v3.4.1

Merge pull request #126 from balena-io/dfunckt-patch-1
Delete CODEOWNERS
2025-06-24 10:18:15 +00:00 · 2021-07-01 00:13:18 +03:00 · 2021-06-30 21:11:33 +00:00 · 2021-06-30 18:30:12 +03:00 · 2021-06-25 18:39:31 +03:00 · 2021-06-25 15:36:25 +00:00
10 changed files with 6612 additions and 19 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@ -1,2 +0,0 @@
-# Main repo owners:
-*       @dfunckt @richbayliss
--- a/.versionbot/CHANGELOG.yml
+++ b/.versionbot/CHANGELOG.yml
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/README.md
+++ b/README.md
@ -37,7 +37,7 @@ application to your device(s).
 The current release of openBalena has the following minimum version requirements:

 - balenaOS v2.58.3
- balena CLI v12.23.4
+- balena CLI v12.38.5

 If you are updating from previous openBalena versions, ensure you update the balena
 CLI and reprovision any devices to at least the minimum required versions in order
@ -115,6 +115,7 @@ improvements and new functionality is planned:
 | Management via `balena-cli` only                    | Cloud-based device management dashboard                                                                                                                                                                   |
 | Download images from [balena.io][balena-os-website] | Download preconfigured images directly from the dashboard                                                                                                                                                 |
 | No supported remote diagnostics                     | Remote device diagnostics                                                                                                                                                                                 |
+| Supported devices: Raspberry Pi family, the Intel NUC, the NVIDIA Jetson TX2, and the balenaFin | All the devices listed in balena's [reference documentation](https://www.balena.io/docs/reference/hardware/devices/)   |

 Additionally, refer back to the [roadmap](#roadmap) above for planned but not yet implemented features.

--- a/2
+++ b/2
@ -1 +1 @@
-3.0.0
+3.4.1
--- a/13
+++ b/13
@ -1,12 +1,11 @@
-Vagrant.require_version '>= 2.0.0'
-
-[ 'vagrant-vbguest', 'vagrant-docker-compose' ].each do |p|
-  unless Vagrant.has_plugin?(p)
-    raise "Please install missing plugin: vagrant plugin install #{p}"
-  end
-end
+Vagrant.require_version '>= 2.2.0'

 Vagrant.configure('2') do |config|
+  config.vagrant.plugins = [
+    'vagrant-vbguest',
+    'vagrant-docker-compose'
+  ]
+
  config.vm.define 'openbalena'
  config.vm.hostname = 'openbalena-vagrant'
  config.vm.box = 'bento/ubuntu-18.04'
--- a/compose/mdns.yml
+++ b/compose/mdns.yml
@ -22,7 +22,7 @@ services:
        # the resin backend (eg. that for BALENA_ROOT_CA if present).
        MDNS_TLD: ${OPENBALENA_HOST_NAME}
        # List of subdomains to advertise. This must include all required hosts.
-        MDNS_SUBDOMAINS: '["api", "db", "registry", "s3", "vpn"]'
+        MDNS_SUBDOMAINS: '["api", "db", "registry", "s3", "tunnel", "vpn"]'
        # The expectation is the DBus socket to use is always at the following location.
        DBUS_SESSION_BUS_ADDRESS: "unix:path=/host/run/dbus/system_bus_socket"
        # Selects the interface used for incoming connections from the wider subnet.
--- a/compose/services.yml
+++ b/compose/services.yml
@ -32,7 +32,7 @@ services:
      HOST: api.${OPENBALENA_HOST_NAME}
      IMAGE_MAKER_URL: img.${OPENBALENA_HOST_NAME}
      IMAGE_STORAGE_BUCKET: resin-production-img-cloudformation
-      IMAGE_STORAGE_PREFIX: resinos
+      IMAGE_STORAGE_PREFIX: images
      IMAGE_STORAGE_ENDPOINT: s3.amazonaws.com
      JSON_WEB_TOKEN_EXPIRY_MINUTES: 10080
      JSON_WEB_TOKEN_SECRET: ${OPENBALENA_JWT_SECRET}
@ -85,6 +85,7 @@ services:
      REGISTRY2_S3_SECRET: ${OPENBALENA_S3_SECRET_KEY}
      REGISTRY2_SECRETKEY: ${OPENBALENA_REGISTRY_SECRET_KEY}
      REGISTRY2_STORAGEPATH: /data
+      REGISTRY2_DISABLE_REDIRECT: "false"

