sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-18 16:36:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Client Settings documentation section (#612)

Browse Source 
* Add Block Inbound Connections documentation to Client settings

Document the previously undocumented "Block Inbound Connections" client
setting (introduced in v0.46.0). Adds a dedicated feature page under
Client > Settings, updates the sidebar navigation, and adds the
--block-inbound flag to the CLI reference.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Move Post-Quantum Cryptography to Client settings and add systray notes

Move the Rosenpass/post-quantum cryptography page from manage/integrations/
to client/ under the new Settings section. Add redirects for the old URL.
Also add systray toggle instructions to both the Quantum-Resistance and
Lazy Connections pages.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* Rename post-quantum cryptography page and fix hydration error

Drop the "Enable" prefix from the page title and filename for a cleaner
topic name. Update redirects and navigation. Fix hydration mismatch
caused by a <div> (Button component) nested inside a <p> tag.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jack Carter
2026-02-18 12:53:51 +01:00
committed by GitHub
parent c8f1dbd027
commit 8936e9163f
6 changed files with 916 additions and 537 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
next.config.mjs
View File

@@ -454,7 +454,17 @@ const nextConfig = {
// documentation redirects for integrations
{
source: '/how-to/enable-post-quantum-cryptography',
destination: '/manage/integrations/enable-post-quantum-cryptography',
destination: '/client/post-quantum-cryptography',
permanent: true,
},
{
source: '/manage/integrations/enable-post-quantum-cryptography',
destination: '/client/post-quantum-cryptography',
permanent: true,
},
{
source: '/client/enable-post-quantum-cryptography',
destination: '/client/post-quantum-cryptography',
permanent: true,
},
{

596
src/components/NavigationDocs.jsx
View File

@@ -4,12 +4,15 @@ import {
ActivePageMarker,
NavLink,
TopLevelNavItem,
VisibleSectionHighlight
VisibleSectionHighlight,
} from '@/components/NavigationAPI'
import { AnimatePresence, motion } from 'framer-motion'
import { Button } from '@/components/mdx'
import { useState } from 'react'
import { NavigationStateProvider, useNavigationState } from '@/components/NavigationState'
import {
NavigationStateProvider,
useNavigationState,
} from '@/components/NavigationState'
import ChevronDownIcon from '@/components/icons/ChevronDownIcon'
export const docsNavigation = [
@@ -17,11 +20,26 @@ export const docsNavigation = [
title: 'ABOUT',
links: [
{ title: 'How NetBird Works', href: '/about-netbird/how-netbird-works' },
{ title: 'NetBird vs. Traditional VPN', href: '/about-netbird/netbird-vs-traditional-vpn' },
{ title: 'Self-Hosted vs. Cloud', href: '/about-netbird/self-hosted-vs-cloud' },
{ title: 'Understanding NAT and Connectivity', href: '/about-netbird/understanding-nat-and-connectivity' },
{ title: 'Why WireGuard with NetBird', href: '/about-netbird/why-wireguard-with-netbird' },
{ title: 'Browser Client Architecture', href: '/about-netbird/browser-client-architecture' },
{
title: 'NetBird vs. Traditional VPN',
href: '/about-netbird/netbird-vs-traditional-vpn',
},
{
title: 'Self-Hosted vs. Cloud',
href: '/about-netbird/self-hosted-vs-cloud',
},
{
title: 'Understanding NAT and Connectivity',
href: '/about-netbird/understanding-nat-and-connectivity',
},
{
title: 'Why WireGuard with NetBird',
href: '/about-netbird/why-wireguard-with-netbird',
},
{
title: 'Browser Client Architecture',
href: '/about-netbird/browser-client-architecture',
},
