diff --git a/netbird-server/DOCS.md b/netbird-server/DOCS.md index ab9aa89c0..e6caa470b 100644 --- a/netbird-server/DOCS.md +++ b/netbird-server/DOCS.md @@ -1,35 +1,36 @@ -# NetBird Server (monolithic) +# NetBird Server (quickstart) -This add-on runs the NetBird self-hosted server stack in a single container (Management + Signal + Dashboard + Coturn). It does **not** use Home Assistant ingress. Access the Dashboard directly via the configured port. +This add-on runs the NetBird self-hosted server stack in a single container (Management + Signal + Relay/STUN + Dashboard) and ships a built-in Caddy reverse proxy, matching the official NetBird self-hosted quickstart flow. It does **not** use Home Assistant ingress. -NetBird relies on gRPC. If you place the Management/Signal endpoints behind a reverse proxy, it **must** support HTTP/2 + gRPC proxying. See the NetBird reverse-proxy guide for supported configurations: . - -The NetBird self-hosted guide includes up-to-date port requirements and legacy port notes: . - -The Dashboard container requires the `NETBIRD_MGMT_API_ENDPOINT` environment variable (the add-on injects this automatically) as described in the NetBird dashboard README: . +NetBird relies on gRPC. The built-in Caddy configuration is pre-wired to proxy both HTTP and gRPC endpoints as recommended in the quickstart guide: . ## Quick start 1. Install the add-on. -2. Start the add-on and verify all services are running in the log output. -3. Stop the add-on, edit the generated `management.json` to configure your Identity Provider (IdP). -4. Update `/config/netbird/dashboard/env` with the `NETBIRD_MGMT_API_ENDPOINT` and `AUTH_*` values for the dashboard. -5. Start the add-on again and access the dashboard at `http://:8080`. +2. Set the `domain` option to your public NetBird domain (e.g., `netbird.example.com`). +3. Start the add-on and verify all services are running in the log output. +4. Access the dashboard at `https://` and complete the onboarding flow. ## Configuration -This add-on starts with zero configuration options. It writes default configs into `/config/netbird` and runs on the standard NetBird ports. +This add-on generates the standard quickstart configuration files in `/config/netbird` and reuses them on subsequent starts. + +### Required options +- `domain`: Public domain that resolves to your Home Assistant host (e.g., `netbird.example.com`). ### Dashboard environment overrides Edit `/config/netbird/dashboard/env` to configure the dashboard UI: - `NETBIRD_MGMT_API_ENDPOINT`: Public URL of the management API (for example, `https://netbird.example.com`). -- `AUTH_AUTHORITY`, `AUTH_CLIENT_ID`, `AUTH_CLIENT_SECRET`, `AUTH_AUDIENCE`, `AUTH_SUPPORTED_SCOPES`, `USE_AUTH0`: OIDC settings for the dashboard UI. +- `NETBIRD_MGMT_GRPC_API_ENDPOINT`: Public URL for the gRPC API (typically the same as above). +- `AUTH_*`: OIDC settings for the dashboard UI (pre-filled for the embedded IdP). ### Generated configuration On first start, the add-on creates: -- `management.json` in `$data_dir/management/` -- `turnserver.conf` in `$data_dir/turn/` +- `management.json` in `/config/netbird/management/` +- `relay.env` in `/config/netbird/relay/` +- `dashboard.env` in `/config/netbird/dashboard/` +- `Caddyfile` in `/config/netbird/` If you need advanced settings, stop the add-on and edit these files. The add-on will keep your edits on restart. @@ -37,14 +38,12 @@ If you need advanced