v3.0 🐖

We are very happy to announce Tobira 3.0! This release vastly improves the main search and lets users find events via subtitle and slide text contents. Users can now edit ACLs of existing events, while admins can mandate that events inside series use the series' ACL. We also added a system to protect videos with passwords. For more details and all other new features and improvements, see the detailed changelog below.

Changelog

Breaking changes ⚠

The breaking changes are listed below with each respective change (as BREAKING). Please also see the "Migration" section at the bottom!

User-facing changes

• Search
  • Rework & improve main search design: more information is shown and parts of the metadata that match the search query are highlighted. #1273
  • Add ability to find events by slide text & captions in search. This allows users to find videos by what is said or shown, instead of only the metadata. #1189
  • Stop using instant-search (i.e. search as you type): due to the other changes, the search (frontend & backend) got heavier, making it not quite fast enough for an "instant search" that feels good. A traditional "search on enter" feels way better and is also a UX win in many ways. #1322
  • Improve relevancy/ordering of search results and other improvements #1319 #1324
  • BREAKING: Tobira now requires MeiliSearch 1.12. Also note: the "text search" feature might increase your DB and search index size notably.

• Make event ACL editable via Tobira #1272
• Add config to lock video ACLs to their series. When enabled, the ACL for events inside a series cannot be edited by users. #1305
• Add support for event specific password protection. Currently this only exists to support the legacy ETH password protection, but it can be easily adjusted to work with other kinds of password protection schemes. #1244
• BREAKING: Make <h1> heading on start page configurable. This now does not show any heading by default. #1289
• Do some Paella updates #1295
• Remove separate slide overview feature from Paella ("frame control button plugin") #1310
• Left align upload page #1320
• Fix: upload submit button is now disabled when form is invalid #1320
• Improve frontend performance by avoiding useless renders #1321

Changes primarily for admins

• BREAKING: Allow configuring logos for multiple languages #1292
• BREAKING: Make known group labels require 'default' instead of 'en' #1316
• BREAKING: Move config sync.{user,password} to opencast #1296
• BREAKING: Remove log.log_http_headers config and move log calls into submodules #1309
• Add createRealmLineage mutation to API #1179
• Add API mutations to expose individual steps of mountSeries mutation #1225
• As PostgreSQL 12.x is no longer supported since November 21, 2024, Tobira now requires PostgreSQL 13.x.
• Update Juniper to 0.16 #1298. This updates our backend GraphQL library to the next major version. There shouldn't be any observable differences except that /~graphiql is now upgraded and looks more modern.
• Update backend dependencies #1302
• Update frontend dependencies

Changes primarily for developers

• Refactor: add top-level model module #1317
• Add a new JWT key for local development #1328

Full Changelog: v2.13...v3.0

Migration

This release unfortunately contains a number of breaking changes, but they should be straight-forward to deal with.

• Upgrade PostgreSQL to at least version 13.x.
• Upgrade MeiliSearch to at least version 1.12. Note that the index will be rebuilt anyway, so no need to keep/migrate it.
• Config changes:
  • All "translated strings" in the config now require the default instead of the en entry. To keep the old behavior (of using English as default language), just replace all en keys with default. For example, change site_title = { en = "My university", de = "Meine Universität" } to site_title = { default = "My university", de = "Meine Universität" }. The default entry is used whenever there is no language-specific entry for the user's language.
  • Move sync.user and sync.password to the [opencast] section
  • If you used log_http_headers = true, replace that line with filters."tobira::http::log::headers" = "trace".
  • The logo configuration changed. Do see the documentation for the full explanation, but in short: add a logos = [ ... ] line and move the individual large, small, large_dark and small_dark entries into it as array item. Then add the appropriate mode = "light", mode = "dark", size = "narrow", size = "wide" attributes to each line.
• Just like the configuration, in "known groups", the label now requires default instead of en as entry. If you already inserted known groups into your DB, you have two options to update those:
  • If you still have the .json file around, just edit that file, replacing all en keys with default. And then just run tobira known-groups upsert again.
  • If you don't, you can fix the DB directly by running tobira db console and executing update known_groups set label = delete(label, 'en') || hstore('default', label->'en').
• If you want to keep the old behavior of showing the configured general.site_title as <h1> on the homepage, you have to edit the page name in the page settings.
• Once everything is running again, Tobira will download and index event texts (subtitles, slide texts). Keep an eye on the search index size during that process.

v2.13 🦎

🟢 There are no breaking changes.

