jimrummy101 Posted January 4, 2023 Share Posted January 4, 2023 (edited) Overview: Support thread for NetBird Application: NetBird-Client, NetBird-Dashboard, NetBird-Management, NetBird-Signal - https://netbird.io About: Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls. Docker Hub: https://hub.docker.com/r/netbirdio/netbird GitHub: https://github.com/netbirdio/netbird Documentation: https://netbird.io/docs NGINX Conf: https://github.com/dannymate/unraid-templates/tree/master/Conf Samples/SWAG/nginx/proxy-confs Please post any questions/issues relating to this docker you have in this thread. 2023-07-25 - I've updated the NGINX conf after looking at updated NETBIRD docs. Edited July 27, 2023 by jimrummy101 Added server container names2023-07-25 - I've updated the NGINX conf after looking at updated NETBIRD docs. 2 Quote Link to comment
jimrummy101 Posted January 4, 2023 Author Share Posted January 4, 2023 (edited) Netbird-Server Unraid.pdf I have created a PDF guide to installing your own NetBird server. Feel free to give any feedback. UPDATE 19/01/2023: Coturn Configuration has been split into two seperate options. One for those using a shared secret and those who need to use a user account. To check if you've misconfigured your Coturn for NetBird look at your Coturn logs to see if there's any errors regarding not being able to find a user. If you have misconfigured then the Network Route functionality will not work. Also a note regarding Network Routes is to make sure you are not denying ips in your turnserver.conf. For example if you are trying to route to a 192.168.0.0/24 then make sure the turnserver.conf either explicitly allows that IP range or at least doesn't deny them. Edited January 19, 2023 by jimrummy101 Coturn Misconfiguration 1 1 Quote Link to comment
jimrummy101 Posted January 6, 2023 Author Share Posted January 6, 2023 (edited) It doesn't matter what the IP address is. The way devices know which ones they can communicate with is via the Access Control panel in the NetBird Admin. By default everything should be able to connect to everything else. I have had issues with pinging windows based systems personally (but otherwise working fine) as well as issues with a specific client not actually being connected but saying it is. To check if a client is wrong about its connection try getting it to ping itself. If it can't ping itself then disconnect & reconnect or netbird down then netbird up. The other way to check if two devices can connect to eachother is via an actual service. So using your PC try connecting going to your unraid portal. It should just be typing the unraid ntebird ip into your browser. Let me know how it goes!! Edit: Looks like the comment I replied to was deleted. It was asking for help with an inability to ping thinking it could be due to clients not being on the exact same subnet. Edited January 6, 2023 by jimrummy101 Comment Deleted Quote Link to comment
blaine07 Posted January 14, 2023 Share Posted January 14, 2023 I’ve been wanting to play with this. Maybe sometime this weekend or upcoming week I can find time to play with this! Thank you! Quote Link to comment
mlsmaycon Posted January 16, 2023 Share Posted January 16, 2023 On 1/4/2023 at 5:10 PM, jimrummy101 said: Overview: Support thread for NetBird Application: NetBird-Client, NetBird-Dashboard, NetBird-Management, NetBird-Signal - https://netbird.io About: Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls. Docker Hub: https://hub.docker.com/r/netbirdio/netbird GitHub: https://github.com/netbirdio/netbird Documentation: https://netbird.io/docs Please post any questions/issues relating to this docker you have in this thread. I loved the work you've done here @jimrummy101. I will be happy to answer or support if you have any questions or issues with NetBird 1 Quote Link to comment
jimrummy101 Posted January 16, 2023 Author Share Posted January 16, 2023 (edited) On 1/16/2023 at 11:57 AM, mlsmaycon said: I loved the work you've done here @jimrummy101. I will be happy to answer or support if you have any questions or issues with NetBird I assume you're one of the devs of NetBird. Thanks for your work and support, it's much appreciated. I do have one question. I'm just noticed I'm getting a lot of these messages occuring in my client logs: time="2023-01-16T14:15:19Z" level=warning msg="disconnected from the Signal service but will retry silently. Reason: rpc error: code = Internal desc = stream terminated by RST_STREAM with error code: PROTOCOL_ERROR" file="grpc.go:144" time="2023-01-16T14:15:31Z" level=info msg="connected to the Signal Service stream" file="grpc.go:136" time="2023-01-16T14:15:48Z" level=warning msg="disconnected from the Management service but will retry silently. Reason: rpc error: code = Internal desc = stream terminated by RST_STREAM with error code: INTERNAL_ERROR" file="grpc.go:134" time="2023-01-16T14:15:49Z" level=info msg="connected to the Management Service stream" file="grpc.go:123" time="2023-01-16T14:15:49Z" level=error msg="unable to configure DNS for this peer using file manager without a nameserver group with all domains configured" file="server.go:214" I assume I may have misconfigured something with my nginx [config]( https://github.com/dannymate/unraid-templates/blob/7c79534002ce1d2116b9d2ec33ce0cccd372b0df/Conf Samples/SWAG/nginx/proxy-confs/netbird.subdomain.conf.sample). proxy.conf: https://github.com/linuxserver/docker-swag/blob/96f746d5ce0bb334bba547c44ad0ccac61f6ed1a/root/defaults/nginx/proxy.conf.sample You can ignore resolver.conf. Or my management.conf which is basically this https://github.com/dannymate/unraid-templates/blob/7c79534002ce1d2116b9d2ec33ce0cccd372b0df/Conf Samples/NetBird/management.json.sample Do you know what could be the issue here? This github issue seems related: https://github.com/netbirdio/netbird/issues/651 Edited January 19, 2023 by jimrummy101 Found Github issue Quote Link to comment
