Skip to content

Overview

Welcome to the PPA installation and configuration guide.

Info

For ESXi, VirtualBox or VMware Workstation you will need to download the PPA ISO.

Provision a machine with at least 2 cores, 4GB of ram and an 8GB disk.

Mount the iso and boot the machine.

Releases

Version 2.6.2

Fixes

  • Improve handling of reverse PTR records when configuring default Vault

Version 2.6.1

Fixes

  • Fix clearing error codes in playbook metadata

Known Issues

  • If the vault is failing to initialize, please set a FQDN (/var/disk/config/fqdn) that matches your reverse PTR settings.

Version 2.6.0

Features

  • Tasks can now have multiple revisions. Test new task versions without disrupting your users.
  • PPA will now prompt to unlock the built in vault on startup.
  • PPA will autoconfigure the built in vault on initial deploy if required.
  • New graph view for tasks that visualizes the steps a task will perform.

Enhancements

  • Better blank states and help tooltips.

Breaking

  • API and schedules now require credits to run.

Version 2.5.2

Enhancements

  • Tasks will no longer block on outputs when unattended.

Version 2.5.1

Bugfixes

  • The builder will now clean up intermediate build containers.

Enhancements

  • You can now specify a task timeout in the builder metadata.

Version 2.5.0

Features

  • New task editor!

Enhancements

  • Improved syslog events
  • Improved hook submitted page that can now be white labeled with Markdown frontmatter
  • Task metadata can now be edited from the inventory page
  • Updated open-vm-tools to 10.3.10
  • Updated haproxy to 2.0.13
  • Updated hashicorp vault to 1.3.4

Breaking

  • Drop support for upgrades from version 2.2 and earlier.
  • Drop support for opus.* labels

Version 2.4.1

Fixes

  • Fix a deadlock that could occur when scheduling tasks for the same time.

Enhancements

  • You can now hide the splash screen on boot by holding left control.

Version 2.4.0

Features

  • Tasks can now be scheduled to run automatically
  • SMTP and Syslog support for tasks
  • Task inventory page
  • SAML support
  • API support

Enhancements

  • New sidebar that makes navigating to task activity easier
  • Notification disc when a task you own is running
  • You can now lock the console to prevent unauthorized access without using VSphere permissions
  • You can now see the roles users have on the Users page

Upgraded

  • PostgreSQL 12
  • Alpine 3.11

Version 2.3.2

Fixes

  • Speed up nested group membership for very large Active Directory deployments

Version 2.3.1

Fixes

  • Fix rare race condition between backend and private key server
  • Improve resilience of the appliance when a critical error occurs

Version 2.3.0

Features

  • Roles and granular permissions are now supported.

Enhancements

  • OVA image is now signed.
  • Nested AD group membership is now supported.
  • AD security groups can now be imported into the UI,
  • Improved page load speed when attaching to tasks.
  • New sidebar layout.
  • Improved data tables with filtering and ordering.

Fixes

  • You can now clone the appliance in VMWare.
  • Better handling of CSRF token.

Upgraded

  • PostgreSQL 11
  • Docker 19.03.4
  • Alpine 3.10
  • Golang 1.13

Version 2.2.1

Fixes

  • Relay and gateway will set the nobody account to never expire.
  • The admin tables will now show the correct number of rows.
  • Task tables will now correctly sort large numbers of rows.

Version 2.2.0

Features

  • Agent support. Run tasks on remote Docker servers (including Windows).
  • Added a reporting page for an overview of the appliance.

Enhancements

  • Better error messages when adding a Hashicorp Vault that is uninitialised or sealed.
  • Consistency pass on user interface.
  • Tasks now time out after 15 minutes by default. This is configurable with the ppa.run.timeout label.

Fixes

  • Performance improvements for large numbers of historical tasks.

Breaking

  • The password strength meter now only appears for a password input if you provide meter=true.

Known Issues

  • You will need to manually refresh in Chrome to see the updated user interface

Version 2.1.2

Fixes

  • API gateway now no longer uses invalid latin1 characters
  • API gateway now correctly returns 407 when not authenticated
  • Space remaining now reports the unit correctly

Version 2.1.1

Enhancements

  • You can now specify multiple hosts for active directory (comma separated).
  • The input table has a toggle for what was selected once submitted.
  • Enable Linux page poison to secure old page data

Fixes

  • Virtual machine will now correctly shutdown when triggered from VMware tools.
  • Virtual machine will automatically sync time with host on resume.
  • Self-signed certificate will not regenerate on reboot unless the IP or DNS settings have changed.
  • Users can now no longer submit an input after a task has failed.
  • UI will not time out if a task upload takes longer than 10 seconds.
  • The JWT used by the API will be regenerated after each reboot.
  • Fixed the input table reloading unnecessarily causing flickering.
  • Fixed large task upload in Chrome

Breaking

  • Loopback alias 172.16.123.1 has been removed.
  • Servername override in AD configuration removed. Insecure LDAPS certificates are no longer allowed.

Security

  • Remove axios dependency (fixes CVE-2019-10742)

Version 2.1.0

Updated

  • Update Linux Kernel to 4.19.37
  • Update containerd to 1.2.6
  • Update openssh-server to 7.9
  • Update vault to 1.1.2
  • Compile with Go 1.12.4

Enhancements

  • Add a range of syslog events in the CEF format.
  • Add a config page to upload licences and generate techouts.

Features

  • Add a CSV report of all tasks that have been run to the task history page.
  • Add 'Admin Login Groups' to the Configure Active Directory dialog.

Breaking

  • Remote support removed now beta has concluded.