  vpn:
    extends:
@ -154,9 +155,9 @@ services:
    ports:
      - "80:80"
      - "443:443"
-      - "3128:3128"
    expose:
      - "222"
+      - "3128"
      - "5432"
      - "6379"
    networks:
@ -168,6 +169,7 @@ services:
          - db.${OPENBALENA_HOST_NAME}
          - s3.${OPENBALENA_HOST_NAME}
          - redis.${OPENBALENA_HOST_NAME}
+          - tunnel.${OPENBALENA_HOST_NAME}
    environment:
      BALENA_HAPROXY_CRT: ${OPENBALENA_ROOT_CRT}
      BALENA_HAPROXY_KEY: ${OPENBALENA_ROOT_KEY}
@ -183,5 +185,5 @@ services:
      - cert-provider:/usr/src/app/certs
    environment:
      ACTIVE: ${OPENBALENA_ACME_CERT_ENABLED}
-      DOMAINS: "api.${OPENBALENA_HOST_NAME},registry.${OPENBALENA_HOST_NAME},s3.${OPENBALENA_HOST_NAME},vpn.${OPENBALENA_HOST_NAME}"
+      DOMAINS: "api.${OPENBALENA_HOST_NAME},registry.${OPENBALENA_HOST_NAME},s3.${OPENBALENA_HOST_NAME},vpn.${OPENBALENA_HOST_NAME},tunnel.${OPENBALENA_HOST_NAME}"
      OUTPUT_PEM: /certs/open-balena.pem
--- a/compose/versions
+++ b/compose/versions
@ -1,6 +1,6 @@
-export OPENBALENA_API_VERSION_TAG=v0.105.0
+export OPENBALENA_API_VERSION_TAG=v0.139.0
 export OPENBALENA_DB_VERSION_TAG=v4.1.0
-export OPENBALENA_MDNS_PUBLISHER_VERSION_TAG=v1.7.9
-export OPENBALENA_REGISTRY_VERSION_TAG=v2.13.11
+export OPENBALENA_MDNS_PUBLISHER_VERSION_TAG=v1.9.2
+export OPENBALENA_REGISTRY_VERSION_TAG=v2.16.1
 export OPENBALENA_S3_VERSION_TAG=v2.9.9
-export OPENBALENA_VPN_VERSION_TAG=v9.16.1
+export OPENBALENA_VPN_VERSION_TAG=v9.17.11
--- a/src/haproxy/haproxy.cfg
+++ b/src/haproxy/haproxy.cfg
@ -34,6 +34,10 @@ frontend ssl-in
  tcp-request content accept if { req.ssl_hello_type 1 }

  acl is_ssl req.ssl_ver 2:3.4
+
+  acl host_tunnel req_ssl_sni -i "tunnel.${HAPROXY_HOSTNAME}"
+  use_backend redirect-to-tunnel-in if host_tunnel
+
  use_backend redirect-to-https-in if is_ssl
  use_backend vpn-devices if !is_ssl

@ -42,6 +46,11 @@ backend redirect-to-https-in
  balance roundrobin
  server localhost 127.0.0.1:444 send-proxy-v2

