Getting all the news on new features we ship

  • Instance Protection Mode

    We're excited to announce the introduction of the Instance Protection Mode, an enhancement in our efforts to provide a secure and controlled environment for managing production instances on FlowFuse. This feature empowers Team Owners with the exclusive ability to restrict modifications to production instances, ensuring that any changes are made with careful oversight and authorization.

    A key aspect of Instance Protection Mode is the exclusive control it grants Owners over the execution of DevOps pipelines targeting protected instances. This means: Only Owners can initiate and execute pipelines.

    The Instance Protection option can be found under the Instance settings view for all our Teams and Enterprise Tier customers.

  • Bearer Token Authentication for Node-RED Instances

    , Ben Hardill

    Bearer Token Authentication for Node-RED Instances, allows FlowFuse users to securely access their Node-RED HTTP endpoints, ensuring enhanced security and ease of implementation. Now, you can confidently manage your HTTP endpoints with the assurance that your connections are protected using FlowFuse's robust authentication mechanism.

    Screenshot Instance Setting Bearer Token

    Screenshot of New Bearer Token

    $ curl -H "Authorization: Bearer ffhttp_FKc_S4qlTBV1H411hmhneHcSJ6F_FGNQLPYbnoD3-B0"

    This feature is available for our Teams and Enterprise Tier customers. You can find the configuration under the Security tab in your instance settings.

  • Remote Device Restart

    The latest version of the FlowFuse device agent now supports remotely restarting your Node-RED flows from the FlowFuse platform. This brings it more inline with what the platform lets you do with your hosted Node-RED instances.

    This removes the need to manually connect to your device to restart Node-RED, streamlining your workflow and offering a more seamless and efficient user experience.

    Remote Device Restart

  • Direct Dashboard Access

    Steve McLaughlin

    We have added quick access buttons to help you navigate to your Dashboard 2.0 UI in a single click.

    Dashboard button is displayed alongside the Open Editor button when an instance has @flowfuse/node-red-dashboard installed.

    Click the link to learn more about Flowfuse Dashboard 2.0

  • Instance Auto Snapshots

    Two weeks ago, we introduced auto snapshots for devices to help ensure you can always rollback to a previous version of your Node-RED flows. We're extended that ability to the hosted Node-RED instances as well.

    Whenever you deploy a change to the flows, a snapshot will be taken automatically. We'll keep the last 10 auto-generated snapshots on a first-in, first-out basis. Older auto-generated snapshots will be automatically cleaned up for you - unless they are marked as a target snapshot for your devices.

    Click the following links to learn more about instances and snapshots.

  • PostgreSQL Version update

    Ben Hardill

    Included in the v2.1.0 release the Helm Chart now uses 14.10.0-debian-11-r30 tag of the Bitnami PostgreSQL container.

    This container tag includes images for both AMD64 and ARM64 allowing FlowFuse to be deployed to now fully ARM64 based Kubernetes clusters when using local PostgreSQL database.

  • Device Auto Snapshots

    Steve McLaughlin

    FlowFuse V2.1 introduces Auto Snapshots for your Application Assigned Devices.

    When you deploy a change to the device flows, a snapshot will be taken automatically.

    The last 10 Auto Snapshots will be kept on a first in first out basis. Older Auto Snapshots will be automatically cleaned up for you.

    Click the following links to learn more about devices and snapshots.

  • Pricing change for Devices

    Starting today, we have introduced a simplification of the pricing structure for devices on FlowFuse Cloud, effective immediately. All information is available on our pricing page. The new pricing scheme is as follows:

    • Starter Tier: No change
    • Teams Tier: Devices are now priced at $25 each.
    • Enterprise Tier: Devices are priced at $50 each.

    We are also pleased to offer volume discounts. For more details, please contact us.

    Important Note for Existing Teams

    If a team currently in either tier already has devices (or has had devices in the past), any additions or removals of devices will be billed according to the previous pricing structure. For teams without any prior device history, the addition of devices will be billed at the new rates.

  • Device Instance Audit Logging

    Steve McLaughlin

    With the recent introduction of the Device audit log, we've now updated the Device Agent to start logging events from the Node-RED instance running on your device.

    This brings closer parity with the logging you get from a hosted instance.

    The audit log events include details of the flows being updated, nodes being added or removed from the palette and other changes to the configuration.

    Update to Device Agent v2.2 to start receiving the events.

    Device Audit log

  • Device Onboarding Improvements

    Steve McLaughlin

    Hot on the heals of our recent onboarding improvements and streamlining, we have now introduced a new, simpler and faster way of getting your devices configured and connected to the FlowFuse platform.

    Now, when you create a device on the platform, you will be offered a simple "Setup command". Run this command in a terminal and the let the Device Agent do all the hard work for you.

    To learn more about this, head to the FlowFuse Device Agent documentation.

  • Personalised Multi-user Dashboards with Node-RED Dashboard 2.0!

