Releases: eGamesAPI/remnawave-reverse-proxy
v2.3.0
REMNAWAVE REVERSE PROXY
π Major Changes
π‘ Gcore Certificate Generation
- Added new method to generate domain certificates via Gcore
π Real IP for Subscription Page
- Added proper proxy headers in
nginx.conffor the subscription page server block (panel + node setup):
proxy_set_header X-Real-IP $proxy_protocol_addr;
proxy_set_header X-Forwarded-For $proxy_protocol_addr;- Subscription page now correctly shows the real client IP when updating subscriptions via your connection client
π§ Nginx Hash Table Optimization
- Added
server_names_hash_bucket_size 64;tonginx.conf - Fixes the error βcould not build the server_names_hashβ for long or complex domain names
- Increases hash bucket size for reliable server_name handling
π Subscription Page Error Handling
- Changed
@redirectfromreturn 404;toreturn 444;innginx.conf - Improves security and prevents unnecessary 404 logs
π API Token for Subscription Page
- Subscription Page now requires an API token
- On fresh installation (panel only or panel + node), the API token is automatically generated and already added to the configuration
- On existing (old) installations, you need to manually create an API token in your panel and add the environment variable
REMNAWAVE_API_TOKEN=your_token_hereindocker-compose.ymlunder thesubscription-pageservice
βοΈ Subscription Page Configuration
- New environment variable
SUBSCRIPTION_UI_DISPLAY_RAW_KEYS=true - When enabled, shows raw vless:// links in the subscription UI
- By default hidden when HWID binding is active
π Updated Translations
- Improved and updated translations across the entire project
v2.2.0
REMNAWAVE REVERSE PROXY
π Major Changes
πOAuth Provider Detection via API
- Replaced .env file checking with API-based OAuth provider detection
- Now uses GET /api/auth/status endpoint to dynamically verify enabled authentication providers:
- GitHub OAuth2
- Yandex OAuth2
- PocketID OAuth2
- Telegram authentication
π¦Node Configuration Simplification
- Removed .env-node file from node configurations
- Migrated all node environment variables to docker-compose.yml for easier management. Only two parameters required now:
NODE_PORT - Port for node communication (default: 2222)
SECRET_KEY - Contains node certificates - Previous parameters APP_PORT and SSL_CERT from .env-node are no longer needed
π¨Panel Management Improvements
- Removed Legiz rule templates
- Panel rule management is now simplified - all configurations are done directly in Remnawave panel interface
v2.1.9
REMNAWAVE REVERSE PROXY
π Major Changes
-
Debian 13 Support π§
-
Replaced dynamic IP fetching with a static IP 172.30.0.1 for panel and node configurations.
-
Updated .env and docker-compose.yml for seamless operation.
Domain Uniqueness Check π
- Introduced the check_node_domain function to verify domain availability using the /api/nodes endpoint.
- Integrated into add_node_to_panel with a loop to prompt for a unique domain if the provided one is already in use.
New Editing Features βοΈ
- Added an app-config.json editor for streamlined application configuration.
- Introduced a branding editor for customizing the visual identity.
- Implemented app deletion functionality for better management.
IPv4 Configuration Update π
- Replaced ForceIPv4 with UseIPv4 for more flexible network handling.
SNI Templates Fix π οΈ
- Resolved issues with SNI templates to ensure stability and proper request handling.
v2.1.4
v2.1.0
REMNAWAVE REVERSE PROXY
π Main Changes
πFeatures
-
Custom Branding for Subscription Page: Added support for configuring custom branding (name, support URL, logo URL) for the subscription page during setup via Legiz extensions. Refer to the configuration reference for details.
-
Updated .env Configuration: Enhanced the .env file structure to support new customization options, improving flexibility for deployment.
π§Fixes
- Certificate Domain Assignment: Resolved an issue in the installation_panel and installation_node functions for the Cloudflare method (CERT_METHOD=1). Now correctly sets PANEL_CERT_DOMAIN, SUB_CERT_DOMAIN, and NODE_CERT_DOMAIN to their respective base domains, ensuring proper SSL certificate paths in Nginx configurations.