+backend redirect-to-tunnel-in
+  mode tcp
+  balance roundrobin
+  server localhost 127.0.0.1:3129
+
 frontend https-in
  mode http
  option forwardfor
@ -118,3 +127,8 @@ listen vpn-tunnel
  mode tcp
  bind *:3128
  server balena_vpn vpn:3128 check port 3128
+
+listen vpn-tunnel-tls
+  mode tcp
+  bind *:3129 ssl crt /etc/ssl/private/open-balena.pem
+  server balena_vpn vpn:3128 check port 3128
Author	SHA1	Message	Date
Balena CI	fbcb35a595	v3.4.1	2021-07-01 00:13:18 +03:00
bulldozer-balena[bot]	94f8b159c3	Merge pull request #126 from balena-io/dfunckt-patch-1 Delete CODEOWNERS	2021-06-30 21:11:33 +00:00
dfunckt	a328e8fc1d	Delete CODEOWNERS Change-type: patch	2021-06-30 18:30:12 +03:00
Balena CI	b1fd42669a	v3.4.0	2021-06-25 18:39:31 +03:00
bulldozer-balena[bot]	39f7f6b0cc	Merge pull request #123 from bartversluijs/patch-services minor: Update API, registry and VPN services	2021-06-25 15:36:25 +00:00
Bart Versluijs	1180bb3462	Update API, registry and VPN services Update open-balena-api from 0.119.5 to 0.139.0 Update open-balena-registry from 2.16.0 to 2.16.1 Update open-balena-vpn from 9.17.4 to 9.17.11 Change-type: minor	2021-06-25 12:48:59 +02:00
Balena CI	fbf3007d4c	v3.3.2	2021-06-04 08:42:20 +03:00
bulldozer-balena[bot]	2a3df9cd2a	Merge pull request #119 from relaxdiego/master Auto-install required Vagrant plugins intead of erroring out	2021-06-04 05:40:18 +00:00
Mark S. Maglana	d71a90c1ef	Auto-install required Vagrant plugins instead of erroring out Change-type: patch	2021-06-03 09:59:44 +08:00
Balena CI	6739d1257b	v3.3.1	2021-05-24 15:40:42 +03:00
bulldozer-balena[bot]	381fba943d	Merge pull request #116 from balena-io/delete-cli-version-warning scripts/compose: Delete Balena CLI version warning	2021-05-24 12:39:12 +00:00
fisehara	66acae8bbf	scripts/compose: Delete never called helper function	2021-05-24 14:16:11 +02:00
fisehara	cd2c3f5e11	scripts/compose: Delete Balena CLI version warning This can be removed completely now — it was added to ensure existing users also update to the latest (at the time) CLI as they updated their open-balena installation. Change-type: patch	2021-05-24 14:08:00 +02:00
Balena CI	071b5850a9	v3.3.0	2021-05-05 16:22:49 +03:00
bulldozer-balena[bot]	91bc92dbb5	Merge pull request #115 from bartversluijs/patch-registry Update registry service to v2.16.0	2021-05-05 13:21:13 +00:00
Bart Versluijs	49831a6a60	Update registry service Change-type: minor	2021-05-05 15:13:27 +02:00
Balena CI	549de52c73	v3.2.2	2021-04-29 14:36:50 +03:00
bulldozer-balena[bot]	826b61f08b	Merge pull request #112 from balena-io/rmorillo24-patch-OBsupporteddevices patch: Adding supported devices to OB	2021-04-29 11:35:14 +00:00
rmorillo24	0cdf0ef558	patch: Adding supported devices to OB Added a line in the OB vs balenaCloud which includes a mention to the devices supported by each. This list is mentioned in the FAQ section of the pricing page.	2021-04-28 17:14:52 +02:00
Balena CI	bea552de6a	v3.2.1	2021-02-07 01:15:14 +02:00
bulldozer-balena[bot]	419f3cddc4	Merge pull request #106 from balena-io/update-codeowners Add Matt and Paulo to CODEOWNERS	2021-02-06 23:13:38 +00:00
Balena CI	b92a3c8092	v3.2.0	2021-01-29 17:55:27 +02:00
dfunckt	746be65846	Add Matt and Paulo to CODEOWNERS Change-type: patch	2021-01-29 15:54:49 +00:00
