23.12.001 changelog

23.12.001

Released on 6 December, 2023.

Server

Fixes

  • Several improvements to DNS block lists:
    • Remote upstream URLs are now retrieved asynchronously in the background on update. This should result in much faster changes when updating DNS block lists.
    • DNS block list update tasks will remove themselves when their accompanying DNS block list resources are deleted.
    • DNS block list meta update tasks will remove themselves when no DNS block lists are defined and the meta update task is no longer necessary.
  • Fixed an issue in which the bowtie-server service failed to log a correct version string when starting.
  • Fixed an issue in which a call to update a Controller (via either interactive shell or automatic timer) could hang indefinitely when cloud-init fails to complete.

Features

  • Added a flag to optionally disable the Secure option when sending Set-Cookie headers in development. This flag should not be set in production environments. Consult bowtie-server --help for usage.

Enhancements

  • Updates the base operating system packages to reflect the latest upstream changes. This includes non-breaking changes for security fixes in packages for Loki and Promtail and openssl 3.

    This update includes an update from Linux kernel version 6.1.38 to 6.1.62. System services should continue to operate normally across kernel updates, but if you require that the system run on the newer kernel, you should follow-up with any update actions with a system reboot to run on the newer kernel.

Client

Features

  • On MacOS, logs are now sent to the system’s unified log service rather than being stored in files.

    Logs may be accessed by using bowtie-ctl inspect, by using the MacOS console app or by using the log command:

    log stream --info --debug --predicate 'subsystem = "works.bowtie.bowtie-service"'

    A subsystem predicate of works.bowtie.bowtie will dump the logs from the tray application rather than the service.

  • Added support for connecting to multiple organizations simultaneously.

    To use this feature, place one or more configuration files with an entrypoint line in the Bowtie configuration directory (on MacOS and Linux /etc/bowtie/configuration, and on Windows, C:\ProgramData\bowtie\configuration).

    For example, the following snippet shows a client configuration on Linux that will connect to two organizations with two separate controllers:

    $ cat /etc/bowtie/configuration/first.conf
entrypoint = [ "https://controller.example.com" ]
$ cat /etc/bowtie/configuration/second.conf
entrypoint = [ "https://controller.rock.associates" ]

    Bowtie currently only supports DNS on a single organization at a time. To switch to a different organization, access the “pause” capability by right-clicking the Bowtie system tray icon.

  • Added the ability to pause and resume a Bowtie connection. This may be accessed by right clicking on the Bowtie tray application and selecting “pause” or “resume”. These menu items are only respectively available if the connection is in the “Connected” or “Paused” state.

Fixes

  • Fixed an issue which prevented the tray application from running for multiple users simultaneously.

Enhancements

  • The .msi file now includes required dependencies for Windows 10 and above. The use of the exe is not recommended for most cases.

Documentation

Enhancements

  • The client setup and usage documentation has been overhauled to provide complete instructions for installation, uninstall steps, and desktop application use.
  • The control plane documentation has been expanded to cover all of the administrative web pages available on Controllers.
  • Updated the Terraform knowledge base section to include examples illustrating how to provision bowtie_dns_block_list resources.
  • Added screenshots and examples for client tray menus that include multiple organizations and pause/resume buttons.
  • Updated the section about Terraform provider ordering to reflect updated capabilities of the native provider to authenticate lazily.