Features & Capabilities

Modern Point of Presence management platform for global amateur radio networking

What You Can Do

Connect Globally

Multiple Points of Presence worldwide:

  • Choose your preferred region
  • Distributed edge locations
  • North America, Europe, and beyond
  • Low-latency connections
  • Geographic redundancy
Create Network Tunnels

Set up WireGuard tunnels in minutes:

  • Point-and-click tunnel creation
  • Automatic key generation
  • QR codes for mobile devices
  • Ready-to-use configuration files
  • Connect from anywhere globally
Get Public IP Addresses

Request and manage IP allocations:

  • IPv4 address blocks
  • Subnet allocation (/29 to /25)
  • Instant approval for small allocations
  • Public, routable IP addresses
  • Bring Your Own IP (BYOIP) support
Easy Configuration Export

Download configs for your platform:

  • One-click config generation
  • Many platform formats supported
  • Copy-paste ready configurations
  • DHCP server configs included for additionally Routed IP's
  • BGP routing configurations

Technical Features

Multi-Platform WireGuard Support

Generate configurations for 9+ platforms:

  • EdgeRouter (Ubiquiti)
  • MikroTik RouterOS
  • OpenWrt
  • pfSense/OPNsense
  • Linux (systemd-networkd)
  • Linux Network Namespaces
  • macOS
  • Docker containers
  • Mobile (QR codes for iOS/Android)
Advanced Routing

Sophisticated routing capabilities:

  • BGP dynamic routing with ASN management
  • Static route configuration
  • Subnet allocation management
  • IPv4 and IPv6 dual-stack support
Security & Access Control

Enterprise-grade security features:

  • Role-based access control (Admin, Operator, User)
  • WireGuard key regeneration
  • Email verification and password resets
  • OIDC/OAuth integration support
  • CSRF protection
  • Audit event logging
User Management

Comprehensive user administration:

  • User quotas and resource limits
  • Self-service network requests
  • Request approval workflows
  • Auto-approval for qualifying requests
  • API key management for automation
  • Timezone-aware displays
Infrastructure Organization

Hierarchical resource management:

  • Node groups for logical organization
  • Nodes (physical/virtual servers)
  • Interfaces (WireGuard, Loopback, Interconnect)
  • Network allocation and subnetting
  • ASN assignment and tracking
Automation & Integration

Built for automation:

  • RESTful API (v1 and legacy)
  • Email notifications with templates
  • Automated configuration generation
  • DHCP server configurations for Additionally routed prefixes
  • Self-installing setup scripts

Changelog

  • Fix Order request comments chronologically - 2026-04-22
    The comments relationship had no order_by clause so SQLAlchemy returned comments in UUID primary-key order, which is effectively random. Sort by created_at so the conversation reads oldest-first (newest comment closest to the Add Comment box).
  • Fix Show request owner's username as plain text for ticket handlers - 2026-04-22
    The request header linked the username to the admin user view, which ticket handlers can't access. Wrap the link in a role check so only administrators and superadmins see the clickable link; ticket handlers see plain text instead of a link that 404s.
  • New Add tunnels section to user resources card and turn summary badges into collapse toggles - 2026-04-22
    Tunnels show each tunnel's status and attached networks (direct addresses vs. subnets routed via static or BGP, with the ASN highlighted). Summary badges are now the collapse toggles for the detail tables, with a rotating chevron to signal state.
  • Fix Surface timezone notifications where the dropdown can't cover them - 2026-04-20
    Swap the top-right toast for the top-center Bootstrap alert pattern already used elsewhere in the app so the success/error notification is not hidden behind the timezone select's own dropdown.
  • Fix Save profile timezone immediately when the select changes - 2026-04-20
    The profile form's timezone select had no change handler, so picking a different timezone did nothing until the form was submitted (and there is no dedicated save button for it). Wire the existing TimezoneManager.changeTimezone() into a change listener on #timezone so the new value is POSTed to /account/api/timezone as soon as the user picks an option, matching the "save on change" behaviour intended by the API endpoint.
  • Fix Exclude user sub-allocations from network counting - 2026-04-15
    Route all quota and resource counting through User.resource_count so consumers never special-case network vs other kinds, and apply the same filter to the Networks list header, dashboard stats, admin user menu counts, request creation handlers, and the quota_impact macro so users and handlers see a consistent allocation count everywhere.
  • New Show user resources on admin request view - 2026-04-15
    Add a "User Resources" card to the request view page summarising the requester's existing networks, ASNs, tunnels, and pending requests with quota-aware badges, so administrators and ticket handlers can see what the requester already has before approving. Adds Network.is_top_level and User.top_level_networks/resource_count so the card excludes sub-allocations the user carved out of their own top-level allocations from both counts and the displayed list.
  • New Add download button for tunnel configuration files - 2026-04-15
    Add a Download button next to Copy to Clipboard on the tunnel view page so users can save text configs directly as files.
  • New Add version management, pyproject.toml, and changelog automation - 2026-04-09
    - Add VERSION file (semver, manual bump) as single source of truth - Add pyproject.toml with full PEP 621 metadata, simplify setup.py to shim - Move CHANGELOG_DATA.txt install from /etc/ to /usr/share/pop-controld/ - Use absolute path in features.py for reliable changelog reading - Update generate_changelog.py: group by month+author with branch creator attribution - Update debian/control with proper Maintainer/Uploaders format - Update debian/rules to read version from VERSION file - Add MANIFEST.in to include VERSION in sdist builds - Add .git check in Makefile before running changelog generation
  • New Make Terms of Service URL configurable via admin config - 2026-04-02
  • New Add Terms of Service link to footer - 2026-04-01
  • Enhancement Add alembic.ini for database migrations - 2026-04-01

