NethServer project milestone 8.3

After two months, we’ve reached milestone 8.3! It’s time to share the progress and exciting new features in NS8. Let’s explore the highlights together!

:gift: Enhancements

Here are the most notable updates since the last milestone. For full details, check out the release notes.

Selective restoration from backup

Restore specific content from backup snapshots in the Mail and Samba File Server applications. You can now search for and recover individual IMAP folders, files, or directories into user-accessible locations. This feature requires a backup snapshot created using the latest Mail and Samba releases to function properly.

Mail procedure

Samba procedure

Application conflict management

The Cluster Admin now enforces instance limits per node during clone, move, and restore operations. This complements the existing enforcement during installation and streamlines applications requiring exclusive TCP/UDP ports, like Mail, Samba, and DNSMasq. DNSMasq also disables its DNS service automatically if it detects a conflict with Samba on the same node.

System log forward filtering

The Syslog forwarder now supports filtering to send only security logs. For performance reasons, full-stream export has been discontinued in the Cloud Log Manager forwarder.

Rename OpenLDAP domain for NS7 migration

The NS7 Migration Tool now allows specifying a unique domain name for OpenLDAP, enabling migration and consolidation of multiple NS7 systems into a single NS8 cluster.

image

Updates suspended during NS7 migration

When migrating NS7 nodes with the Migration Tool, the Software Center disables manual and automatic updates to prevent conflicts. If updates are incorrectly suspended, a procedure is provided to clean up stale data.

Unlimited user domains

The limit of eight user domains has been removed, allowing installation of more domains, provided that only one Samba DC runs on a node.

Improved user domain handling

Changes to user domain configurations now propagate correctly to applications like Nextcloud, Ejabberd, Mail, SOGo, and Roundcube. Configuration updates and service restarts are automatic.

Backup alert notifications

Systems with an active Subscription now send alerts for failed backups to monitoring portals. Additionally, the Backup page correctly displays the failed instance in the status indicator.

:bug: Bug Fixes

We’ve resolved 27 bugs since the last milestone! A few examples:

  1. Clone module fails with "file has vanished" error · Issue #7198 · NethServer/dev · GitHub
  2. Collabora can't open documents after upgrading to Podman 5.2 · Issue #7197 · NethServer/dev · GitHub
  3. Active Directory user listings limited to 1000 entries · Issue #7195 · NethServer/dev · GitHub
  4. IDrive E2 S3 backup destination AccessDenied Error · Issue #7193 · NethServer/dev · GitHub
  5. Podman pull fails due to Docker Hub rate limit with IPv6 addressing · Issue #7160 · NethServer/dev · GitHub
  6. Nextcloud migration fails if automatic updates are enabled · Issue #7070 · NethServer/dev · GitHub
  7. SASL authentication failed in Mail relay rules by recipient · Issue #7069 · NethServer/dev · GitHub

See the full list on our GitHub issue tracker.

:compass: Roadmap

Looking ahead, here are our priorities for milestone 8.4, planned for the first quarter of 2025:

  • Enhance Disaster Recovery for single-node clusters.
  • Expand monitoring and alerting features for Subscription users.
  • Improve TLS certificate management.
  • Notify users of expiring passwords.
  • Support Sieve filters in Imapsync application.

Stay updated on our project page.

:call_me_hand: Join the NS8 Community

We value your feedback and contributions:

  • Start a discussion on our forum using the tag ns8.
  • Share new ideas or improvements in existing discussions.
  • Help translate NS8 through Weblate.

Thank you for being part of this journey! Your support shapes the future of NS8.

The NethServer Team

10 Likes

Congrats for the job!

Just a few questions that can arise about selective mail restore:

  • IMAP folder restored in-place (replacing existing folder content, or adding/duplicating messages) or as a subfolder or at choosen IMAP folder?
  • Restore of individual messages not possible? (but available using file level restore, instead of mail restore). Restore of whole imap folder at chosen location could be a good trade-off.

To the whole team, have a good rest on this holidays!

3 Likes

Hi

NethServer project milestone 8.3, nice.