settings, stop the add-on and edit these files. The add-on Default ports exposed by this add-on: -- `33073/tcp`: Management API (HTTP/gRPC) -- `10000/tcp`: Signal gRPC -- `8080/tcp`: Dashboard -- `3478/udp`: Coturn STUN/TURN - -If you have legacy (< v0.29) clients, review the legacy port notes in the NetBird self-hosted guide and ensure your firewall/forwarding rules are compatible. +- `80/tcp`: Caddy HTTP (ACME HTTP-01) +- `443/tcp`: Caddy HTTPS (Dashboard + APIs) +- `443/udp`: Caddy HTTP/3 (optional) +- `3478/udp`: Relay STUN ## Notes -- This add-on does **not** handle TLS certificates. Place it behind your existing reverse proxy if you need HTTPS. -- Coturn requires a UDP relay port range (defaults to `49152-65535`). Ensure this range is allowed in your firewall when using TURN relaying. +- This add-on uses NetBird's embedded IdP (Dex) and matches the official quickstart layout. +- If you already run your own reverse proxy, you can disable Caddy by editing the generated `Caddyfile` or by terminating TLS upstream and forwarding requests to port 80. diff --git a/netbird-server/Dockerfile b/netbird-server/Dockerfile index c6eba8d96..d7f313ca9 100644 --- a/netbird-server/Dockerfile +++ b/netbird-server/Dockerfile @@ -16,13 +16,11 @@ ARG NETBIRD_VERSION=0.64.5 ARG DASHBOARD_VERSION=2.31.0 -ARG COTURN_VERSION=4.6.2 FROM netbirdio/management:${NETBIRD_VERSION} AS netbird-management FROM netbirdio/signal:${NETBIRD_VERSION} AS netbird-signal FROM netbirdio/relay:${NETBIRD_VERSION} AS netbird-relay FROM netbirdio/dashboard:${DASHBOARD_VERSION} AS netbird-dashboard -FROM coturn/coturn:${COTURN_VERSION} AS netbird-coturn ################# # 2 Base Image # @@ -67,7 +65,7 @@ ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templat RUN chmod 744 /ha_automodules.sh && /ha_automodules.sh "$MODULES" && rm /ha_automodules.sh # Manual apps -ENV PACKAGES="nginx gettext ca-certificates" +ENV PACKAGES="nginx gettext ca-certificates caddy openssl" # Automatic apps & bashio ADD "https://raw.githubusercontent.com/alexbelgium/hassio-addons/master/.templates/ha_autoapps.sh" "/ha_autoapps.sh" @@ -80,8 +78,6 @@ RUN chmod 744 /ha_autoapps.sh && /ha_autoapps.sh "$PACKAGES" && rm /ha_autoapps. COPY --from=netbird-management /go/bin/netbird-mgmt /usr/local/bin/netbird-mgmt COPY --from=netbird-signal /go/bin/netbird-signal /usr/local/bin/netbird-signal COPY --from=netbird-relay /go/bin/netbird-relay /usr/local/bin/netbird-relay -COPY --from=netbird-coturn /usr/bin/turnserver /usr/local/bin/turnserver - COPY --from=netbird-dashboard /usr/share/nginx/html /usr/share/nginx/html COPY --from=netbird-dashboard /usr/local/init_react_envs.sh /usr/local/bin/init_react_envs.sh diff --git a/netbird-server/config.yaml b/netbird-server/config.yaml index d0abe3f8d..4a41a96e1 100644 --- a/netbird-server/config.yaml +++ b/netbird-server/config.yaml @@ -1,25 +1,27 @@ arch: - aarch64 - amd64 -description: "\U0001F426 NetBird self-hosted server stack (management, signal, dashboard, coturn)" +description: "\U0001F426 NetBird self-hosted server stack (management, signal, relay, dashboard, Caddy)" image: ghcr.io/alexbelgium/netbird-server-{arch} init: false ingress: false map: - addon_config:rw name: NetBird Server -options: {} -schema: {} +options: + domain: netbird.example.com +schema: + domain: str slug: netbird-server ports: - 33073/tcp: 33073 - 10000/tcp: 10000 - 8080/tcp: 8080 + 80/tcp: 80 + 443/tcp: 443 + 443/udp: 