation$ sudo gem install leap_cli --version=1.9

Because 0.9 does not use submodules anymore, you must remove them before pulling
the latest leap_platform from git:

    workstation$ cd leap_platform
    workstation$ for dir in $(git submodule | awk '{print $2}'); do
    workstation$   git submodule deinit $dir
    workstation$ done
    workstation$ git pull
    workstation$ git checkout 0.9.0

Alternately, just clone a fresh leap_platform:

    workstation$ git clone https://leap.se/git/leap_platform
    workstation$ cd leap_platform
    workstation$ git checkout 0.9.0

Then, deploy:

    workstation$ cd PROVIDER_DIR
    workstation$ leap deploy

Known Issues:

* When upgrading, sometimes systemd does not report the correct state of a
  daemon. The daemon will be not running, but systemd thinks it is. The symptom
  of this is that a deploy will succeed but `leap test` will fail. To fix, you
  can run `systemctl stop DAEMON` and then `systemctl start DAEMON` on the
  affected host (systemctl restart seems to work less reliably).

Includes:

* leap_web: 0.8
* nickserver: 0.8
* couchdb: 1.6.0
* leap-mx: 0.8.1
* soledad-server: 0.8.0

Commits: https://leap.se/git/leap_platform.git/shortlog/refs/tags/0.9

Issues fixed: https://leap.se/code/versions/195


Platform 0.8
--------------------------------------

This release focuses on the email service.

Requirements:

* You must upgrade to Debian Jessie, see below for details
* You must migrate all data from BigCouch to CouchDB
* Soledad and couchdb services must be on the same node

WARNING: failure to migrate data from BigCouch to CouchDB will cause all user
accounts to get destroyed. See UPGRADING below for how to safely do this.

UPGRADING: You must upgrade to Debian Jessie and migrate from BigCouch to
Couchdb. It is tricky to upgrade the OS and migrate the database, so we have
writen and tested a step-by-step guide that you can carefully follow in
doc/upgrading/upgrade-0-8.md, or online at: https://leap.se/en/upgrade-0-8

Other new features:

* It is possible to require invite codes for new users signing up.

* Tapicero has been removed. Now user storage databases are created as needed
  by soledad, and deleted eventually when no longer needed.

* Admins can now suspend/enable users and block/enable their ability to send
  and receive email.

* Support for SPF and DKIM.

Compatibility:

* Now, soledad and couchdb must be on the same node.
* Requires Debian Jessie. Wheezy is no longer supported.
* Requires CouchDB, BigCouch is no longer supported.
* Requires leap_cli version 1.8
* Requires bitmask client version >= 0.9
* Includes:
  * leap_mx 0.8
  * webapp 0.8
  * soledad 0.8

Commits: https://leap.se/git/leap_platform.git/shortlog/refs/tags/0.8
Issues fixed: https://leap.se/code/versions/189


Platform 0.7.1
--------------------------------------

Compatibility:

* Requires leap_cli version 1.7.4
* Requires bitmask client version >= 0.7
* Previous releases supported cookies when using the provider API. Now, only
  tokens are supported.
* Includes:
  * leap_mx 0.7.0
  * tapicero 0.7
  * webapp 0.7
  * soledad 0.7

Commits: https://leap.se/git/leap_platform.git/shortlog/refs/tags/0.7.1
Issues fixed: https://leap.se/code/versions/159

Upgrading:

* `gem install leap_cli --version 1.7.4`.
* `cd leap_platform; git pull; git checkout 0.7.1`.
* `leap deploy`
* `leap test` to make sure everything is working