Download Latest Version metal-amd64.iso (521.5 MB)
Email in envelope

Get an email when there's a new version of cozystack

Home / v1.1.4
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2026-03-30 8.3 kB
0
v1.1.4 source code.tar.gz 2026-03-30 5.2 MB
0
v1.1.4 source code.zip 2026-03-30 7.0 MB
0
cozypkg-checksums.txt 2026-03-30 564 Bytes
0
cozypkg-windows-arm64.tar.gz 2026-03-30 17.2 MB
0
cozypkg-darwin-amd64.tar.gz 2026-03-30 20.0 MB
0
cozypkg-darwin-arm64.tar.gz 2026-03-30 18.6 MB
0
cozypkg-linux-amd64.tar.gz 2026-03-30 19.0 MB
0
cozypkg-linux-arm64.tar.gz 2026-03-30 17.2 MB
0
cozypkg-windows-amd64.tar.gz 2026-03-30 19.1 MB
0
initramfs-metal-amd64.xz 2026-03-30 146.1 MB
0
kernel-amd64 2026-03-30 21.9 MB
0
nocloud-amd64.raw.xz 2026-03-30 333.6 MB
0
metal-amd64.raw.xz 2026-03-30 333.6 MB
0
metal-amd64.iso 2026-03-30 519.4 MB
0
cozystack-operator-hosted.yaml 2026-03-30 2.5 kB
0
cozystack-operator-generic.yaml 2026-03-30 2.6 kB
0
cozystack-crds.yaml 2026-03-30 19.1 kB
0
cozystack-operator-talos.yaml 2026-03-30 2.5 kB
0
Totals: 19 Items   1.5 GB 0

Features and Improvements

  • [boot-to-talos] Add support for ISO, RAW, and HTTP image sources: The boot-to-talos tool can now use ISO files, raw disk images, and HTTP URLs as Talos image sources in addition to container registry images. This allows bootstrapping nodes in air-gapped environments or from locally stored images without requiring a container registry (@lexfrei in cozystack/boot-to-talos#13).

  • [boot-to-talos] Use permanent MAC address for predictable network interface names: Interface name detection now reads the permanent MAC address directly from sysfs instead of relying on udev data, providing a stable hardware MAC that is unaffected by user modifications to the active MAC address. This makes network interface naming more reliable across reboots and hardware changes (@IvanHunters in cozystack/boot-to-talos#14).

Fixes

  • [dashboard] Fix broken backup menu links missing cluster context: Backup resources (plans, backupjobs, backups) are not ApplicationDefinitions, so ensureNavigation() never created their baseFactoriesMapping entries. Without these entries the OpenUI frontend could not resolve the {cluster} context for backup pages, producing broken sidebar links with an empty cluster segment (e.g. /openapi-ui//tenant-root/...). The missing baseFactoriesMapping entries for all backup resource types are now added to the static Navigation resource (@sircthulhu in [#2232], [#2269]).

  • [platform] Fix tenant admins unable to create FoundationDB, Harbor, MongoDB, OpenBAO, OpenSearch, Qdrant, and VPN applications: The cozy:tenant:admin:base ClusterRole was missing seven application resources from apps.cozystack.io (foundationdbs, harbors, mongodbs, openbaos, opensearches, qdrants, vpns). Without these permissions, tenant admins could not create these applications — the "Add" button was inactive in the dashboard. The missing resources have been added to the ClusterRole (@sircthulhu in [#2268], [#2272]).

  • [dashboard] Fix StorageClass dropdown showing "Error" in application forms: The dashboard UI fetches StorageClass resources to populate dropdowns (e.g. in the Postgres form), but the cozystack-dashboard-readonly ClusterRole did not include storage.k8s.io/storageclasses. This caused authenticated users to see "Error" instead of the StorageClass name. get/list/watch permissions for storageclasses have been added to the dashboard readonly role (@sircthulhu in [#2267], [#2274]).

