PowerDNS Admin Versions Save

A PowerDNS web interface with advanced features

v0.4.2

3 months ago

This release focused on tying up what loose ends could be within reason in preparation for the freeze release. Following this release, only dependency updates within reason will be managed. There may be additional feature releases on this edition, but nothing is promised.

POTENTIALLY BREAKING CHANGE - This release upgrades to SQLAlchemy 1.4.x which removes support for the use of postgres:// on database connection URI strings. You must switch to the supported format of postgresql:// to avoid a failure of the connection.

What's Changed

New Contributors

Full Changelog: https://github.com/PowerDNS-Admin/PowerDNS-Admin/compare/v0.4.1...v0.4.2

v0.4.1

1 year ago

This release primarily addresses new issues that were brought about with the 0.4.0 release last month such as issues with session expiration and OAuth functionality. Additionally, this release provides some enhancements to existing features such as the authentication settings editor.

Hopefully, this release will provide some stability to the recent OAuth issues that have been popping up since the release of 0.4.0. I have updated the OAuth providers to make exclusive use of either the metadata URL setting OR the token and authorize URL settings. The UI has been updated in such a way that this change becomes much more obvious. I have personally tested the GitHub and Azure OAuth implementations for basic authentication (not including the additional provider specific features) and can assure that it is functioning with the most basic use cases. It was also discovered that logout was failing for the Azure (and possibly OIDC) providers as the session tokens were not being properly cleared. This would result in an instant re-authentication after logging out due to the tokens still be present in the session.

In general, the authentication settings editor should be a much more enjoyable experience as I pulled out all of the existing client-side code that was a mess and implemented the KnockoutJS and jQuery Validation libraries to improve the UI and UX here. The tabs now provide proper deep-linking so browser history / navigation works very well when changing from tab to tab. One can also reload the page without starting back at the first tab every time. Furthermore, data is both loaded and saved with XHR calls instead of full page loads. This change facilitate the ability to switch to a single save button for all tabs of the editor as opposed to the independent forms that were previously present.

What's Changed

New Contributors

Full Changelog: https://github.com/PowerDNS-Admin/PowerDNS-Admin/compare/v0.4.0...v0.4.1

As always, thank you all for being loyal users and contributors of the PDA project! Hopefully it won't be too long until the 0.4.2 release is out!

v0.4.0

1 year ago

First off, thank you all for sticking with the project this long through it's rough patches! As the project has went through a change of ownership last year, there have been many areas that have suffered but it is my goal to turn those problems around and get the project back on a healthy and productive path into the future.

With that being said, there is many areas that still need improvement including the quality of contributions and information tracking. For this reason, this release will not provide the most accurate documentation to all of the changes included in the release, but I will do my best to highlight the most notable that I'm aware of.

Enhancements

  • The user interface has been updated to the latest AdminLTE release of 3.2.0.
  • The Font Awesome library has been upgraded to the latest 6.3.0 release which overrides the 5.15.4 dependency built in to AdminLTE 3.2.0.
  • The user interface has been updated to better support multiple screen sizes included smartphones and tablets. While this is still a work in progress, you will find that most views now work quite well in various screen formats.
  • The nomenclature for DNS zones have been updated to utilize the appropriate terminology of "zone" instead of "domain" where the latter is slang. This is a work in progress so there may still be some places that use the old "domain" terminology.
  • The nomenclature for history / action auditing has been updated to use "activity" instead of "history." This is a work in progress so not all references may have been updated yet.
  • The authentication settings management views have been updated to be more uniform with some amount of field documentation included. This is also still a work in progress as some views still lack useful documentation.
  • Performance improvements have been made to the zone record list view so that large data sets don't suffer as much from use of poor coding techniques.
  • The statistics and recent activity blocks have been removed from the dashboard to provide greater performance enhancements. It was determined that these features weren't truly useful in practice which was the ultimate driver for their removal.
  • API activity auditing has been updated to provide per-record change log entries.
  • The user interface has been updated to use the SITE_NAME setting in more appropriate places as opposed to the static text of "PowerDNS Admin."
  • Various user interface features were updated to correct minor formatting issues such as a lack of proper text wrapping for the activity details modal.
  • Various areas of documentation were updated to be more reliable as well as including some missing information. This is still a work in progress.
  • The project WIKI was moved into standard markdown documentation files under docs/wiki as opposed to using the GitHub WIKI feature which will make it easier for contributors to provide updates via PRs.

Features

  • A CAPTCHA feature has been added to the registration form which can be controlled through the use of environment variables and application settings. This feature is now enabled by default.
  • A session storage setting has been added through the use of environment variables and supports multiple mediums such as database and file system. The default is configured to use the database which will result in the "sessions" table being automatically created!
  • A configuration setting has been added for controlling the OIDC OAuth Metadata URL for authentication.
  • A search function was added for IDN searches.

Bug Fixes

  • The auto-PTR record logic has been updated to remove, then add records in order to address scenarios that would create undesirable record changes that didn't fit logical expectations.
  • Fixed issue where OTP_FORCE setting was being applied to OAuth flows which was not appropriate.
  • Many other minor bug fixes were made but there is currently a lot of lacking documentation available to make documenting these fixes here a bit easier.

Security Fixes

  • Most dependencies have been updated to their latest or near-latest versions.