  • New Add status to dynamic routing - 2026-03-21

  • New add per-user rate limiting for request creation endpoints - 2026-01-23
    - Add LIMIT_REQUEST_CREATION constant (10 per hour, configurable) - Add get_current_user_id() for per-user rate limiting (fairer for shared IPs) - Apply rate limiting to UI routes: network_allocate, network_existing, asn - Apply rate limiting to API routes: request_asn, request_network_existing, request_network_allocation
  • Fix correct config import in limiter.py - 2026-01-23
  • New add rate limiting to authentication endpoints - 2026-01-13
    Add Flask-Limiter with Redis backend to protect auth endpoints from brute force and credential stuffing attacks.
  • New add security response headers - 2026-01-14
  • Fix remove traceback printing from API error handler - 2026-01-14
  • Fix use allow list for dynamic query parameter filtering - 2026-01-13
  • New add audit logging for authentication events - 2026-01-14
  • Fix add CSRF token to timezone API call - 2026-01-13
  • Fix use session for API key token instead of URL - 2026-01-13
  • Fix add null check in api_load_user - 2026-01-13
  • Fix add @login_required to /delete route - 2026-01-13
  • Fix validate redirect URL after login - 2026-01-13
  • New use gunicorn in dev script for HUP reload support - 2026-01-07
  • Documentation add comprehensive README with development guide - 2026-01-06
  • Fix MR !41 feedback - IPv6 /128 allocation and skip_ssl_verification config - 2026-01-06
    - Fixed IPv6 allocation back to /128 (was incorrectly changed to /64) - Added skip_ssl_verification config option for OIDC - SSL verification only skipped when BOTH debug=True AND skip_ssl_verification=True - Set debug=False in example config (production default)
  • Fix set debug=False as secure default - 2026-01-07
  • Fix clipboard copy for input elements (use .value property) - 2026-01-07
  • Fix use data-clipboard-selector for Redirect URI copy button - 2026-01-07
  • Fix use appconfigbool for debug check in User Maintenance visibility - 2026-01-07
  • Fix remove US-first region sorting bias - 2026-01-07
  • Fix use config-based SSL verification for OIDC discovery - 2026-01-06
    Replace automatic SSL fallback with explicit config option. SSL verification only skipped when BOTH debug=True AND skip_ssl_verification=True in [auth.oidc] section.

  • Enhancement Update changelog for December 2025 - 2025-12-18
  • Uncategorized chore(packaging): Simplify dependencies and add graceful reload - 2025-12-18
    - Simplify debian package dependencies (remove -dev packages) - Add ExecReload to systemd service for graceful worker reload - Use HUP signal to reload without dropping connections
  • New feat(server): Improve error handling and debug mode support - 2025-12-18
    Backend improvements for better development experience and error handling:
  • New feat(ui): Improve tunnel and ASN form templates - 2025-12-18
    Enhancements to model forms and list views:
  • New feat(ui): Improve navigation and base template structure - 2025-12-18
    UI/UX improvements across the application:
  • New feat(ui): Improve tunnel request interface with collapsible regions - 2025-12-18
    Enhances the tunnel request page with better UX for selecting nodes:
  • New Add user maintenance tools for data cleanup - 2025-12-18
    Adds superadmin-only maintenance tools for handling data integrity issues:
  • New feat(auth): Improve OIDC discovery and registration flow - 2025-12-18
    Enhances OIDC integration with better error handling and user experience:
  • New feat(node): Add transport_ip field for WireGuard interconnect endpoints - 2025-12-18
    Adds a transport_ip field to nodes for specifying the public/WAN IP address used for WireGuard interconnect endpoints, separate from access_ips.
  • Documentation update help documentation IP addresses and configuration examples - 2025-12-02
    Updated WireGuard configuration examples in help documentation: - Changed IP addresses from 192.168.x.x to 44.190.40.x (AMPRNet addressing) - Updated Endpoint to use 203.0.113.1 (RFC 5737 documentation IP) - Changed AllowedIPs default to 0.0.0.0/0 (route all traffic) - Added HTML table formatting for aligned inline comments - Fixed text: "network administrator" → "tunnel configuration" - Removed non-existent macOS .pkg installation method