{ title: 'FAQ', href: '/about-netbird/faq' },
/*{ title: 'Whats new in version xx', href: '/welcome/how-netbird-works' },
{ title: 'Release notes', href: '/about-netbird/netbird-vs-traditional-vpn' },*/
@@ -32,7 +50,9 @@ export const docsNavigation = [
links: [
{ title: 'Quickstart Guide', href: '/get-started' },
{
title: 'Install NetBird', isOpen: true, href: '/get-started/install',
title: 'Install NetBird',
isOpen: true,
href: '/get-started/install',
links: [
{ title: 'Linux', href: '/get-started/install/linux' },
{ title: 'Windows', href: '/get-started/install/windows' },
@@ -41,11 +61,12 @@ export const docsNavigation = [
{ title: 'iOS', href: '/get-started/install/ios' },
{ title: 'tvOS', href: '/get-started/install/tvos' },
{ title: 'Android', href: '/get-started/install/android' },
{ title: 'Android TV', href: '/get-started/install/android-tv'}
{ title: 'Android TV', href: '/get-started/install/android-tv' },
],
},
{
title: 'Platforms', isOpen: false,
title: 'Platforms',
isOpen: false,
links: [
{ title: 'Proxmox VE', href: '/get-started/install/proxmox-ve' },
{ title: 'Synology', href: '/get-started/install/synology' },
@@ -53,7 +74,7 @@ export const docsNavigation = [
{ title: 'pfSense', href: '/get-started/install/pfsense' },
{ title: 'OPNsense', href: '/get-started/install/opnsense' },
{ title: 'Raspberry Pi', href: '/get-started/install/raspberrypi' },
]
],
},
{ title: 'CLI', href: '/get-started/cli' },
],
@@ -66,9 +87,15 @@ export const docsNavigation = [
title: 'Peers',
isOpen: false,
links: [
{ title: 'Add Peers', href: '/manage/peers/add-machines-to-your-network' },
{
title: 'Add Peers',
href: '/manage/peers/add-machines-to-your-network',
},
{ title: 'Approve Peers', href: '/manage/peers/approve-peers' },
{ title: 'Setup Keys', href: '/manage/peers/register-machines-using-setup-keys' },
{
title: 'Setup Keys',
href: '/manage/peers/register-machines-using-setup-keys',
},
{ title: 'Browser Client', href: '/manage/peers/browser-client' },
{ title: 'SSH', href: '/manage/peers/ssh' },
{ title: 'Lazy Connections', href: '/manage/peers/lazy-connection' },
@@ -78,51 +105,69 @@ export const docsNavigation = [
links: [
{
title: 'Access Remote Webserver',
href: '/manage/peers/access-infrastructure/secure-remote-webserver-access'
href: '/manage/peers/access-infrastructure/secure-remote-webserver-access',
},
{
title: 'Add Servers to the Network',
href: '/manage/peers/access-infrastructure/setup-keys-add-servers-to-network'
href: '/manage/peers/access-infrastructure/setup-keys-add-servers-to-network',
},
{
title: 'Access from Kubernetes',
href: '/manage/peers/access-infrastructure/access-internal-resources-from-autoscaled-environments'
href: '/manage/peers/access-infrastructure/access-internal-resources-from-autoscaled-environments',
},
{
title: 'Peer Approval for Remote Access',
href: '/manage/peers/access-infrastructure/peer-approval-for-remote-worker-access'
href: '/manage/peers/access-infrastructure/peer-approval-for-remote-worker-access',
},
]
],
},
{ title: 'Auto Update', href: '/manage/peers/auto-update' },
]
],
},
{
title: 'Access Control',
isOpen: false,
links: [
{ title: 'Groups & Policies', href: '/manage/access-control' },
{ title: 'Manage Access', href: '/manage/access-control/manage-network-access' },
{
title: 'Manage Access',
href: '/manage/access-control/manage-network-access',
},
{
title: 'Posture Checks',
href: '/manage/access-control/posture-checks',
isOpen: false,
links: [
{ title: 'Disable route when in the office', href: '/manage/access-control/posture-checks/connecting-from-the-office' },
]
{
title: 'Disable route when in the office',
href: '/manage/access-control/posture-checks/connecting-from-the-office',
},
],
},
{
title: 'Integrate MDM & EDR',