Token Validation in get_panel_token: Fixed token validation issues by:
- Adding robust validation for API responses, handling 401 Unauthorized errors and invalid JSON.
- Implementing a final token verification step to ensure only valid tokens are used.
- Preventing script continuation with invalid tokens, resolving errors like jq: error: Cannot iterate over null.
πImprovements
- Xray Configuration: Removed QUIC protocol
v2.0.7
REMNAWAVE REVERSE PROXY
π Main Changes
π§ Update Check Addition:
- Introduced a new function to check for available software updates. This ensures users can stay up-to-date with the latest features and security patches seamlessly.
π§ Notification Updates:
- Added update notifications in the main menu, enabling users to easily identify and install new software versions for improved usability.
π§ ACME Certificate Renewal - Port 80 Handling:
- Implemented the update_current_certificates function to automatically open and close port 80 for ACME-based (HTTP-01 challenge) certificate renewals. This enhances reliability and security by automating certificate updates with minimal manual intervention.
- Added cron job integration to correctly handle port 80 opening and closing during certificate renewals, ensuring consistent and secure operation.
v2.0.5
REMNAWAVE REVERSE PROXY
π Main Changes
π§Subpage and Application Features:
- Introduced Orion subpage for enhanced user navigation
- Added HWID-only application list for improved security and access control
- Implemented jsDelivr fallback for reliable subpage downloads
- Refactored subpage menu for better usability and maintainability
π§Squad Update Fixes:
- Updated get_default_squad to return all squad UUIDs instead of a single default squad
- Modified main script to iterate over all squad UUIDs and call update_squad for each
- Added robust error handling and logging for squad updates
πUpdated get_panel_token function:
- Added support for new OAuth providers: GitHub, PocketID, and Yandex
π§Fix:
- manage_warp and view_logs function
Remove:
- Deletion of existing UFW ports to prevent unintended configuration loss
v2.0.0
REMNAWAVE REVERSE PROXY
π Main Changes
π New Features and Capabilities
π§ WARP Native Integration (by distillium)
- Added a complete WARP Native management module
- Ability to install and remove WARP Native
- Integration of WARP configuration into panel nodes
π Improved Panel/Node Management
- New unified "Panel/Node Management" menu
- Real-time container log viewing
- Centralized management for starting/stopping/updating
π Script Removal System
- Safe removal of only the script and local files
- Full removal including panel/node data
- Confirmations to prevent accidental deletion
π API Endpoints
New:
- /api/config-profiles - configuration profile management
- /api/internal-squads - internal squads management
Removed:
- /api/xray - replaced with config-profiles
- /api/inbounds - replaced with new architecture
π¨ Interface Reorganization
- Unified panel/node management functions
- Added WARP Native module
- Added script removal system
- Optimized navigation
v1.7.5
REMNAWAVE REVERSE PROXY
π§ Docker Images Fixes
Pinned Docker image versions to improve stability:
remnawave/backend: from latest to 1.6.16
remnawave/node: from latest to 1.6.4
π‘οΈ Security and Stability Improvements
Added container existence checks before performing template operations:
Check for remnawave container in the function manage_template_upload
Check for remnawave-subscription-page container in the function manage_sub_page_upload
If container is missing, an appropriate error message is shown
v1.7.4
REMNAWAVE REVERSE PROXY
-
Updated manage_sub_page_upload with simplified template selection (merged options 1 and 2 with dynamic template_url)
-
Replaced apt-get install yq with downloading the original binary via wget from the official source (https://github.com/mikefarah/yq/), including checks for download, permission setup, and functionality.
-
Fix incorrect certificate paths for wildcard certificates during initial installation
Moved the handle_certificates call before determining CERT_METHOD in the installation function to ensure wildcard certificates are generated and detected correctly during the first installation. This resolves the issue where incorrect certificate paths were used in nginx.conf for subdomains when using Cloudflare (CERT_METHOD="1"), causing NGINX to fail.
- Refactored function open_panel_access and close_panel_access to dynamically handle Nginx configuration for port 8443