The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
README.md	2026-05-22	7.7 kB	0
v1.4.1 source code.tar.gz	2026-05-22	5.7 MB	0
v1.4.1 source code.zip	2026-05-22	7.8 MB	0
openapi.json	2026-05-22	2.5 MB	0
cozypkg-checksums.txt	2026-05-22	564 Bytes	0
cozypkg-windows-arm64.tar.gz	2026-05-22	22.9 MB	0
cozypkg-windows-amd64.tar.gz	2026-05-22	25.6 MB	0
cozypkg-darwin-amd64.tar.gz	2026-05-22	26.7 MB	0
cozypkg-darwin-arm64.tar.gz	2026-05-22	24.7 MB	0
cozypkg-linux-amd64.tar.gz	2026-05-22	25.4 MB	0
cozypkg-linux-arm64.tar.gz	2026-05-22	22.9 MB	0
initramfs-metal-amd64.xz	2026-05-22	154.4 MB	0
kernel-amd64	2026-05-22	20.4 MB	0
nocloud-amd64.raw.xz	2026-05-22	347.5 MB	0
metal-amd64.raw.xz	2026-05-22	347.5 MB	0
metal-amd64.iso	2026-05-22	540.4 MB	0
cozystack-operator-hosted.yaml	2026-05-22	2.5 kB	0
cozystack-operator-generic.yaml	2026-05-22	2.6 kB	0
cozystack-operator-talos.yaml	2026-05-22	2.6 kB	0
cozystack-crds.yaml	2026-05-22	20.0 kB	0
Totals: 20 Items		1.6 GB	0

v1.4.1 (2026-05-22)

A patch release shipping five managed-service and platform fixes, a CI reliability improvement, and several documentation additions. All code changes are backports of PRs already merged to main.

Fixes

fix(postgres): accept integer values for postgresql.parameters in schema: PostgreSQL server parameters such as max_connections are natural integers, but the chart's JSON schema declared them as {type: string} only. When users supplied bare integers (e.g. max_connections: 100) directly in Application CR specs or via the UI, Helm rejected the values at schema-validation time before template rendering, causing HelmRelease failures. The fix adds an intOrString type alias in cozyvalues-gen v1.4.0 so that additionalProperties emits anyOf: [integer, string] plus x-kubernetes-int-or-string: true, making both forms valid. The same PR extends the $dangerousParams blocklist with archive_cleanup_command and recovery_end_command (shell-exec hooks with the same RCE surface as archive_command/restore_command) so tenants cannot set them. All generated artifacts (values.schema.json, the embedded openAPISchema in postgres-rd, README.md, and the Go API type for Parameters) are regenerated and survive future make generate runs (@IvanHunters in [#2687], backport [#2715]).
fix(platform): migrate ephemeralStorage to diskSize via pre-upgrade hook: PR [#2454] renamed nodeGroups[*].ephemeralStorage to nodeGroups[*].diskSize and added a hard {{ fail }} guard. Any HelmRelease still carrying the legacy field was blocked from reconciliation entirely — including unrelated control-plane changes and MachineHealthCheck remediations. A new platform pre-upgrade migration (migration 41) now walks all kuberneteses.apps.cozystack.io Application CRs cluster-wide and renames the field automatically before chart resources are applied, preserving the user's value. The migration is idempotent and best-effort; a failed patch is logged and retried on the next upgrade (@IvanHunters in [#2688], backport [#2712]).
fix(cluster-api): fix Kamaji OOM and set limits on unset providers: The resource override for the Kamaji control-plane-provider targeted a container named manager, but the upstream image names it controller. The CAPI operator merges overrides by container name, so the intended 1 CPU / 1024 Mi limits were silently dropped and the upstream default of 128 Mi memory was used instead, causing the pod to restart repeatedly with OOMKilled (exit 137). The container name is now corrected. Additionally, the core, kubeadm-bootstrap, and kubevirt-infrastructure providers shipped no resources: block and ran as BestEffort, making them first to be evicted under memory pressure; modest requests and limits are now set for all three (@myasnikovdaniil in [#2708], backport [#2709]).
fix(kafka): reclaim ZooKeeper PVCs on Kafka release deletion: The Strimzi Kafka CR already set deleteClaim: true on broker JBOD volumes, but the ZooKeeper persistent-claim storage was left at deleteClaim: false. Deleting a Kafka application freed the broker PVCs while orphaning the ZooKeeper PVCs in the tenant namespace, requiring manual cleanup before the same release name could be reused. deleteClaim: true is now set on the ZooKeeper storage as well, so uninstalling a Kafka release reclaims all associated persistent storage (@Arsolitt in [#2679], backport [#2705]).
fix(opensearch-operator): replace deprecated kube-rbac-proxy image: The gcr.io/kubebuilder/kube-rbac-proxy image used by the OpenSearch operator chart is no longer available since the kubebuilder GCR registry was sunset. The image is replaced with quay.io/brancz/kube-rbac-proxy (the same source already used by etcd-operator and other components in Cozystack). The override is applied via a values.yaml entry under kubeRbacProxy.image.repository, following the project convention instead of vendored-chart patches (@myasnikovdaniil in [#2689], backport [#2695]).

Development, Testing, and CI/CD

fix(e2e-sandbox): download mc with curl -fsSL: The MinIO client was downloaded without the -L flag, so when dl.min.io served a 302 redirect, curl wrote the HTML redirect body to /usr/local/bin/mc and made it executable. When the bucket E2E test ran mc alias set ..., the shell attempted to interpret the HTML as a script and failed with cannot open a: No such file. Adding -fsSL follows the redirect and fails fast on HTTP errors; the change also busts the cached Docker layer so subsequent builds pull a real ELF binary (@myasnikovdaniil in [#2690]).

Documentation

[website] Add backup and recovery guides for managed applications: New operator and tenant guides for managed application backups covering PostgreSQL, MariaDB, ClickHouse, and FoundationDB. Includes one-off and scheduled backup workflows, status inspection, in-place and copy restores, cluster-level BackupClass and driver strategy configuration, migration guidance from legacy chart-level backup values, and per-driver caveats (@androndo in cozystack/website#536).
[website] Document vm-default-images as an opt-in package: Adds a dedicated section to the Golden Images page explaining that vm-default-images is disabled by default, its ~320 GiB storage footprint for the default 16-image set, how to enable it via bundles.enabledPackages, and how to override storageClass and the images[] list through the cozystack.vm-default-images Package CR (@myasnikovdaniil in cozystack/website#538).
[website] Announce Cozystack 1.4 release: Blog post covering the highlights of the v1.4.0 release (@tym83 in cozystack/website#546).
[website] Announce /cozystack:wizard guided installer: Blog post introducing the interactive guided installer for new Cozystack deployments (@tym83 in cozystack/website#542).
[website] Refresh screenshot gallery: Updated homepage screenshot gallery with new captures reflecting the current UI (@kvaps in cozystack/website#543).

Dependencies

[ansible-cozystack] Bump cozy-installer to v1.4.1: Routine Renovate update tracking the new Cozystack patch release (@app/renovate in cozystack/ansible-cozystack#44).