Skip to content

Release history

octelium releases

A next-gen FOSS self-hosted unified zero trust secure access platform that can operate as a remote access VPN, a ZTNA platform, API/AI/MCP gateway, a PaaS, an ngrok-alternative and a homelab infrastructure.

Back to tool Latest release

All releases

12 shown

No immediate action
v0.35.0 Maintenance

Routine maintenance and dependency updates.

Open
Review required
v0.34.0 New feature
Auth

PKCE support

Open
No immediate action
v0.33.0 Maintenance

Routine maintenance and dependency updates.

Open
Review required
v0.32.0 Maintenance

Routine maintenance and dependency updates.

Open
v0.31.0 New feature
Notable features
  • Added `octelium ssh` command for interactive SSH sessions and remote command execution on enabled Sessions.
  • Added `octelium cp` command for copying files/directories between local filesystems and connected Session filesystems, including inter‑Session transfers.
Full changelog

You can upgrade an already running Cluster via the command octops upgrade as shown here. You can read the full changelog here.

Features

  • Introducing the octelium ssh command. With this command you can open an interactive SSH session or execute a remote command, via an embedded SSH client inside the octelium CLI, on a connected
    Octelium Session using its name, if the Session is enabling the --essh flag when connecting to the Cluster. Here are some examples:
# Open an interactive shell
octelium ssh john-abcdef

# Run a single remote command
octelium ssh john-abcdef -- uptime

# Run a shell pipeline
octelium ssh john-abcdef -- sh -c "ps aux | grep python"

# Local port forward: forward local :5432 to remote localhost:5432
octelium ssh john-abcdef -L 5432:localhost:5432

# Multiple port forwards, no interactive shell
octelium ssh john-abcdef -N -L 5432:localhost:5432 -L 6379:localhost:6379

# Dynamic SOCKS5 proxy on local port 1080
octelium ssh john-abcdef -D 1080 -N
  • Introducing the octelium cp command. This command can copy files or directories between the local filesystem and remote filesystems of connected Octelium Sessions or between two connected Sessions that are enabling the --essh flag when connecting to the Cluster via octelium connect. Here are some examples:
# Copy a local file to a session
octelium cp ./config.json john-123456:/home/user/config.json

# Copy a file from a session to local
octelium cp john-123456:/home/user/output.csv ./output.csv

# Copy a local directory to a session
octelium cp -r ./src/ john-123456:/home/user/src/

# Copy a directory from a session to local
octelium cp -r john-123456:/home/user/dist/ ./dist/

# Copy a file from one session to another
octelium cp john-123456:/home/user/data.json linus-abcdef:/home/user/data.json

# Copy a directory from one session to another
octelium cp -r john-123456:/home/user/data/ linus-abcdef:/home/user/data/

Improvements

  • Various fixes for the octelium CLI.
  • Various fixes and improvements for Vigil, GatewayAgent, Nocturne, Ingress, AuthServer, DNSServer.
  • SBOM sbom.json file has been added to the release artifacts.
View release on GitHub
v0.30.0 Mixed
Notable features
  • Linux capabilities (add/drop) support in managed container securityContext
  • CEL time functions: isWeekday, isWeekend, isWeekendInTZ, isWeekdayInTZ
  • CEL net functions: isIP, isIPv4, isIPv6, isPrivateIP, isIPInRange
Full changelog

You can upgrade an already running Cluster via the command octops upgrade as shown here. You can read the full changelog here.

Features

  • Support for adding and droping Linux capabilities in managed containers. Here is an example:
kind: Service
metadata:
  name: nginx
spec:
  mode: HTTP
  config:
    upstream:
      container:
        port: 80
        image: nginx:latest
        securityContext:
          capabilities:
            add: ["NET_ADMIN", "SYS_TIME"]
            drop: ["ALL"]
  • Introducing time functions for the CEL engine. Here are some examples for the added functions:
time.isWeekday(timestamp("2023-10-18T12:00:00Z"))

time.isWeekend(timestamp("2023-10-21T12:00:00Z"))

time.isWeekendInTZ(timestamp("2023-10-20T23:00:00Z"), "Asia/Tokyo")

time.isWeekdayInTZ(timestamp("2023-10-22T23:00:00Z"), "Asia/Tokyo")
  • Introducing net functions for the CEL engine. Here are some examples for the added functions:
net.isIP("192.168.1.1")

net.isIPv4("10.0.0.1")

net.isIPv6("2001:db8::1")

net.isPrivateIP("10.5.0.1")

net.isIPInRange("192.168.1.50", "192.168.1.0/24")

Improvements

  • Various reliability-related fixes for Vigil.
  • Various fixes and improvements for Nocturne, AuthServer, RscServer and DNSServer.
View release on GitHub
v0.29.0 New feature
Notable features
  • Authorization header pass/delete control per service
  • octops install-package for enterprise packages
  • @octelium/apis TypeScript npm package
View release on GitHub
v0.28.0 New feature
Notable features
  • Anonymous authorization as WAF for public services
  • Read-only filesystems for Nocturne, RscServer, Ingress
View release on GitHub
v0.27.0 New feature
Notable features
  • Clientless OIDC authentication via RFC 7523
  • Kubernetes secret references for database credentials
  • Per-request downstream IP in ctx.request.ip
View release on GitHub
v0.24.0 New feature
Notable features
  • Initial SPIFFE mTLS support
  • Service isDisabled flag for traffic control
  • FIDO2/Webauthn attestation preference customization
View release on GitHub

Beta — feedback welcome: [email protected]