release: Release version 0.3.0

.dockerignore

@@ -16,6 +16,7 @@ Dockerfile
 # Don't track docs
 *.md
 LICENSE
+CHANGELOG.md
 docs/*
 example_configs/*
 

CHANGELOG.md

@@ -0,0 +1,60 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## [0.3.0] - 2022-07-08
+
+### Breaking
+As part of the update, the database will do a one-time automatic migration to
+add UUIDs and group creation times.
+
+### Added
+  - Added support and documentation for many services:
+    - Apache Guacamole
+    - Bookstack
+    - Calibre
+    - Dolibarr
+    - Emby
+    - Gitea
+    - Grafana
+    - Jellyfin
+    - Matrix Synapse
+    - NextCloud
+    - Organizr
+    - Portainer
+    - Seafile
+    - Syncthing
+    - WG Portal
+  - New migration tool from OpenLDAP.
+  - New docker images for alternate architectures (arm64, arm/v7).
+  - Added support for LDAPS.
+  - New readonly group.
+  - Added UUID attribute for users and groups.
+  - Frontend now uses the refresh tokens to reduce the number of logins needed.
+
+### Changed
+  - Much improved logging format.
+  - Simplified API login.
+  - Allowed non-admins to run search queries on the content they can see.
+  - "cn" attribute now returns the Full Name, not Username.
+  - Unknown attributes now warn instead of erroring.
+    - Introduced a list of attributes to silence those warnings.
+
+### Deprecated
+ - Deprecated "cn" as LDAP username, "uid" is the correct attribute.
+
+### Fixed
+  - Usernames, objectclass and attribute names are now case insensitive.
+  - Handle "1.1" and other wildcard LDAP attributes.
+  - Handle "memberOf" attribute.
+  - Handle fully-specified scope.
+
+### Security
+  - Prevent SQL injections due to interaction between two libraries.
+
+## [0.2.0] - 2021-11-27

README.md

@@ -57,6 +57,9 @@ many backends, from KeyCloak to Authelia to Nextcloud and
   align="right"
 />
 
+It comes with a frontend that makes user management easy, and allows users to
+edit their own details or reset their password by email.
+
 The goal is _not_ to provide a full LDAP server; if you're interested in that,
 check out OpenLDAP. This server is a user management system that is:
 * simple to setup (no messing around with `slapd`),
@@ -79,7 +82,7 @@ truth for users, via LDAP.
 
 The image is available at `nitnelave/lldap`. You should persist the `/data`
 folder, which contains your configuration, the database and the private key
-file (unless you move them in the config).
+file.
 
 Configure the server by copying the `lldap_config.docker_template.toml` to
 `/data/lldap_config.toml` and updating the configuration values (especially the
@@ -140,12 +143,9 @@ To bring up the server, just run `cargo run`. The default config is in
 
 ### Cross-compilation
 
-No Docker image is provided for other architectures, due to the difficulty of
+Docker images are provided for AMD64, ARM64 and ARM/V7.
-setting up cross-compilation inside a Docker image.
 
-Some pre-compiled binaries are provided for each release, starting with 0.2.
+If you want to cross-compile yourself, you can do so by installing
-
-If you want to cross-compile, you can do so by installing
 [`cross`](https://github.com/rust-embedded/cross):
 
 ```sh
@@ -189,24 +189,32 @@ Testing group membership through `memberOf` is supported, so you can have a
 filter like: `(memberOf=cn=admins,ou=groups,dc=example,dc=com)`.
 
 The administrator group for LLDAP is `lldap_admin`: anyone in this group has
-admin rights in the Web UI.
+admin rights in the Web UI. Most LDAP integrations should instead use a user in
+the `lldap_readonly` group, to avoid granting full administration access to
+many services.
 
 ### Sample client configurations
 
 Some specific clients have been tested to work and come with sample
 configuration files, or guides. See the [`example_configs`](example_configs)
 folder for help with:
+  - [Apache Guacamole](example_configs/apacheguacamole.md)
   - [Authelia](example_configs/authelia_config.yml)
   - [Bookstack](example_configs/bookstack.env.example)
   - [Calibre-Web](example_configs/calibre_web.md)
   - [Dolibarr](example_configs/dolibarr.md)
+  - [Emby](example_configs/emby.md)
   - [Gitea](example_configs/gitea.md)
+  - [Grafana](example_configs/grafana_ldap_config.toml)
   - [Jellyfin](example_configs/jellyfin.md)
   - [Jisti Meet](example_configs/jitsi_meet.conf)
   - [KeyCloak](example_configs/keycloak.md)
   - [Matrix](example_configs/matrix_synapse.yml)
   - [Organizr](example_configs/Organizr.md)
+  - [Portainer](example_configs/portainer.md)
   - [Seafile](example_configs/seafile.md)
+  - [Syncthing](example_configs/syncthing.md)
+  - [WG Portal](example_configs/wg_portal.env.example)
 
 ## Comparisons with other services
 

app/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "lldap_app"
-version = "0.3.0-alpha.1"
+version = "0.3.0"
 authors = ["Valentin Tolmer <valentin@tolmer.fr>"]
 edition = "2021"
 

server/Cargo.toml

@@ -2,7 +2,7 @@
 authors = ["Valentin Tolmer <valentin@tolmer.fr>"]
 edition = "2021"
 name = "lldap"
-version = "0.3.0-rc.1"
+version = "0.3.0"
 
 [dependencies]
 actix = "0.12"