Read the 1.19 Announcement

Read the full announcement with discussion of new features: Pangolin 1.19: Browser Remote Access — SSH, RDP, VNC & More

What's Changed

Refer to the original 1.19 notes for a complete list of what changed since 1.18.

• Fix mode missing in possible migration edge case
• Fix SSH public resource not working with roles other than admin
• Fix SSH public resource not respecting ssh action restriction on roles
• Fix missing translations
• Fix private SSH resource edge case with missing host
• Fix blueprint server side error with bad containers

How to Update

View documentation

Read the 1.19 Announcement

Read the full announcement with discussion of new features: Pangolin 1.19: Browser Remote Access — SSH, RDP, VNC & More

What's Changed

• Add resource policies for public resources
• Add browser based RDP access via public resources (requires newt >1.13.0)
• Add browser based VNC access via public resources (requires newt >1.13.0)
• Add browser based SSH access via public resources (requires newt >1.13.0)
• Add native Pangolin SSH mode (for private and public resources) that does not require configuring OpenSSH server and PAM (requires newt >1.13.0)
• Add auto update Newt option for all sites in the org or specific sites (requires newt >1.13.0)
• Add searchable and filterable custom labels on sites and resources
• Add share link post authentication redirect path
• Add pangctl command to make more than one user server admin
• Add PostgreSQL and Redis install options in the installer
• Fix public resource showing as degraded when WireGuard targets were added alongside healthy Newt targets
• Fix custom branding logo URL not accepting links
• Fix pasting the device code not accepting paste
• Fix enforce absolute paths in sudo commands
• Fix refresh end time on logs tables
• Fix accept partially valid Docker labels instead of rejecting all
• Fix restarting container on RC version causing migration errors
• Fix cross site target assignment
• Improve OpenAPI response payloads
• Improve SSH configuration on private resources
• Improve sort resource filter options in audit logs
• Improve performance in certain hot paths
• Improve clients get error when holepunching fails instead of getting stuck registering
• Improve speed of API endpoints with thousands of sites and users
• Improve add loading icons on all logs tables
• Improve auto create roles added in Blueprints
• Dependency security updates
• General UI improvements
• Various other bug fixes

How to Update

View documentation

Read the 1.19 Announcement

Read the full announcement with discussion of new features: Pangolin 1.19: Browser Remote Access — SSH, RDP, VNC & More

What's Changed

Refer to the original 1.19 notes for a complete list of what changed since 1.18.

• Fix migration issue when there are no public resources

How to Update

View documentation

RC

A Release Candidate (RC) is a near-final software version, stable but undergoing last tests before official release. It has all features and no known bugs.

• Users: Use cautiously due to potential undiscovered bugs. Not for critical systems unless prepared for issues. Report bugs.
• Developers/Testers: Perform crucial final validation and thorough testing, especially of recent changes, to catch last-minute major issues.
• Backup: Always back up data before installing an RC to allow rollback if problems arise.
• Feedback: Provide feedback; it's vital for a robust final release. Use the dicsussion to report issues.

NOTE: Keep a backup of the last stable database as you will be unable to update from a RC to the next stable version. Database migrations may change between release candidates and stable versions.

What's Changed

• Fix 404 on http public resources

How to Update

View documentation

RC

A Release Candidate (RC) is a near-final software version, stable but undergoing last tests before official release. It has all features and no known bugs.

• Users: Use cautiously due to potential undiscovered bugs. Not for critical systems unless prepared for issues. Report bugs.
• Developers/Testers: Perform crucial final validation and thorough testing, especially of recent changes, to catch last-minute major issues.
• Backup: Always back up data before installing an RC to allow rollback if problems arise.
• Feedback: Provide feedback; it's vital for a robust final release. Use the dicsussion to report issues.

NOTE: Keep a backup of the last stable database as you will be unable to update from a RC to the next stable version. Database migrations may change between release candidates and stable versions.

What's Changed

• Add resource policies for public resources
• Add browser based RDP access via public resources (requires newt >1.13.0-rc.0)
• Add browser based VNC access via public resources (requires newt >1.13.0-rc.0)
• Add browser based SSH access via public resources (requires newt >1.13.0-rc.0)
• Add native Pangolin SSH mode (for private and public resources) that does not require configuring OpenSSH server and PAM (requires newt >1.13.0-rc.0)
• Add auto update Newt option for all sites in the org or specific sites (requires newt >1.13.0-rc.0)
• Add searchable and filterable custom labels on sites and resources
• Add share link post authentication redirect path
• Add pangctl command to make more than one user server admin
• Add PostgreSQL and Redis install options in the installer
• Fix public resource showing as degraded when WireGuard targets were added alongside healthy Newt targets
• Fix custom branding logo URL not accepting links
• Fix pasting the device code not accepting paste
• Fix enforce absolute paths in sudo commands
• Fix refresh end time on logs tables
• Fix accept partially valid Docker labels instead of rejecting all
• Fix restarting container on RC version causing migration errors
• Fix cross site target assignment
• Improve OpenAPI response payloads
• Improve SSH configuration on private resources
• Improve sort resource filter options in audit logs
• Improve performance in certain hot paths
• Improve clients get error when holepunching fails instead of getting stuck registering
• Improve speed of API endpoints with thousands of sites and users
• Improve add loading icons on all logs tables
• Improve auto create roles added in Blueprints
• Dependency security updates
• General UI improvements
• Various other bug fixes