danieland Posted January 31, 2023 Share Posted January 31, 2023 Got this error message: Quote Link to comment
jimrummy101 Posted January 31, 2023 Author Share Posted January 31, 2023 5 hours ago, danieland said: Got this error message: Are trying to self host the server? Can you paste your management conf in here? And can you give me a screenshot of the Netbird Dashboard config in the Unraid Dashboard. Quote Link to comment
mlsmaycon Posted January 31, 2023 Share Posted January 31, 2023 On 1/16/2023 at 3:51 PM, jimrummy101 said: I assume you're one of the devs of NetBird. Thanks for your work and support, it's much appreciated. I do have one question. I'm just noticed I'm getting a lot of these messages occuring in my client logs: time="2023-01-16T14:15:19Z" level=warning msg="disconnected from the Signal service but will retry silently. Reason: rpc error: code = Internal desc = stream terminated by RST_STREAM with error code: PROTOCOL_ERROR" file="grpc.go:144" time="2023-01-16T14:15:31Z" level=info msg="connected to the Signal Service stream" file="grpc.go:136" time="2023-01-16T14:15:48Z" level=warning msg="disconnected from the Management service but will retry silently. Reason: rpc error: code = Internal desc = stream terminated by RST_STREAM with error code: INTERNAL_ERROR" file="grpc.go:134" time="2023-01-16T14:15:49Z" level=info msg="connected to the Management Service stream" file="grpc.go:123" time="2023-01-16T14:15:49Z" level=error msg="unable to configure DNS for this peer using file manager without a nameserver group with all domains configured" file="server.go:214" I assume I may have misconfigured something with my nginx [config]( https://github.com/dannymate/unraid-templates/blob/7c79534002ce1d2116b9d2ec33ce0cccd372b0df/Conf Samples/SWAG/nginx/proxy-confs/netbird.subdomain.conf.sample). proxy.conf: https://github.com/linuxserver/docker-swag/blob/96f746d5ce0bb334bba547c44ad0ccac61f6ed1a/root/defaults/nginx/proxy.conf.sample You can ignore resolver.conf. Or my management.conf which is basically this https://github.com/dannymate/unraid-templates/blob/7c79534002ce1d2116b9d2ec33ce0cccd372b0df/Conf Samples/NetBird/management.json.sample Do you know what could be the issue here? This github issue seems related: https://github.com/netbirdio/netbird/issues/651 You are right, it is related to nginx. I want to find a time to validate and test it out. The issue only happens when there is a large period of time without new updates and nginx might not be forwarding the keepalive messages between the peer and the signal server. If possible please share your case in the https://github.com/netbirdio/netbird/issues/651 ticket as well. 1 Quote Link to comment
mlsmaycon Posted January 31, 2023 Share Posted January 31, 2023 6 hours ago, danieland said: Got this error message: It can be a malformed management API URL. In the browser's development tools > console or network tabs you should see the error as well. can you share it for us? you can mask the domain with something like netbird.example.com Quote Link to comment
blaine07 Posted February 11, 2023 Share Posted February 11, 2023 I really would like to try this but borderline my level of comprehension. Would someone be able to YouTube a setup video? Quote Link to comment
TechWizard Posted May 27, 2023 Share Posted May 27, 2023 (edited) Not sure how to set this up, installed all three container. When checking Netbird docs I got a bit confused, because I think I missed a lot of env variables (docs talking about .env files, configuring scripts etc.) and the compose example from the GitHub repo has a coturn server in it. PDF isn't available anymore. Has anyone a really basic setup example or the PDF? Also 3 containers for one app seems a bit much, what's the reason / approach behind that? Would it be possible to bundle all the services into one container? Edited May 27, 2023 by TechWizard Added some details. Quote Link to comment
jimrummy101 Posted May 27, 2023 Author Share Posted May 27, 2023 43 minutes ago, TechWizard said: Not sure how to set this up, installed all three container. When checking Netbird docs I got a bit confused, because I think I missed a lot of env variables (docs talking about .env files, configuring scripts etc.) and the compose example from the GitHub repo has a coturn server in it. PDF isn't available anymore. Has anyone a really basic setup example or the PDF? Also 3 containers for one app seems a bit much, what's the reason / approach behind that? Would it be possible to bundle all the services into one container? The PDF is uploaded to the Unraid Forums and I just tested it's still available. I'll try uploading it again here for you. If no luck I'll add it to the repo later for you to look at. Netbird-Server Unraid.pdf Quote Link to comment
