clean

netbird-server/netbird/Dockerfile

@@ -1,107 +0,0 @@
-#============================#
-#  ALEXBELGIUM'S DOCKERFILE  #
-#============================#
-#           _.------.
-#       _.-`    ('>.-`"""-.
-# '.--'`       _'`   _ .--.)
-#    -'         '-.-';`   `
-#    ' -      _.'  ``'--.
-#        '---`    .-'""`
-#               /`
-#=== Home Assistant Addon ===#
-
-#################
-# 1 Build Image #
-#################
-
-ARG BUILD_FROM
-
-FROM netbirdio/management:latest AS netbird-management
-FROM netbirdio/signal:latest AS netbird-signal
-FROM netbirdio/dashboard:latest AS netbird-dashboard
-
-##################
-# 2 Modify Image #
-##################
-
-FROM ${BUILD_FROM}
-
-# Set S6 wait time
-ENV S6_CMD_WAIT_FOR_SERVICES=1 \
-    S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 \
-    S6_SERVICES_GRACETIME=0
-
-##################
-# 3 Install apps #
-##################
-
-RUN \
-    apk add --no-cache \
-        bash \
-        ca-certificates \
-        curl \
-        gettext \
-        nginx \
-        tzdata
-
-COPY --from=netbird-management /go/bin/netbird-mgmt /usr/local/bin/netbird-mgmt
-COPY --from=netbird-signal /go/bin/netbird-signal /usr/local/bin/netbird-signal
-COPY --from=netbird-dashboard /usr/share/nginx/html /usr/share/nginx/html
-COPY --from=netbird-dashboard /etc/nginx /etc/nginx
-COPY --from=netbird-dashboard /usr/local/init_react_envs.sh /usr/local/init_react_envs.sh
-COPY --from=netbird-dashboard /usr/local/init_cert.sh /usr/local/init_cert.sh
-
-# Copy local files
-COPY rootfs/ /
-RUN find . -type f \( -name "*.sh" -o -name "run" -o -name "finish" \) -print -exec chmod +x {} \;
-
-# Uses /bin for compatibility purposes
-# hadolint ignore=DL4005
-RUN if [ ! -f /bin/sh ] && [ -f /usr/bin/sh ]; then ln -s /usr/bin/sh /bin/sh; fi && \
-    if [ ! -f /bin/bash ] && [ -f /usr/bin/bash ]; then ln -s /usr/bin/bash /bin/bash; fi
-
-# Modules
-ARG MODULES="00-banner.sh 01-custom_script.sh 00-global_var.sh 01-config_yaml.sh"
-
-# Automatic modules download
-ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_automodules.sh" "/ha_automodules.sh"
-RUN chmod 744 /ha_automodules.sh && /ha_automodules.sh "$MODULES" && rm /ha_automodules.sh
-
-# Manual apps
-ENV PACKAGES="jq"
-
-# Automatic apps & bashio
-ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_autoapps.sh" "/ha_autoapps.sh"
-RUN chmod 744 /ha_autoapps.sh && /ha_autoapps.sh "$PACKAGES" && rm /ha_autoapps.sh
-
-################
-# 4 Entrypoint #
-################
-
-# Add entrypoint
-ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_entrypoint.sh" "/ha_entrypoint.sh"
-RUN chmod 777 /ha_entrypoint.sh
-
-# Install bashio
-ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/bashio-standalone.sh" "/usr/local/lib/bashio-standalone.sh"
-RUN chmod 0755 /usr/local/lib/bashio-standalone.sh
-
-############
-# 5 Labels #
-############
-
-ARG BUILD_ARCH
-ARG BUILD_DATE
-ARG BUILD_DESCRIPTION
-ARG BUILD_NAME
-ARG BUILD_REF
-ARG BUILD_REPOSITORY
-ARG BUILD_VERSION
-ENV BUILD_VERSION="${BUILD_VERSION}"
-LABEL \
-    io.hass.name="${BUILD_NAME}" \
-    io.hass.description="${BUILD_DESCRIPTION}" \
-    io.hass.arch="${BUILD_ARCH}" \
-    io.hass.type="addon" \
-    io.hass.version=${BUILD_VERSION} \
-    maintainer="alexbelgium (https://github.com/alexbelgium)"