User-facing changes

• Enable footer links to break into multiple lines on narrow screens in #1278

Changes primarily for admins

• Make workflow of uploader configurable via upload.workflow in #1268
• Fix minor mistakes in auth docs in #1270
• Do some dependency updates in #1259
• Improve harvest error reporting in #1257

Changes primarily for developers

• Add docs about connecting to a local Opencast in #1263
• Update to confique 0.3 in #1261

Full Changelog: v2.12...v2.13

v2.12 🦇

🟢 There are no breaking changes.

What's Changed

User facing changes

• Update Paella to fix visual bug with floating menus in #1245
• Explicitly mention "delete" as possible things someone with "write" access can do in #1254

Changes primarily for admins

• Fix deserialization of old harvest responses in #1256
  • This makes Tobira again work with older Opencast versions. With v2.9 and v2.10 we accidentally bumped the requirements for the harvest API without realizing it. This is now fixed. We also added tests to reduce the likelihood of this happening again.
• Update some dependencies

Changes primarily for developers

• Fix GitHub action scripts
• Fix UI tests
• Fix copy&paste bug in GraphQL docs in #1255

Full Changelog: v2.11...v2.12

v2.11 🦭

🟢 There are no breaking changes.

⚠️ This release requires at least Opencast 15.6 to be able to harvest correctly. This was unintentional. If this affects you, use Tobira v2.12 instead!

What's Changed

User-facing changes

• Add playlists in #1159 and #1181
  • Playlists are now synced with Opencast, and stored in Tobiras DB and search index
  • There are direct links to playlists and playlists can be added as blocks to pages, very similar to series
• Make event/series/playlist selection in block editor return most recently updated items first when no search term is entered in #1224
• Fix & improve various UI things in our paella integration in #1208
• Fix uploader for metadata containing '%' in #1192
• Remove "open in new tab" icons from Editor and Studio buttons in #1207
• Fix navigation for invalid realm paths in #1204
• Fix back button by replacing current state in "forward to direct video" in #1210
• Refine notes for missing videos in series and playlist blocks in #1213
• Make video routes work with Opencast Ids in #1190

Changes primarily for admins

• Add opencast.external_api_node config value (previously deleting videos was using the sync node, which usually did not work with multi-node setups) in #1221
• Remove outdated note about series not findable from docs in #1194
• Fix comment in config for general.initial_consent in #1201
• Improve config docs for general.initial_consent in #1206
• Fix docs about "listed" behavior in #1211
• Update some paella packages in #1223

Changes primarily for developers

• Fix "listed" logic, rewrite all search index trigger logic & some other improvements in #1217
• Make scripts compatible with older versions of bash in #1188
• Ignore build and node_modules folder for webpack --watch in #1193
• Update appkit and replace own components by the ones from appkit in #1199
• Replace docker-compose command with docker compose & update time dep to fix build error in #1218

Full Changelog: v2.10...v2.11

v2.10 🐙

What's Changed

⚠️ This release requires at least Opencast 15.6 to be able to harvest correctly. This was unintentional. If this affects you, try using Tobira v2.12 instead!

