Add sync_profile command to fetch latest profile from backend without re-enrollment. Add DeviceView struct to EnrollResponse. Replace hardcoded "just now" timestamp with now_label helper using Unix epoch seconds. Add sync button to UI with loading state. Redesign client interface with top strip containing brand lockup and action buttons, hero surface with profile metadata tiles, body grid with login/status panels and resources sidebar
Add updateUser and deleteUser API client methods with PATCH and DELETE endpoints. Add updatePolicy and deletePolicy API client methods. Add email field to User type. Add Actions column to users and policies tables with Edit and Delete buttons. Implement inline edit forms for users and policies with state management for editing mode. Add update and delete mutations with query invalidation on success. Add error notices
Fetch policy destinations before calling repo.Enroll instead of after, passing destinations to enrollment creation. Add fallback to default 172.16.10.0/24 destination when no policies are resolved. Re-resolve destinations after enrollment with device ID for final response.
Add useEffect hook to fetch bootstrap status on component mount. Add bootstrapAvailable and bootstrapStatusLoaded state variables to track bootstrap endpoint availability. Hide mode toggle button when bootstrap is unavailable or status hasn't loaded yet. Add auth-brand and auth-brand-copy CSS classes to improve login page layout and branding. Add BootstrapStatus handler and BootstrapAvailable service method to expose bootstrap availability
Enable tray-icon feature in Tauri dependencies. Add system tray with Open and Quit menu items. Implement tray icon click handlers to restore main window. Add window event handlers to hide window on close/minimize instead of exiting application. Add restore_main_window and hide_main_window helper functions for window visibility management.
Add formatInvokeError helper function to handle various error types from Tauri invoke calls with fallback messages. Update enroll_device to include response body in error message when enrollment fails with non-success status. Add windows_subsystem attribute to main.rs to suppress console window in release builds on Windows.
Update gateway configuration to use host.docker.internal instead of backend service name for API communication. Add extra_hosts mapping in docker-compose to enable host.docker.internal resolution. Add NEXAVPN_BACKEND_HOST environment variable to .env.example with host.docker.internal default.
Add clang-cl wrapper script that invokes clang in MSVC-compatible mode with availability check and helpful error message. Update Linux Windows build script to make clang-cl wrapper executable and include scripts directory in PATH for both cargo-xwin and clang-cl resolution.
Add AUTH_EXPIRED_EVENT constant and dispatch event on 401 responses in API client, clearing stored token. Add handleLogout function to App component and wire up event listener to trigger logout on auth expiration. Pass onLogout prop to Layout component and add Logout button to topbar-actions. Update CSS to apply flex layout to topbar-actions and make responsive. Add backend hostname and network aliases in docker-compose to ensure consistent
Add NexaVPN logo images (full logo and mark-only variants) to admin-web and desktop-client public directories. Add favicon.ico and favicon.png to admin-web, and icon.png to desktop-client. Update index.html files to reference favicon assets. Add icon.png and icon.ico to desktop-client Tauri icons directory and configure bundle.icon in tauri.conf.json. Update Layout component to display logo in sidebar brand-block with
Remove wait_for_backend_dns function and its invocation from apply_bundle, relying instead on curl connectivity checks in main loop to handle backend availability. Simplifies bootstrap logic by removing redundant DNS verification step.
Add apt install instructions for clang, lld, llvm, and nsis to README Ubuntu-to-Windows build section. Add clang-cl availability check to cargo-xwin wrapper script with helpful error message directing users to install LLVM/Clang toolchain when missing.
Update Linux Windows build script to add scripts directory to PATH and reference cargo-xwin by name rather than direct path to wrapper script, improving compatibility with Tauri's runner resolution mechanism.
Add getent availability check before attempting DNS resolution in wait_for_backend_dns function. Fall back to allowing curl connectivity check in main loop when getent is not available, supporting Alpine-based images that don't ship getent by default.