  • Fix restore correct oidc_secrets.json format with web wrapper - 2025-11-19
  • Enhancement regenerate changelog with updated commit hashes - 2025-11-19
  • Enhancement add changelog data tracking file - 2025-11-17
  • Documentation add admin user approval guide to help section - 2025-11-17
  • Fix set ASN properties before adding to session to avoid warnings - 2025-11-17
  • New add debug routes and blueprint registry for development - 2025-11-17
    - Add blueprint registry for automatic route discovery - Add debug UI showing all registered routes - Provide development tools for route inspection
  • New add support email configuration option - 2025-11-17
  • Refactor improve UI route handlers and setup template - 2025-11-17
    - Enhance common UI utilities - Update account and help route handlers - Improve tools functionality - Refine setup template layout
  • Fix update frontend JavaScript modules - 2025-11-17
    - Fix loading indicator behavior - Update password validation display
  • New enhance server core functionality and template globals - 2025-11-17
    - Add get_asn template global function - Include sub-allocations in networks_by_owner - Improve query ordering for network hierarchy - Add site_name and other utility functions - Enhance API model and route handling
  • Refactor update navigation and layout partials - 2025-11-17
    - Improve sidebar organization - Update footer and navbar styling - Enhance password requirements display - Add email verification warning partial
  • Refactor improve various templates and UI consistency - 2025-11-17
    - Update base template and dashboard layouts - Enhance user guide documentation - Improve ASN and user list displays - Use dynamic site naming throughout templates - Fix minor styling and formatting issues
  • Fix ensure client modified_at timestamp updates and improve forms - 2025-11-17
    - Explicitly update modified_at when client is updated - Add validation for empty tunnel names - Improve client add/edit form layouts - Add routing configuration partial
  • New improve tunnel interface templates - 2025-11-17
    - Display location information (region/datacenter) in tunnel list - Show full public keys instead of truncated versions - Use dynamic site name instead of hardcoded values - Simplify tunnel forms and improve layouts
  • Fix resolve ASN approval session warning and improve request UI - 2025-11-17
    - Fix session warning by adding ASN to session before setting properties - Display request name instead of ID in titles - Improve prefix notation formatting - Add audit event display for approved requests - Show ownership indicator for user's own requests
  • New improve network allocation interface and add hierarchy depth tracking - 2025-11-17
  • New enhance landing page with typewriter effect and improved styling - 2025-11-17
  • New add audit event API and enhance admin configuration - 2025-11-17
    - Add audit event schema and API endpoints - Add support email configuration option - Improve admin configuration interface
  • New enhance topology visualization with improved network details - 2025-11-17
  • New add database rollback command to admin CLI - 2025-11-17
    - Add db-rollback command with target revision support - Include confirmation prompt for safety - Support rolling back to specific revisions or steps
  • New implement modular user approval workflow - 2025-11-17
    - Add approval status fields to User model (pending/approved/rejected) - Create approval_required decorator for route protection - Add admin interface for managing pending users - Implement email notifications for approval/rejection - Add pending approval page for users awaiting approval - Configure approval requirement via users.require_approval setting - Support both OIDC and local authentication workflows
  • Fix add oidc_secrets.json template for debian packaging - 2025-11-17
  • Fix merge migration heads by chaining add_user_approval after add_callsign_001 - 2025-11-17
    This migration merges two divergent migration branches: - Branch 1: ... -> c6d42a1091c0 -> ... -> add_callsign_001 - Branch 2: ... -> add_user_approval (now chained after add_callsign_001)
  • Enhancement remove unused universal_search_content.html template - 2025-11-12
  • New add BYOIP info card partial for network selection page - 2025-11-12
  • New improve sidebar organization and update features page - 2025-11-12
  • New add validation warnings for missing dependencies in node and node group forms - 2025-11-12
  • New add public key and tunnel IP columns to list view and improve form layouts - 2025-11-12
  • New modernize request forms with card-based layouts and improved styling - 2025-11-12
  • New add network utilization display and validation to interface creation - 2025-11-12
  • Fix explicitly delete client routing to ensure proper cascade cleanup - 2025-11-12
  • New add --force flag to bypass password validation in CLI user creation - 2025-11-12
  • Fix remove duplicate request blueprint that filtered to only pending requests - 2025-11-12
    - Remove duplicate blueprint registration that filtered requests by status == new - Fix issue where users could only see pending requests in their list - Users now see full request history including approved and rejected requests - Add add_context_func to interface blueprint for consistency
  • Fix resolve BYOIP AttributeError and improve page styling - 2025-11-12
    Fix AttributeError when accessing enable_byoip config and enhance the BYOIP request page to match the polished design of other request forms.
  • Refactor standardize list pages with universal search component - 2025-11-12
    Migrate all list pages from universal_search_content.html to universal_search.html for consistent search and filtering across the application.
  • New add create-user command to admin CLI - 2025-11-06
    - Add create-user command to create new user accounts via CLI - Support username, email, password options - Support auto-password generation - Support verified and enabled flags
  • New improve navigation and login redirect flow - 2025-11-06
    - Move Home link from sidebar to footer as "Landing Page" - Remove Home link from sidebar navigation for authenticated users - Redirect users to tunnel list after successful login - Landing page always accessible via footer link
  • Fix resolve ESLint errors in frontend JavaScript - 2025-11-06
    - Remove unused variables in timezone.js - Replace jQuery tooltip initialization with Bootstrap 5 native API - Add bootstrap global declarations to resolve undefined references - Export utility functions for potential future use
  • New make email notification checkbox more prominent on tunnel creation - 2025-11-05
    - Changed to larger toggle switch style - Added primary blue border and background tint - Increased label font size and weight - Made label and checkbox clickable with cursor pointer - More visually prominent to catch user attention
  • Fix show My Infrastructure section only for operators - 2025-11-05
    - Removed check for owned infrastructure - Only users with operator role can see the section - Ensures proper role-based access control
  • Fix add missing steal action handling in admin request view - 2025-11-05
  • Enhancement update configuration defaults - 2025-11-05
  • Enhancement enhance Debian packaging configuration - 2025-11-05
    - Added redis-server as package dependency - Include CHANGELOG_DATA.txt in package installation - Fixed config file ownership for pop-controld user - Added pop-controld-worker service support - Added pop-controld-worker systemd service file
  • Enhancement add request import to API module - 2025-11-05
  • Refactor update OIDC configuration management - 2025-11-05
    - Streamlined OIDC config file handling - Improved JSON configuration updates
  • Enhancement add debug logging for OIDC profile data - 2025-11-05
    - Log full OIDC profile only when debug mode enabled - Added audit logging import for future enhancements
  • New expand features page with detailed capability cards - 2025-11-05
    - Added "What You Can Do" section with feature cards - Detailed descriptions of global connectivity options - Secure tunnel creation workflow highlights - Public IP address allocation information
  • Refactor improve sidebar layout with CSS variables - 2025-11-05
    - Added CSS variable for sidebar width consistency - Fixed sidebar height to full viewport - Updated content wrapper margin calculations
  • Fix improve clipboard copy functionality - 2025-11-05
    - Prevent double-initialization of clipboard buttons - Add no-debounce class to prevent form submission interference - Fix selector string concatenation in tunnel view - Add error handling for empty or missing content
  • New add IP address lookup documentation to user guide - 2025-11-05
    - Added new section with /myip endpoint usage examples - Included curl commands and jq filtering examples
  • New add /myip API endpoint for IP address lookup - 2025-11-05
    - Returns JSON with client's IP address - No authentication required - Handles proxy headers and strips IPv4-mapped IPv6 prefix
  • New display user IP address in footer - 2025-11-05
    - Added client_ip() template global that handles proxy headers - Strips IPv4-mapped IPv6 prefix for cleaner display
  • Fix correct callsign field alignment in user profile - 2025-11-05
  • Fix Add missing fallbacks for config sections to prevent crashes - 2025-11-03
    - Add fallback for auth.oidc scopes config - Add fallbacks for all email section configs (from, host, port, starttls, username, password, signature) - Prevents NoSectionError when email section is missing from config.ini - Ensures admin configuration page loads even with minimal config
  • Fix Add fallback for missing OIDC config section - 2025-11-03
    - Fix ConfigParser NoSectionError when auth.oidc section doesn't exist - Add fallback=None to config.get() call to handle missing sections gracefully - Prevents 500 error on /admin/configuration page when OIDC not configured
  • Enhancement Add default placeholder configuration values - 2025-11-03
    - Populate example config with sensible defaults and placeholders - Uncomment required sections to prevent config getter crashes - Standardize comment style to use # instead of ;
  • Fix Update ARDC URL and add null check for node group - 2025-11-03
    - Change setup.py URL from ardc.org to ardc.net - Add null check for node.group in audit log to prevent AttributeError
  • New Add OIDC external ID management for users - 2025-11-03
    - Add confirmation modal when changing user OIDC external ID - Restrict external ID field to superadmin role - Add user_form partial with OIDC external ID field - Create reusable OIDC change confirmation modal template - Add JavaScript handler to prevent accidental changes
  • New Add OIDC auto-configuration with endpoint discovery - 2025-11-03
    - Add discover_oidc_endpoints() to auto-discover OAuth endpoints - Auto-generate redirect URI from base URL - Update OIDC JSON config file with client credentials - Read and display OIDC credentials in admin UI - Improved admin configuration template with client ID/secret fields - Add copy button for redirect URI - Better sectioned layout for OIDC settings
  • New Improve database constraint error messages - 2025-11-03
    - Parse constraint names from PostgreSQL errors - Display specific field names in conflict messages - Provide more helpful user-facing error messages
  • New Add OIDC session cookie configuration and error handling - 2025-11-03
    - Configure session cookies for OIDC OAuth redirects - Allow insecure cookies in debug mode for development - Add OAuth error handler with user-friendly messages - Handle email verification and access denied errors
  • Refactor Clean up frontend JavaScript code - 2025-11-03
    - Remove unused variable in clipboard.js - Add global Set declaration for debounce.js linting - Fix regex escaping in password-validation.js - Simplify Object.entries usage in table-sort.js
  • Build Add --platform linux/amd64 to dpkg target for cross-platform builds - 2025-11-03

