Releases: Forceu/Gokapi
Releases · Forceu/Gokapi
v2.0.0-beta1: Multi-User Support
We are happy to announce that we have implemented multi-user support (along with some other features) and need your help to test it for bugs before release!
To install this beta with docker, please use the gokapi:latest-dev tag.
Upgrading
Upgrading when using OAuth2/OIDC authentication:
- A valid email must now be set for all users in the authentication backend
- Authentication is now only done by email and can be restricted by user groups
- Make sure that the env variable
GOKAPI_ADMIN_USERis set when upgrading and contains the email of the super admin
Upgrading when using Header authentication:
- If restricting the users by username, make sure that you remove any wildcards (*) for usernames in the setup before upgrading.
- Make sure that the env variable
GOKAPI_ADMIN_USERis set when upgrading and contains the username of the super admin (must be the same as passed in the header)
Upgrading when using no authentication:
- If you are restricting access with a proxy, make sure that you block the following urls:
- /admin
- /apiKeys
- /changePassword
- /e2eInfo
- /e2eSetup
- /logs
- /uploadChunk
- /uploadStatus
- /users
Breaking changes
Since v1.9 there have been a lot of changes to the API, please take note if you are using the API:
- A valid API key is now always required, API authentication by session is not possible anymore
/chunk/completeand/files/duplicatenow expect the parameters as header, instead of encoded url form- Parameter
apiKeyToModifyhas been renamed totargetKeyfor/auth/modify,/auth/deleteand/auth/friendlyname - If a user, api key or file is not found, but a plausible ID was submitted, error 404 instead of 400 is returned now
- Before v2.0, if a boolean parameter was required, it was always false if anything else then "true" was sent, now it raises an error if any other value than 1, t, true, 0, f, or false is supplied
- Some API calls might be restricted by user permissions now, consult the API documentation for more information
- API keys now have a public ID as well, which can also be used for
/auth/modify,/auth/deleteand/auth/friendlynameastargetKeyinstead of the private ID - When uploading a file through the API, defaults of 14 days, max 1 download and no password will be used, unless the respective parameters were passed. In v1.9, the previous values were used.
v1.9.6
Changelog
- Add API call and GUI option to replace content of files (can be disabled with the env variable
GOKAPI_DISABLE_REPLACE) #128 - Display error if encrypted download fails due to invalid SSL or CORS
- Better error handling for AWS setup check
- Fixed upload defaults being deleted when resetting e2e key
- Update download count in real time #206
- Fixed race condition that could lead to crash
- Change download count atomically to prevent race condition
- Renamed "Access Restriction" to indicate that authentication is disababled
- Make upload non blocking (#224), to prevent timouts after uploading large files
- Added API call
/files/list/{id} - Better handling for E2E errors
- Other minor changes
Breaking Changes
- API: API now returns 404 on invalid file IDs
Full Changelog: v1.9.5...v1.9.6
v1.9.5
1.9.5
Changelog
1.9.3
Changelog
- Fixed editing of API permissions or existing files not working, when using external authentication #210
- Fixed not showing an error message if file is larger than allowed file size #213
- Upload defaults are now saved locally instead of server-side #196
- Internal API key is now used for all API actions on the GUI
- Added API endpoint
/auth/deleteto delete API key - Added parameter in
/auth/createto include basic permissions - Added warning in docker container, if data or config volume are not mounted
- Minor changes
Breaking Changes
- API: Session authentication has been removed, an API key is now required
- API: When not adding a parameter for maximum downloads or expiry, the default values of 1 download or 14 days are used instead of previous used values for calls
/files/addand/chunk/complete
Full Changelog: v1.9.3...v1.9.5
v1.9.3
Changelog
- Fixed editing of API permissions or existing files not working, when using external authentication #210
- Fixed not showing an error message if file is larger than allowed file size #213
- Upload defaults are now saved locally instead of server-side #196
- Internal API key is now used for all API actions on the GUI
- Added API endpoint
/auth/deleteto delete API key - Added parameter in
/auth/createto include basic permissions - Added warning in docker container, if data or config volume are not mounted
- Minor changes
Breaking Changes
- API: Session authentication has been removed, an API key is now required
- API: When not adding a parameter for maximum downloads or expiry, the default values of 1 download or 14 days are used instead of previous used values for calls
/files/addand/chunk/complete
Full Changelog: v1.9.2...v1.9.3
v1.9.2
Changelog
- Added preview meta-data, enabling preview for services like WhatsApp
- Added hotlink support for avif and apng format
