NAV Navbar

Notakey Authentication Appliance

v5.0.80 (2022-07-13)

  • Fix regression when cluster cannot be joined during initial setup wizard
  • Fix configuration migration issue when no cluster service is started on node

v5.0.79 (2022-07-11)

  • Documentation update
  • Fix for cron service frequent job
  • Fix regression with static certificates in wizard

v5.0.75 (2022-04-26)

New Features

  • Deprecate legacy RancherOS system-docker cron integration
  • Introduce automatic system updates (enable with ntk cfg set cli.auto_update 1)
  • Backup restore graceful exit on format error
  • CLI script reinstall feature
  • Fix unused image cleanup to free disk space
  • Add support for automatic backups of config and data (enable with ntk cfg set cli.auto_backup 1)
  • Fix local configuration access when running commands in cli-server service

Known Limitations

  • If using automatic updates, CLI server service will not automatically restart after update, this has to be done manually by running ntk cli restart.

v5.0.62 (2022-03-23)

  • Add params option to plugin specification

v5.0.60 (2022-02-01)

  • Add device OS version to NtkAS device report

v5.0.59 (2022-01-04)

  • Store updated service original image reference
  • Remove htop image dependency
  • Documentation fixes
  • Fix initial install failure
  • Fix intermittent cluster write failure during wizard

v5.0.54 (2021-12-13)

  • Automatic integration tests before release publishing
  • New CI build system integration
  • Fix REDIS cli command
  • Allow to use cluster config value for REDIS secret
  • New bundled cron service as docker container
  • Install wizard improvements
  • Bootstrap package update
  • Improved installation on host OS

v5.0.47 (2021-11-26)

  • Automatic integration tests before release publishing
  • New CI build system integration
  • Fix REDIS cli command
  • Allow to use cluster config value for REDIS secret
  • New bundled cron service as docker container

v5.0.43 (2021-11-12)

  • New CI build system integration

v5.0.28 (2021-10-28)

  • Connection limit fix for consul
  • Add optional password protection support for Redis
  • Update procedure improvements

v5.0.26 (2021-09-10)

  • Update procedure improvements
  • Remove “ntk cli update” and “ntk cli check” commands
  • Prepare for automatic version change related configuration updates

v5.0.25 (2021-07-01)

  • Support for installation on Ubuntu 20.04 LTS
  • Automatic update availabilty check and administration user notification

v5.0.24 (2021-06-01)

  • Support for cluster datastore snapshots
  • Configuration consistency fix for cluster leave / join commands
  • Verify cluster state before updating plugins with “ntk sys update”
  • Fix regression in “ntk wizard”

v5.0.23 (2021-05-27)

  • Fix for ROS 1.1.0 integration
  • NtkAS session encryption key now resides only in cluster config storage

v5.0.22 (2021-04-14)

  • Builtin reverse proxy certificate provisioning improvements
  • Fix “ntk sys supreq” on some appliance versions

v5.0.21 (2021-04-12)

  • Fixed ntk rp status command

v5.0.20 (2021-04-09)

  • Fixed regression with static certificates on non-management port

v5.0.19 (2021-03-05)

  • Bugfixes for use cases with static certificates for alternate FQDNs
  • Shared cluster directory sync issue fixes

v5.0.18 (2021-02-24)

  • Fix regression that broke “ntk wizard”

v5.0.17 (2021-02-23)

  • Improvments for backup load and save commands
  • Added support for plugins, see plugin-support for details
  • Change local namespace for downloaded container images
  • Support for NtkAS 3.1, server now runs in single container
  • Changes in respect to external load balancer users, management service is no longer available on port 6000 (use :nas.dual_instance_mode to keep old behaviour)

v5.0.16 (2020-12-02)

  • Fixed bug with external outbound proxy configuration

v5.0.15 (2020-11-27)

  • NtkAS and NtkSSO healthcheck improvements
  • Fixed ntk as status command
  • Fixed bug in ntk sys cleanup
  • Enable cron automatically during install
  • docker ps now will not report health status, use ntk [service] status command
  • Encryption support for support request log archives made with ntk sys supreq

v5.0.14 (2020-11-09)