bulldozer-balena[bot]	6250c85551	Merge pull request #105 from balena-io/update-services Update services	2021-01-29 15:53:14 +00:00
Akis Kesoglou	3898342a5b	Update services Update open-balena-api from 0.109.2 to 0.119.5 Update balena-mdns-publisher from 1.7.9 to 1.9.2 Update open-balena-registry from 2.13.11 to 2.14.4 Update open-balena-vpn from 9.16.1 to 9.17.4 Change-type: minor	2021-01-29 17:34:31 +02:00
Balena CI	ab0b7467fd	v3.1.4	2021-01-29 17:18:53 +02:00
bulldozer-balena[bot]	7cdce1a1c7	Merge pull request #104 from balena-io/close-port-3128 SECURITY: Close port 3128	2021-01-29 15:16:55 +00:00
Akis Kesoglou	da4c1678ec	SECURITY: Close tunneling port (3128) Port 3128, which was used for tunneling into devices, was plain TCP and has now been closed. Tunnelling is now via `tunnel.mydomain.com:443` (see #101). balena-cli versions before v12.38.5 are now incompatible and using the tunnel command will throw an error. Refs: #101 Change-type: patch	2021-01-29 17:13:19 +02:00
Balena CI	6fdc700806	v3.1.3	2021-01-26 14:14:42 +02:00
bulldozer-balena[bot]	e6d0be1c74	Merge pull request #103 from balena-io/edit-codeowners Remove Rich from CODEOWNERS	2021-01-26 12:12:15 +00:00
Akis Kesoglou	a0ef371621	Remove Rich from CODEOWNERS Change-type: patch	2021-01-26 13:30:04 +02:00
Balena CI	cd98a0df3f	v3.1.2	2021-01-22 16:10:08 +02:00
bulldozer-balena[bot]	296a746e96	Merge pull request #101 from balena-io/switch-tunnel-to-tls tunnel: Expose tunnel service via TLS	2021-01-22 14:08:00 +00:00
Rich Bayliss	b3d184c13c	tunnel: Expose tunnel service via TLS In order to support the new CLI and balenaCloud deployment schemes for the tunnel service, the service is now exposed via the TLS port 443 on the `tunnel.{domain}` server name. Change-type: patch Signed-off-by: Rich Bayliss <rich@balena.io>	2021-01-22 11:55:33 +00:00
Balena CI	3b9433e9cc	v3.1.1	2020-11-10 17:59:55 +02:00
bulldozer-balena[bot]	763da0eb45	Merge pull request #97 from balena-io/update-versions Update open-balena-api	2020-11-10 15:57:48 +00:00
Akis Kesoglou	bfce474ff0	Update open-balena-api Fixes a bug with a migration that would keep obsolete DB columns around and prevent creation of applications and devices. See https://github.com/balena-io/open-balena-api/pull/507 Fixes #94 #95 Change-type: patch	2020-11-10 17:54:33 +02:00
Balena CI	308322f774	v3.1.0	2020-11-03 18:22:26 +02:00
bulldozer-balena[bot]	c2077e5037	Merge pull request #96 from balena-io/set-default-bucket-prefix-images Change S3 OS images folder from resinos to images	2020-11-03 16:20:37 +00:00
Stevche Radevski	7790290d0e	Change S3 OS images folder from resinos to images Change-type: minor Signed-off-by: Stevche Radevski <stevche@balena.io>	2020-11-03 17:15:14 +01:00
Balena CI	857e6b3bd7	v3.0.1	2020-10-29 13:43:03 +02:00
bulldozer-balena[bot]	cbee20731b	Merge pull request #93 from balena-io/update-api Update the API fixing an issue with migrations	2020-10-29 11:41:04 +00:00
Akis Kesoglou	eec16b843d	Update the API fixing an issue with migrations When updating from previous versions, the API will fail to execute the database migrations. This updates the API version to include a fix for this. Change-type: patch	2020-10-29 13:35:30 +02:00
 @ -1 +1 @@
 .0.0
 .4.1