- Fixed headers not set when proxying S3 storage, resulting in incorrect filename and not forcing download #199
Upgrading
- If running an older version than 1.9.2 please check the 1.9.1 changelog for upgrading and breaking changes
Full Changelog: v1.9.1...v1.9.2
v1.9.1
Changelog
- Fixed processing/uploading status not showing after upload #193
- Fixed crash when OIDC returns nil for groups #198
- Fixed crash after running setup and changing encryption #197
- Changed versioning of css/js files to prevent caching of old versions #195
- Other minor changes
Breaking changes
If you are using a custom theme, make sure that you change the CSS and JS filenames. Instead of e.g. main.min.css, the files are versioned now to include the version number in the filename, in this example the filename would be main.min.5.css
Upgrading
- If running an older version than 1.9.0, please check the 1.9.0 changelog for upgrading and breaking changes
Full Changelog: v1.9.0...v1.9.1
v1.9.0
Changelog
- Fixed upload speeds being very low in some cases #162
- Fixed Docker image having the incorrect timezone #169
- Added Redis support. If you want to use Redis instead of SQLite, re-run the setup to change your database type. Refer to the documentation on how to migrate your data to a different database
- Database location can now be changed with the setup
- Fixed QR code not having decryption key when end-to-end encryption was enabled
- Added option to display filenames in URL #171
- Added makefile for development
- Replaced SSE library with more efficient code
- Fixed
go generatenot working on Windows, thanks @Kwonunn - Gokapi version number will not be displayed on public pages anymore
- Added
windows/arm64target
Breaking Changes
- API: The output for the schema
Filehas changed. The base URL was removed and now the complete URL for to download or hotlink the file is added. The additional keyIncludeFilenameindicates if the URLs contain the filename. - Configuration: Env variable
GOKAPI_DB_NAMEdeprecated. On first start the database location will be saved as an URL string to the configuration file. For automatic deploymentGOKAPI_DATABASE_URLcan also be used
Upgrading
- Configuration file needs to be writable
- If running an older version than 1.8.0, please upgrade to 1.8.4 first and check the 1.8.0 changelog for upgrading and breaking changes
Full Changelog: v1.8.4...v1.9.0
Contributors
Kwonunn
Assets 10
v1.8.4
Changelog
- Gokapi runs as root in Docker container by default (this was changed in 1.8.3). To run it as unprivileged user, set environment variable
DOCKER_NONROOTto true. - Removed logging of errors when a user unexpectedly closed download or upload connection
Upgrading
- You might need to change permissions on the docker volumes, if you want the content to be readable by the host user. (Only applicable if you were running 1.8.3 before)
- Important: If you have used the old Keycloak example for configuration, please make sure that it is configure properly, as with the old example unauthorised access might have been possible! Documentation: Creating scopes for groups
If you are running a version <1.8.0, please see the 1.8.0 changelog for upgrading and breaking changes
Full Changelog: v1.8.3...v1.8.4
v1.8.3
Changelog
- Fixed Keycloak documentation. Important: If you have used the old example for configuration, please make sure that it is configure properly, as with the old example unauthorised access might have been possible! Documentation: Creating scopes for groups
- The binary will no longer be run as root in the Docker image. Breaking change: If you want to reconfigure Gokapi, the argument to pass to Docker is now a different one: Documentation
- If salts are empty, new ones will now be generated on startup. This is to aid automatic deployment
- A new admin password can be set with
--deployment-password newPassword, but this should only be used for automatic deployment - Env variable
GOKAPI_LOG_STDOUTadded, which also outputs all log entries to the terminal - Display error message, if a reverse proxy does not allow file upload, or has been set to accept a too low file size
- Added header, so that nginx does not cache SSE
- Cloud storage file downloads can now be proxied through Gokapi, e.g. if the storage server is on an internal network
- Fixed a bug, where the option "Always save images locally" reverted back to default when re-running setup
- Updated documentation
Upgrading
If you are running a version <1.8.0, please see the 1.8.0 changelog for upgrading and breaking changes
Full Changelog: v1.8.2...v1.8.3
v1.8.2
Changelog
- Fixed that trailing slash was removed from OIDC provider URL: Thanks @JeroenoBoy
- S3 credentials are not shown in setup anymore, if they are provided through environment variables
- Added parameter to install Gokapi as a systemd service: Thanks @masoncfrancis
- Fixed typos: Thanks @Phaeton
- Updated Go version to 1.22
Upgrading
If you are running a version <1.8.0, please see the 1.8.0 changelog for upgrading and breaking changes
Full Changelog: v1.8.1...v1.8.2
Contributors
Phaeton, masoncfrancis, and JeroenoBoy