[pull] main from warp-tech:main#2
Open
pull[bot] wants to merge 513 commits into
Open
Conversation
Co-authored-by: Eugene <x@null.page>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eugene <x@null.page>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eugene <x@null.page>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…1845) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…e-web (#1861) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugene <inbox@null.page>
This PR adds a new properties to users: allowed_ip_range. If someone tires to log into that user from outside the IP range, the login will be rejected. There are quite a few usecases for this: 1. Companies who want to harden their security by restricting login from their on-site locations. 2. Only allow SSH/kubectl access from the CI (so if someone manages extract the warpgate access token from the CI, they still can't use it) 3. A very niche usecase that we need it for: Running student exams through warpgate, where students should only be logging in from the exam hall. The main reason to have this over for example firewall-level tightening is that it can be configured per user. So for us for example we don't want students to log in outside the exam hall, but we still want to be able to get in ourselves outside the exam PCs. I've paid special attention to making sure this works nicely with SSO too. I also tried to get the SSH session to print out a message explaining why the auth was rejected, but I didn't manage to do that, so it just says "password rejected" when the SSH session is rejected due to the IP restriction. <img width="871" height="278" alt="Screenshot From 2026-04-08 16-02-14" src="https://github.com/user-attachments/assets/b5669c58-60ae-4f71-9b70-5742ff59fb14" /> <img width="692" height="681" alt="Screenshot From 2026-04-08 16-02-44" src="https://github.com/user-attachments/assets/b23a47b3-ceb4-4251-ae16-0aeb8b04460d" /> Closes #1545 --------- Co-authored-by: Eugene <inbox@null.page>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…1863) Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Eugeny <161476+Eugeny@users.noreply.github.com> Co-authored-by: Eugene <inbox@null.page> Co-authored-by: Eugene <x@null.page>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: dependabot[bot] <support@github.com>
…2101) Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Eugene <inbox@null.page>
…ut (#1630) Co-authored-by: Eugene <inbox@null.page>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )