Download Latest Version
metal-amd64.iso (521.5 MB)
Get an email when there's a new version of cozystack
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | 2026-03-20 | 3.2 kB | |
| v1.0.6 source code.tar.gz | 2026-03-20 | 5.2 MB | |
| v1.0.6 source code.zip | 2026-03-20 | 7.0 MB | |
| cozypkg-checksums.txt | 2026-03-20 | 564 Bytes | |
| cozypkg-windows-arm64.tar.gz | 2026-03-20 | 17.2 MB | |
| cozypkg-darwin-amd64.tar.gz | 2026-03-20 | 20.0 MB | |
| cozypkg-darwin-arm64.tar.gz | 2026-03-20 | 18.6 MB | |
| cozypkg-linux-amd64.tar.gz | 2026-03-20 | 19.0 MB | |
| cozypkg-linux-arm64.tar.gz | 2026-03-20 | 17.2 MB | |
| cozypkg-windows-amd64.tar.gz | 2026-03-20 | 19.1 MB | |
| initramfs-metal-amd64.xz | 2026-03-20 | 146.1 MB | |
| kernel-amd64 | 2026-03-20 | 21.9 MB | |
| nocloud-amd64.raw.xz | 2026-03-20 | 333.6 MB | |
| metal-amd64.raw.xz | 2026-03-20 | 333.6 MB | |
| cozystack-operator-hosted.yaml | 2026-03-20 | 2.5 kB | |
| metal-amd64.iso | 2026-03-20 | 519.4 MB | |
| cozystack-operator-generic.yaml | 2026-03-20 | 2.6 kB | |
| cozystack-operator-talos.yaml | 2026-03-20 | 2.5 kB | |
| cozystack-crds.yaml | 2026-03-20 | 19.1 kB | |
| Totals: 19 Items | 1.5 GB | 1 | |
Fixes
-
[kubernetes] Fix CiliumNetworkPolicy endpointSelector for multi-node RWX volumes: When an NFS-backed RWX volume is published to multiple VMs, the network policy's
endpointSelectorwas only capturing the first VM. Subsequent volume publications added owner references but never broadened the selector, causing Cilium to block NFS egress and making mounts hang on all nodes except the first. The fix switches frommatchLabelstomatchExpressions(operator: In) so the selector lists all VM names and is rebuilt whenever owner references change (@mattia-eleuteri in [#2227], [#2228]). -
[dashboard] Fix dashboard authentication failures after secret recreation: Added a
secret-hashannotation containing the SHA256 hash of the client secret to the dashboardKeycloakClientresource. Without this annotation, if thedashboard-clientSecret was recreated (e.g. after an upgrade or reinstall), theKeycloakClientspec stayed unchanged, the EDP Keycloak operator skipped reconciliation, and Keycloak kept the stale secret — causing dashboard authentication failures. Now any secret value change updates the annotation hash, triggering operator reconciliation and syncing the new secret to Keycloak (@sircthulhu in [#2231], [#2240]). -
[etcd] Fix defrag CronJob accumulating pods during cluster upgrades: Added protective limits to the etcd defragmentation CronJob to prevent job pile-up when etcd is temporarily unavailable during upgrades. Without
concurrencyPolicy: Forbid, new jobs kept being created hourly while previous ones were still failing, accumulating hundreds of running/failed pods across tenants. The fix addsconcurrencyPolicy: Forbid, astartingDeadlineSeconds: 300guard against missed schedules, a 30-minute job timeout, and limits retries to 2 (@sircthulhu in [#2233], [#2235]).
Documentation
-
[website] Document
keycloakInternalUrlplatform value: Added documentation for theauthentication.oidc.keycloakInternalUrlplatform value to the Platform Package Reference, Self-Signed Certificates guide, and Enable OIDC Server pages. This value routes dashboard backend OIDC requests through the internal Keycloak service, which is useful in environments with self-signed certificates (@sircthulhu in cozystack/website#452). -
[website] Publish Cozystack v1.0 release announcement: Added the official Cozystack v1.0 release announcement blog post and supporting images, celebrating the first stable release of the platform (@tym83 in cozystack/website#453, cozystack/website#454).
Full Changelog: https://github.com/cozystack/cozystack/compare/v1.0.5...v1.0.6