443 3478/udp: 3478 ports_description: - 33073/tcp: Management API (HTTP/gRPC) - 10000/tcp: Signal gRPC - 8080/tcp: NetBird Dashboard (HTTP) - 3478/udp: Coturn STUN/TURN + 80/tcp: Caddy HTTP (ACME HTTP-01) + 443/tcp: Caddy HTTPS (dashboard + APIs) + 443/udp: Caddy HTTP/3 (optional) + 3478/udp: NetBird Relay STUN url: https://github.com/alexbelgium/hassio-addons -version: 0.64.5-1 +version: 0.64.5-2 diff --git a/netbird-server/rootfs/etc/cont-init.d/00-config.sh b/netbird-server/rootfs/etc/cont-init.d/00-config.sh index b463bc276..a31c7008f 100755 --- a/netbird-server/rootfs/etc/cont-init.d/00-config.sh +++ b/netbird-server/rootfs/etc/cont-init.d/00-config.sh @@ -4,107 +4,53 @@ set -euo pipefail # ============================================================================== # Home Assistant Add-on: NetBird Server -# Configures NetBird services +# Configures NetBird services (quickstart layout) # ============================================================================== create_or_load_secret() { local secret_file="$1" - local provided_value="$2" + local generator="$2" local generated="" - if [[ -n "$provided_value" ]]; then - echo "$provided_value" - return - fi - if [[ -f "$secret_file" ]]; then cat "$secret_file" return fi - generated=$(LC_ALL=C tr -dc 'A-Za-z0-9' "$secret_file" chmod 600 "$secret_file" echo "$generated" } -extract_port() { - local address="$1" - echo "${address##*:}" -} - DATA_DIR="/config/netbird" -DOMAIN="localhost" -MANAGEMENT_LISTEN="0.0.0.0:33073" -SIGNAL_LISTEN="0.0.0.0:10000" -DASHBOARD_LISTEN="0.0.0.0:8080" -TURN_LISTEN_PORT=3478 -TURN_REALM="netbird" -TURN_EXTERNAL_IP="" -TURN_MIN_PORT=49152 -TURN_MAX_PORT=65535 -TURN_USER="netbird" -TURN_PASSWORD="" -IDP_MANAGER_TYPE="none" -AUTH_AUTHORITY="" -AUTH_AUDIENCE="" -AUTH_JWT_CERTS="" -AUTH_USER_ID_CLAIM="sub" -AUTH_OIDC_CONFIGURATION_ENDPOINT="" -AUTH_TOKEN_ENDPOINT="" -IDP_CLIENT_ID="" -IDP_CLIENT_SECRET="" -DISABLE_DEFAULT_POLICY=false -DISABLE_DASHBOARD=false -ENABLE_RELAY=false -RELAY_EXPOSED_ADDRESS="" -RELAY_AUTH_SECRET="" +DOMAIN="$(bashio::config 'domain')" +NETBIRD_STUN_PORT=3478 +MANAGEMENT_PORT=8081 +DASHBOARD_PORT=8080 +SIGNAL_PORT=8083 +SIGNAL_GRPC_PORT=10000 +RELAY_PORT=8084 -MANAGEMENT_PORT=$(extract_port "$MANAGEMENT_LISTEN") -SIGNAL_PORT=$(extract_port "$SIGNAL_LISTEN") -DASHBOARD_PORT=$(extract_port "$DASHBOARD_LISTEN") - -if [[ -z "$AUTH_AUTHORITY" || -z "$AUTH_AUDIENCE" || -z "$AUTH_JWT_CERTS" ]]; then - bashio::log.warning "OIDC configuration is incomplete. Edit ${DATA_DIR}/management/management.json to finish setup." +if [[ -z "$DOMAIN" || "$DOMAIN" == "netbird.example.com" ]]; then + bashio::log.error "Set a valid domain in the add-on configuration (domain cannot be empty or netbird.example.com)." + bashio::exit.nok fi +NETBIRD_PORT=443 +NETBIRD_HTTP_PROTOCOL="https" +NETBIRD_RELAY_PROTO="rels" +CADDY_SECURE_DOMAIN=", ${DOMAIN}:${NETBIRD_PORT}" + mkdir -p "$DATA_DIR" \ "$DATA_DIR/management" \ - "$DATA_DIR/turn" \ "$DATA_DIR/secrets" \ "$DATA_DIR/dashboard" \ - "$DATA_DIR/relay" + "$DATA_DIR/relay" \ + "$DATA_DIR/caddy" -TURN_PASSWORD=$(create_or_load_secret "$DATA_DIR/secrets/turn_password" "$TURN_PASSWORD") -TURN_SECRET=$(create_or_load_secret "$DATA_DIR/secrets/turn_secret" "") -DATASTORE_ENC_KEY=$(create_or_load_secret "$DATA_DIR/secrets/management_datastore_key" "") - -if [[ "$ENABLE_RELAY" == "true" ]]; then - if [[ -z "$RELAY_EXPOSED_ADDRESS" || -z "$RELAY_AUTH_SECRET" ]]; then - bashio::log.error "Relay is enabled, but relay_exposed_address or relay_auth_secret is missing." - bashio::exit.nok - fi - rm -f /etc/services.d/relay/down - RELAY_JSON=$(cat < "$TURN_CONFIG" -listening-port=${TURN_LISTEN_PORT} -realm=${TURN_REALM} -fingerprint -lt-cred-mech -user=${TURN_USER}:${TURN_PASSWORD} -${TURN_EXTERNAL_IP_LINE} -min-port=${TURN_MIN_PORT} -max-port=${TURN_MAX_PORT} +# Generate relay env file if missing +RELAY_ENV_FILE="$DATA_DIR/relay/relay.env" +if [[ ! -f "$RELAY_ENV_FILE" ]]; then + bashio::log.info "Generating relay env file at ${RELAY_ENV_FILE}." + cat < "$RELAY_ENV_FILE" +NB_LOG_LEVEL=info +NB_LISTEN_ADDRESS=:${RELAY_PORT} +NB_EXPOSED_ADDRESS=${NETBIRD_RELAY_PROTO}://${DOMAIN}:${NETBIRD_PORT} +NB_AUTH_SECRET=${RELAY_AUTH_SECRET} +NB_ENABLE_STUN=true +NB_STUN_LOG_LEVEL=info +NB_STUN_PORTS=${NETBIRD_STUN_PORT} CONFIG -else - bashio::log.info "Using existing Coturn config at ${TURN_CONFIG}." fi -# Generate dashboard nginx config -sed "s/__DASHBOARD_PORT__/${DASHBOARD_PORT}/g" \ - /usr/local/share/netbird-dashboard/default.conf.tmpl \ - > /etc/nginx/http.d/default.conf - -mkdir -p /run/nginx -chmod +x /usr/local/bin/init_react_envs.sh - # Generate dashboard env file if missing DASHBOARD_ENV_FILE="$DATA_DIR/dashboard/env" if [[ ! -f "$DASHBOARD_ENV_FILE" ]]; then bashio::log.info "Generating dashboard env file at ${DASHBOARD_ENV_FILE}." - cat <<'ENV' > "$DASHBOARD_ENV_FILE" -# NetBird dashboard environment overrides. -# Example: NETBIRD_MGMT_API_ENDPOINT="https://netbird.example.com" -NETBIRD_MGMT_API_ENDPOINT="" -AUTH_AUTHORITY="" -AUTH_CLIENT_ID="" -AUTH_CLIENT_SECRET="" -AUTH_AUDIENCE="" -AUTH_SUPPORTED_SCOPES="openid profile email api offline_access email_verified" -USE_AUTH0="false" -ENV + cat < "$DASHBOARD_ENV_FILE" +# Endpoints +NETBIRD_MGMT_API_ENDPOINT=${NETBIRD_HTTP_PROTOCOL}://${DOMAIN} +NETBIRD_MGMT_GRPC_API_ENDPOINT=${NETBIRD_HTTP_PROTOCOL}://${DOMAIN} +# OIDC - using embedded IdP +AUTH_AUDIENCE=netbird-dashboard +AUTH_CLIENT_ID=netbird-dashboard +AUTH_CLIENT_SECRET= +AUTH_AUTHORITY=${NETBIRD_HTTP_PROTOCOL}://${DOMAIN}/oauth2 +USE_AUTH0=false +AUTH_SUPPORTED_SCOPES=openid profile email groups +AUTH_REDIRECT_URI=/nb-auth +AUTH_SILENT_REDIRECT_URI=/nb-silent-auth +# SSL +NGINX_SSL_PORT=443 +# Letsencrypt +LETSENCRYPT_DOMAIN=none +CONFIG chmod 600 "$DASHBOARD_ENV_FILE" fi + +# Generate Caddyfile if missing +CADDYFILE="$DATA_DIR/Caddyfile" +if [[ ! -f "$CADDYFILE" ]]; then + bashio::log.info "Generating Caddyfile at ${CADDYFILE}." + cat < "$CADDYFILE" +{ + servers { + protocols h1 h2 h2c + } +} + +(security_headers) { + header * { + Strict-Transport-Security "max-age=3600; includeSubDomains; preload" + X-Content-Type-Options "nosniff" + X-Frame-Options "SAMEORIGIN" + X-XSS-Protection "1; mode=block" + -Server + Referrer-Policy strict-origin-when-cross-origin + } +} + +:80${CADDY_SECURE_DOMAIN} { + import security_headers + # relay + reverse_proxy /relay* 127.0.0.1:${RELAY_PORT} + # Signal + reverse_proxy /ws-proxy/signal* 127.0.0.1:${SIGNAL_PORT} + reverse_proxy /signalexchange.SignalExchange/* h2c://127.0.0.1:${SIGNAL_GRPC_PORT} + # Management + reverse_proxy /api/* 127.0.0.1:${MANAGEMENT_PORT} + reverse_proxy /ws-proxy/management* 127.0.0.1:${MANAGEMENT_PORT} + reverse_proxy /management.ManagementService/* h2c://127.0.0.1:${MANAGEMENT_PORT} + reverse_proxy /oauth2/* 127.0.0.1:${MANAGEMENT_PORT} + # Dashboard + reverse_proxy /* 