How to Update

View documentation

Read the 1.18 Announcement

Read the full announcement with discussion of new features: Pangolin 1.18 - HTTPS Private Resources, Multi-Site Routing, and Alerting

What's Changed

• Add allow editing self and owner user roles
• Add s3 log streaming endpoint
• Add client endpoint to network log
• Add streaming errors for debug
• Improve show when a domain is config managed
• Improve refer to SSL as TLS by @AstralDestiny
• Fix email not prefiling in invite
• Fix confirm delete of share links
• Fix pick the most specific domain in blueprints
• Fix not including today in status history graph
• Fix pick up other domains in the sans field
• Fix dont show link when wildcard

Full Changelog: 1.18.3...1.18.4

How to Update

For Pangolin Enterprise: the server now scrapes in the certificates from Treafik's acme.json file. On default installs, this should work out of the box importing from config/letsencrypt/acme.json which is mounted into the container. If your Traefik acme.json file is not mounted into this default location update the config in privateConfig.yml

View documentation

Read the 1.18 Announcement

Read the full announcement with discussion of new features: Pangolin 1.18 - HTTPS Private Resources, Multi-Site Routing, and Alerting

What's Changed

• Add pagination to user and role dropdown to handle many users and roles
• Add link to http private resources on the member page
• Add translations to the member page
• Add clear certificates pangctl command
• Add flattened data fields from the {{data}} object in alert webhooks
• Add ENABLE_SQLITE_WAL_MODE env var to enable WAL mode for sqlite
• Fix mismatched resource health status with preexisting health check status
• Fix preexisting health checks may not have a name
• Fix midnight time of day issue with status history display
• Fix overlap alias addresses when creating more than one private resource in blueprints
• Fix memory leak issue with sqlite and drizzle
• Fix finding all json files when a directory is passed to acme_json_path
• Fix make sure the domain is defined on a http resource when creating it
• Fix alerting features and provisioning showing when disable_enterprise_features is set
• Fix exclude local/private/CGNAT IPs from COUNTRY=ALL and ASN=ALL/AS0 geo-blocking rules
• Small UI improvements
• Small speed increases in a couple of places

New Contributors

• @Blacks-Army made their first contribution in #2843
• @Josh-Voyles made their first contribution in #2998

Full Changelog: 1.18.2...1.18.3

How to Update

For Pangolin Enterprise: the server now scrapes in the certificates from Treafik's acme.json file. On default installs, this should work out of the box importing from config/letsencrypt/acme.json which is mounted into the container. If your Traefik acme.json file is not mounted into this default location update the config in privateConfig.yml

View documentation

Read the 1.18 Announcement

Read the full announcement with discussion of new features: Pangolin 1.18 - HTTPS Private Resources, Multi-Site Routing, and Alerting

What's Changed

• Fix status history and status of resources not updating in CE
• Add support for customizing webhook body for alerts
• Support scraping multiple acme json files if directory provided in acme_json_path
• Support scraping in certificates from a HTTP endpoint using acme_http_endpoint
• Various other bug fixes and improvements

Full Changelog: 1.18.1...1.18.2

How to Update

For Pangolin Enterprise: the server now scrapes in the certificates from Treafik's acme.json file. On default installs, this should work out of the box importing from config/letsencrypt/acme.json which is mounted into the container. If your Traefik acme.json file is not mounted into this default location update the config in privateConfig.yml

View documentation

Read the 1.18 Announcement

Read the full announcement with discussion of new features: Pangolin 1.18 - HTTPS Private Resources, Multi-Site Routing, and Alerting

What's Changed

• Add cert status in public resources table
• Add cert status in private resources table
• Fix handle backward compatible siteId in site-resource API calls
• Fix handle sans in the acme.json
• Fix cert status failed when no EE license is present
• Fix migration to handle possible not null for TCP, UDP, and ICMP
• Fix broken underlined font rendering in FireFox browsers
• Fix migration to calculate actual resource status
• Fix health check input to only allow Newt sites
• Fix don't show site online status for local sites
• Fix scrape certs from ALL resolvers
• Other small visual fixes and improvements

Full Changelog: 1.18.0...1.18.1

How to Update

For Pangolin Enterprise: the server now scrapes in the certificates from Treafik's acme.json file. On default installs, this should work out of the box importing from config/letsencrypt/acme.json which is mounted into the container. If your Traefik acme.json file is not mounted into this default location update the config in privateConfig.yml

View documentation

Read the Announcement

Read the full announcement with discussion of new features: Pangolin 1.18 - HTTPS Private Resources, Multi-Site Routing, and Alerting

What's Changed

• Add HTTPS reverse proxy support for private resources
• Add high-availability and latency-based routing to private resources by defining more than one routing site
• Add uptime tracking to sites and resources
• Add arbitrary health checking (HTTP, TCP) that isn’t linked to a resource
• Add alert rules to automate notifications (emails, webhooks, and other integrations) for site, resource, and health check status
• Add support for wildcard resource *.my-resource.domain.com
• Add import and share an organization-only identity provider across more than one organization
• Add reject site to pending sites in site provisioning
• General UI improvements
• Various other bug fixes

New Contributors

• @sidd190 made their first contribution in #2873

How to Update

For Pangolin Enterprise: the server now scrapes in the certificates from Treafik's acme.json file. On default installs, this should work out of the box importing from config/letsencrypt/acme.json which is mounted into the container. If your Traefik acme.json file is not mounted into this default location update the config in privateConfig.yml

View documentation