href: '/manage/access-control/endpoint-detection-and-response',
isOpen: false,
links: [
{ title: 'CrowdStrike Falcon', href: '/manage/access-control/endpoint-detection-and-response/crowdstrike-edr' },
{ title: 'Microsoft Intune', href: '/manage/access-control/endpoint-detection-and-response/intune-mdm' },
{ title: 'SentinelOne Singularity', href: '/manage/access-control/endpoint-detection-and-response/sentinelone-edr' },
{ title: 'Huntress', href: '/manage/access-control/endpoint-detection-and-response/huntress-edr' },
]
{
title: 'CrowdStrike Falcon',
href: '/manage/access-control/endpoint-detection-and-response/crowdstrike-edr',
},
]
{
title: 'Microsoft Intune',
href: '/manage/access-control/endpoint-detection-and-response/intune-mdm',
},
{
title: 'SentinelOne Singularity',
href: '/manage/access-control/endpoint-detection-and-response/sentinelone-edr',
},
{
title: 'Huntress',
href: '/manage/access-control/endpoint-detection-and-response/huntress-edr',
},
],
},
],
},
{
title: 'Networks',
@@ -138,23 +183,41 @@ export const docsNavigation = [
title: 'By Scenario',
isOpen: false,
links: [
{ title: 'Access Home Devices', href: '/manage/networks/use-cases/by-scenario/access-home-devices' },
{ title: 'Remote Worker Access', href: '/manage/networks/use-cases/by-scenario/remote-worker-access' },
{ title: 'Cloud to On-Premise', href: '/manage/networks/use-cases/by-scenario/cloud-to-on-premise' },
]
{
title: 'Access Home Devices',
href: '/manage/networks/use-cases/by-scenario/access-home-devices',
},
{
title: 'Remote Worker Access',
href: '/manage/networks/use-cases/by-scenario/remote-worker-access',
},
{
title: 'Cloud to On-Premise',
href: '/manage/networks/use-cases/by-scenario/cloud-to-on-premise',
},
],
},
{
title: 'By Resource Type',
isOpen: false,
links: [
{ title: 'Multiple IP Resources', href: '/manage/networks/use-cases/by-resource-type/routing-traffic-to-multiple-resources' },
{ title: 'Domain Resources', href: '/manage/networks/use-cases/by-resource-type/accessing-restricted-domain-resources' },
{ title: 'Wildcard Domains', href: '/manage/networks/use-cases/by-resource-type/accessing-entire-domains-within-networks' },
]
{
title: 'Multiple IP Resources',
href: '/manage/networks/use-cases/by-resource-type/routing-traffic-to-multiple-resources',
},
]
}
]
{
title: 'Domain Resources',
href: '/manage/networks/use-cases/by-resource-type/accessing-restricted-domain-resources',
},
{
title: 'Wildcard Domains',
href: '/manage/networks/use-cases/by-resource-type/accessing-entire-domains-within-networks',
},
],
},
],
},
],
},
{
title: 'Network Routes',
@@ -170,66 +233,120 @@ export const docsNavigation = [
title: 'By Scenario',
isOpen: false,
links: [
{ title: 'Site-to-Site: Home', href: '/manage/network-routes/use-cases/by-scenario/site-to-site-home' },
{ title: 'Site-to-Site: Office', href: '/manage/network-routes/use-cases/by-scenario/site-to-site-office' },
{ title: 'Site-to-Site: Cloud', href: '/manage/network-routes/use-cases/by-scenario/site-to-site-cloud' },
{ title: 'Exit Nodes', href: '/manage/network-routes/use-cases/by-scenario/exit-nodes' },
]
{
title: 'Site-to-Site: Home',
href: '/manage/network-routes/use-cases/by-scenario/site-to-site-home',
},
{
title: 'Site-to-Site: Office',
href: '/manage/network-routes/use-cases/by-scenario/site-to-site-office',
},
{
title: 'Site-to-Site: Cloud',
href: '/manage/network-routes/use-cases/by-scenario/site-to-site-cloud',
},
{
title: 'Exit Nodes',
href: '/manage/network-routes/use-cases/by-scenario/exit-nodes',
},
],
},
{
title: 'By Configuration',
isOpen: false,
links: [
{ title: 'Access Control', href: '/manage/network-routes/use-cases/by-configuration/access-control' },