jimrummy101 Posted July 25, 2023 Author Share Posted July 25, 2023 (edited) 2023-07-25 - I've updated the NGINX conf after looking at updated NETBIRD docs. https://github.com/dannymate/unraid-templates/tree/master/Conf Samples/SWAG/nginx/proxy-confs Please look at your config and update it with the changes. Edited July 27, 2023 by jimrummy101 Quote Link to comment
Itserver Posted January 3 Share Posted January 3 Hi, I am noob to this topic and have one question about this app in unraid community store. There are the docker apps in store: 1. NetBird-Client 2. NetBird-Management, 3. NetBird-Signal And they all have same description under info. so my question is that what is the difference and use case of all three different apps. It would be very helpful and appreciated if you could mention and update these details on info of these apps. Quote Link to comment
jimrummy101 Posted January 4 Author Share Posted January 4 (edited) 8 hours ago, Itserver said: Hi, I am noob to this topic and have one question about this app in unraid community store. There are the docker apps in store: 1. NetBird-Client 2. NetBird-Management, 3. NetBird-Signal And they all have same description under info. so my question is that what is the difference and use case of all three different apps. It would be very helpful and appreciated if you could mention and update these details on info of these apps. Yeah that would make sense. I thought I had :p. I'll give the descriptions an update when I get the chance. It's probably because the NetBird folks don't give an explanation themselves at the time I made it. There's actually 4: 1. NetBird-Client - The NetBird Client application (or agent) is a software that is installed on your machines. It is an entry point to you private network that makes it possible for machines to communicate with each other. Once installed and registered, a machine becomes a peer in the network. 2. NetBird-Management - The Management service is the central coordination component for NetBird. It keeps the network state, public Wireguard keys of the peers, authenticates and distributes network changes to peers. 3. NetBird-Signal - The Signal Service or simply Signal is a lightweight piece of software that helps peers to negotiate direct connections. It does not store any data and no traffic passes through it. 4. NetBird-Dashboard - The Dashboard service provides a user friendly interface for management of peers and the overall network. (Apps 2, 3, 4 comprise the server-side of NetBird and aren't necessary if you just want to use their hosted service.) Feel free to read more about it here: https://docs.netbird.io/about-netbird/how-netbird-works. In this example for reference the "Relay Service" is a Coturn server as referenced in my guide. The "Management Service" listed in the example has joined together the NetBird-Management and NetBird-Dashboard though they are two seperate apps/docker containers. If you look at the first picture in the example there's an "Indentity Provider" box for authentication, in my guide we use Keycloak though you can now use others if you figure it out yourself. I'll work on getting these descriptions added to the templates if you're happy with them. Edited January 4 by jimrummy101 2 Quote Link to comment
Itserver Posted January 4 Share Posted January 4 16 minutes ago, jimrummy101 said: Yeah that would make sense. I thought I had :p. I'll give the descriptions an update when I get the chance. It's probably because the NetBird folks don't give an explanation themselves at the time I made it. There's actually 4: 1. NetBird-Client - The NetBird Client application (or agent) is a software that is installed on your machines. It is an entry point to you private network that makes it possible for machines to communicate with each other. Once installed and registered, a machine becomes a peer in the network. 2. NetBird-Management - The Management service is the central coordination component for NetBird. It keeps the network state, public Wireguard keys of the peers, authenticates and distributes network changes to peers. 3. NetBird-Signal - The Signal Service or simply Signal is a lightweight piece of software that helps peers to negotiate direct connections. It does not store any data and no traffic passes through it. 4. NetBird-Dashboard - The Dashboard service provides a user friendly interface for management of peers and the overall network. (Apps 2, 3, 4 comprise the server-side of NetBird and aren't necessary if you just want to use their hosted service.) Feel free to read more about it here: https://docs.netbird.io/about-netbird/how-netbird-works. In this example for reference the "Relay Service" is a Coturn server as referenced in my guide. The "Management Service" listed in the example has joined together the NetBird-Management and NetBird-Dashboard though they are two seperate apps/docker containers. I'll work on getting these descriptions added to the templates if you're happy with them. I really appreciate your hard work for unraid community and thanks for your quick and detailed response. Yes, I really helpful for others users too if you could add it to description of app whenever you get chance. Thanks again. 1 Quote Link to comment