netbird-server/netbird/README.md

@@ -1,99 +0,0 @@
-# Home assistant add-on: NetBird Server
-
-I maintain this and other Home Assistant add-ons in my free time: keeping up with upstream changes, HA changes, and testing on real hardware takes a lot of time (and some money). I use around 5-10 of my >110 addons so regularly I install test machines (and purchase some test services such as vpn) that I don't use myself to troubleshoot and improve the addons.
-
-If this add-on saves you time or makes your setup easier, I would be very grateful for your support!
-
-[![Buy me a coffee][donation-badge]](https://www.buymeacoffee.com/alexbelgium)
-[![Donate via PayPal][paypal-badge]](https://www.paypal.com/donate/?hosted_button_id=DZFULJZTP3UQA)
-
-## Addon information
-
-![Version](https://img.shields.io/badge/dynamic/json?label=Version&query=%24.version&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fnetbird%2Fconfig.json)
-![Ingress](https://img.shields.io/badge/dynamic/json?label=Ingress&query=%24.ingress&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fnetbird%2Fconfig.json)
-![Arch](https://img.shields.io/badge/dynamic/json?color=success&label=Arch&query=%24.arch&url=https%3A%2F%2Fraw.githubusercontent.com%2Falexbelgium%2Fhassio-addons%2Fmaster%2Fnetbird%2Fconfig.json)
-
-[donation-badge]: https://img.shields.io/badge/Buy%20me%20a%20coffee-%23d32f2f?logo=buy-me-a-coffee&style=flat&logoColor=white
-[paypal-badge]: https://img.shields.io/badge/Donate%20via%20PayPal-0070BA?logo=paypal&style=flat&logoColor=white
-
-## About
-
-NetBird is a secure, WireGuard-based overlay network platform. This add-on packages the **management**, **signal**, and optional **dashboard** services in a single monolithic Home Assistant add-on (no ingress UI, no split services). It uses the upstream NetBird Docker images for the binaries and dashboard assets.
-
-## Installation
-
-The installation of this add-on is pretty straightforward and not different in
-comparison to installing any other Hass.io add-on.
-
-1. [Add my Hass.io add-ons repository][repository] to your Hass.io instance.
-1. Install this add-on.
-1. Click the `Save` button to store your configuration.
-1. Start the add-on.
-1. Check the logs of the add-on to see if everything went well.
-
-## Configuration
-
-> **Important**: NetBird requires OIDC configuration. The add-on will generate a starter `management.json` in `/data/netbird` if one does not exist. Replace the placeholder OIDC values with your IdP configuration before connecting clients.
-
-Example add-on options:
-
-```json
-{
-  "domain": "netbird.example.com",
-  "management_port": 33073,
-  "signal_port": 10000,
-  "dashboard_port": 33080,
-  "enable_dashboard": true,
-  "auth_issuer": "https://accounts.example.com/",
-  "auth_audience": "netbird",
-  "auth_jwt_certs": "https://accounts.example.com/jwks.json",
-  "auth_oidc_configuration_endpoint": "https://accounts.example.com/.well-known/openid-configuration",
-  "auth_client_id": "netbird-dashboard",
-  "auth_client_secret": "your-secret",
-  "ssl_cert": "/ssl/fullchain.pem",
-  "ssl_key": "/ssl/privkey.pem"
-}
-```
-
-### Options
-
-| Option | Description |
-| --- | --- |
-| `data_path` | Persistent data directory (default: `/data/netbird`). |
-| `domain` | Public hostname used for NetBird endpoints. |
-| `management_port` | Management API port. |
-| `signal_port` | Signal service port. |
-| `dashboard_port` | Dashboard port (only used if enabled). |
-| `enable_dashboard` | Start the NetBird dashboard (requires OIDC settings). |
-| `management_dns_domain` | DNS suffix handed to peers. |
-| `single_account_domain` | Optional single-account mode domain. |
-| `disable_anonymous_metrics` | Disable anonymous metrics. |
-| `disable_default_policy` | Disable the default NetBird policy on first run. |
-| `auth_*` | OIDC settings for the management server and dashboard. |
-| `ssl_cert`, `ssl_key` | Optional TLS certificate/key paths. |
-| `env_vars` | Extra environment variables passed into NetBird processes. |
-
-### Files and persistent data
-
-- `/data/netbird/management.json`: management server configuration (generated on first start).
-- `/data/netbird`: runtime data for NetBird components.
-
-### Ports
-
-- `33073/tcp`: NetBird management API.
-- `10000/tcp`: NetBird signal.
-- `33080/tcp`: NetBird dashboard (optional).
-
-## Logs and status
-
-The add-on uses s6 supervision; if any NetBird component exits, the supervisor restarts the service and logs the failure to the Home Assistant add-on log stream.
-
-## Local build/test
-
-```bash
-# From the repository root
-ha addons build netbird
-ha addons install ./netbird
-```
-
-[repository]: https://github.com/alexbelgium/hassio-addons