{ title: 'Overlapping Routes', href: '/manage/network-routes/use-cases/by-configuration/overlapping-routes' },
{ title: 'Advanced Configuration', href: '/manage/network-routes/use-cases/by-configuration/advanced-configuration' },
]
{
title: 'Access Control',
href: '/manage/network-routes/use-cases/by-configuration/access-control',
},
]
}
]
{
title: 'Overlapping Routes',
href: '/manage/network-routes/use-cases/by-configuration/overlapping-routes',
},
{
title: 'Advanced Configuration',
href: '/manage/network-routes/use-cases/by-configuration/advanced-configuration',
},
],
},
],
},
],
},
{
title: 'Reverse Proxy',
isOpen: false,
links: [
{ title: 'Overview', href: '/manage/reverse-proxy' },
{ title: 'Custom Domains', href: '/manage/reverse-proxy/custom-domains' },
{ title: 'Authentication', href: '/manage/reverse-proxy/authentication' },
{
title: 'Custom Domains',
href: '/manage/reverse-proxy/custom-domains',
},
{
title: 'Authentication',
href: '/manage/reverse-proxy/authentication',
},
{ title: 'Access Logs', href: '/manage/reverse-proxy/access-logs' },
]
],
},
{
title: 'DNS',
isOpen: false,
links: [
{ title: 'Quickstart', href: '/manage/dns/private-dns-behind-routing-peers' },
{
title: 'Quickstart',
href: '/manage/dns/private-dns-behind-routing-peers',
},
{ title: 'Overview', href: '/manage/dns' },
{ title: 'Configuring Nameservers', href: '/manage/dns/nameserver-groups' },
{
title: 'Configuring Nameservers',
href: '/manage/dns/nameserver-groups',
},
{ title: 'DNS Settings', href: '/manage/dns/dns-settings' },
{ title: 'Custom Zones', href: '/manage/dns/custom-zones' },
{ title: 'DNS Aliases for Routed Networks', href: '/manage/dns/dns-aliases-for-routed-networks' },
{
title: 'DNS Aliases for Routed Networks',
href: '/manage/dns/dns-aliases-for-routed-networks',
},
{ title: 'DNS Troubleshooting', href: '/manage/dns/troubleshooting' },
]
],
},
{
title: 'Team',
isOpen: false,
links: [
{ title: 'Add Users to Your Network', href: '/manage/team/add-users-to-your-network' },
{
title: 'Add Users to Your Network',
href: '/manage/team/add-users-to-your-network',
},
{ title: 'Approve Users', href: '/manage/team/approve-users' },
{
title: 'Provision Users & Groups',
href: '/manage/team/idp-sync',
isOpen: false,
links: [
{ title: 'Microsoft Entra ID (API)', href: '/manage/team/idp-sync/microsoft-entra-id-sync' },
{ title: 'Microsoft Entra ID (SCIM)', href: '/manage/team/idp-sync/microsoft-entra-id-scim-sync' },
{
title: 'Microsoft Entra ID (API)',
href: '/manage/team/idp-sync/microsoft-entra-id-sync',
},
{
title: 'Microsoft Entra ID (SCIM)',
href: '/manage/team/idp-sync/microsoft-entra-id-scim-sync',
},
{ title: 'Okta', href: '/manage/team/idp-sync/okta-sync' },
{ title: 'Google Workspace', href: '/manage/team/idp-sync/google-workspace-sync' },
{ title: 'JumpCloud', href: '/manage/team/idp-sync/jumpcloud-sync' },
{ title: 'Keycloak', href: '/manage/team/idp-sync/keycloak-sync' },
]
{
title: 'Google Workspace',
href: '/manage/team/idp-sync/google-workspace-sync',
},
{
title: 'JumpCloud',
href: '/manage/team/idp-sync/jumpcloud-sync',
},
{
title: 'Keycloak',
href: '/manage/team/idp-sync/keycloak-sync',
},
],
},
{
title: 'Auto-Offboard Users',
@@ -247,24 +364,42 @@ export const docsNavigation = [
// { title: 'JumpCloud', href: '/manage/team/single-sign-on/jumpcloud' },
// ]
},
]
],
},
{
title: 'Activity',
links: [
{ title: 'Audit Events Logging', href: '/manage/activity' },
{ title: 'Traffic Events Logging', href: '/manage/activity/traffic-events-logging' },
{
title: 'Traffic Events Logging',
href: '/manage/activity/traffic-events-logging',
},
{
title: 'Stream Activity Events',
href: '/manage/activity/event-streaming',
isOpen: false,
links: [
{ title: 'Datadog', href: '/manage/activity/event-streaming/datadog' },
