tgstation-server-v4.8.2

Please refer to the README for setup instructions.

Component Versions

Core: 4.8.2
Configuration: 2.3.0
HTTP API: 8.3.0
DreamMaker API: 6.0.1 (Interop: 5.3.0)
Web Control Panel: 2.0.1
Host Watchdog: 1.1.1

Patch 2

Core

• Fixed the General:GitHubAccessToken never actually being utilized. (#1209 @Cyberboss)
• Fixed being unable to properly commit TGS updates if they were initiated from the swarm controller. (#1209 @Cyberboss)

Patch 1

Core

• Fixed servers <= 4.7.X updating with General:SetupWizardMode set to Autodetect having their setup wizards run again. (#1208 @Cyberboss)
• Fixed swarmed servers colliding ports across nodes. (#1208 @Cyberboss)

DMAPI

• Fixed incorrect documentation. (#1208 @Cyberboss)
• Prefer the interop 5.3 method of retrieving test merge timestamps instead of the legacy timeMerged. (#1208 @Cyberboss)

Update 8.X

Configuration

• The new configuration version is 2.3.0. (#1202 @AffectedArc07)
• Configuration now use the YAML format. Existing JSON config files will still be loaded with legacy support. (#1202 @AffectedArc07)

Core

• Added the WatchdogCrash event. Triggers when the DreamDaemon process exits for reasons other than a call to TgsEndProcess(). (#1200 @Cyberboss)
• Added the WorldReboot event. Triggers on calls to TgsReboot(). (#1200 @Cyberboss)
• Added the WorldPrime event. Triggers on calls to TgsInitializationComplete(). (#1200 @Cyberboss)
• Eliminated scenarios where watchdog events would go unhandled due to a previous event still being processed. (#1200 @Cyberboss)
• Releases going forward will now note pull request authors for credit. (#1196 @Cyberboss)
• Kudos to contributors who have helped with v4 in the past: @MrsTonedOne, @AffectedArc07, @alexkar598, @jamie-34254, @ZeWaka, @vuonojenmustaturska, @bobbahbrown, @Fikou, @Pyko1 (#1196 @Cyberboss)
• The service first time experience now logs if you're missing the required dotnet runtime. (#1203 @Cyberboss)
• Fixed -public always being set in DreamDaemon command lines. Sometimes twice, other times overriding the intended -invisible setting during deployments. (#1204 @Cyberboss)

DMAPI

• Added /datum/tgs_revision_information/var/timestamp which is an ISO8601 string of the revision's creation time. Pre-4.8 revisions will have this set to the 0 value. (#1199 @Cyberboss)
• The DMAPI is now versioned separately from the TGS interop APIs it provides. (#1204 @Cyberboss)
• Removed /datum/tgs_revision_information/test_merge/var/time_merged. (#1204 @Cyberboss)
• Renamed /datum/tgs_revision_information/test_merge/var/pull_request_commit to head_commit. (#1204 @Cyberboss)

HTTP API

• Added timestamp to RevisionInformation models which is an ISO8601 string of the revision's creation time. Pre-4.8 revisions will have this set to the 0 value. (#1199 @Cyberboss)
• The dmApiVersion field in the ServerInformation and CompileJob models refers to the server's interop version. (#1204 @Cyberboss)

Web Control Panel

• JS files now properly cache indefinitely. (#1197 @Cyberboss)

Update 7.X

Configuration

• The new config version is 2.2.0. (#1152)
• Added General:UserGroupLimit for limiting the total number of user groups that can be created. (#1178)
• Added the Swarm configuration section for configuring the swarm system. (#1175)
• Swarm:PrivateKey should be a secure string set identically on all swarmed servers. Setting this enables the swarm system. If this is to happen, ensure all swarm servers are set to connect to the same database. (#1175)
• Swarm:ControllerAddress should be set on all swarmed servers that are not the controller server and should be an address the controller server may be reached at. (#1175)
• Swarm:Address should be set on all swarmed servers. Should be an address the server can be reached at by other servers in the swarm. (#1175)
• Swarm:Identifier should be set uniquely on all swarmed servers. Used to identify the current server. This is also used to select which instances exist on the current machine and should not be changed post-setup. (#1175)
• This version contains a rather hefty SQL migration to support user groups. Please ensure your Database:ServerVersion configuration property is set correctly before updating. (#1164)
• Added OAuth entries sections under Security:OAuth. These sections, keyed by provider name, contain RedirectUrl, ClientId, and ClientSecret string entries. They may also contain and ServerUrl entries for some providers. Filling out these sections with the relevant OAuth app credentials enables logins from the provider. (#1152)
• Added Security:OAuthTokenExpiryMinutes which is an integer indicating the amount of minutes until an OAuth token expires. Defaults to 1 day (1440). (#1152)