netbird-server/netbird/build.json

@@ -1,6 +0,0 @@
-{
-    "build_from": {
-        "aarch64": "ghcr.io/hassio-addons/base:17.2.0",
-        "amd64": "ghcr.io/hassio-addons/base:17.2.0"
-    }
-}

netbird-server/netbird/config.json

@@ -1,81 +0,0 @@
-{
-  "name": "NetBird Server",
-  "version": "0.1.2-3",
-  "slug": "netbird",
-  "description": "Secure, WireGuard-based overlay network server (NetBird management + signal + optional dashboard).",
-  "url": "https://github.com/alexbelgium/hassio-addons",
-  "arch": [
-    "aarch64",
-    "amd64"
-  ],
-  "startup": "services",
-  "init": false,
-  "hassio_api": true,
-  "map": [
-    "share:rw",
-    "ssl:ro"
-  ],
-  "ports": {
-    "33073/tcp": 33073,
-    "10000/tcp": 10000,
-    "33080/tcp": 33080
-  },
-  "ports_description": {
-    "33073/tcp": "NetBird management API",
-    "10000/tcp": "NetBird signal",
-    "33080/tcp": "NetBird dashboard (optional)"
-  },
-  "options": {
-    "data_path": "/data/netbird",
-    "domain": "netbird.local",
-    "log_level": "info",
-    "management_port": 33073,
-    "signal_port": 10000,
-    "dashboard_port": 33080,
-    "enable_dashboard": false,
-    "management_dns_domain": "netbird.local",
-    "single_account_domain": "",
-    "disable_anonymous_metrics": false,
-    "disable_default_policy": false,
-    "auth_issuer": "https://issuer.example.com/",
-    "auth_audience": "netbird",
-    "auth_jwt_certs": "https://issuer.example.com/jwks.json",
-    "auth_user_id_claim": "sub",
-    "auth_oidc_configuration_endpoint": "https://issuer.example.com/.well-known/openid-configuration",
-    "auth_client_id": "",
-    "auth_client_secret": "",
-    "auth_supported_scopes": "openid profile email",
-    "ssl_cert": "",
-    "ssl_key": "",
-    "env_vars": []
-  },
-  "schema": {
-    "data_path": "str",
-    "domain": "str",
-    "log_level": "list(debug|info|warn|error)",
-    "management_port": "port",
-    "signal_port": "port",
-    "dashboard_port": "port",
-    "enable_dashboard": "bool",
-    "management_dns_domain": "str",
-    "single_account_domain": "str?",
-    "disable_anonymous_metrics": "bool",
-    "disable_default_policy": "bool",
-    "auth_issuer": "str",
-    "auth_audience": "str",
-    "auth_jwt_certs": "str",
-    "auth_user_id_claim": "str",
-    "auth_oidc_configuration_endpoint": "str",
-    "auth_client_id": "str?",
-    "auth_client_secret": "str?",
-    "auth_supported_scopes": "str",
-    "ssl_cert": "str?",
-    "ssl_key": "str?",
-    "env_vars": [
-      {
-        "name": "match(^[A-Za-z_][A-Za-z0-9_]*$)",
-        "value": "str?"
-      }
-    ]
-  }
-}