  • Uncategorized Add callsign field with OIDC sync support - 2025-10-31
    - Add callsign column to users table via migration - Update User model with callsign field - Sync callsign from OIDC profile during authentication - Add callsign field to user edit form and view page - Handle callsign in user controller for form submissions - Improve OIDC sync to allow login on username/email conflicts - Log sync conflicts and show warning instead of blocking login
  • Uncategorized Add IPv6 support to subnet calculator - 2025-10-31
    - Implement full IPv6 CIDR calculations with 128-bit BigInt math - Add IPv6 subnet planning and splitting functionality - Update subnet modal to display IPv6-specific information - Support IPv6 address compression and expansion - Handle both IPv4 and IPv6 on same interface
  • New Implement tunnel save confirmation modal and improve key regeneration workflow - 2025-10-30
    - Add save confirmation modal to review changes before tunnel save/update - Change key regeneration to populate form fields instead of direct save - Store regenerated private keys in session to display once after save - Replace network multi-select with checkbox interface for better UX - Extend search/filter to support grid view cards in addition to tables - Move action buttons below tunnel name in view page - Add success alerts when keys are regenerated to remind user to save
  • Enhancement update development tools and configuration - 2025-10-30
    - Enhance changelog generation script with improved formatting - Update HTTPS development server script with better configuration - Update configurations README with latest documentation
  • New modernize UI templates and enhance account management - 2025-10-30
    - Add API key management interface with create/edit/view capabilities - Enhance account settings page with improved layout - Modernize base template with updated navigation and styling - Improve dashboard with better information hierarchy - Add comprehensive user guide documentation - Enhance landing page and error pages with better UX - Update sidebar navigation with cleaner structure - Improve request templates with better form layouts - Streamline menu templates across all model types - Add features page with capability overview - Update footer with improved styling
  • New improve controllers, models, and schema handling - 2025-10-30
    - Add enhanced ASN and client controller functionality - Improve notification controller with better error handling - Enhance request controller with additional validation - Update interface schema with improved field handling - Add better model validation for ASN and client objects - Update cleanup CLI command with improved logic
  • New enhance model view and list templates with improved layouts - 2025-10-30
    - Modernize view pages with card-based layouts and better information hierarchy - Improve list templates with enhanced styling and better data presentation - Add consistent formatting across all model types - Enhance audit event display with better formatting - Improve tunnel, node, client, ASN, network, and user view pages - Add better visual separation and readability to all list views
  • New add frontend JavaScript modules for enhanced interactivity - 2025-10-30
    - Add searchable-owner.js for dynamic owner search and selection - Add table-filter.js for client-side table filtering - Update common.js with shared utility functions - Improve user experience with live search and filtering capabilities
  • New enhance form UX with auto-naming and owner selection - 2025-10-30
    - Add auto-naming support for ASN and network forms - Calculate next index based on existing resources and pending requests - Fix null/None handling in next index calculation - Improve searchable owner select partial with better styling - Add helper text to form fields for better user guidance - Ensure auto-naming works for both user and admin flows
  • New enhance admin interface with new tools and settings - 2025-10-30
    - Add data integrity scanner for database health checks (superadmin only) - Add Redis configuration options to settings page - Add API keys enable/disable toggle to settings - Add configurable TTL settings for email queue (result and failure) - Restrict configuration page to superadmin role only - Add admin tools UI module for specialized administrative functions - Display queue TTL information in email queue status page
  • Refactor replace individual delete pages with shared modal - 2025-10-30
    - Add reusable delete_modal.html partial for all delete confirmations - Remove individual delete.html templates from all model directories - Simplifies deletion UX with consistent modal-based confirmation - Reduces code duplication across 8 model types
  • New add superadmin role and improve audit logging - 2025-10-30
    - Add SUPERADMIN role to User model with elevated privileges - First admin user created via CLI automatically gets SUPERADMIN role - Subsequent admins get ADMINISTRATOR role only - Add system user support for audit events (replaces None user) - Update CLI commands to use system user for audit logging - Add migrations for superadmin role and audit event username preservation - Display superadmin status in admin list command
  • New Modernize request forms with card layouts and enhanced UX - 2025-10-24
    Updated tunnel and ASN request forms to match the modern design of network request forms, improving visual consistency and user experience.
  • New add BIRDC BGP configuration generation - 2025-10-24
    - Create birdc.py module for generating BIRD BGP configurations - Support IPv4 and IPv6 BGP sessions over WireGuard tunnels - Include import/export filters with BGP path validation - Configure next hop settings for advertised networks - Add admin toggle to enable/disable BIRDC config display - Integrate BIRDC config generation into tunnel config output - Display complete copy-pasteable BIRDC config for BGP tunnels - Fix IPv4Interface/IPv6Interface string conversion in config generation
  • New redesign network allocation page with improved UX - 2025-10-24
    - Convert to card-based layout with visual hierarchy - Add "Selected Network Pool" card showing chosen network - Add "Network Request Details" form card - Style request button with blue gradient - Add comprehensive subnet sizing guidance panel - Explain /29 as recommended starting point - Highlight ability to request more IPs later - Include subnet calculation examples - Improve responsive layout with wider info panel - Add icons throughout for better visual navigation
  • New improve form UX with auto-naming and styled helper text - 2025-10-24
    - Add reusable calculate_next_index() helper for consistent auto-naming - Implement auto-naming for tunnels (Tunnel 1, Tunnel 2, etc.) - Implement auto-naming for networks (Network 1, Network 2, etc.) - Implement auto-naming for ASN requests (ASN Request 1, etc.) - Style helper text in blue (text-primary) for better visibility - Move regenerate keys button into WireGuard form card - Add modal confirmation for preshared key regeneration - Add ASN requirement warning for BGP routing
  • New Reorganize sidebar navigation and improve template UI - 2025-10-23