  • Added support for REDIS server configuration for NtkAS service

v5.0.13 (2020-10-27)

  • Fixed issue with custom user password change

v5.0.12 (2020-10-22)

  • Fixed bug related to backup restore failure when NTP servers are defined

v5.0.11 (2020-09-03)

  • Added healthcheck from reverse proxy side towards NtkAS to avoid http 404 in case of backend failures

v5.0.10 (2020-07-01)

  • Timezone change bugfix
  • Support for NtkAS 2.23.x

v5.0.9 (2020-06-08)

  • Added syslog option support for VRRP service.

v4.2.40 (2020-06-08)

  • Added syslog option support for VRRP service.

v5.0.8 (2020-05-27)

  • Add :nas.caching and :nas.cache_ttl to control cache options for NtkAS service

v4.2.39 (2020-05-27)

  • Add :nas.caching and :nas.cache_ttl to control cache options for NtkAS service

v5.0.7 (2020-05-19)

  • Zabbix agent related updates

v5.0.6 (2020-05-07)

  • Updates related to SSO release 3.0.0
  • Reliability fix for SSO cron task execution (metadata refresh and session cleanup)
  • Persistent volume for local metadata cache is now persisted between restarts

v5.0.5 (2020-05-06)

  • Add option to define additional FQDNs for ACME client for custom services

v5.0.3 (2020-04-20)

  • Added RancherOS installer
  • Improved configuration wizard
  • Backup load and save commands now support persisting service state and partial import
  • Migrate to new config schema

To manually migrate schema issue the following commands:

(
ntk cfg migrate notakey.proxy ap 2> /dev/null
ntk cfg migrate mgmt_port nas.mgmt_port 2> /dev/null
ntk cfg migrate host nas.host 2> /dev/null
ntk cfg migrate host :nas.host 2> /dev/null
ntk cfg migrate :host :nas.host 2> /dev/null
ntk cfg migrate env nas.env 2> /dev/null
ntk cfg migrate secret_key_base nas.secret_key_base 2> /dev/null
ntk cfg migrate image nas.image 2> /dev/null
ntk cfg migrate consulimg cluster.image 2> /dev/null
ntk cfg migrate proxyimg rp.image 2> /dev/null
ntk cfg migrate htopimg htop.image 2> /dev/null
ntk cfg migrate keepalivedimg vrrp.image 2> /dev/null
)

v4.2.38 (2020-03-25)

  • Migrate to new config schema

To manually migrate schema issue the following commands:

(
ntk cfg migrate notakey.proxy ap 2> /dev/null
ntk cfg migrate mgmt_port nas.mgmt_port 2> /dev/null
ntk cfg migrate host nas.host 2> /dev/null
ntk cfg migrate host :nas.host 2> /dev/null
ntk cfg migrate :host :nas.host 2> /dev/null
ntk cfg migrate env nas.env 2> /dev/null
ntk cfg migrate secret_key_base nas.secret_key_base 2> /dev/null
ntk cfg migrate image nas.image 2> /dev/null
ntk cfg migrate consulimg cluster.image 2> /dev/null
ntk cfg migrate proxyimg rp.image 2> /dev/null
ntk cfg migrate htopimg htop.image 2> /dev/null
ntk cfg migrate keepalivedimg vrrp.image 2> /dev/null
)

v4.2.37 (2020-03-23)

  • Fixed edge cases with SSO asset sync

v4.2.36 (2020-03-12)

  • Add SSO file syncing over nodes in cluster group
  • Add SSO session flush command

v4.2.35 (2020-02-07)

  • Update ntk as report to add licence information
  • Fix bug in cron task manager
  • Increase timeout limits for cron tasks
  • Fix NAS CLI bootstraping
  • Add ntk cron status command
  • Documentation updates

v4.2.34 (2020-02-06)

  • Update ntk as report to add licence information
  • Force SSL for cookies on dashboard
  • Fix bug in cron task manager
  • Increase timeout limits for cron tasks
  • Fix NAS CLI bootstraping
  • Add ntk cron status command
  • Documentation updates

v4.2.33 (2020-02-06)