netbird-server/netbird/oldname

@@ -1 +0,0 @@
-netbird

netbird-server/netbird/rootfs/etc/cont-init.d/00-netbird-config.sh

@@ -1,104 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-#set -e
-
-bashio::log.info "Configuring NetBird add-on"
-
-DATA_PATH=$(bashio::config 'data_path')
-DOMAIN=$(bashio::config 'domain')
-LOG_LEVEL=$(bashio::config 'log_level')
-MANAGEMENT_PORT=$(bashio::config 'management_port')
-SIGNAL_PORT=$(bashio::config 'signal_port')
-DASHBOARD_PORT=$(bashio::config 'dashboard_port')
-MANAGEMENT_DNS_DOMAIN=$(bashio::config 'management_dns_domain')
-SINGLE_ACCOUNT_DOMAIN=$(bashio::config 'single_account_domain')
-AUTH_ISSUER=$(bashio::config 'auth_issuer')
-AUTH_AUDIENCE=$(bashio::config 'auth_audience')
-AUTH_JWT_CERTS=$(bashio::config 'auth_jwt_certs')
-AUTH_USER_ID_CLAIM=$(bashio::config 'auth_user_id_claim')
-AUTH_OIDC_CONFIGURATION_ENDPOINT=$(bashio::config 'auth_oidc_configuration_endpoint')
-AUTH_CLIENT_ID=$(bashio::config 'auth_client_id')
-AUTH_CLIENT_SECRET=$(bashio::config 'auth_client_secret')
-AUTH_SUPPORTED_SCOPES=$(bashio::config 'auth_supported_scopes')
-SSL_CERT=$(bashio::config 'ssl_cert')
-SSL_KEY=$(bashio::config 'ssl_key')
-
-mkdir -p "${DATA_PATH}"
-mkdir -p /run/nginx
-
-export NETBIRD_DOMAIN="${DOMAIN}"
-export NETBIRD_LOG_LEVEL="${LOG_LEVEL}"
-export NETBIRD_MGMT_API_PORT="${MANAGEMENT_PORT}"
-export NETBIRD_SIGNAL_PORT="${SIGNAL_PORT}"
-export NETBIRD_DASHBOARD_PORT="${DASHBOARD_PORT}"
-export NETBIRD_SIGNAL_PROTOCOL="http"
-export NETBIRD_DATA_DIR="${DATA_PATH}"
-export NETBIRD_STORE_CONFIG_ENGINE="sqlite"
-export NETBIRD_MGMT_DISABLE_DEFAULT_POLICY=$(bashio::config.true 'disable_default_policy' && echo true || echo false)
-
-SCHEME="http"
-if [[ -n "${SSL_CERT}" && -n "${SSL_KEY}" ]]; then
-    export NETBIRD_MGMT_API_CERT_FILE="${SSL_CERT}"
-    export NETBIRD_MGMT_API_CERT_KEY_FILE="${SSL_KEY}"
-    SCHEME="https"
-else
-    export NETBIRD_MGMT_API_CERT_FILE=""
-    export NETBIRD_MGMT_API_CERT_KEY_FILE=""
-fi
-
-export NETBIRD_AUTH_AUTHORITY="${AUTH_ISSUER}"
-export NETBIRD_AUTH_AUDIENCE="${AUTH_AUDIENCE}"
-export NETBIRD_AUTH_JWT_CERTS="${AUTH_JWT_CERTS}"
-export NETBIRD_AUTH_USER_ID_CLAIM="${AUTH_USER_ID_CLAIM}"
-export NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT="${AUTH_OIDC_CONFIGURATION_ENDPOINT}"
-
-export NETBIRD_MGMT_API_ENDPOINT="${SCHEME}://${DOMAIN}:${MANAGEMENT_PORT}"