{ title: 'Amazon S3', href: '/manage/activity/event-streaming/amazon-s3' },
{ title: 'Amazon Firehose', href: '/manage/activity/event-streaming/amazon-firehose' },
{ title: 'SentinelOne Data Lake', href: '/manage/activity/event-streaming/sentinelone-data-lake' },
{ title: 'Generic HTTP', href: '/manage/activity/event-streaming/generic-http' },
]
{
title: 'Datadog',
href: '/manage/activity/event-streaming/datadog',
},
{
title: 'Amazon S3',
href: '/manage/activity/event-streaming/amazon-s3',
},
{
title: 'Amazon Firehose',
href: '/manage/activity/event-streaming/amazon-firehose',
},
{
title: 'SentinelOne Data Lake',
href: '/manage/activity/event-streaming/sentinelone-data-lake',
},
{
title: 'Generic HTTP',
href: '/manage/activity/event-streaming/generic-http',
},
],
},
],
},
@@ -272,52 +407,73 @@ export const docsNavigation = [
title: 'Settings',
isOpen: false,
links: [
{ title: 'Authentication', href: '/manage/settings/enforce-periodic-user-authentication' },
{ title: 'Multi-Factor Authentication', href: '/manage/settings/multi-factor-authentication' },
{
title: 'Authentication',
href: '/manage/settings/enforce-periodic-user-authentication',
},
{
title: 'Multi-Factor Authentication',
href: '/manage/settings/multi-factor-authentication',
},
{ title: 'Delete Account', href: '/manage/settings/delete-account' },
{ title: 'Plans and Billing', href: '/manage/settings/plans-and-billing' },
{
title: 'Plans and Billing',
href: '/manage/settings/plans-and-billing',
},
{ title: 'Auto Update', href: '/manage/peers/auto-update' },
{ title: 'Lazy Connections', href: '/manage/peers/lazy-connection' },
]
],
},
{
title: 'Integrations',
isOpen: false,
links: [
{ title: 'Enable Post Quantum Cryptography', href: '/manage/integrations/enable-post-quantum-cryptography' },
{
title: 'MDM for Deployment',
isOpen: true,
links: [
{ title: 'Deploy with Jamf Pro', href: '/manage/integrations/mdm-deployment/jamf-pro-netbird-integration' },
{ title: 'Deploy with Kandji', href: '/manage/integrations/mdm-deployment/kandji-netbird-integration' },
{ title: 'Deploy with Intune', href: '/manage/integrations/mdm-deployment/intune-netbird-integration' },
]
{
title: 'Deploy with Jamf Pro',
href: '/manage/integrations/mdm-deployment/jamf-pro-netbird-integration',
},
{
title: 'Deploy with Kandji',
href: '/manage/integrations/mdm-deployment/kandji-netbird-integration',
},
{
title: 'Deploy with Intune',
href: '/manage/integrations/mdm-deployment/intune-netbird-integration',
},
],
},
{
title: 'Kubernetes',
isOpen: true,
links: [
{ title: 'Operator', href: '/manage/integrations/kubernetes' },
]
],
},
]
],
},
{
title: 'Public API',
isOpen: false,
links: [
{ title: 'Access Public API', href: '/manage/public-api' },
]
links: [{ title: 'Access Public API', href: '/manage/public-api' }],
},
{
title: 'For Partners',
isOpen: false,
links: [
{ title: 'Managed Service Providers', href: '/manage/for-partners/msp-portal' },
{ title: 'Acronis NetBird integration', href: '/manage/for-partners/acronis-integration' },
]
{
title: 'Managed Service Providers',
href: '/manage/for-partners/msp-portal',
},
{
title: 'Acronis NetBird integration',
href: '/manage/for-partners/acronis-integration',
},
],
},
],
},
@@ -329,56 +485,120 @@ export const docsNavigation = [
title: 'Maintenance',
isOpen: false,
links: [
{ title: 'Configuration Files', href: '/selfhosted/configuration-files' },
{
title: 'Scaling Your Deployment', href: '/selfhosted/maintenance/scaling/scaling-your-self-hosted-deployment',
title: 'Configuration Files',
href: '/selfhosted/configuration-files',
},
{
title: 'Scaling Your Deployment',
href: '/selfhosted/maintenance/scaling/scaling-your-self-hosted-deployment',
isOpen: false,