    - Reorganize sidebar: Move 'My Resources' to top for all users - Add visual separator (light blue line) before admin sections - Reorder admin sections: Ticket Management first, then Infrastructure, then Administration - Add fa-fw class to all sidebar icons for consistent text alignment - Fix admin_exists naming conflict in setup (renamed to has_admin) - Move 'Initial Configuration' section to only show when no admin exists - Improve template consistency across all views - Update styles for better visual hierarchy
  • New Improve navigation and development experience - 2025-10-24
    Enhanced sidebar navigation and developer tooling: - Collapsed sidebar sections by default for cleaner initial state - Added Email Queue link to admin navigation - Implemented debug-only cache-busting for faster development - Improved sidebar scrollbar visibility with better styling - Added iOS-specific touch feedback improvements
  • New Improve audit performance and permission handling - 2025-10-24
    Optimized database queries and enhanced permission feedback: - Added user_map to prevent N+1 queries when displaying audit events - Pre-fetch all users in a single query for audit event displays - Improved role_required decorator to handle list arguments - Added flash message when users lack permissions
  • New Improve dashboard and request UX - 2025-10-24
    Enhanced user interface for better usability and information display: - Improved button layout and spacing on dashboard - Added client count column to user list with sortable badges - Auto-populate ASN request names with sequential numbering - Calculate next ASN index based on existing ASNs and pending requests
  • New Preserve user information when users are deleted - 2025-10-24
    When a user who handled requests is deleted, preserve their username for audit trail purposes. Changed handler relationship to SET NULL on delete and added handler_username field to store the username.
  • New Add current_year template global function - 2025-10-24
    Added a template global function to provide the current year for use in copyright notices and other date-related displays throughout the application.
  • Performance Optimize base template performance and UX - 2025-10-24
    Improved page load performance and user experience with several frontend optimizations.
  • New Add successful emails view to queue dashboard - 2025-10-24
    Enhanced email queue monitoring to show all email statuses including successful deliveries, not just failed emails.
  • New Add asynchronous email queue with Redis and RQ worker - 2025-10-24
    Converted email sending from synchronous SMTP to asynchronous background processing using Redis Queue (RQ). This prevents email sending delays from blocking web requests and improves application responsiveness.
  • Enhancement Remove unused bpython dependency - 2025-10-24
    bpython was listed as a dependency but not actually used. The CLI shell uses Python's standard code.interact() instead due to compatibility issues with bpython 0.24.
  • New implement cache-busting and improve loading indicators - 2025-10-24
    Frontend caching and UX improvements: - Added timestamp-based cache-busting for JavaScript bundles - Disabled static asset caching during development for easier testing - Re-enabled page loading indicators with simplified logic - Removed no-loading class checks to reduce complexity - Added no-debounce class to user dropdown to remove Loading indicator
  • New add database indexes for audit events and fix migration chain - 2025-10-24
    Added performance indexes and resolved migration dependency issues: - Created indexes on audit_events.created_at and audit_events.user_id for faster queries - Fixed migration chain to create proper linear history without branches - Updated c6d42a1091c0 to depend on 99be6ab1d477 for correct migration order
  • New improve audit events UI and fix N+1 query performance - 2025-10-24
    Enhanced the audit events list with clickable rows and optimized database queries: - Removed actions column and made entire table rows clickable for better UX - Added visual feedback with blue text and pointer cursor on hover - Fixed N+1 query problem by pre-fetching all users in a single batch query - Reduced database queries from 100+ to just 2 for improved page load performance
  • Fix improve tunnel edit page header visibility and remove test latency button - 2025-10-23
    - Removed gradient background from tunnel edit page header for better readability - Changed header text from white to default color for consistency with other pages - Moved menu include inside container for proper layout - Removed Test Latency button from sidebar (feature code is on separate branch)
  • New strip whitespace from all user form inputs across application - 2025-10-23
    - Authentication: Strip username during login and password reset lookup - User management: Strip username and email during registration and profile updates - Resource names: Strip whitespace from network, ASN, tunnel, node, node group, and interface names - Updated nullable_string() utility to automatically strip all string inputs - Prevents data inconsistencies and authentication issues from accidental spaces - Maintains 'fail loudly' principle - only strips if value exists and is a string
  • New enhance request confirmation messages with requested resource details - 2025-10-23
    - Network allocation requests now show name and prefix length in confirmation - Network requests (BYOIP) now show name and network in confirmation - ASN requests now show ASN number (if provided) or 'ASN allocation' with name - Users get clear feedback about exactly what they requested
  • New improve UI visibility for tabs and sidebar scrollbar - 2025-10-23
    - Enhanced tab navigation styling with darker backgrounds and better contrast - Made inactive tabs more visible with #f8f9fa background and #495057 text - Added hover effects with primary color highlighting - Implemented custom scrollbar styling for sidebar with darker, more visible thumb - Added smooth transitions and hover states for better user experience
  • Fix Clean up frontend imports and update dev tools to localhost - 2025-10-23
    - Remove broken ping.js import from common.js (file no longer exists) - Re-enable loading.js to provide page navigation feedback - Update development tools to use localhost instead of 44.33.7.8: - generate_dev_ssl.sh: SSL cert now for localhost - register_user.py: Default base URL changed to localhost - run_dev_https.sh: Flask now runs on localhost
  • New Add clipboard copy functionality for config snippets - 2025-10-23
    - Add clipboard.js module with copy-to-clipboard functionality - Add copy button support with visual feedback - Update common.js to include clipboard utilities - Enables easy copying of WireGuard configs, API keys, and other text snippets
  • New Reorganize sidebar navigation and improve template UI - 2025-10-23
    - Reorganize sidebar: Move 'My Resources' to top for all users - Add visual separator (light blue line) before admin sections - Reorder admin sections: Ticket Management first, then Infrastructure, then Administration - Add fa-fw class to all sidebar icons for consistent text alignment - Fix admin_exists naming conflict in setup (renamed to has_admin) - Move 'Initial Configuration' section to only show when no admin exists - Improve template consistency across all views - Update styles for better visual hierarchy