    Joe Pavitt

    This week has seen the release of the first major version of Node-RED Dashboard 2.0, with it, we've made available a new FlowFuse-exclusive feature, personalised multi-user dashboards.

    This new feature will allow you to build applications that provide unique data to each user, build admin-only views, and track user activity, to name but a few. We're really excited to see what the Node-RED Community and our FlowFuse customers can do with such a powerful and flexible framework.

  • Node-RED Dashboard 2.0 is Generally Available!

    Joe Pavitt

    Back in June 2023 we announced that FlowFuse would be investing into building out the next generation of Node-RED Dashboard, the most popular UI framework for Node-RED.

    We followed this up with the first release (0.0.1) in July, just one month later, and today, we are pleased to announce that we have reached a major milestone in this journey, with the release of our first major version (1.0.0) of Node-RED Dashboard 2.0.

  • Streamlined Device assignment

    Nick O'Leary

    To start editing flows on a device, it needs to be assigned to an application in your team. Up until now this has been a two step process; creating the device and then assigning it. This wasn't as intuitive as it needed to be.

    To help streamline the user experience, you can now assign a device to an application when you create it. It's a small update, but it helps users get to where they want to be much quicker.

  • New Blueprints added

    We have added some new blueprints to FlowFuse Cloud to help users get started with a range of common manufacturing scenarios.

    They are available to all users on FlowFuse Cloud. Additionally, upon request, all our Teams and Enterprise Self-Hosted customers gain access to this collection.

    List of new Blueprints:

    Curious about what Blueprints are? Read our recent blog post that introduced Blueprints to FlowFuse.

    For an overview of all available Blueprints check out our Blueprint Library.

  • Helm Chart v2.0

    Ben Hardill

    The v2.0 release of the FlowFuse Helm Chart includes a breaking change for deployments making use of the forge.localPostgresql setting when upgrading. This is where the helm chart installs a dedicated PostgreSQL database instance.

    With v2.0 we have updated the version of the Bitnami PostgreSQL Helm sub-chart we bundle and the upgrade process will require some manual intervention to ensure things work correctly. A fresh install should not require any extra steps.

    The steps are documented on the Upgrade instructions page, please read them carefully before upgrading

    Also included in this release is the ability to set resource constraints and Pod Security Context on the FlowFuse application, File-Server Application and MQTT broker containers if required. Details of how to set those can be found in the Helm Chart

  • Device Groups - Automatic snapshot assignment

    Four weeks ago, we launched the Device Groups feature, for our Enterprise customers. This innovation marked a significant step in simplifying device management within DevOps Pipelines. Now we enhacent the Device Groups functionality.

    With this update, the behavior of Device Groups has been refined to further streamline your workflow. Now, whenever a Snapshot is assigned to a Device Group, any newly added devices to that group will automatically receive the update. This ensures that all devices within the group are consistently synchronized with the latest changes, eliminating the need for manual updates. This improvement not only saves time but also enhances the consistency and reliability of device management across your fleet.

  • Introducing the Device Auditlog Feature

    The introduction of the Device Auditlog brings an enhanced level of monitoring and tracking for device-related activities, available to all FlowFuse users.

    Events Recorded in the Device Auditlog:

    • Fleet mode / Developer mode enabled/disabled
    • Remote access enabled/disabled
    • Credentials re-generated
    • Device assigned

    Device Audit log

  • Managing Team Membership via SSO

    Nick O'Leary

    For organisations using Single Sign-On with FlowFuse, we have now added the ability to manage their user's team memberships and roles via their Identity Provider.

    This makes it easier to control access to the FlowFuse Platform from providers such as Okta and Microsoft Entra. For example, you can create a group of Team Owners and a separate group of Team Viewers.

    Whenever a user logs in via SSO, the platform will update their roles to match the groups they are in.

    More information on configuring groups can be found in our Single Sign-on documentation.

    This feature is available to Enterprise Tier teams on FlowFuse Cloud, as well as self-hosted Enterprise instances.

  • Security Updates

    Nick O'Leary

    As part of our dedication to providing a secure platform for our customers, we operate a Bug Bounty programme to encourage responsible disclosure of potential issues.

    With all disclosures we evaluate their severity in terms of their direct impact, the nature of the issue and overall risk.

    We have received a number of reports recently that we have been evaluating. Whilst none of the recent disclosures has been deemed high severity, we have applied a number of updates to the platform.

    These include:

    • Tougher rate limiting on routes that manage user information including email addresses
    • Better handling of the password-reset flow to prevent stale links being reused
    • Avoiding disclosure of a user's email address to other members of a team

    This last item is one I wanted to say a bit more about. As you would expect, a user's email address is sensitive information that we do not disclose to unauthorised users. However, we also consider a Team as having a higher level of trust between its members. On review, we have decided there is not a technical reason for this higher level of trust to include a member's email address, so we have removed it from the relevant API responses.

    We value the effort people put into making responsible disclosures to us and look to reward the work where it meets our criteria.

    Find out more about our Bug Bounty programme.