links: [
{ title: 'Set Up External Relays', href: '/selfhosted/maintenance/scaling/set-up-external-relays' },
{ title: 'Migrate SQLite to PostgreSQL', href: '/selfhosted/maintenance/scaling/migrate-sqlite-to-postgresql' },
{ title: 'Set Up External Signal', href: '/selfhosted/maintenance/scaling/set-up-external-signal' },
]
{
title: 'Set Up External Relays',
href: '/selfhosted/maintenance/scaling/set-up-external-relays',
},
{
title: 'Migrate SQLite to PostgreSQL',
href: '/selfhosted/maintenance/scaling/migrate-sqlite-to-postgresql',
},
{
title: 'Set Up External Signal',
href: '/selfhosted/maintenance/scaling/set-up-external-signal',
},
],
},
{ title: 'Backup', href: '/selfhosted/maintenance/backup' },
{ title: 'Upgrade', href: '/selfhosted/maintenance/upgrade' },
{ title: 'Remove', href: '/selfhosted/maintenance/remove' },
{ title: 'Reverse Proxy', href: '/selfhosted/reverse-proxy' },
{ title: 'Management SQLite Store', href: '/selfhosted/sqlite-store' },
{ title: 'Management Postgres Store', href: '/selfhosted/postgres-store' },
{ title: 'Activity Events Postgres Store', href: '/selfhosted/activity-postgres-store' },
]
{
title: 'Management SQLite Store',
href: '/selfhosted/sqlite-store',
},
{
title: 'Management Postgres Store',
href: '/selfhosted/postgres-store',
},
{
title: 'Activity Events Postgres Store',
href: '/selfhosted/activity-postgres-store',
},
],
},
{
title: 'Authentication',
isOpen: false,
links: [
{ title: 'Authentication and IdPs', href: '/selfhosted/identity-providers' },
{ title: 'Local User Management', href: '/selfhosted/identity-providers/local' },
{ title: 'Disable Local Auth', href: '/selfhosted/identity-providers/disable-local-authentication' },
{
title: 'Authentication and IdPs',
href: '/selfhosted/identity-providers',
},
{
title: 'Local User Management',
href: '/selfhosted/identity-providers/local',
},
{
title: 'Disable Local Auth',
href: '/selfhosted/identity-providers/disable-local-authentication',
},
{
title: 'Self-hosted IdPs',
isOpen: true,
links: [
{ title: 'Generic OIDC', href: '/selfhosted/identity-providers/generic-oidc' },
{ title: 'Zitadel', href: '/selfhosted/identity-providers/zitadel' },
{ title: 'Authentik', href: '/selfhosted/identity-providers/authentik' },
{ title: 'Keycloak', href: '/selfhosted/identity-providers/keycloak' },
{ title: 'PocketID', href: '/selfhosted/identity-providers/pocketid' },
]
{
title: 'Generic OIDC',
href: '/selfhosted/identity-providers/generic-oidc',
},
{
title: 'Zitadel',
href: '/selfhosted/identity-providers/zitadel',
},
{
title: 'Authentik',
href: '/selfhosted/identity-providers/authentik',
},
{
title: 'Keycloak',
href: '/selfhosted/identity-providers/keycloak',
},
{
title: 'PocketID',
href: '/selfhosted/identity-providers/pocketid',
},
],
},
{
title: 'Managed IdPs',
isOpen: true,
links: [
{ title: 'Google Workspace', href: '/selfhosted/identity-providers/managed/google-workspace' },
{ title: 'Microsoft Entra ID', href: '/selfhosted/identity-providers/managed/microsoft-entra-id' },
{ title: 'JumpCloud', href: '/selfhosted/identity-providers/managed/jumpcloud' },
{ title: 'Auth0', href: '/selfhosted/identity-providers/managed/auth0' },
{ title: 'Duo', href: '/selfhosted/identity-providers/managed/duo' },
{ title: 'Okta', href: '/selfhosted/identity-providers/managed/okta' },
]
{
title: 'Google Workspace',
href: '/selfhosted/identity-providers/managed/google-workspace',
},
]
{
title: 'Microsoft Entra ID',
href: '/selfhosted/identity-providers/managed/microsoft-entra-id',
},
{
title: 'JumpCloud',
href: '/selfhosted/identity-providers/managed/jumpcloud',
},
{
title: 'Auth0',
href: '/selfhosted/identity-providers/managed/auth0',
},
{
title: 'Duo',
href: '/selfhosted/identity-providers/managed/duo',