  • Update ntk as report to add licence information
  • Force SSL for cookies on dashboard
  • Fix bug in cron task manager
  • Increase timeout limits for cron tasks
  • Fix NAS CLI bootstraping
  • Add ntk cron status command
  • Documentation updates

v4.2.32 (2019-10-22)

  • Zabbix agent support
  • Custom params for all services
  • Support for advanced private repository authentication schemas

v4.2.31 (2019-09-23)

  • Fixes for admin access recovery from shell
  • 2FA can now be disabled from CLI
  • NAS initial setup from CLI

v4.2.30 (2019-08-16)

  • Fix issues with “ntk sys cleanup”
  • Add NAS config option “:nas.external_proxy on/off” for external proxy server support (e.g. external load balacer)
  • Add SSO config option “:sso.external_proxy on/off” for external proxy server support (e.g. external load balacer)
  • Latest NAS image support

v4.2.29 (2019-08-05)

  • Disk resizing utility to increase available storage allocation.

v4.2.28 (2019-07-10)

  • Update procedure improvements. Cluster and cli component updates now are exclusive as they can affect other update processes.

v4.2.27 (2019-07-08)

  • Support for SSO custom modules. Now you can have custom templates and authentication sources built as docker images loded into SSO service and easily maintain future compatibility.

v4.2.26 (2019-06-25)

  • Support for update info bulletins when running “ntk sys update” from individual services and products

v4.2.25 (2019-06-19)

  • Fixed bug introduced in NAA 4.2.24 when VRRP service cannot be started
  • Added support for informational bulletins when updating NAA with “ntk sys update”

v4.2.24 (2019-06-05)

  • Fixed bug that breaks backend discovery if using static certificate with non-wildcard subject or SAN. Bug was introduced in 4.2.16.

v4.2.23 (2019-06-01)

  • Improved VRRP configuration CLI
  • Multiple VRRP instances can be defined
  • VRRP can now track individual services and bind them to resources (IP addresses)

v4.2.22 (2019-05-21)

  • Added reports for enabled services, users and devices
  • Initial wizard now supports joining existing cluster
  • Bootstraping NAS from CLI for strict security environments
  • Recovery of root admin user

v4.2.21 (2019-04-26)

  • Password change bugfix

v4.2.20 (2019-04-03)

  • Cron job run bugfix
  • Status detection bugfixes

v4.2.19 (2019-03-27)

  • Scope management support for API clients

v4.2.18 (2019-03-25)

  • Add reindex command
  • Add free disk command
  • Reverse proxy SSL improvements

v4.2.17 (2019-03-14)

  • Fix NAS auth command
  • Cron enable / disable fixes

v4.2.16 (2019-03-11)

  • 3ef7c59 Add logging option for NAS
  • bf18165 Add :nas.phone_country_code setting for NAS
  • 70a5531 Add config management instruction
  • 10be661 Merge branch ‘master’ of https://gitlab.com/notakey/cfg
  • ad5fbe3 Enable special character usage in password
  • 1e2fe0a Allow $ and ! to be used in ntkadmin password
  • 1161315 Add rp and cluster restart after update

v4.2.15 (2019-01-28)

  • Support for ACME TLS SSL provisioning
  • Configuration manipulation bugfix

v4.2.14 (2018-11-21)

  • Introduce AUTH_DOMAIN env to provision SSD domain
  • Add sso.healthcheck config option support
  • Bugfixes

v4.2.13 (2018-10-31)

  • Fix ntk cluster health printout
  • Messenger URL bugfix
  • Add documentation for nas.ks.pubkey_ttl config
  • Add nas.ks.pubkey_ttl config option, externalize ENV passed to NAS
  • Fix netsted useless startup validations
  • Add vrrp validate command
  • Do not print validation skip message
  • Add appliance mode deplyment variable to NAS
  • Bugfix
  • Add notakey:logrotate:accesstoken rake task to cron
  • Performance improvement
  • Fix bug
  • Promt fix on hostname change
  • Error message clarifications
  • Add configurable support for ACCESS_TOKEN_TTL in NAS

v4.2.12 (2018-10-24)

  • NAS API auth client management
  • Config management improvements

v4.2.11 (2018-10-18)