127.0.0.1:${DASHBOARD_PORT} +} +CONFIG +else + bashio::log.info "Using existing Caddyfile at ${CADDYFILE}." +fi + +mkdir -p /run/nginx +chmod +x /usr/local/bin/init_react_envs.sh diff --git a/netbird-server/rootfs/etc/nginx/http.d/default.conf b/netbird-server/rootfs/etc/nginx/http.d/default.conf new file mode 100644 index 000000000..4e05272cc --- /dev/null +++ b/netbird-server/rootfs/etc/nginx/http.d/default.conf @@ -0,0 +1,11 @@ +server { + listen 8080; + server_name _; + + root /usr/share/nginx/html; + index index.html; + + location / { + try_files $uri /index.html; + } +} diff --git a/netbird-server/rootfs/etc/services.d/caddy/run b/netbird-server/rootfs/etc/services.d/caddy/run new file mode 100644 index 000000000..6e37ad177 --- /dev/null +++ b/netbird-server/rootfs/etc/services.d/caddy/run @@ -0,0 +1,24 @@ +#!/usr/bin/with-contenv bashio +# shellcheck shell=bash +set -euo pipefail + +# ============================================================================== +# Home Assistant Add-on: NetBird Server +# Runs Caddy reverse proxy +# ============================================================================== + +DATA_DIR="/config/netbird" +CADDYFILE="${DATA_DIR}/Caddyfile" + +if [[ ! -f "$CADDYFILE" ]]; then + bashio::log.error "Missing Caddyfile at ${CADDYFILE}." + bashio::exit.nok +fi + +export XDG_DATA_HOME="${DATA_DIR}/caddy/data" +export XDG_CONFIG_HOME="${DATA_DIR}/caddy/config" + +mkdir -p "$XDG_DATA_HOME" "$XDG_CONFIG_HOME" + +bashio::log.info "Starting Caddy..." +exec caddy run --config "$CADDYFILE" --adapter caddyfile diff --git a/netbird-server/rootfs/etc/services.d/coturn/run b/netbird-server/rootfs/etc/services.d/coturn/run deleted file mode 100644 index 140060fd7..000000000 --- a/netbird-server/rootfs/etc/services.d/coturn/run +++ /dev/null @@ -1,19 +0,0 @@ -#!/usr/bin/with-contenv bashio -# shellcheck shell=bash -set -euo pipefail - -# ============================================================================== -# Home Assistant Add-on: NetBird Server -# Runs Coturn -# ============================================================================== - -DATA_DIR="/config/netbird" -TURN_CONFIG="$DATA_DIR/turn/turnserver.conf" - -if [[ ! -f "$TURN_CONFIG" ]]; then - bashio::log.error "Missing Coturn configuration at ${TURN_CONFIG}." - bashio::exit.nok -fi - -bashio::log.info "Starting Coturn..." -exec /usr/local/bin/turnserver -c "$TURN_CONFIG" --log-file stdout diff --git a/netbird-server/rootfs/etc/services.d/dashboard/run b/netbird-server/rootfs/etc/services.d/dashboard/run index ac20ab3d9..e67341fc9 100644 --- a/netbird-server/rootfs/etc/services.d/dashboard/run +++ b/netbird-server/rootfs/etc/services.d/dashboard/run @@ -7,46 +7,17 @@ set -euo pipefail # Runs the NetBird Dashboard # ============================================================================== -DOMAIN="localhost" -EXTERNAL_BASE_URL="" -MANAGEMENT_LISTEN="0.0.0.0:33073" -AUTH_AUTHORITY="" -AUTH_CLIENT_ID="" -AUTH_CLIENT_SECRET="" -AUTH_AUDIENCE="" -AUTH_SUPPORTED_SCOPES="openid profile email api offline_access email_verified" -USE_AUTH0="false" -NETBIRD_MGMT_API_ENDPOINT="" - -MANAGEMENT_PORT="${MANAGEMENT_LISTEN##*:}" - ENV_FILE="/config/netbird/dashboard/env" if [[ -f "$ENV_FILE" ]]; then set -a # shellcheck disable=SC1090 . "$ENV_FILE" set +a -fi - -if [[ -n "$NETBIRD_MGMT_API_ENDPOINT" ]]; then - NETBIRD_MGMT_API_ENDPOINT="$NETBIRD_MGMT_API_ENDPOINT" -elif [[ -n "$EXTERNAL_BASE_URL" ]]; then - NETBIRD_MGMT_API_ENDPOINT="$EXTERNAL_BASE_URL" -elif [[ -n "$DOMAIN" ]]; then - NETBIRD_MGMT_API_ENDPOINT="http://${DOMAIN}:${MANAGEMENT_PORT}" else - bashio::log.warning "external_base_url and domain are empty; defaulting NETBIRD_MGMT_API_ENDPOINT to localhost." - NETBIRD_MGMT_API_ENDPOINT="http://127.0.0.1:${MANAGEMENT_PORT}" + bashio::log.error "Missing dashboard env file at ${ENV_FILE}." + bashio::exit.nok fi -export AUTH_AUTHORITY -export AUTH_CLIENT_ID -export AUTH_CLIENT_SECRET -export AUTH_AUDIENCE -export AUTH_SUPPORTED_SCOPES -export USE_AUTH0 -export NETBIRD_MGMT_API_ENDPOINT - bashio::log.info "Preparing NetBird Dashboard assets..." /usr/local/bin/init_react_envs.sh diff --git a/netbird-server/rootfs/etc/services.d/management/run b/netbird-server/rootfs/etc/services.d/management/run index 93516bab0..2404df3cc 100644 --- a/netbird-server/rootfs/etc/services.d/management/run +++ b/netbird-server/rootfs/etc/services.d/management/run @@ -10,6 +10,7 @@ set -euo pipefail DATA_DIR="/config/netbird" LOG_LEVEL="info" MANAGEMENT_CONFIG="$DATA_DIR/management/management.json" +MANAGEMENT_PORT=8081 if [[ ! -f "$MANAGEMENT_CONFIG" ]]; then bashio::log.error "Missing management configuration at ${MANAGEMENT_CONFIG}." @@ -19,5 +20,10 @@ fi bashio::log.info "Starting NetBird Management..." exec /usr/local/bin/netbird-mgmt management \ --config "$MANAGEMENT_CONFIG" \ + --port "$MANAGEMENT_PORT" \ --log-level "$LOG_LEVEL" \ - --log-file console + --log-file console \ + --disable-anonymous-metrics=false \ + --single-account-mode-domain=netbird.selfhosted \ + --dns-domain=netbird.selfhosted \ + --idp-sign-key-refresh-enabled diff --git a/netbird-server/rootfs/etc/services.d/relay/run b/netbird-server/rootfs/etc/services.d/relay/run index 1a060d10c..8685fcd1b 100644 --- a/netbird-server/rootfs/etc/services.d/relay/run +++ b/netbird-server/rootfs/etc/services.d/relay/run @@ -4,17 +4,20 @@ set -euo pipefail # ============================================================================== # Home Assistant Add-on: NetBird Server -# Runs the NetBird Relay (optional) +# Runs the NetBird Relay (includes embedded STUN) # ============================================================================== -LOG_LEVEL="info" -RELAY_EXPOSED_ADDRESS="" -RELAY_AUTH_SECRET="" +RELAY_ENV_FILE="/config/netbird/relay/relay.env" + +if [[ -f "$RELAY_ENV_FILE" ]]; then + set -a + # shellcheck disable=SC1090 + . "$RELAY_ENV_FILE" + set +a +else + bashio::log.error "Missing relay env file at ${RELAY_ENV_FILE}." + bashio::exit.nok +fi bashio::log.info "Starting NetBird Relay..." -exec /usr/local/bin/netbird-relay \ - --listen-address ":33080" \ - --exposed-address "$RELAY_EXPOSED_ADDRESS" \ - --auth-secret "$RELAY_AUTH_SECRET" \ - --log-level "$LOG_LEVEL" \ - --log-file console +exec /usr/local/bin/netbird-relay diff --git a/netbird-server/rootfs/etc/services.d/signal/run b/netbird-server/rootfs/etc/services.d/signal/run index 778ea43de..f2395441c 100644 --- a/netbird-server/rootfs/etc/services.d/signal/run +++ b/netbird-server/rootfs/etc/services.d/signal/run @@ -7,9 +7,8 @@ set -euo pipefail # Runs the NetBird Signal service # ============================================================================== -SIGNAL_LISTEN="0.0.0.0:10000" +SIGNAL_PORT=8083 LOG_LEVEL="info" -SIGNAL_PORT="${SIGNAL_LISTEN##*:}" bashio::log.info "Starting NetBird Signal on port ${SIGNAL_PORT}..." exec /usr/local/bin/netbird-signal run \