Core

• Added the swarm system. This allows a group of TGS servers to use the same database while maintaining separated instances. As a result, credentials that work on one server will work on any in the swarm. The swarm system only works if all servers are running the same TGS version. If an update is requested for one server in the swarm, all servers will be updated. (#1175)
• If a server has existing instances it should not join or leave a server swarm or it will lose access to these instances. Please see the migration guide in the documentation. (#1175)
• When resetting the admin user's password, it will now be removed from its UserGroup if it belonged to one. (#1164)
• Fixed bridge requests sometimes failing due to chat provider timeouts. (#1164)
• Fixed the user limit not actually applying. (#1178)
• Added the GitHub OAuth provider. Create OAuth apps at https://github.com/settings/developers (#1152)
• Added the Discord OAuth provider. Create OAuth apps at https://discord.com/developers/applications (#1152)
• Added the TGForums OAuth provider. Does NOT use ClientId config. See documentation at https://tgstation13.org/phpBB/viewtopic.php?f=45&t=9922&p=582075 (#1152)
• Added the Keycloak OAuth provider. Uses ServerUrl config. A somewhat simple guide to setting this up can be found here: https://plugins.miniorange.com/keycloak-single-sign-on-wordpress-sso-oauth-openid-connect (Note, the user grouping bits may be skipped). (#1152)
• Added missing v4.5.X downgrade migration. (#1152)
• Added informative logging when users are created/updated. (#1152)

HTTP API (#1152)

• Header names are now case-sensitive. (#1152)
• Fixed being unable to clear repository access strings. (#1152)
• Fixed GitHub API errors not being returned if a server update failed. (#1152)
• GET / no longer requires authentication. (#1152)
• The ServerInformation model now contains the oAuthProviderInfos field. This is a map of OAuth provider names to their clientIds and redirectUris (OAuthProviderInfo model). (#1152)
• Added a new field to the User model, oAuthConnections. This is a list of OAuthConnection models that indicate externalUserIds the user may use to authentication along with the provider ID of the OAuth provider. A user may have many OAuthConnections with the same provider but the same provider/externalUserId pair can not be added to multiple users. (#1152)
• Added Administration right 64 which allows users to edit their own oAuthConnections. This is a subset of right 1. (#1152)
• Added OAuth authentication. POST / with headers Authorization: OAuth <Authorization response code from https://tools.ietf.org/html/rfc6749#section-4.1.2> and OAuthProvider: <Provider Name> to receive a bearer token with extended duration. (#1152)
• Added error code 95 for when one attempts to create OAuthConnections on the Admin account as this is not allowed. (#1152)
• Added error code 96 for when a login attempt is made with a disabled OAuth provider. (#1152)
• Users may now be created with no passwords and system identifiers if they have an OAuthConnection set. A user cannot have it's password removed after having one set later. (#1152)
• Added GitLab test merging and merge request commenting support. (#1163)

DMAPI

• Fixed TGS topics sent too soon in DreamDaemon startup being forwarded to /world/Topic(). They are now swallowed with a warning log. (#1163)