},
{
title: 'Okta',
href: '/selfhosted/identity-providers/managed/okta',
},
],
},
],
},
{ title: 'Advanced Guide', href: '/selfhosted/selfhosted-guide' },
{ title: 'Management geolocation', href: '/selfhosted/geo-support' },
@@ -387,9 +607,15 @@ export const docsNavigation = [
title: 'Migration Guides',
isOpen: false,
links: [
{ title: 'Coturn to Embedded STUN', href: '/selfhosted/migration/coturn-to-stun-migration' },
{ title: 'Enable Reverse Proxy', href: '/selfhosted/migration/enable-reverse-proxy' },
]
{
title: 'Coturn to Embedded STUN',
href: '/selfhosted/migration/coturn-to-stun-migration',
},
{
title: 'Enable Reverse Proxy',
href: '/selfhosted/migration/enable-reverse-proxy',
},
],
},
],
},
@@ -397,6 +623,20 @@ export const docsNavigation = [
title: 'CLIENT',
links: [
{ title: 'Profiles', href: '/client/profiles' },
{
title: 'Settings',
isOpen: false,
links: [
{
title: 'Block Inbound Connections',
href: '/client/block-inbound-connections',
},
{
title: 'Post-Quantum Cryptography',
href: '/client/post-quantum-cryptography',
},
],
},
],
},
{
@@ -406,43 +646,62 @@ export const docsNavigation = [
{
title: 'Remote Access',
isOpen: false,
links: [
{ title: 'Overview', href: '/use-cases/site-to-site' },
]
links: [{ title: 'Overview', href: '/use-cases/site-to-site' }],
},
{
title: 'Homelab',
isOpen: false,
links: [
{ title: 'Overview', href: '/use-cases/homelab' },
{ title: 'NetBird on MikroTik Router', href: '/use-cases/homelab/client-on-mikrotik-router' },
]
{
title: 'NetBird on MikroTik Router',
href: '/use-cases/homelab/client-on-mikrotik-router',
},
],
},
{
title: 'Cloud',
isOpen: false,
links: [
{ title: 'Overview', href: '/use-cases/cloud' },
{ title: 'NetBird on AWS ECS', href: '/use-cases/cloud/aws-ecs-terraform' },
{ title: 'NetBird on Serverless (FaaS)', href: '/use-cases/cloud/netbird-on-faas' },
{ title: 'Routing Peers and Kubernetes', href: '/use-cases/cloud/routing-peers-and-kubernetes' },
{ title: 'Distributed Multi-Cloud AI', href: '/use-cases/cloud/distributed-multi-cloud-ai' },
]
{
title: 'NetBird on AWS ECS',
href: '/use-cases/cloud/aws-ecs-terraform',
},
{
title: 'NetBird on Serverless (FaaS)',
href: '/use-cases/cloud/netbird-on-faas',
},
{
title: 'Routing Peers and Kubernetes',
href: '/use-cases/cloud/routing-peers-and-kubernetes',
},
{
title: 'Distributed Multi-Cloud AI',
href: '/use-cases/cloud/distributed-multi-cloud-ai',
},
],
},
{
title: 'Security',
isOpen: false,
links: [
{ title: 'Overview', href: '/use-cases/security' },
{ title: 'Implement Zero Trust', href: '/use-cases/security/implement-zero-trust' },
]
{
title: 'Implement Zero Trust',
href: '/use-cases/security/implement-zero-trust',
},
],
},
],
},
{
title: 'GET MORE HELP',
links: [
{ title: 'Troubleshooting client issues', href: '/help/troubleshooting-client' },
{
title: 'Troubleshooting client issues',
href: '/help/troubleshooting-client',
},
{ title: 'Report bugs and issues', href: '/help/report-bug-issues' },
],
},
@@ -455,8 +714,12 @@ export function NavigationDocs({ className }) {
<TopLevelNavItem href="https://netbird.io/">Home</TopLevelNavItem>
<TopLevelNavItem href="/">Docs</TopLevelNavItem>
<TopLevelNavItem href="/api">API</TopLevelNavItem>
<TopLevelNavItem href="https://netbird.io/knowledge-hub/">Learn</TopLevelNavItem>
<TopLevelNavItem href="https://github.com/netbirdio/netbird">Github</TopLevelNavItem>
<TopLevelNavItem href="https://netbird.io/knowledge-hub/">
Learn
</TopLevelNavItem>
<TopLevelNavItem href="https://github.com/netbirdio/netbird">
Github
</TopLevelNavItem>
<TopLevelNavItem href="/slack-url">Support</TopLevelNavItem>
{docsNavigation.map((group, groupIndex) => (
<NavigationStateProvider key={group.title} index={groupIndex}>