Great, so now NS8 can have more than 8 user domains, although only one can be a samba file server…

And only one usable AD. more ADs are possible, but they do not serve any redundancy, as they are not accessible to any other PCs or Servers, the other AD is only available to cluster Apps, not for general use. Pity…
This enforces the use of another VM or host, just to act as second AD - and can not be in the cluster…

I am VERY disapointed that the file server - and AD by extension - is not getting any relevant attention. A file server has to have backups, and also file and folder restores, so that’s very basic. That it took so long is not very good.

And still no WSDD included - this means I have to use a lot more OpenMediaVault systems as a file server. Why WSDD is not included in the AD container is something I do not understand, as implementing WSDD is basically a one liner…

10 different LDAP user bases may have use in a cloud or Internet based environment, but for a typical SME company, LDAP has no use with NethServer, as LDAP can not provide file sharing or AD Authentification.

If AD and File Server do not get attention soon (Within the next two milestones, milestone 8.5), I will probably move to setting up my own AD - and just use OMV VMs as file servers (member servers in AD).

After nearly 10 years of using NethServer, I would regret moving away, this Forum is very unique and has a lot of great people here…

But in the end: Neither I nor any of my SME clients need 100+ Apps.
What we DO need:

  • one or more AD DCs.
  • one or more file servers.
  • mail.
  • nextcloud.

Both Mail and Nextcloud should also have redundant options.

Any other needed app can run as a container or VM, and if it supports AD integration, even better.
Using Debian does not pose version problems, like it was when using the dated Centos7 on NethServer 7.9. (The reason why most NS7 have several different PHP, PHPmyAdmin and MariaDB versions…). And using Debian will also make for easy updates…

And that’s about it.

I’m sorry, @davidep, @alefattorini , but I am really very disapointed with the progress NS8 is now making…
I do hope I am not pressed to leave NS8, but the future will show soon what happens.

My 2 cents
Andy

2 Likes

In my opinion, NethSec is reinventing the wheel for the third or fourth time, when there are alternatives available everywhere.

The resources used for this would be better spent on a dynamic NS8 development.

Anyone who now has to familiarize themselves with the new and still developing NethSec could have done so with OPNSense or other alternatives. I don’t want to strain UniFi Cloud Gateway again.

I don’t want to criticize the developers in the slightest, because it is a business policy decision.

In my humble opinion, this would only make sense if the result is functionally better than the established systems and overall generates less effort for the customer (hardware + software + customization + operation).

I can’t even begin to see any of this.

But what the heck, it’s not my company.

2 Likes

HEllo, it seems you ave reverted the visibility behaviro of all App on the software center, to always visisble whether testing or prodcution level.

Also, for Apps on the testing branch, i have noticed for Apps on the testing branch, it seems that its not possible to load the Application description for them.

is this intended behavior? @davidep

The answers to those questions should already be in a new section of the Mail manual page: Restore a mailbox folder from a backup. Please let me know if the information is unclear or incomplete.

To clarify:

  1. Only entire folders (with their contents) can be restored.
  2. The restoration always places the folder under a special location, the “Restored folder,” which is created if necessary. IMAP users can then manage the restored content as they see fit, such as searching for specific messages or removing the “Restored folder” after reviewing its contents.

The same approach applies to restoring Share contents in the Samba File Server application: Restore File Server from Backup, with a main difference: you can select and restore individual files too.

Thank you for sharing your thoughts. Adding WSDD is a feasible enhancement, and we aim to include it in milestone 8.4.

Regarding redundant Domain Controllers and File Servers, the quickest path to such advanced features remains customization. Let’s continue this discussion—either by starting new threads or reviving existing ones—so we can explore potential solutions together!

There is an ongoing discussion in the Bug category, and I filed a related bug report yesterday. Let’s continue the conversation here: App install via Software Center not possible.

5 Likes

Very few people will need 100+ apps, of course; they’ll likely only need a few. But they few they’re going to need are naturally going to vary widely (I have no use for a file server with my remote NS system, nor do I need (nor can I use) AD, but I do need the web server), so a pretty broad selection of apps needs to be available to accommodate. Where the devs’ effort should be focused isn’t an easy question to answer, but I’d agree that both the web server and the file server ought to be priorities.

4 Likes

This topic was automatically closed after 9 days. New replies are no longer allowed.