As the project gets back on track, so will it's organization which should result in more frequent minor and patch releases with greater detail in release notes. Thank you again for being a PDA user!

v0.3.0

1 year ago

Upgrade path

  • This release includes upgrades of some Javascript libraries. In order to upgrade your installation, you need to run the following commands:
    • Install rjsmin from the requirement file into your virtualenv: pip install rjsmin
    • Upgrade yarn packages: yarn install --pure-lockfile
    • Rebuild Flask assets: export FLASK_CONF=../configs/production.py; export FLASK_APP=powerdnsadmin/__init__.py; flask assets build
  • You have to upgrade your database to update your history (#1199): export FLASK_CONF=../configs/production.py; export FLASK_APP=powerdnsadmin/__init__.py; flask db upgrade

Restarting the web server should not be necessary

Features

  • Added an option to forbid the creation of domain if it exists as a record (#1127)
  • SAML provisioning can now set Operators from a group (#1205)
  • Added an option to allow underscores, hyphens and dots in account names. Please pay attention if you enable this feature as it can break your setup if you use autoprovisionning (#1047)

Enhancements

  • PDA API now has /api endpoint to improve compatibility with LEGO clients (#1206)
  • API now allows record type according to enabled record types from settings (#1089)
  • API now only allows record TTL according to configured TTL in the settings (can be disabled) (#1089)
  • PDA now caches account id when updating the domains (from the dashboard), which enhance performance when managing a lot of domains (#1218)
  • Code has been updated to improve api calls to the backend when editing domains from the UI (#1201)
  • You can now directly create domains with their full fqdn (with the termination dot) (#1227)

Bug Fixes

  • Saml issues behind a reverse SSL Proxy / Improved documentation and defaults (#1203)
  • Replaced idna library to fix translation issues (#1163)
  • Fixed parsing of X-Forwarded-For headers with DynDNS2 (#1214)
  • Replaced "rrests" occurences with "rrsets" (#1199)

Security Fixes

  • Updated Javascript libraries (#1213)
  • Updated cookies configuration to make them more secure (#1211)

Notes

We would like to thank active contributors for their precious help to improve PowerDNS Admin

v0.2.5

1 year ago

Important note

It has not been followed in the past, but this release clearly drops support for Python < 3.6. Python 2 is EOL since January 2020, and recent distributions (Debian 10/Ubuntu 19) are packaged with Python > 3.7. We encourage you to update your servers/virtualenvs to a modern version.

Features

  • OTP can be enforced by a setting (#1051)
  • History has been refactored (#1042)
  • API Keys can now be associated with accounts, as domains can (#1044)
  • API now has a /health endpoint (authenticated) to check the backend's health (at least one domain must exist in the backend) (#1172)

Enhancements

  • Use secrets module for generating new API keys and passwords (#1035)
  • Oidc Autoprovisioning now allows binding of a user to multiple accounts (#994)
  • Replaced Datepicker (#1059)
  • The "Admin" button has been added to domain edition page (#1076)
  • Unauthentified Dyndns requests are now answered with www-authenticate headers
  • Enabling DNSSEC on a domain is now recorded in the history (#1123)
  • API's /ping endpoint is not protected by authentication anymore (#1174)
  • Improved k8s deployment support (#1216, #1217, #286)

Bug Fixes

  • Sort accounts in Domain creation page (#1049)
  • Login page is reloaded in background before CSRF token expires to prevent 403 error after a successfull but late login (#1124)
  • Domain deletion from API crash (#1101)
  • LDAP login in history are now correctly displayed (#1122)
  • Active Directory group resolution now uses native AD nested group resolution that prevents infinite loops (#1118)
  • HTML entities are now correctly handled in domain edition page (#1159)
  • Application/Json content type is now set on all outgoing API calls to enable the use of another PDA instance as a backend (#1154)
  • Account deletion via API now dissociates domains to allow the account to be deleted (#1134)

Security Fixes

  • Render domain data table fields only as text (#1158)
  • Replace pyOpenSSL with cryptography (#1188)

Documentation

The documentation has been slightly improved in distinct PR and the ones mentioned in this release notes. Further work is planned in summer to add details and more complete examples.

v0.2.4

2 years ago

In this release:

  • bug fixes #916 #936
  • Security fix #970
  • Allow user role to view history #890
  • Allow users to remove domains #952
  • Templating improvements with [ZONE] placeholder #960
  • API improvements #858 #868 #878 #950 #996
  • Setting to disable OTP field #942
  • Custom css support #944
  • Background jobs for docker #940
  • Changes to bg_domain_update #962 #993
  • Overriding setting from database using environment variables #1030

v0.2.3

3 years ago

In this release:

  • Bug fixes #752, #814
  • Dockerfile update #815, #818
  • Python libraries updated #823 , #824
  • Implement account update method #801
  • Link API key to account/user #803
  • Add API key stuff UI #804

v0.2.2

4 years ago

In this release:

  • User email validation #622
  • Verify secured PDNS API address #644
  • Offline mode #700
  • Authentication improvements
  • Docker stuff adjustment
  • Bug fixes

v0.2.1

4 years ago
  • Fix domain creation from a template with SOA enabled #613
  • Fix enabling DNSSEC #614
  • Update domain serial column datatype #529
  • Improve SAML (certificate and attributes) #617
  • Update Dockerifle #621

v0.2

4 years ago

In this release:

  • Code refactoring #586
  • Add record comment feature #598
  • Add global search feature #599
  • Add session timeout warning feature #610
  • Add Azure OAuth support #591
  • Adjustment in the domain's record applying #604
  • Adjustment in History feature
  • Adjustment in Dockerfile #607
  • Drop PDNS 3.x support #604
  • Drop avatar uploading feature
  • SAML fixes and enhancement #605 #612
  • Bug fixes