User-facing changes

• Allow users to delete videos they have write-access to in #1172
• Enable paella slide previews in #1163
  • Note: you have to run a resync to take advantage of that for existing events.
• Adjust sizing and color of new paella icons to be less bold and distracting in #1165
• Add option to embed videos using Opencast IDs by @geichelberger in #1174
• Open studio and editor in current tab and add return-to-tobira links in #1178
• Hide editor link on live videos since they can't be edited anyway in #1182
• Fix issue where very wide videos could overflow and cause horizontal scrolling in #1183

Changes primarily for admins

• Make font configurable in #1167

Changes primarily for developers

• Update and improve deployment scripts for installation on RHEL9 by @wsmirnow in #1169
• Improve asset handling and use frontend bundle splitting in #1167
• Add block editing UI tests in #1147
• Store custom ACL actions in database in #1164

New Contributors

• @wsmirnow made their first contribution in #1169

Full Changelog: v2.9...v2.10

v2.9 🐍

⚠️ This release requires at least Opencast 14.10 to be able to harvest correctly. This was unintentional. If this affects you, try using Tobira v2.12 instead.

Breaking changes ⚠

• Rework Tobira permission roles: remove "Tobira moderator", add "Tobira admin", add granular roles in #1137
  • You have to adjust your auth integration to give the appropriate new roles to your privileged users. In the easiest case you just have to replace ROLE_TOBIRA_MODERATOR with ROLE_TOBIRA_ADMIN. But please see the PR or the documentation for more information.
• Improve logging: switch to tracing & make filters more powerful in #1145
  • This is only a configuration-breaking-change. The log.level config value is replaced by log.filters. To get the previous behavior, just replace level = "$yourLevel" in config.toml with filters.tobira = "$yourLevel".

User-facing changes

• Add quality selector for progressive download videos in #1143
• Add series to search results in #1144
• Adjust paella progress bar color in #1149
• Adjust spacing of forwards and backwards button text in #1150
• Use new Paella icons and proper translations in #1162

Changes primarily for developers

• Dependency updates (only patch versions)
• Adjust sync code for series metadata in #1160

Changes primarily for developers

• Add basic search filters (experimental) in #1080
• Update loadtest utility with new GraphQL requests in #1142
• Add "danger zone" UI tests in #1151

Full Changelog: v2.8...v2.9

v2.8 🐻‍❄️

🟢 There are no breaking changes.

Changes primarily for admins

• Fix deadlock in auth cache (solves Tobira freezing problem) in #1141
  • See this issue for more details. This bug was introduced in v2.4, occurring randomly depending on a few factors.
• Fix behavior when auth.callback.cache_duration is set to 0 in #1141
  • Tobira went into a kind of busy loop, using CPU resources needlessly. This bug seems to use up to roughly 1/4 of a single CPU core.
• Pass more metadata to Paella (mainly for Matomo integration) in #1140

Full Changelog: v2.7...v2.8

v2.7 🦦

🟢 There are no breaking changes.

What's Changed

User-facing changes

• Fix broken Quality selector UI in Paella in #1122 (note: currently only used for live videos)
• Fix bug where event search was not returning all events for ROLE_ADMIN in #1134
• Improve some button/link descriptions for screen reader accessibility in #1136

Changes primarily for admins

• Add i18ned footer links by @geichelberger in #1119
• Release authkit 0.2.0 in #1124
• Update paella-user-tracking to fix Matomo's customDimensions and media analytics in #1139
• Dependency updates
  • Note: due to this, the glibc requirement of our pre-built x86_64-unknown-linux-gnu has increased to 2.29. If you are using an old OS that does not satisfy this requirement, use the -musl pre-built binary or build the binary yourself in the system in question. Again: Tobira does not require a newer glibc version, just this one pre-built binary.

Changes primarily for developers

• Switch to login callback for local development & deployment server in #1123
• Improve UI tests by running each in isolation (separate Tobira process & DB) with fixed offline data in #1093
• Use secret password for admin user on test deployment in #1135

Full Changelog: v2.6...v2.7

v2.6 🦣

What's Changed

Breaking changes ⚠

With this release, the auth system was restructured to be more flexible, convenient and powerful. All previous "auth modes" are still supported and you don't have to change anything apart from the Tobira config file! See the "Migration" section at the bottom of these release notes. As part of this, the documentation about auth was reworked. See those new docs or this PR for more information.

