v1.0.4: Streamlined Installation & Auto-Updates

🔐 v1.0.4: Streamlined Installation & Auto-Updates

This release revolutionizes the deployment process with a single-command installer, native self-updating capabilities, and expanded support for Alpine and RHEL-based systems.

🚀 Streamlined Installation & Updates

• One-Line Installer: New curl | bash installer automatically detects OS, dependencies, and installs SamNet WG.
• Self-Updating: New samnet --update command allows seamless in-place updates.
• Multi-Distro Support: Now fully compatible with Alpine Linux, RHEL/CentOS/Rocky, and Debian/Ubuntu derivatives.

💾 Safety & Reliability

• Config Preservation: Updates and reinstalls now strictly preserve all existing client configurations and keys.
• Smart Reinstall: The installer automatically detects existing installations and protects critical data before modifying files.

🔧 Bug Fixes

• Installer Stability: Fixed a crash when copying the services/ directory during installation.
• TUI Input: Resolved an issue where the TUI input could freeze during [install.sh] execution.
• Input Visibility: Restored hidden input fields for the port wizard and peer labels.
• Version Checks: Fixed edge cases in version comparison logic for more reliable update notifications.

🔐 v1.0.3: Security Hardening & Portability Fixes

🔐 v1.0.3: Security Hardening & Portability Fixes

This release focuses on safer firewall management, encryption security, and cross-distro compatibility.

🛡️ Firewall Safety

• Include Pattern: SamNet no longer overwrites /etc/nftables.conf. Rules are now loaded via include from /etc/samnet/samnet.nft.
• Tagged iptables: All Docker compatibility rules now use --comment "samnet-wg" for surgical removal.
• Clean Uninstall: Only removes SamNet-specific rules, preserving UFW, Docker, and other services.

🔐 Encryption Security

• No Plaintext Fallback: Peer key encryption now fails safely if API is unavailable, preventing accidental plaintext storage in the database.
• Clear Error Messages: If encryption fails, users get actionable instructions.

🔧 Bug Fixes

• Portable Port Detection: Fixed non-portable \s regex in port checks - now works on all distros.
• Wizard Navigation: Back button (B) in firewall mode selection now correctly returns to previous step.
• Install Mode Fix: "SamNet Managed" mode can now be selected during fresh installation.

🧹 Code Cleanup

• Removed duplicate function definitions (dead code).
• Added multi-distro support: apt, dnf, yum, pacman.

📋 Coming Soon

• One-line curl | bash install
• samnet --update for seamless upgrades

v1.0.2: Smart Firewall, Docker & TUI Upgrade

🚀 v1.0.2: Docker-Safe Firewall & TUI Port Management

This release brings firewall management, seamless Docker compatibility, and smarter cleanup.

🔥 Firewall System

• New Firewall Ports TUI: Manage open ports directly from the terminal (Security → Firewall Ports).
  • Supports TCP, UDP, or Both.
  • Protected mode: Prevents accidental VPN/SSH lockouts.
  • [V] View Rules: Instantly see current active firewall rules regardless of managed mode (SamNet or External).
• Smart Service Detection: Installing on a server with existing apps? SamNet now auto-detects running services (Nginx, Postgres, Prometheus, etc.) and whitelists them automatically.
• Zero-Touch Logic:
  • Detects UFW/iptables? Defaults to external mode (safe).
  • Clean system? Defaults to SamNet mode (managed).

🐳 Docker Compatibility

• Non-Interfering Rules: Firewall rules now run at priority 10 (after Docker), ensuring container networking works out of the box.
• Bridge Support: Explicitly allows traffic from docker0 and br-* interfaces.
• Clean Uninstalls: Removal process explicitly cleans up iptables forwarding rules added for Docker support.

🛠️ Tooling & Cleanup Updates

• Surgical Uninstall: The uninstaller now detects and removes samnet-nat6 tables and samnet-wg-sync services.
• Safe Port Removal: Uninstaller asks before deleting your custom samnet-ports rules.
• Advanced Tools Updates:
  • Firewall Diff: Now shows your managed ports file samnet-ports.nft.
  • Troubleshooter: Automatically diagnoses missing firewall tables.

📦 Installation

• Faster pre-flight checks (1s timeout).
• Parallel IP detection.
• Full IPv6 support in all rules.