  • SSO configuration improvemnets
  • Support for cluster wide configuraions
  • Faster load times during service restarts
  • Bugfixes

v4.2.10 (2018-09-10)

  • Better integration with SSO and reverse proxy
  • Status reporting consistent across AS, RP, SSO and VRRP command trees
  • Internal rewrite of core functions

v4.2.9 (2018-08-01)

  • Fix for ACME client
  • NAS control function improvements
  • VRRP control function improvements
  • Support for generic socket monitoring in VRRP
  • Bugfixes

v4.2.8 (2018-06-26)

  • Support for HTTP-01 ACME domain validation
  • Remove legacy ACME TLS-01 entrypoint
  • Add support for nas.healthcheck = on|off
  • ntk sys cleanup bugfix
  • Fix password change verbosity

v4.2.7 (2017-11-09)

New Features

  • Improved backup restore functionality
  • Simplified cluster join when adding members to existing cluster
  • Support for latest consul datastore and RAFT v3 protocol
  • Simplified cluster management commands
  • Support for multiple upstream RADIUS servers
  • Support for authentication proxy standalone deployment scenario
  • Bundled latest SSO version with appliance
  • Support for SAN certificates
  • Support for docker version change
  • Recovery from inaccesible console in case of invalid configuration

Bugfixes

  • Check for running consul before backup
  • Fix backup restore if DHCP is used
  • Fix SSL certificate for management dashboard, if non-standard port is used

v4.2.6 (2017-11-07)

New Features

  • General test improvements

Bugfixes

  • Check for running consul before backup
  • Fix backup restore if DHCP is used

v4.2.5 (2017-11-03)

New Features

  • Docker 17.06.1 enabled by default
  • Latest Notakey NAS and complementary image versions
  • Improved backup management
  • Security updates to OS images
  • All images tagged in repo.notakey.com namespace
  • Simplified cluster setup and management

v4.2.3 (2017-08-21)

New Features

  • Docker engine version management
  • Fixed reboot and shutdown
  • SAN certificate support

Known Limitations

  • Nodes with version NAA 4.0.0 cannot coexist with 4.1.0 in singe cluster, all nodes have to be upgraded
  • Proxy setup cannot be used with ACME certificates
  • Static certificates have to be used for management dashboard

v4.2.2 (2017-08-08)

New Features

  • Built-in SSO functionality

Known Limitations

  • Nodes with version NAA 4.0.0 cannot coexist with 4.1.0 in singe cluster, all nodes have to be upgraded
  • Proxy setup cannot be used with ACME certificates
  • Static certificates have to be used for management dashboard

v4.1.3 (2017-07-10)

New Features

  • Cisco specific RADIUS message support configurable

Known Limitations

  • Nodes with version NAA 4.0.0 cannot coexist with 4.1.0 in singe cluster, all nodes have to be upgraded
  • Proxy setup cannot be used with ACME certificates
  • Static certificates have to be used for management dashboard

v4.1.0 (2017-06-22)

New Features

  • Automated attended package update support
  • Private package repository support for update
  • Timezone configuration support for all applications
  • Support for AuthProxy 1.0.2, message text and TTL configuration
  • NTP server configuration
  • Network diagnostic utilities
  • System performance monitoring tool
  • Firewall config validation on application startup
  • Support request automated diagnostic log package creation
  • Improved various terminal type support
  • Updated database engine
  • Updated reverse proxy version
  • Improved resilency due to more thorough application state checks in VRRP

Known Limitations

  • Nodes with version NAA 4.0.0 cannot coexist with 4.1.0 in singe cluster, all nodes have to be upgraded
  • Proxy setup cannot be used with ACME certificates
  • Static certificates have to be used for management dashboard

v4.0.0 (2017-06-02)

New Features

  • Setup possible without working DNS hostname
  • Proxy server configuration for outbound connections
  • Support for management dashboard deployment on custom port for limited access
  • HTTP SSL certificate sync between cluster nodes
  • VRRP group and preempt configuration
  • Improved vmware integration
  • Persistent storage for user files
  • scp utility to move files between nodes

Known Limitations

  • Proxy setup cannot be used with ACME certificates
  • Static certificates have to be used for management dashboard