diff --git a/src/pages/selfhosted/selfhosted-guide.mdx b/src/pages/selfhosted/selfhosted-guide.mdx index 4582ab40..16a8171c 100644 --- a/src/pages/selfhosted/selfhosted-guide.mdx +++ b/src/pages/selfhosted/selfhosted-guide.mdx @@ -184,6 +184,24 @@ Make sure your reverse-Proxy is setup to use the HTTP2-Protocol when forwarding. Simply replace the file `docker-compose.yml.tmpl` with the chosen version. +## Advanced: Additional configurations for cloud providers + +### Hetzner +Hetzner uses stateless [firewall](https://docs.hetzner.com/robot/dedicated-server/firewall/), which means it doesn't "keep track of" whether or not an incoming packet belongs to an established connection. In this case, you may add to this server firewall an UDP port range equals to the result of: +```bash +sudo cat /proc/sys/net/ipv4/ip_local_port_range +``` +More info can be found at this GitHub [issue](https://github.com/netbirdio/netbird/issues/390#issuecomment-1185298689). + +### Oracle Cloud Infrastructure (OCI) +Linux images provided by Oracle Cloud includes some default [firewall rules](https://docs.oracle.com/en-us/iaas/Content/Compute/References/bestpracticescompute.htm#Essentia) which block ingress UDP on port 3478. This is required by Coturn without which only peers in same LAN would be able to communicate with each other but not peers on different networks. Besides opening [required](#requirements) ports on _Security Rules_, you also need to run below command on the virtual machine. +```bash +sudo iptables -I INPUT -p udp -m udp --dport 3478 -j ACCEPT +``` + +Oracle Cloud discourages use of UFW. You will have to use IPTABLES. + + ## Backup To backup your NetBird installation, you need to copy the configuration files, and the Management service databases. diff --git a/src/pages/selfhosted/selfhosted-quickstart.mdx b/src/pages/selfhosted/selfhosted-quickstart.mdx index 3b41017b..0d704a9b 100644 --- a/src/pages/selfhosted/selfhosted-quickstart.mdx +++ b/src/pages/selfhosted/selfhosted-quickstart.mdx @@ -25,7 +25,7 @@ as the identity provider for user management using a single-line setup script an **Infrastructure requirements:** - A Linux VM with at least **1CPU** and **2GB** of memory. -- The VM should be publicly accessible on TCP ports **80** and **443** and UDP ports: **3478**, **49152-65535**. +- The VM should be publicly accessible on TCP ports **80**, **443**, **33073** and **10000**; and UDP ports: **3478**, **49152-65535**. - **Public domain** name pointing to the VM. **Software requirements:** @@ -109,4 +109,4 @@ Feel free to ping us on [Slack](https://join.slack.com/t/netbirdio/shared_invite - NetBird managed version: [https://app.netbird.io](https://app.netbird.io) - Make sure to [star us on GitHub](https://github.com/netbirdio/netbird) -- Follow us [on Twitter](https://twitter.com/netbird) \ No newline at end of file +- Follow us [on Twitter](https://twitter.com/netbird)