5 releases 27 tags

RSS feed

• v0.9.0.2 60742c000f

  Compare

  v0.9.0.2 Stable

  kerem released this 2026-02-27 23:36:26 +03:00 | 161 commits to main since this release

  📅 Originally published on GitHub: Fri, 27 Feb 2026 20:36:49 GMT
  🏷️ Git tag created: Fri, 27 Feb 2026 20:36:26 GMT

  Bugfix Release

  Fixes several issues introduced by the IPv6 dual-stack PR and the v0.9.0.1 security update.

  🔍 Quality Note
  Like v0.9.0.1, this bugfix release was developed with AI-assisted code analysis (Claude, ChatGPT, Gemini) to identify regressions introduced by the IPv6 dual-stack and security hardening changes. All fixes were manually reviewed and tested against a multi-node cluster before release. We're a small team of 3 – AI tooling helps us move fast, but we take responsibility for every line that ships. If you find issues, please report them via GitHub Issues or our security contact.

  Fixes

  • VNC/SSH WebSocket servers not starting after update (port cleanup, error handling, gevent asyncio fallback)
  • IPv6 dual-stack breaking VNC, SSH and IP whitelist matching (::ffff: prefix normalization)
  • SMBIOS autoconfig deploy failing on nodes without /opt directory or SFTP server (fallback to exec_command)
  • SMBIOS autoconfig settings not persisted to database across restarts
  • Login blocked by force_password_change flag on default admin account
  • Session lost after page refresh (session_id restored in auth_check response)
  • X-Forwarded-For not trusted from IPv6-mapped loopback addresses
  • Datacenter status timeout increased from 5s to 10s for remote clusters

  Files Changed

  pegaprox/api/auth.py pegaprox/api/nodes.py pegaprox/api/settings.py pegaprox/api/vms.py pegaprox/app.py pegaprox/constants.py pegaprox/core/db.py pegaprox/models/tasks.py pegaprox/utils/audit.py web/index.html

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.9.0.1 05848925ed

  Compare

  v0.9.0.1 Stable

  kerem released this 2026-02-27 21:13:00 +03:00 | 164 commits to main since this release

  📅 Originally published on GitHub: Fri, 27 Feb 2026 18:15:54 GMT
  🏷️ Git tag created: Fri, 27 Feb 2026 18:13:00 GMT

  🛡️ Security Hardening Release

  Security audit recommendations implemented from Claude, ChatGPT and Gemini.

  Bug Fixes

  • Fixed SSH WebSocket authentication bypass on connection errors
  • Fixed session ID leaking in auth check API response
  • Fixed stale build date shown on login page and about dialog
  • Fixed OIDC nonce not being validated on callback
  • Fixed OIDC token expiry not being checked
  • Fixed force_password_change flag never being enforced on login
  • Fixed default admin account not requiring password change on first login
  • Fixed X-Forwarded-For header spoofable from non-proxy clients
  • Fixed Content-Disposition header injection in PBS file downloads
  • Fixed ESXi migration command injection via unsanitized user/host inputs
  • Fixed sshpass -p exposing password in /proc (now uses env var)
  • Fixed encryption silently falling back to plaintext storage
  • Fixed LDAP TLS certificate verification defaulting to disabled
  • Fixed missing cluster access checks on 65+ API endpoints
  • Fixed missing VM-level ACL check on backup delete and bulk snapshot delete
  • Fixed datacenter options endpoint accepting arbitrary fields (mass assignment)

  Improvements

  • Added safe_error() helper to prevent internal error details leaking to clients
  • Added SHA256 integrity verification for update archives
  • Replaced paramiko AutoAddPolicy with WarningPolicy across all SSH connections
  • Version bump to 0.9.0.1 (Build 2026.02.27)

  Full Changelog: https://github.com/PegaProx/project-pegaprox/compare/v0.9.0...v0.9.0.1