Add cargo-xwin wrapper script that invokes `cargo xwin` subcommand and update Linux Windows build script to use wrapper as --runner instead of cargo-xwin binary name directly. Add chmod +x to ensure wrapper is executable before build.
Update @tauri-apps/api and @tauri-apps/cli to version 2.10.1, and tauri runtime to 2.10.1 for consistency across desktop client dependencies. Update tauri-build to version 2.5.5.
Add wait_for_backend_dns function to verify backend hostname resolution before attempting bootstrap/sync operations. Configure NEXAVPN_BACKEND_HOST environment variable and net.ipv4.ip_forward sysctl in docker-compose. Use atomic write pattern for state.json via temporary file to prevent corruption on failed downloads. Make sysctl ip_forward call conditional on write permissions and non-fatal.
Add depends_on backend service to gateway in docker-compose to ensure backend is available before gateway starts. Refactor gateway-entrypoint.sh to move bootstrap logic into apply_bundle function with error handling, enabling automatic retry on bootstrap failure instead of exiting immediately.
Update all Windows build configurations, scripts, and documentation from i686-pc-windows-msvc (x86) to x86_64-pc-windows-msvc (x64). Update npm scripts, build-tunnel-helper.sh target validation, bundled helper paths, and tunnel manager strategy references. Add XWIN_ARCH=x86_64 environment variable to Linux cross-build command and --xwin-arch flag to cargo xwin invocation.
Change cargo-xwin detection from `command -v cargo-xwin` to `cargo xwin --version` to properly verify cargo subcommand availability on Linux systems cross-compiling to Windows targets.
Add Ubuntu-to-Windows build workflow using cargo-xwin for i686-pc-windows-msvc target. Update build-tunnel-helper.sh with host OS detection, target validation, and cargo-xwin support for Linux cross-compilation. Add tauri.windows.conf.json to configure NSIS-only bundle output and npm script for Linux-based Windows builds. Update client-platforms.md to document cross-compilation support and clarify that MSI packaging still requires Windows environment.
Add GatewayBootstrapToken field to Config struct and load from GATEWAY_BOOTSTRAP_TOKEN environment variable with default value "nexavpn-gateway-bootstrap".
Add Bootstrap and AgentSyncBundle handlers to gateway package with X-Gateway-Bootstrap-Token header authentication. Implement UpsertByName repository method for idempotent gateway registration. Update gateway entrypoint script to auto-generate keys and bootstrap gateway on first run, persisting gateway ID to disk. Add GATEWAY_BOOTSTRAP_TOKEN config and update environment variables for gateway name, bootstrap URL, and sync URL.
Add explicit ::text casts to username and email columns in List and Create queries to ensure proper type handling when scanning values from PostgreSQL. Update Create query to return role_id and role_name, adjusting Scan to match all returned fields.
Add explicit ::text cast to vpn_cidr column in List, FirstActive, and Update queries to ensure proper type handling when scanning CIDR values from PostgreSQL.
Add vite-env.d.ts with Vite client types reference to enable TypeScript support for Vite-specific features and environment variables in the admin web application.
Update go.mod module declaration and all internal imports across the backend codebase to use simplified nexavpn/backend path instead of full GitHub URL.
Extract Claims struct from auth/types.go into dedicated identity package for better separation of concerns. Update all imports and usages across auth service, token handling, and request context utilities.
Move ClaimsFromContext and MustUserID helpers from httpserver to new requestctx package for better separation of concerns. Update all imports across auth, device, policy, and user handlers. Fix Dockerfile to copy go.sum and run go mod tidy before download.
Add monorepo structure for NexaVPN WireGuard control plane including:
- .gitignore for node_modules, build artifacts, and environment files
- README with project overview, monorepo layout, and quick start guide
- Admin web UI with React, Vite, TypeScript, and nginx reverse proxy
- API client with type definitions for users, devices, policies, gateways, and audit logs
- Admin pages for dashboard, users, devices, policies, g