jimrummy101 Posted January 29 Author Share Posted January 29 Got delayed but I have updated the descriptions. Should be visible soon. Let me know if there's any other changes I can make for it to be clearer. 2 Quote Link to comment
Itserver Posted January 30 Share Posted January 30 2 hours ago, jimrummy101 said: Got delayed but I have updated the descriptions. Should be visible soon. Let me know if there's any other changes I can make for it to be clearer. Thanks Quote Link to comment
bthoven Posted January 30 Share Posted January 30 (edited) Thanks a lot for these dockers. I am selfhosting my headscale and I wan’t to try netbird. I have not tried the selfhosting part yet because I want to familiarize myself with the netbird ecosystem first. So I’m using netbird server/dashboard. As my pfSense can have tailscale client installed, I use it as subnet router for accessing non-tailscale devices from outside my network. As my pfSense uses its own (unbound) dns resolver and has pfblockerng installed for blocking Ads, all my tailscale devices have Ads blocked automatically by pfblockerng. As netbird has not supported pfsense yet, I run your netbird client docker and set it as subnet router for accessing my main LAN subnet. My question is how can I make all my netbird clients have Ads blocked by pfblockerng on my pfsense? Thanks Update: I believe I've accomplished it by adding my pfSense local ip and port 53 as a name server (dns-->nameservers) on admin page and applied it to all peers. If it is not the right way, please let me know...thanks. Edited January 30 by bthoven more clarification Quote Link to comment
jimrummy101 Posted January 31 Author Share Posted January 31 23 hours ago, bthoven said: Thanks a lot for these dockers. I am selfhosting my headscale and I wan’t to try netbird. I have not tried the selfhosting part yet because I want to familiarize myself with the netbird ecosystem first. So I’m using netbird server/dashboard. As my pfSense can have tailscale client installed, I use it as subnet router for accessing non-tailscale devices from outside my network. As my pfSense uses its own (unbound) dns resolver and has pfblockerng installed for blocking Ads, all my tailscale devices have Ads blocked automatically by pfblockerng. As netbird has not supported pfsense yet, I run your netbird client docker and set it as subnet router for accessing my main LAN subnet. My question is how can I make all my netbird clients have Ads blocked by pfblockerng on my pfsense? Thanks Update: I believe I've accomplished it by adding my pfSense local ip and port 53 as a name server (dns-->nameservers) on admin page and applied it to all peers. If it is not the right way, please let me know...thanks. Your update is exactly how I handle it as well. I have adguardhome installed on my openwrt router and route all netbird traffic through that with my routers local ip and the dns port of 53. 1 1 Quote Link to comment
bthoven Posted January 31 Share Posted January 31 (edited) Thanks. However, I found later my android mobile can no longer access any local network devices and can't access internet. The app shows connected with 0/4 peers. I have to change server to netbird server again (i.e., create a new peer) to make it work again, but later I got the same problem. Do you have the same issue? ps. I'm not sure if this is relevant. My Unraid also have headscale running, but not tailscale client (not installed). I turned off my tailscale on my phone when I connect netbird on it. update: I disable network route on netbird on unraid, spin up my ubuntu vm (on unraid), installed native netbird and set network route to my local network on it. My phone still connects with 0/5 peers and no internet. I also found netbird on my ipad is working fine with either network route on unraid docker or ubuntu native. So it must be issue on the andriod app? But netbird app on andriod has been up for quite some time compared with it on iOS. The problem is on my android 12 phone (xiaomi mi10t pro). It can connect to my ipad netbird only. The same problem does not happen to my android 10 phone (xiaomi poco f1). I’m consulting the issue with Netbird support on Slack chat. Edited January 31 by bthoven add more information Quote Link to comment
zkiprov Posted March 9 Share Posted March 9 Can I self host netbird without using reverse proxy and without having domain name? Quote Link to comment
fiR3W4LL Posted April 4 Share Posted April 4 (edited) I have an issue with managing Docker. It seems it's not starting correctly. I'm encountering this error: "Error: failed reading provided config file: /etc/netbird/management.json: read /etc/netbird/management.json: is a directory." I haven't made any changes. Any ideas? Edited April 4 by fiR3W4LL Quote Link to comment
BerndJ Posted April 4 Share Posted April 4 I have the same problem. My first installation attempt was on 2024-04-03. Error: failed reading provided config file: /etc/netbird/management.json: read /etc/netbird/management.json: is a directory Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.