diff --git a/changelog/unreleased/issue-119 b/changelog/unreleased/issue-119 index 8d9710a..c9f7f43 100644 --- a/changelog/unreleased/issue-119 +++ b/changelog/unreleased/issue-119 @@ -1,8 +1,9 @@ -Bugfix: Fix Docker configuration for DISABLE_AUTHENTICATION +Bugfix: Fix Docker configuration for `DISABLE_AUTHENTICATION` -A regression was introduced which caused the DISABLE_AUTHENTICATION environment -variable to stop working in Docker configurations. This has been fix by -automatically setting the option `--no-auth` to disable authentication. +rest-server 0.10.0 introduced a regression which caused the +`DISABLE_AUTHENTICATION` environment variable to stop working for the Docker +container. This has been fixed by automatically setting the option `--no-auth` +to disable authentication. https://github.com/restic/rest-server/issues/119 https://github.com/restic/rest-server/pull/124 diff --git a/changelog/unreleased/issue-131 b/changelog/unreleased/issue-131 index fffe7f8..c12a2c3 100644 --- a/changelog/unreleased/issue-131 +++ b/changelog/unreleased/issue-131 @@ -14,4 +14,3 @@ curl -v -X DELETE -u foo/config:attack http://localhost:8000/foo/config https://github.com/restic/rest-server/issues/131 https://github.com/restic/rest-server/pull/132 https://github.com/restic/rest-server/pull/137 - diff --git a/changelog/unreleased/issue-146 b/changelog/unreleased/issue-146 index 3ee8c63..6dda016 100644 --- a/changelog/unreleased/issue-146 +++ b/changelog/unreleased/issue-146 @@ -1,8 +1,9 @@ Change: Build rest-server at docker container build time -Add a build stage such that the latest rest-server is always built and packaged. -This is done in a standard golang container to ensure a clean build environment -and only the final binary is shipped rather than the whole build environment. +The Dockerfile now includes a build stage such that the latest rest-server is +always built and packaged. This is done in a standard golang container to +ensure a clean build environment and only the final binary is shipped rather +than the whole build environment. https://github.com/restic/rest-server/issues/146 https://github.com/restic/rest-server/pull/145 diff --git a/changelog/unreleased/issue-148 b/changelog/unreleased/issue-148 index 9983ba1..04465dd 100644 --- a/changelog/unreleased/issue-148 +++ b/changelog/unreleased/issue-148 @@ -1,8 +1,8 @@ Enhancement: Expand use of security features in example systemd unit file -Additional systemd features have been used which may mitigate potential -security vulnerabilities in rest-server and the various packages and operating -system components which it relies upon. +The example systemd unit file now enables additional systemd features to +mitigate potential security vulnerabilities in rest-server and the various +packages and operating system components which it relies upon. https://github.com/restic/rest-server/issues/148 https://github.com/restic/rest-server/pull/149 diff --git a/changelog/unreleased/pull-112 b/changelog/unreleased/pull-112 index 3fc4089..63a8710 100644 --- a/changelog/unreleased/pull-112 +++ b/changelog/unreleased/pull-112 @@ -1,22 +1,20 @@ -Change: refactor handlers, add subrepo support +Change: Add subrepo support and refactor server code + +Support for multi-level repositories has been added, so now each user can have +its own subrepositories. This feature is always enabled. + +Authentication for the Prometheus /metrics endpoint can now be disabled with the +new `--prometheus-no-auth` flag. We have split out all HTTP handling to a separate `repo` subpackage to cleanly -separate the server code from the code that handles a single repository. +separate the server code from the code that handles a single repository. The new +RepoHandler also makes it easier to reuse rest-server as a Go component in +any other HTTP server. The refactoring makes the code significantly easier to follow and understand, which in turn makes it easier to add new features, audit for security and debug issues. -The new RepoHandler also makes it easier to reuse rest-server as a Go component in -any other HTTP server. - -As part of the refactoring, support for multi-level repositories has been added, so -now each user can have its own subrepositories. This feature is always enabled. - -Authentication for the Prometheus /metrics endpoint can now be disabled with the -new `--prometheus-no-auth` flag. - https://github.com/restic/restic/pull/112 https://github.com/restic/restic/issues/109 https://github.com/restic/restic/issues/107 - diff --git a/changelog/unreleased/pull-142 b/changelog/unreleased/pull-142 index af8e76c..daee978 100644 --- a/changelog/unreleased/pull-142 +++ b/changelog/unreleased/pull-142 @@ -1,14 +1,16 @@ Bugfix: Fix possible data loss due to interrupted network connections When rest-server was run without `--append-only` it was possible to lose uploaded -files in a specific scenario in which a network connection was interrupted. For the -data loss to occur a file upload by restic would have to be interrupted such that -restic notices the interrupted network connection before the rest-server. Then -restic would have to retry the file upload and finish it before the rest-server -notices that the initial upload has failed. Then the uploaded file would be -accidentally removed by rest-server when trying to cleanup the failed upload. +files in a specific scenario in which a network connection was interrupted. + +For the data loss to occur a file upload by restic would have to be interrupted +such that restic notices the interrupted network connection before the +rest-server. Then restic would have to retry the file upload and finish it +before the rest-server notices that the initial upload has failed. Then the +uploaded file would be accidentally removed by rest-server when trying to +cleanup the failed upload. This has been fixed by always uploading to a temporary file first which is moved -in position only once it was transfered completely. +in position only once it was uploaded completely. https://github.com/restic/rest-server/pull/142 diff --git a/changelog/unreleased/pull-158 b/changelog/unreleased/pull-158 index bedb698..fb50cd9 100644 --- a/changelog/unreleased/pull-158 +++ b/changelog/unreleased/pull-158 @@ -1,7 +1,7 @@ -Bugfix: Use platform-specific temporary directory in default path +Bugfix: Use platform-specific temporary directory as default data directory -Instead of using hardcoded value for temporary directory, rest-server now uses -Go standard library functions to retrieve the temporary directory path for the +If no data directory is specificed, then rest-server now uses the Go standard +library functions to retrieve the standard temporary directory path for the current platform. https://github.com/restic/rest-server/issues/157 diff --git a/changelog/unreleased/pull-160 b/changelog/unreleased/pull-160 index cc413f6..da24082 100644 --- a/changelog/unreleased/pull-160 +++ b/changelog/unreleased/pull-160 @@ -1,13 +1,13 @@ Bugfix: Reply "insufficient storage" on disk full or over-quota -When there was no space left on disk, or any other write-related error, -rest-server was replying with HTTP status code 400 (Bad request). This is -misleading (restic client will dump the status code to the user). +When there was no space left on disk, or any other write-related error +occurred, rest-server replied with HTTP status code 400 (Bad request). +This is misleading (restic client will dump the status code to the user). -This has been fixed changing the behaviour so two different statuses are used: +rest-server now replies with two different status codes in these situations: * HTTP 507 "Insufficient storage" is the status on disk full or repository over-quota -* HTTP 500 "Internal server error" on other disk-related errors +* HTTP 500 "Internal server error" is used for other disk-related errors https://github.com/restic/rest-server/issues/155 -https://github.com/restic/rest-server/pull/160 \ No newline at end of file +https://github.com/restic/rest-server/pull/160