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.9.0 7658a10315

  Compare

  v0.9.0 Stable

  kerem released this 2026-02-27 11:56:26 +03:00 | 167 commits to main since this release

  📅 Originally published on GitHub: Fri, 27 Feb 2026 08:58:48 GMT
  🏷️ Git tag created: Fri, 27 Feb 2026 08:56:26 GMT

  🤖 Development Note
  This major refactoring was made possible by a combination of community contributions, development and AI-assisted development. The architecture restructuring and new module scaffolding involved AI pair-programming. Several key fixes and features were contributed by community members (see Contributors below). All code – whether AI-generated, community-contributed, or written in-house – was reviewed by our core team before merge. Due to the scope of changes, some issues were identified post-release and addressed in v0.9.0.1 and v0.9.0.2. We apologize for any issues this caused and appreciate the patience and feedback from our community.

  🏗️ Architecture Overhaul

  This is a major release – PegaProx has been completely restructured from a single 42,000-line monolith into a clean, modular Python package.

  • Code Split – pegaprox/ package with 8-layer architecture (constants → models → core → utils → api → background → app)
  • Frontend Split – Source files in web/src/*.js with dedicated build system
  • Archive-Based Updates – Automatic updates via GitHub archive download (no manual release files needed)
  • Production Dockerfile – python:3.12-slim, non-root user, healthcheck, persistent volumes

  🔀 ESXi Migration

  • ESXi Import Wizard – Migrate VMs from ESXi hosts directly to Proxmox
  • Near-Zero Downtime – Transfer running VMs with minimal interruption (recommended: max. 1 VM at a time)
  • Offline Migration – Shut down and transfer for maximum reliability
  • SSH Required – ESXi host must have SSH enabled for migration

  📸 Efficient LVM Snapshots

  • Space-Efficient Snapshots – LVM COW snapshots for shared iSCSI SAN storage (saves 85–95% disk space)
  • Health Monitoring – Auto-extend at 90%, auto-invalidate at 100% (only snapshot lost, never VM data)
  • Full CRUD – Create, list, delete, and rollback efficient snapshots via API and UI

  💿 Ceph Management

  • Ceph Dashboard – Monitor and manage Ceph storage pools, OSDs, and monitors
  • Pool Management – Create, resize, and configure Ceph pools

  ⚖️ Cross-Cluster Operations

  • Cross-Cluster Load Balancing – Distribute workloads across multiple clusters
  • Cross-Cluster Replication – Replicate VMs between clusters

  🏢 Corporate Layout (Experimental)

  • Tree-Based Sidebar – Inventory tree with inline nodes under selected cluster
  • Dense Tables – Compact table layout inspired by enterprise management tools
  • Toggle – Switch between Modern and Corporate layout in Profile → Appearance

  🐛 Bug Fixes

  • VM Deletion – Sanitize boot order before delete, wait for Proxmox task completion (#79)
  • Scheduler Crash – get_client_ip() now handles missing Flask request context in background threads (#87)
  • SSH Key Compatibility – Safe fallback for paramiko.DSSKey removal in paramiko 3.x+, added ECDSA support to all SSH paths
  • CORS Crash – Fixed flask_cors crash when origins=None with supports_credentials=True
  • Stale Closures – Fixed React state updates using functional updaters in tab data loading

  ⚡ Improvements

  • Affinity Rules – Now work for LXC containers too, with enforcement flag
  • PBS Integration – Proxmox Backup Server management
  • Update Script – rsync → tar fallback for minimal Debian/LXC installs without rsync
  • ESXi Rename – All user-facing "VMware" text changed to "ESXi" for legal compliance

  📋 Updating

  cd /opt/PegaProx
  curl -O https://raw.githubusercontent.com/PegaProx/project-pegaprox/refs/heads/main/update.sh
  chmod +x update.sh
  sudo ./update.sh
  

  Or use the built-in Web UI updater: Settings → Updates → Check for Updates

  🙏 Contributors

  Thanks to all community contributors for bug reports, PRs, and feedback!