• Remove auth.mode in favor of auth.source plus auth.session.*
• Move auth.session_duration to auth.session.duration
• Remove a auth.*_header configs. These were not useful, see this commit for the reasoning.
• Move role-related configs into auth.roles. That's moderator_role, upload_role, studio_role, editor_role, user_realm_role, and user_role_prefixes.
• Always add ROLE_ANONYMOUS and ROLE_USER to logged in users. Technically a breaking change, but this should always be the case. It might not have been in the past if fauly auth integrations forgot to add those roles.

Apart from the auth related changes, there are two other breaking changes:

• Tobira moderators (ROLE_TOBIRA_MODERATOR) cannot edit all pages anymore. Only ROLE_ADMIN can do that implicitly. To retain the old behavior, add ROLE_TOBIRA_MODERATOR as "page admin" to the home page. (You might have to add a "known group" for that purpose.)
• The libc requirement for the tobira-x86_64-unknown-linux-gnu binary increased to 2.31 (which is Ubuntu 20.04 kind of old). If this is a problem for you, you an always use the -musl build.

User-facing changes

• Add granular permissions to the page tree in #1097
  • This allows you to give users access to only parts of the page tree. Access is inherited down the tree, meaning that giving a user access to one page means that user also has access to all sub-pages. There are two levels of permissions: page admin (can do everything) and moderator (cannot delete the page, change its path, or change access rules).
• Add configurable "terms and conditions" popup in #1112
  • Useful in combination with the added basic Matomo integration.
• Update Paella and add support for fallback fullscreen mode on iOS in #1113
• Revise download menu listitems in #1111
• Add arrow navigation to remaining popover menus in #1001
• Fix overlarge thumbnails in series slider view in #1078
• Group edit series options by @geichelberger in #1079
• Left align "about tobira" page content in #1084
• Add breadcrumbs to series pages in #1085
• Make logout button work with keyboard in #1083
• Hide child list in "change order" UI if sorted alphabetically in #1105
• Fix login page redirect when login_link is not configured in #1117
• Extend edit series block by @geichelberger in #1058
• Change edit series block label "layout" to "Metadata" in #1076

Changes primarily for admins

• Add auth callbacks in #1032
  • This is a new way to include your custom auth logic with Tobira. It is preferred over the existing "auth header" solution for several reasons. It usually makes setup a lot easier and the whole system faster. See the new auth docs for more information.
• Add initial support for Matomo data collection via Paella player in #1099
• Fix bug in auth.mode = "opencast" in #1109
• Fix deserialization bug for harvesting in special cases in #1109
• Add logging of useful DB server information in #1089
• Future proof harvest sync code for new items in #1115

Changes primarily for developers

• Add url field to routes to build path and use it everywhere in #1035
• Split ci action into two jobs to start deploy faster in #1073
• Actually pass relevant options through to start-dev.sh by @JulianKniephoff in #1104
• Stop using non-existent Roboto fonts in Paella in #1106
• Add realm ACL roles to db dump in #1110

Full Changelog: v2.5...v2.6

Migration

This section should make the it easy to adjust to the auth system changes that replace auth.mode. Be sure to check the other breaking changes as well.

You currently have auth.mode = ...

"opencast"

[auth]
source = "tobira-session"
session.from_login_credentials = "opencast"

"login-proxy"

[auth]
source = "tobira-session"
session.from_session_endpoint = "trust-auth-headers"

Consider migrating to login callbacks.

"full-auth-proxy"

[auth]
source = "trust-auth-headers"

Consider migrating to auth callbacks.

v2.5 🦔

🟢 There are no breaking changes.

User-facing changes

• Fix router bug to prevent critical errors when redirecting internally in #1060
• Filter out past live events from search results in #1062
• Implement several minor UI improvements in #1061
• Unify series block layouts by always placing the description inside the block in #1020
• Improve video item spacing in series blocks for certain screen widths in #1071
• Replace radio buttons in edit series form with simple radio/checkboxes the in #1021

Full Changelog: v2.4...v2.5