  • [system] Fix 403 error on Service details page by granting tenants read access to EndpointSlices: The dashboard requested EndpointSlices from the discovery.k8s.io API group to display the "Pod serving" section on the Service details page, but cozy:tenant:base and cozy:tenant:view:base ClusterRoles lacked permissions for this resource. Tenant users received a 403 error when opening the Service details page. get/list/watch permissions for endpointslices have been added to both tenant ClusterRoles (@sircthulhu in [#2257], [#2285]).

  • [dashboard] Fix "Pod serving" table displaying "Raw:" and "Invalid Date" on Service details page: The Service details page EndpointSlice table showed "Raw:" prefixes and "Invalid Date" values because the EnrichedTable referenced customizationId factory-kube-service-details-endpointslice which had no corresponding CustomColumnsOverride. Column definitions for Pod (.targetRef.name), Addresses (.addresses), Ready (.conditions.ready), and Node (.nodeName) have been added (@sircthulhu in [#2266], [#2283]).

  • [piraeus-operator] Fix LINSTOR satellite alert labels, reduce scrape-flap false positives, and improve controller alerting: Three alerting issues in cozy-piraeus-operator have been addressed: (1) linstorSatelliteErrorRate used a non-existent name label in annotations, resulting in Satellite "" in alert notifications — corrected to {{ $labels.hostname }}; (2) linstorSatelliteErrorRate could produce false positives when the linstor-controller scrape flapped and historical linstor_error_reports_count counters reappeared inside the alert window — fixed by adding a minimum scrape-count guard; (3) The LinstorControllerOffline alert has been split into separate availability and metrics-availability alerts with configurable hold time to reduce noise during brief connectivity interruptions (@sasha-sup in [#2265], [#2286]).

  • [linstor] Fix swapped VMPodScrape job labels causing incorrect controller offline alerts: The cozy-linstor VictoriaMetrics VMPodScrape templates had the job relabeling rules swapped: linstor-satellite metrics were labeled as job=linstor-controller and vice versa. This caused linstorControllerOffline alerts to fire for satellite endpoints (:9942) while reporting that the controller was unreachable. The job labels are now correctly assigned to their respective targets (@sasha-sup in [#2264], [#2289]).

  • [boot-to-talos] Fix triple-fault on hosts with 5-level paging (LA57) enabled: On hosts with CONFIG_X86_5LEVEL=y in the kernel, kexec into Talos caused a triple-fault because the Talos kernel does not support 5-level page tables. boot-to-talos now detects LA57 before kexec and automatically patches GRUB with no5lvl, runs update-grub, and reboots. After reboot with 5-level paging disabled, boot-to-talos proceeds normally (@IvanHunters in cozystack/boot-to-talos#15).

  • [boot-to-talos] Fix EFI boot entry creation when using loop device images: Talos installer skips EFI variable creation when running on loop devices. boot-to-talos now creates a proper UEFI boot entry with an HD() device path pointing to the real target disk's ESP by reading the GPT partition table from the target disk after image copy, instead of relying on the Talos installer (@kvaps in cozystack/boot-to-talos#16).

  • [talm] Fix silent empty output when no template files are specified: Running talm template without --file or --template flags previously produced minimal or empty output without any error. Validation has been added to engine.Render to return a clear error message when no template files are specified, making misconfigured invocations immediately apparent (@kvaps in cozystack/talm#112).

Documentation

  • [website] Add documentation for VMInstance and VMDisk backups: Added a new virtualization-focused Backup and Recovery guide covering one-off and scheduled backups for VMInstance and VMDisk resources, restore procedures, status verification commands, and troubleshooting notes including Velero-related issues (@myasnikovdaniil in cozystack/website#456).

  • [website] Update developer guide with operator-driven architecture and OCIRepository migration flow: Rewrote the development guide to describe the operator-driven in-cluster architecture, bootstrap flow, operator responsibilities, and the platform install/update sequence. Added an "OCIRepositories and Migration Flow" section with migration hook examples and sequencing rules for pre-upgrade hooks (@myasnikovdaniil in cozystack/website#458).

Full Changelog: https://github.com/cozystack/cozystack/compare/v1.1.3...v1.1.4

Download cozystack

Source: README.md, updated 2026-03-30