  • New Add MTU configuration support to models and controllers - 2025-10-23
    - Add MTU parameter handling in client.py config generation (9 instances) - Update interface, node, and network models for MTU support - Add MTU configuration to controllers for interfaces and nodes - Update interface add/edit template with rand_id parameter fix - Enhance configuration templates for proper MTU handling
  • New Add MTU configuration support across all platform configs - 2025-10-23
    - Add MTU parameter support to Docker, EdgeRouter, Linux, Linux Namespace, macOS, MikroTik, OpenWRT, pfSense, and wg-quick configurations - Ensures consistent MTU handling across all supported platforms - Improves network performance and compatibility
  • Fix Allow sessions for browser-based API calls in ping endpoint - 2025-10-16
    The CustomSessionInterface was disabling sessions for all API routes, which caused 500 errors on endpoints like /api/v1/nodes/ping-info that use @login_required. Browser-based API calls need session auth, while API key requests should disable sessions.
  • Fix Add missing AsnRequest export to models/__init__.py - 2025-10-15
    Added AsnRequest to the models module exports that was missing after merge.
  • Refactor Improve tunnel view template and add filter utilities - 2025-10-15
    Enhanced tunnel view with details_card macro and added filter utilities.
  • New Add CLI commands, topology views, developer tools, and reusable templates - 2025-10-15
    Added comprehensive new functionality including admin CLI, topology visualization, developer tools, and reusable template components.
  • Enhancement Update configuration and ignore files - 2025-10-15
    Updated development configuration and gitignore patterns.
  • New Enhance email verification and improve routing - 2025-10-15
    Improved email verification template, user management, and routing logic for better functionality and user experience.
  • New Add password strength indicator and improve account forms - 2025-10-15
    Enhanced password reset and account creation forms with real-time password strength validation and improved user experience.
  • New Add pending request visibility and simplify landing page - 2025-10-15
    Enhanced dashboard to show pending resource requests alongside existing resources, and streamlined the landing page for better user experience.
  • Refactor Simplify and improve model view templates - 2025-10-15
    Streamlined model view templates for better maintainability and consistency.
  • New Improve UI styling and sidebar navigation - 2025-10-15
    Enhanced sidebar navigation and overall UI styling for better user experience.
  • Performance Eliminate FOUC and improve page load performance - 2025-10-15
    Implemented comprehensive solution to prevent Flash of Unstyled Content (FOUC) and significantly improve perceived page load performance.
  • New Add features page with dynamic changelog support - 2025-10-08
    Add features showcase page: - Public features page at /features (no login required) - Comprehensive feature showcase across 6 categories - Dynamic changelog parser that reads from CHANGELOG_DATA.txt - Organized by month with expandable accordion - Color-coded badges for different change types (New, Fix, Enhancement, etc.) - Support for multi-line commit descriptions - Link from homepage to features page - Separated features logic into dedicated features.py module
  • New Add frontend utilities and enhancements - 2025-10-08
    Add JavaScript utilities: - Debounce function for input throttling - Loading state management - Table sorting functionality - Timezone display utilities - Tooltip utilities for improved UX - Debounce styling
  • New Add dashboard, help system, and UI navigation components - 2025-10-08
    Add new UI components: - Dashboard with user overview and quick actions - Tunnel and network summaries - Recent activity display - Help system with user guides and setup documentation - Universal header with user menu and notifications - Sidebar navigation for authenticated users - Universal search functionality across resources - Flash message system for user feedback - Layout templates for consistent design - Request list view improvements - Landing page base template for public pages
  • New Improve setup page and admin creation workflow - 2025-10-08
    Enhance administrator account creation: - Setup page accessible without login for initial admin creation - After first admin, requires admin login to create additional admins - Link in admin configuration page to create additional admins - Clear status indicators for database, admin, email, security - Next steps guide for new installations - Password confirmation validation - Card-based UI with icons and status badges - Integration with existing authentication system - Redirect flow based on admin existence
  • Refactor Convert relative imports to absolute and apply code formatting - 2025-10-08
    - Convert all relative imports to absolute imports throughout codebase - Apply Black code formatting (4-space indentation, double quotes) - Update all Python files in controllers, models, server, migrations - Update all Jinja2 templates with formatting improvements - No functional changes, only code style improvements
  • Enhancement Revert network allocation subnet display - 2025-10-08
    Reverted temporary change to show usable IPs in subnet dropdown
  • New Add user roles and timezone migrations - 2025-10-08
    - Add user and ticket_handler roles to User model - Add timezone column to users table for time display preferences
  • New Integrate configuration modules and add routing networks support - 2025-10-08
    Update WireGuardClient.config() to: - Use new modular configuration generators - Pass routing networks to all platform configs - Conditionally generate configs based on admin settings - Support all 9 platform configurations
  • New Add platform configuration toggles to admin settings - 2025-10-08
    Add enable/disable controls for WireGuard configuration platforms: - Toggles for EdgeRouter, MikroTik, OpenWrt, pfSense, Linux, macOS, Docker - Settings stored in config.ini under [wireguard_clients] - All platforms default to enabled - Allows testing/disabling individual platform configs
  • New Add WireGuard tunnel key regeneration feature - 2025-10-08
    Add ability to regenerate WireGuard keypairs for existing tunnels: - New 'Regenerate Keys' button on tunnel edit page - Generates new private/public key pair - Displays new private key with download options - Shows updated configurations (wg-quick, EdgeRouter, etc.) - Logs regeneration action in audit events - Enhanced template with download button for bash scripts
  • New Add multi-platform WireGuard configuration generators - 2025-10-08
    Add configuration modules for multiple router and OS platforms: - EdgeRouter: CLI config with routing, DHCP, firewall, MSS clamping - MikroTik: RouterOS commands with bridge, routing table, DHCP - OpenWrt: UCI commands with firewall and DHCP - pfSense/OPNsense: WebGUI step-by-step instructions - Linux: systemd-networkd configuration - Linux-Namespace: Self-installing script for namespace-based routing - macOS: WireGuard app configuration - Docker: docker-compose and docker run configurations - wg-quick: Moved to dedicated module for consistency