HTTP API

• File transfers have been revamped. The RawData model has been replaced with the FileTicketResult model. This contains one string field, fileTicket. Transfers are now done as standard application/octet-stream GET/PUT requests to the new /Transfer endpoint. Requests should be made to /Transfer?ticket=<fileTicket> after receiving a FileTicketResult. Returns HTTP 200/204 on successful transfers, or standard 409/410 ErrorMessages otherwise. Because of this change, the size limit for file transfers has been increased to 2GB. (#1153)
• Added ErrorCode 97 for when a job fails due to waiting on an expired upload request. (#1153)
• POST /Configuration no longer updates lastReadHash field of the returned ConfigurationFile model. (#1153)
• Endpoints that previously returned top-level array responses are now paginated. Each endpoint now takes optional page number (defaulting to 1) and pageSize (currently defaulting to 10, but subject to change in the future) query parameters. The returned model is wrapped in a generic Paginated model. Along with the content array, it contains the request pageSize and totalPages for the request. (#1172)
• Previously deprecated ErrorCode 40 is now used when requesting too large a pageSize. (#1172)
• Previously deprecated ErrorCode 41 is now used when requesting page or pageSizes <= 0. (#1172)
• windowsHost moved from Administration to ServerInformation model. (#1172)
• GET /Administration now requires the ChangeVersion Administration right. (#1172)
• Added the PermissionSet model. The User model's instanceManagerRights and administrationRights fields have been migrated here. They have their own ids. (#1164)
• Added the UserGroup model. They have an id, name, list of users (shallow), and permissionSet. (#1164)
• The User model can either have a dedicated permissionSet or belong to a group. (#1164)
• UserGroups are managed via the /UserGroup endpoint. PUT creates a group. POST can be used to change a groups name and permissionSet. GET /{id} gets a specific group. GET /List lists all groups (using the new pagination system). DELETE /{id} deletes an empty group. (#1164)
• UserGroup membership is handled on a user-by-user basis with POST /User. (#1164)
• Everything relating to InstanceUsers has been renamed to InstancePermissionSets. They are now associated with PermissionSets as opposed to Users via their permissionSetId. Rights enums have also been renamed, but maintain their functionality. (#1164)
• Added ErrorCode 98 when trying to give a user both a UserGroup and PermissionSet. (#1164)
• Added ErrorCode 99 when trying to delete a non-empty UserGroup. (#1164)
• Previously deprecated ErrorCode 46 is now used when trying to change UserGroup membership with the /UserGroup route. (#1164)
• Previously deprecated ErrorCode 54 is now used when trying to remove all OAuthConnections from a password-less user. (#1164)
• Access-Control-Max-Age is now set to 24 hours. (#1151)
• Added userGroupLimit to ServerInformation model. (#1178)
• Added error code 100 for when the user limit is hit. (#1178)
• Added error code 101 for when the user group limit is hit. (#1178)
• Added swarmServers to the ServerInformation model. This is a list of connected SwarmServers which contains each server's identifier, address, and whether or not it is the swarm controller. (#1175)
• Added updateInProgress to the ServerInformation model. Represents whether or not the current server is updating. (#1175)
• Renamed the TestMergeParameters model field pullRequestRevision to targetCommitSha. (#1163)
• Renamed Repository model field gitHubOwner to remoteRepositoryOwner. (#1163)
• Renamed Repository model field gitHubName to remoteRepositoryName. (#1163)
• Added field repositoryOrigin to CompileJob model, set to the repository's origin URL at the time of deployment. Will be null for jobs run on older TGS versions. (#1163)
• Added Repository model field remoteGitProvider which is a numeric enum of supported remote git providers such as GitHub, GitLab, or Unknown. (#1163)

Web Control Panel

• Removed saving passwords due to security concerns. (#1182)
• Added support for user groups. (#1182)
• Auto logins if the admin has the default password set. (#1182)
• Changed values in the user permission editor are now be in bold. (#1182)
• Fixed a bug where the logs wouldn't show depending on the timezone the server is in. (#1182)
• Fixed a bug where updates to the webpanel wouldn't show because of legacy code. (#1182)
• Fixed several small bugs/performance issues. (#1182)

Update 6.X

Configuration

• Fixed typo in General:HostApiDocumentation setting. Please correct this in your configuration if need be. (#1139)

Core

• The setup wizard now waits until the configuration reloads before exiting. This caused issues where the first run of the server could possibly default to using incorrect database configurations. (#1142)
• Having the configuration option General:HostApiDocumentation enabled will no longer cause HTTP requests to the server to 500. (#1139)
• Fixed a deadlock in the job manager. (#1139)
• Fixed having General:SetupWizardMode set to Only not being respected. (#1139)

DMAPI

• Non-functional release including some minor documentation additions (#1144)

HTTP API

• Instances will now allocate and pre-check the DreamDaemon and DMAPI validation ports can be used before they are created. Added error code 93 for when none are available. (#1136)
• You can no longer modify DreamDaemon or DMAPI validation ports so that they would conflict with other ports in use by TGS or the system. Added error code 94 for when a conflict occurs. (#1136)
• Added header X-Powered-By: tgstation-server to all responses. (#1134)
• Added DreamDaemon.additionalParameters field for adding additional command line -params options. (#1145)

Web Control Panel

• Web panel v1.0.1 is now included in the project. It is accessible from /app or by accessing / from a browser. (#1133)
• The web panel can edit users, update the server, restart the server and access logs. Instance management will be included in a future update. (#1133)

Prior release notes truncated to save space