  • @ry-ops – SSH null fallback, disk move, VNC console, deploy script, update permissions, search navigation fixes
  • @zakirpcs – RPM packaging support

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.6.6 7712c867a5

  Compare

  v0.6.6 Stable

  kerem released this 2026-02-15 18:55:23 +03:00 | 190 commits to main since this release

  📅 Originally published on GitHub: Sun, 15 Feb 2026 15:56:51 GMT
  🏷️ Git tag created: Sun, 15 Feb 2026 15:55:23 GMT

  🚀 What's New

  🌐 Network Resilience

  • Auto-Reconnect – Automatic recovery after ifreload or network changes with ticket refresh (90min cycle)
  • Stale Connection Detection – Auto-recovers after 10 consecutive empty API responses

  🔐 Authentication

  • LDAP & OIDC Support – Connect your existing identity provider
  • Microsoft 365 GCC High & DoD – Sovereign endpoint support for Entra ID OIDC
  • Force 2FA – Option to require two-factor authentication for users

  🔧 Cluster Operations

  • Node Join – Auto-updates fallback hosts and HA state via background thread
  • Node Remove – Uses pre-resolved IP for cleanup, updates HA state and fallback hosts

  ⚡ Improvements

  • Load balancing logic reworked for better handling of multiple nodes and VMs

  🙏 Contributors

  • Thanks to Alexandre Derumier (@aderumier) for performance chart styling!

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads
• v0.6.5 edaa8169a1

  Compare

  v0.6.5 Stable

  kerem released this 2026-02-08 20:06:04 +03:00 | 194 commits to main since this release

  📅 Originally published on GitHub: Sun, 08 Feb 2026 17:13:24 GMT
  🏷️ Git tag created: Sun, 08 Feb 2026 17:06:04 GMT

  ⚠️ Important Notice: Due to high demand, PegaProx releases will now be weekly as we work through the support backlog. Thank you for your patience!

  🚀 What's New

  🌐 SDN (Software Defined Networking) (GitHub Issue #38)

  • Full SDN Management – View and manage zones, vnets, subnets, controllers, IPAM, and DNS

  🔧 Cluster Node Operations

  • Remove Node from Cluster – Runs pvecm delnode with automatic cleanup of stale config via SSH
  • Move Node to another Cluster – Automated 3-step flow: remove → cleanup → force join to target
  • SSH Multipath Detection – Credential fallbacks for reliable cluster operations
  • Node IP Resolution – Uses vmbr0 bridge interface instead of hostname/DNS (more reliable in multi-network setups)

  💾 Storage

  • iSCSI Multipath Setup – Easy Setup wizard now supports Multipath configuration
  • Storage Rescan – Trigger storage refresh directly from UI

  🛠️ Administration

  • API Token Management – Create, list, and revoke Bearer tokens for scripts, CI/CD & monitoring
  • Support Bundle – Generate diagnostic bundles for troubleshooting
  • Taskbar Auto-Expand – Can now be disabled under "My Profile"

  🐛 Fixes

  • Fixed SSE/Taskbar oscillation bug in "All Clusters" view causing excessive re-renders
  • Fixed Node IP resolution now happens BEFORE pvecm delnode to prevent cleanup on wrong node
  • Fixed Taskbar expand icon changed from ChevronUp to ChevronDown (thanks @gyptazy)
  • Fixed Github Issue #40, #39, #38, #33, #32 , #31, #28

  ⚡ Improvements

  • Node removal buttons relocated from maintenance-start to maintenance-completed section (logical flow)
  • Offline node check changed from blocker to warning (pvecm delnode runs on remaining online node)
  • Force Join checkbox always visible with auto-check when old config detected
  • Cleanup scripts use killall -9 for reliable pmxcfs termination

  Downloads

  • Source code (ZIP)
    0 downloads
  • Source code (TAR.GZ)
    0 downloads