  • License License AGPL_V3 - 2025-09-08
  • Refactor Move handler handling to controllers - 2025-09-01
  • New Add commenting capabilities on requests - 2025-09-01
  • New Add admin commenting capabilities - 2025-09-01
  • New Add ticket handling indcators - 2025-09-01
  • New Models for request handling + discussion - 2025-09-01

  • Fix Resolve a typo in the new tunnel email - 2025-08-08
  • Fix Send emails on tunnel creation when requested (Resolves #28) - 2025-08-08

  • Fix Resolve issues when creating a single-stack interface - 2025-07-19
    Resolves an error that would occur when there are no IPv4 or IPv6 interface networks
  • New Add autoapproval for network allocation requests - 2025-07-19
    Resolves #19
  • New Add autoapproval support for private ASNs - 2025-07-19
    Resolves #18
  • Fix Sort available interfaces alphabetically on the request screen. - 2025-07-19
    Resolves #22
  • Fix Remove random kind output on interface add/edit screen - 2025-07-19
  • Fix Enforce unique Wireguard ports on a node - 2025-07-16
  • Fix Resolve issues with model blueprint generator when calling create/update functions - 2025-07-16
    Introduced by !18
  • Fix Resolve server error when an interface is out of IP allocations. - 2025-07-16
    Resolves #26
  • Fix Correctly pass the database session to the `delete_user` call - 2025-07-15
  • Fix Resolve exception when creating a new account - 2025-07-12
  • New Update APIv1 for updates related to auditing - 2025-07-12
  • New Add audit logs for delete events - 2025-07-12
  • New Implement audit event logging - 2025-07-10
    Will log events (add/update/delete) that take place within the system.
  • Fix Set button type for the generate PSK feature - 2025-07-10
    Reoslves an issue where pressing enter on the form results in a new PSK being generated