-export NETBIRD_MGMT_GRPC_API_ENDPOINT="${SCHEME}://${DOMAIN}:${MANAGEMENT_PORT}"
-export AUTH_AUTHORITY="${AUTH_ISSUER}"
-export AUTH_AUDIENCE="${AUTH_AUDIENCE}"
-export AUTH_CLIENT_ID="${AUTH_CLIENT_ID}"
-export AUTH_CLIENT_SECRET="${AUTH_CLIENT_SECRET}"
-export AUTH_SUPPORTED_SCOPES="${AUTH_SUPPORTED_SCOPES}"
-export AUTH_REDIRECT_URI="https://${DOMAIN}:${DASHBOARD_PORT}/"
-export AUTH_SILENT_REDIRECT_URI="https://${DOMAIN}:${DASHBOARD_PORT}/silent"
-NETBIRD_DATASTORE_ENC_KEY="${NETBIRD_DATASTORE_ENC_KEY:-}"
-
-CONFIG_FILE="${DATA_PATH}/management.json"
-if [[ ! -f "${CONFIG_FILE}" ]]; then
-    bashio::log.warning "Generating a starter management.json in ${CONFIG_FILE}. Update OIDC settings before use."
-
-    if [[ -z "${NETBIRD_DATASTORE_ENC_KEY}" ]]; then
-        NETBIRD_DATASTORE_ENC_KEY=$(head -c 32 /dev/urandom | base64)
-    fi
-    export NETBIRD_DATASTORE_ENC_KEY
-
-    envsubst '\$NETBIRD_SIGNAL_PROTOCOL \$NETBIRD_DOMAIN \$NETBIRD_SIGNAL_PORT \$NETBIRD_MGMT_DISABLE_DEFAULT_POLICY \$NETBIRD_DATA_DIR \$NETBIRD_DATASTORE_ENC_KEY \$NETBIRD_STORE_CONFIG_ENGINE \$NETBIRD_MGMT_API_PORT \$NETBIRD_AUTH_AUTHORITY \$NETBIRD_AUTH_AUDIENCE \$NETBIRD_AUTH_JWT_CERTS \$NETBIRD_AUTH_USER_ID_CLAIM \$NETBIRD_MGMT_API_CERT_FILE \$NETBIRD_MGMT_API_CERT_KEY_FILE \$NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT' \
-        < /usr/share/netbird/management.json.tmpl > "${CONFIG_FILE}"
-fi
-
-#######################################
-# Apply extra environment variables   #
-#######################################
-
-if jq -e '.env_vars? | length > 0' /data/options.json >/dev/null; then
-    bashio::log.info "Applying env_vars"
-    while IFS=$'\t' read -r ENV_NAME ENV_VALUE; do
-        if [[ -z "${ENV_NAME}" || "${ENV_NAME}" == "null" ]]; then
-            continue
-        fi
-
-        if [[ "${ENV_NAME}" == *"PASS"* || "${ENV_NAME}" == *"SECRET"* ]]; then
-            bashio::log.blue "${ENV_NAME}=******"
-        else
-            bashio::log.blue "${ENV_NAME}=${ENV_VALUE}"
-        fi
-
-        export "${ENV_NAME}=${ENV_VALUE}"
-    done < <(jq -r '.env_vars[] | [.name, .value] | @tsv' /data/options.json)
-fi
-
-bashio::log.info "NetBird data dir: ${DATA_PATH}"
-bashio::log.info "Management DNS domain: ${MANAGEMENT_DNS_DOMAIN}"
-if [[ -n "${SINGLE_ACCOUNT_DOMAIN}" ]]; then
-    bashio::log.info "Single account domain: ${SINGLE_ACCOUNT_DOMAIN}"
-fi

