netbird | pfsync | haproxy | nginx | client
since we were telling the bastion systems to reach netbird server through static name resolution internally
10.1.0.27 keycloak.demo.nethence.com dnc-haproxy 10.1.0.27 netbird.demo.nethence.com dnc-haproxy
we also had to tune haproxy to pass-through signal grpc, which didn’t work well – this is why we used tcp mode for that one
ping -c3 -W1 netbird.demo.nethence.com
nmap -p 443 netbird.demo.nethence.com
nmap -p 10000 netbird.demo.nethence.com # signal
ping -c3 -W1 keycloak.demo.nethence.com
nmap -p 443 keycloak.demo.nethence.com
apt install ca-certificates curl gnupg1 cd /usr/share/keyrings/ # no exist ls -lF netbird* curl -sSL https://pkgs.netbird.io/debian/public.key > netbird.asc gpg1 --dearmor < netbird.asc > netbird.gpg
# no exist ls -lF /etc/apt/sources.list.d/netbird.list cat > /etc/apt/sources.list.d/netbird.list <<EOF deb [signed-by=/usr/share/keyrings/netbird.gpg] https://pkgs.netbird.io/debian stable main EOF apt update apt install netbird
for casual end-user peers
netbird up \
--management-url https://netbird.demo.nethence.com:443 \
--admin-url https://netbird.demo.nethence.com:443
netbird up \
--management-url https://netbird.nethence.com \
--admin-url https://netbird.nethence.com
# doesn't seem to work
# --config /etc/netbird/demo.json
for bastion endpoints
netbird up \
--management-url https://netbird.demo.nethence.com:443 \
--admin-url https://netbird.demo.nethence.com:443 \
--setup-key SETUP-KEY-HERE
and check
netbird status --detail ifconfig wt0 ping 100.124.69.213
thereafter
netbird down netbird up
you are now ready to setup network routes in the UI and make the whole thing actually useful.
during install.sh
Error: status failed: failed while getting Management Service public key: failed while getting Management Service public key
==> fix mgmt endpoint
during up
Unknown desc = failed while getting Management Service public key
==> idem
right after success connect
Error: status failed: failed connecting to Signal Service : context deadline exceeded
==> …
Peers count: 0/0 Connected
==> wg port reachable or at least relay (turn) ?
https://app.netbird.io/install
https://docs.netbird.io/how-to/getting-started#installation
https://docs.netbird.io/how-to/add-machines-to-your-network
https://docs.netbird.io/how-to/register-machines-using-setup-keys
https://docs.netbird.io/how-to/add-users-to-your-network
https://docs.netbird.io/how-to/routing-traffic-to-private-networks
https://github.com/netbirdio/netbird/issues/1656