Skip to content

@vixentael vixentael released this Apr 13, 2018 · 262 commits to stable since this release

Core:

  • MySQL databases

    • Added support for MySQL: now you can connect Acra to MySQL databases. Works with any SSL mode: require, allow, disable.
    • Tested and supported on: MySQL (#155, #140).

    Note: Prepared statements are not supported yet, but this feature is coming soon!

    Read about the new configurations on the AcraServer documentation page.

  • Keeping keys in secret

    • Added encryption for the keys' folder: private keys are now symmetrically encrypted by master_key (#143) for storage.
    • Added ability to generate public/private keys in the separate folders (#148, #142).

    Read more about the current changes in key management here.

  • Filtering requests for MySQL

    • Added firewall component named AcraCensor to handle MySQL queries.

      You can provide a list of restricted or allowed tables, columns, and exact queries to handle. AcraCensor will pass the allowed queries and return error on forbidden ones. Rules are configured and stored in yaml file. Each request is logged in real time. Moreover, all the queries and their states are logged into a separate log file. (#151, #138, #136, #132, #125, #108).

    See a detailed description of AcraCensor on the corresponding AcraCensor documentation page.

  • Web Config UI

    • Added lightweight HTTP web server for managing AcraServer's certain configuration options.

      You can update the proxy address and port, database address and port, handling of Zone mode and poison records. On saving new configuration, acraserver will gracefully restart and use these settings automatically. The access to thiw web page is restricted using basic auth. (#153, #141, #123, #111).

    See the interface screenshot and detailed instructions at Acra Config UI page.

  • Logging

    • Added support of new logging formats: plaintext, CEF, and json.

      Logging mode and verbosity level is configured for AcraServer, AcraProxy, and AcraConfigUI in the corresponding yaml files. Log messages were slightly improved, custom error codes were added (which we believe will help to understand and debug any issues) (#135, #126, #110).

    Read more about the log analysis at Logging page.

  • Tests

    • Added many new integartion tests, fixed stability and handling of more complicated use-cases (#150, #147, #137, #117, #116, #115).

Infrastructure:

  • Docker support

    • Added Docker Container for every main component: AcraServer, AcraProxy, AcraConfigUI, and key generators (AcraGenKeys and AcraGenAuth). You can find the containers in /docker folder or on the Docker Hub (#139).

    • Updated Getting started with Docker guide to make starting out with Acra even easier.

    • Added easy-to-use docker-compose files to launch Acra in different environments, including key distribution. Possible configurations are:

      • acraserver + acra_configui ;
      • connecting to PostreSQL or MySQL databases;
      • using Secure Session or SSL as transport encryption;
      • with or without acraproxy;
      • with or without zones.

      This is huge! We encourage you to try it! Check out the instructions and examples in the /docker folder. (#154, #146, #134, #133, #102).

  • Go versions

    • Updated the list of supported versions of Go. Every Acra component can now be built using Go >1.7, except acra_rollback that requires Go >1.8. No worries, you can still download Acra as a binary package anyway :)
  • OS

    • Dropped support of Debian Wheezy (no autotests, no precompiled binaries now).

Documentation:

  • Updated QuickStart documentation about launching and building Acra components.
  • Described how to setup AcraCensor and AcraConfigUI.
  • Added more details and described new options (like using TLS and connecting to MySQL databases) for AcraServer and AcraProxy.
  • Described new logging formats.
  • Updated description of Key management approach we encourage you to use.
  • Described Docker components and ready-to-use Docker Compose configurations based on the Docker Readme.
  • Updated Getting started with Docker guide.
  • Distributed the information about master key across the docs.
  • Many small improvements.
Assets 2
You can’t perform that action at this time.