netbird-server/netbird/rootfs/etc/cont-init.d/01-dashboard-config.sh

@@ -1,15 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-set -e
-
-DASHBOARD_PORT=$(bashio::config 'dashboard_port')
-
-if bashio::config.true 'enable_dashboard'; then
-    if [[ -f /etc/nginx/http.d/default.conf ]]; then
-        sed -i "s/listen 80 default_server;/listen ${DASHBOARD_PORT} default_server;/" /etc/nginx/http.d/default.conf
-        sed -i "s/listen \[::\]:80 default_server;/listen [::]:${DASHBOARD_PORT} default_server;/" /etc/nginx/http.d/default.conf
-    elif [[ -f /etc/nginx/conf.d/default.conf ]]; then
-        sed -i "s/listen 80 default_server;/listen ${DASHBOARD_PORT} default_server;/" /etc/nginx/conf.d/default.conf
-        sed -i "s/listen \[::\]:80 default_server;/listen [::]:${DASHBOARD_PORT} default_server;/" /etc/nginx/conf.d/default.conf
-    fi
-fi

netbird-server/netbird/rootfs/etc/services.d/netbird/finish

@@ -1,5 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-set -e
-
-bashio::log.warning "NetBird service stopped; s6 will restart it if configured."

netbird-server/netbird/rootfs/etc/services.d/netbird/run

@@ -1,56 +0,0 @@
-#!/usr/bin/with-contenv bashio
-# shellcheck shell=bash
-set -e
-
-DATA_PATH=$(bashio::config 'data_path')
-LOG_LEVEL=$(bashio::config 'log_level')
-MANAGEMENT_PORT=$(bashio::config 'management_port')
-SIGNAL_PORT=$(bashio::config 'signal_port')
-DASHBOARD_PORT=$(bashio::config 'dashboard_port')
-MANAGEMENT_DNS_DOMAIN=$(bashio::config 'management_dns_domain')
-SINGLE_ACCOUNT_DOMAIN=$(bashio::config 'single_account_domain')
-
-CONFIG_FILE="${DATA_PATH}/management.json"
-
-if [[ ! -f "${CONFIG_FILE}" ]]; then
-    bashio::log.error "management.json not found at ${CONFIG_FILE}."
-    exit 1
-fi
-
-MGMT_ARGS=(management --config "${CONFIG_FILE}" --log-file console --log-level "${LOG_LEVEL}" --port "${MANAGEMENT_PORT}")
-
-if bashio::config.true 'disable_anonymous_metrics'; then
-    MGMT_ARGS+=("--disable-anonymous-metrics=true")
-fi
-
-if [[ -n "${SINGLE_ACCOUNT_DOMAIN}" ]]; then
-    MGMT_ARGS+=("--single-account-mode-domain=${SINGLE_ACCOUNT_DOMAIN}")
-fi
-
-if [[ -n "${MANAGEMENT_DNS_DOMAIN}" ]]; then
-    MGMT_ARGS+=("--dns-domain=${MANAGEMENT_DNS_DOMAIN}")
-fi
-
-SIGNAL_ARGS=(run --log-file console --port "${SIGNAL_PORT}")
-
-if [[ -n "${NETBIRD_MGMT_API_CERT_FILE}" && -n "${NETBIRD_MGMT_API_CERT_KEY_FILE}" ]]; then
-    SIGNAL_ARGS+=("--cert-file" "${NETBIRD_MGMT_API_CERT_FILE}" "--cert-key" "${NETBIRD_MGMT_API_CERT_KEY_FILE}")
-fi
-
-bashio::log.info "Starting NetBird management"
-/usr/local/bin/netbird-mgmt "${MGMT_ARGS[@]}" &
-MGMT_PID=$!
-
-bashio::log.info "Starting NetBird signal"
-/usr/local/bin/netbird-signal "${SIGNAL_ARGS[@]}" &
-SIGNAL_PID=$!
-
-if bashio::config.true 'enable_dashboard'; then
-    bashio::log.info "Preparing NetBird dashboard on port ${DASHBOARD_PORT}"
-    /usr/local/init_react_envs.sh
-    bashio::log.info "Starting NetBird dashboard (nginx)"
-    nginx -g "daemon off;" &
-    DASHBOARD_PID=$!
-fi
-
-wait -n "${MGMT_PID}" "${SIGNAL_PID}" ${DASHBOARD_PID:+"${DASHBOARD_PID}"}

netbird-server/netbird/rootfs/usr/share/netbird/management.json.tmpl

@@ -1,31 +0,0 @@
-{
-  "Signal": {
-    "Proto": "${NETBIRD_SIGNAL_PROTOCOL}",
-    "URI": "${NETBIRD_DOMAIN}:${NETBIRD_SIGNAL_PORT}",
-    "Username": "",
-    "Password": null
-  },
-  "ReverseProxy": {
-    "TrustedHTTPProxies": [],
-    "TrustedHTTPProxiesCount": 0,
-    "TrustedPeers": [
-      "0.0.0.0/0"
-    ]
-  },
-  "DisableDefaultPolicy": ${NETBIRD_MGMT_DISABLE_DEFAULT_POLICY},
-  "Datadir": "${NETBIRD_DATA_DIR}",
-  "DataStoreEncryptionKey": "${NETBIRD_DATASTORE_ENC_KEY}",
-  "StoreConfig": {
-    "Engine": "${NETBIRD_STORE_CONFIG_ENGINE}"
-  },
-  "HttpConfig": {
-    "Address": "0.0.0.0:${NETBIRD_MGMT_API_PORT}",
-    "AuthIssuer": "${NETBIRD_AUTH_AUTHORITY}",
-    "AuthAudience": "${NETBIRD_AUTH_AUDIENCE}",
-    "AuthKeysLocation": "${NETBIRD_AUTH_JWT_CERTS}",
-    "AuthUserIDClaim": "${NETBIRD_AUTH_USER_ID_CLAIM}",
-    "CertFile": "${NETBIRD_MGMT_API_CERT_FILE}",
-    "CertKey": "${NETBIRD_MGMT_API_CERT_KEY_FILE}",
-    "OIDCConfigEndpoint": "${NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT}"
-  }
-}