Releases: inlets/inlets-pro
Add uplink client/server and plugin system
Changelog for 0.9.10:
Commits
8d23cc1 Rename inlets helm charts for consistency by @alexellis
c5de47b Update charts for inlets-pro 0.9.9 by @alexellis
33e56b2 Upgrade charts for inlets-pro 0.9.9 by @alexellis
Changes: 0.9.9...0.9.10
Generated by Derek
Contributors
Assets 18
Improve error message for cancelled Gumroad subscriptions
Changelog for 0.9.9:
Improve error message for cancelled Gumroad subscriptions
Release with Proxy Protocol v2
Changelog for 0.9.8:
Adds --proxy-protocol flag to inlets-pro tcp server, valid options are "" and "v2"
Record the hostname in the data plane metrics for HTTP tunnels
Changelog for 0.9.7:
Commits
Record the hostname in the data plane metrics for HTTP tunnels
Changes: 0.9.6...0.9.7
Generated by Derek
Make HTTP tunnels backwards compatible with earlier versions
Changelog for 0.9.6:
Make HTTP tunnels backwards compatible with earlier versions
Fixes an issue introduced in 0.9.5 which prevented backwards compatibility with earlier versions of inlets-pro servers.
Better allowed IP lists and systemd support
Updates for 0.9.5
* Moves to Go 1.18 for builds, updates internal and external dependencies
* Adds IP Allowed list to all generated systemd unit files via `--generate=systemd` and `--allow-ips`
* Adds systemd unit file generation to the fileserver command via `--generate=systemd`
* Improves example help text for systemd generation - added to all `inlets-pro` commands
* Adds external IP discovery option for automated TLS - `--auto-tls-discovery=external`
* Removes old `--common-name` flag for TCP servers
* When IP Allowed list is printed, these are now formatted in a more friendly format `Allowed IPs: 127.0.0.1 CIDRs: 192.168.1.0/24`
Update internal dependencies for Prometheus, TLS and Go version
This release updates the internal dependencies for Prometheus, TLS with Let's Encrypt and the Go version used to build inlets-pro.
Fix for systemd generation with multiple upstreams
Add support for allowed IP ACLs
Changelog for 0.9.1:
HTTP, TCP servers and the fileserver all gain a new flag to specify a list of IPs and / or CIDRs which may access the control and data plane of the server end of the tunnel.
IP allowed lists, aka IP whitelists are an often-requested security feature by corporate users however, they do not replace authentication and are not bullet-proof. Beware of IP spoofing for the source address of packets.
The default allow list is 0.0.0.0/0 which corresponds to any valid IP address.
Container image: ghcr.io/inlets/inlets-pro:0.9.1
Read the blog post / tutorial: Restrict your tunnels with IP allow lists
Example usage:
inlets fileserver --allowed-ips 192.168.0.0/24
inlets tcp server --allowed-ips 0.0.0.0/0
inlets http server --allowed-ips 192.168.0.1 \
--allowed-ips 192.168.0.2If you are using a reverse proxy or container network in front of inlets, then you may need to implement your list there instead of via the inlets binary.
Generated by Derek
Metrics & monitoring, status command and better PaaS support
Changelog for 0.9.0:
- Container image:
ghcr.io/inlets/inlets-pro:0.9.0 - Helm charts: https://github.com/inlets/inlets-pro/tree/master/chart
Additional resources for this release
- Blog post and walk-through: Measure and monitor your inlets tunnels
- Video live-stream with demos: Measuring and monitoring inlets tunnels
The inlets 0.9.0 releases adds:
- A new
statusCLI command to monitor tunnels - Load-balancing of requests between clients using TCP tunnels
- An ARM64 Darwin binary for Apple M1 users
- Prometheus metrics for TCP and HTTP tunnels
The --token-env option has been added to the client and server commands so that inlets can be used more easily with PaaS platforms that store secrets as environment variables. Examples include ECS, Fargate, Heroku and Fly. In the same vein, --license-env has been added to the client commands so that ECS Anywhere users can update their license tokens on edge devices, if and when required.
The inlets-pro http fileserver command has moved up one level to inlets-pro fileserver so that it's easier to discover and less to type in.
The flag --token-from is now deprecated and will be removed in a future release, see also: token-file which does the same thing with a more consistent name.
The --print-token flag has been removed from the inlets HTTP client and server, given that the token is an input it should already be possible to print this value yourself.
Enables use of Ghost in HTTP mode with built-in Let's Encrypt by setting the x-forwarded-proto header to https. See also: XFP
This release adds the --reconnect-after flag to HTTP client, to fix an issue with Windows clients which were reconnecting too quickly, before the server detected them as disconnected. Example usage: inlets-pro client --reconnect-after 60s
These are now published to a helm chart repo via GitHub pages.
Generated by Derek