  • Enhancement Update default config file examples - 2025-05-30
  • Fix Resolve error on network add screen - 2025-05-30
  • Fix Ensure account-related routes are correct - 2025-05-29
    This includes registering the OIDC routes with the /account prefix
  • Fix Add CSRF token to request handling form - 2025-05-26
  • Fix Resolve error when loading a tunnel with static routing - 2025-05-22
  • Fix Do not quote extra gunicorn args - 2025-05-21
  • Enhancement Add pyproject.toml to avoid warning during build - 2025-05-21
  • New Switch to Gunicorn - 2025-05-21
  • New Add API keys - 2025-05-11
    Resolves #4
  • Fix Disable CSRF on all children API blueprints - 2025-05-11
  • New Add Preshared Key generation - 2025-05-11
    Resolves #7
  • New Show node ASN when BGP routing is enabled - 2025-05-11
    Resolves #5
  • Refactor Cleanup custom session interface - 2025-05-11
  • Fix Import correct package for CSRF - 2025-05-11
  • New Disable session authentication for API endpoints - 2025-05-11
    This will protect against CSRF attacks
  • New Add CSRF protection (#8) - 2025-05-11
  • Fix Ensure the migrate script is included in the build - 2025-05-09
  • New Add `migrate` command to the help script - 2025-05-09
  • Fix Resolve error on Python 3.11 (`in` not supported on StrEnum) - 2025-05-09
  • New Migrate user tunnel quotas - 2025-05-07
  • Fix Display the correct quotas on the user view screen - 2025-05-07
  • New Show and manage resource quotas - 2025-05-07
  • New Add resource quotas - 2025-05-07

  • Fix Properly validate altcha challenge on POST requests - 2025-04-21
    Also properly format 400 error pages
  • New Show selected networks and ASNs on tunnel screen - 2025-04-20
    Allows the user to edit their tunnel without removing admnin-selected ASN or networks
  • New Add /api/v1/admin/users endpoint - 2025-04-20
  • New List all available ASNs on administrative client routing screens - 2025-04-16
    This matches the behaviour of the routed network selection list.
  • Refactor Clean up code and ensure consistency between UI and API - 2025-04-14

  • Enhancement Update build process - 2025-03-02
    - Added new makefile functions - Generate the frontend assets during the build process

  • New Store migration ids in a separate field - 2025-02-11
  • Fix Resolve error when email has no attachments - 2025-02-26
  • New Improve client management - 2025-02-12
    - Improve user interface - Add support for sending email after tunnel creation - Allow admins to have the system generate a client's private key

  • New Add migration from legacy dashboard - 2025-01-19
  • Fix Show access_ips on node group view page - 2025-01-19
  • Fix Pre-select active routed networks when editing a client - 2025-01-19
  • Enhancement Admin UI fixes - 2025-01-19
  • New Admin UI improvements - 2025-01-19
  • New Ensure that an OIDC user's email is verified - 2025-01-18

  • New Add OIDC support - 2024-11-02

  • New Debian build + bug fixes - 2024-10-29
  • New Add node token generation - 2024-10-20
  • New Add password reset - 2024-10-20
  • New Allow users to delete their own networks and asns - 2024-10-20
  • New Load private ASN range from configuration - 2024-10-20
  • New Email notifications on request creation, approval and rejection - 2024-10-20
  • Fix Do not delete parent networks when requests are deleted - 2024-10-20
  • New User account management - 2024-10-20
  • New Email notifications - 2024-10-20
  • New Add configuration + sample client configuration - 2024-10-19
  • New Add Altcha validation - 2024-10-14
  • New Add user registration - 2024-10-14
  • New Add node inteconnection - 2024-10-11
    Implement interconnection between nodes.

  • New Support legacy status update API - 2024-09-27
  • Fix Fix page titles on client interface - 2024-09-02
  • New Add user interface for managing client routing - 2024-09-02
  • New Add client routing backend support - 2024-09-01

  • Fix Fix tunnel creation for non-admin - 2024-08-22
  • New Display SQL errors during approval - 2024-08-22
  • New Add user network and asn requesting - 2024-08-22
  • Fix Fix bugs - 2024-08-18

  • Fix Fix rendering with empty access_ips - 2024-05-12
  • New Tunnel management - 2024-05-12

  • New Work on client frontend - 2024-04-28
  • New Add interface for enabled field - 2024-04-21
  • New Add fields missing from legacy Dashboard and work on the legacy Node APIs - 2024-04-21
  • New Implement legacy node API - 2024-04-20
    Provide compatibility with the existing popd until a new architecture is decided.
  • New Do not delete an ASN still referenced by a node group - 2024-04-20
  • New Add ASN endpoint - 2024-04-20
  • New Add client delete - 2024-04-20
  • Refactor Move user controller functions into their own file - 2024-04-20
  • New Add API endpoints - 2024-04-20
  • Fix Hide access ips column on small screen on node list - 2024-04-17
  • New Update table styling - 2024-04-17
  • Fix Handle null node access ips on node group view - 2024-04-17
  • Fix Handle null node access ips on node list - 2024-04-17
  • Fix Handle null node access ips - 2024-04-17
  • Fix Typo on loopback interface settings - 2024-04-17
  • New Client resource management - 2024-04-16
  • New New resource buttons - 2024-04-14
    Apply consistent wording
  • New Select prefix sizes when creating interfaces - 2024-04-14
  • New Begin implementation of adding interfaces - 2024-04-14
  • New Interface updating/deleting - 2024-04-12
  • New Node management - 2024-04-11
  • New Work on node form components - 2024-04-10
  • New Add node group management - 2024-04-10
  • New Add subnetwork allocation - 2024-04-08
  • New Network management - 2024-04-08
  • New Add node group - 2024-04-07
  • New Route organization - 2024-04-07
  • New Being flask restructure - 2024-04-07
  • New Data structures and UI work - 2024-04-06
  • New Data structure implementation - 2024-04-05
  • New Work on data structures - 2024-04-05
  • New Initial commit - 2024-04-04

Ready to get started?

Log In Documentation