Releases: k-krew/triplec
Releases · k-krew/triplec
Release list
v1.0.0
Changelog
- acbaf7b Defined the YAML configuration structure for all three operational modes
- 4c5f9ae Initial commit
- c2f81dc bugfix: Client mode now correctly executes pre-hooks before writing updated certificates to disk
- d1a0d94 bugfix: Fixed IPv6-only binding for embedded DNS, cleaned up solver logs, and fixed graceful shutdown during ACME operations
- 10c5046 bugfix: Fixed Let's Encrypt validation failures caused by case-sensitive DNS lookups (DNS 0x20 encoding)
- aec851a bugfix: Fixed an issue where the updater failed to find existing certificates
- 3435a72 bugfix: Fixed client polling for wildcard certificates
- 54b79a6 bugfix: Fixed execution of pre/post hooks containing spaces and quotes by routing them through the shell
- baf2069 bugfix: Fixed potential deadlocks in hook execution, race conditions in file writes, and centralized configuration defaults
- 81feb20 bugfix: Refactored DNS propagation logic to only apply local bypasses to the embedded provider
- 6bf77b8 eat: Added randomized jitter to client polling intervals to prevent server spikes
- e8b8113 eat: Clients can now fetch certificates securely via the REST API
- 56791ad feat: Added strict configuration validation and API rate limiting for improved stability
- 0dc4173 feat: Added support for zero-downtime configuration reloads via SIGHUP and a
-tflag to test configuration validity - 6e75373 feat: Automated renewal loop implemented using config-driven intervals and per-certificate expiration thresholds
- 56b6d74 feat: Basic HTTP server structure with Bearer token authentication
- eb6cafc feat: Certificates are safely saved to disk and can trigger post-renewal bash hooks
- 8c4256e feat: Client can poll the TripleC server for certificate updates using configured intervals, with support for self-signed server certificates
- 132fd9e feat: Client correctly skips updates when local certificates are already current using byte comparison
- 5bd31ef feat: Client mode is fully functional for air-gapped deployments
- 61900f0 feat: Core ACME account registration and key management implemented
- 92984a9 feat: Embedded DNS server implemented as primary challenge provider, alongside Cloudflare support
- b5c412c feat: Improved server observability with HTTP request logging and structured JSON error responses
- b694bab feat: Server mode is fully functional
- 5f6523f feat: Server supports explicit TLS configuration for the REST API
- f3d2cfa feat: Standalone mode is fully functional for local certificate management
- 4566d22 feat: Structured logging implemented via slog, supporting text and JSON formats
- 97cd675 mv repo from kreicer to k-krew
- 75b6d46 perf: Server now serves certificates from an in-memory cache, eliminating disk I/O on every API request
- e9d45bc polish: Sanitized wildcard domains
- 8f37886 refactor: Grouped provider name and options into a single nested object
- 6340ac8 refactor: Improved logging clarity by moving lego noise to debug level
- f447f0d security: Hardened embedded DNS server against UDP flood