@@ -468,7 +731,11 @@ export function NavigationDocs({ className }) {
</NavigationStateProvider>
))}
<li className="sticky bottom-0 z-10 mt-6 min-[416px]:hidden">
<Button href="https://app.netbird.io/" variant="filled" className="w-full">
<Button
href="https://app.netbird.io/"
variant="filled"
className="w-full"
>
Sign in
</Button>
</li>
@@ -495,7 +762,9 @@ const findActiveGroupIndex = (group, pathname) => {
function NavigationGroup({ group, className, hasChildren }) {
let router = useRouter()
let isActiveGroup = findActiveGroupIndex(group, router.pathname) !== -1
const [isOpen, setIsOpen] = useState(group.isOpen ? group.isOpen : !hasChildren)
const [isOpen, setIsOpen] = useState(
group.isOpen ? group.isOpen : !hasChildren
)
const [, setActiveHighlight] = useNavigationState()
return (
@@ -503,8 +772,10 @@ function NavigationGroup({ group, className, hasChildren }) {
<motion.h2
// layout={"size"}
className={clsx(
'flex justify-between items-center gap-2 group',
hasChildren ? 'text-zinc-700 select-none py-1 pr-3 hover:text-zinc-900 dark:text-zinc-300 font-medium dark:hover:text-white text-sm cursor-pointer' : 'text-xs font-semibold text-zinc-900 dark:text-white'
'group flex items-center justify-between gap-2',
hasChildren
? 'cursor-pointer select-none py-1 pr-3 text-sm font-medium text-zinc-700 hover:text-zinc-900 dark:text-zinc-300 dark:hover:text-white'
: 'text-xs font-semibold text-zinc-900 dark:text-white'
)}
onClick={() => {
setIsOpen(!isOpen)
@@ -519,14 +790,26 @@ function NavigationGroup({ group, className, hasChildren }) {
data-nb-active={hasChildren && isActiveGroup ? '1' : '0'}
>
{group.title}
{hasChildren && <ChevronDownIcon className={clsx('fill-zinc-700 group-hover:fill-zinc-900 dark:fill-zinc-300 dark:group-hover:fill-white', 'transition', isOpen ? 'transform rotate-180' : '')} size={10} />}
{hasChildren && (
<ChevronDownIcon
className={clsx(
'fill-zinc-700 group-hover:fill-zinc-900 dark:fill-zinc-300 dark:group-hover:fill-white',
'transition',
isOpen ? 'rotate-180 transform' : ''
)}
size={10}
/>
)}
</motion.h2>
<div className={clsx('relative', hasChildren ? '' : 'mt-3 pl-2')}>
{!hasChildren &&
{!hasChildren && (
<>
<AnimatePresence>
{isActiveGroup && (
<VisibleSectionHighlight group={group} pathname={router.pathname} />
<VisibleSectionHighlight
group={group}
pathname={router.pathname}
/>
)}
</AnimatePresence>
<motion.div
@@ -539,10 +822,11 @@ function NavigationGroup({ group, className, hasChildren }) {
)}
</AnimatePresence>
</>
}
)}
<AnimatePresence mode={'wait'} initial={false}>
{isOpen && <motion.ul
{isOpen && (
<motion.ul
role="list"
initial={{ opacity: 0 }}
animate={{
@@ -553,18 +837,30 @@ function NavigationGroup({ group, className, hasChildren }) {
opacity: 0,
transition: { duration: 0.15 },
}}
className="border-l border-transparent">
className="border-l border-transparent"
>
{group.links.map((link) => {
return link.href ?
return link.href ? (
<motion.li key={link.href} className="relative">
<NavLink href={link.href} active={link.href === router.pathname} links={link.links}>
<NavLink
href={link.href}
active={link.href === router.pathname}
links={link.links}
>
{link.title}
</NavLink>
</motion.li>
:
<NavigationGroup className={'ml-4'} key={link.title + isOpen} group={link} hasChildren={true} />
) : (
<NavigationGroup
className={'ml-4'}
key={link.title + isOpen}
group={link}
hasChildren={true}
/>
)
})}
</motion.ul>}
</motion.ul>
)}
</AnimatePresence>
</div>
</li>

55
src/pages/client/block-inbound-connections.mdx Normal file
View File

@@ -0,0 +1,55 @@
import {Note} from "@/components/mdx";
# Block Inbound Connections
The Block Inbound Connections setting prevents all inbound connections to the local machine and any networks it routes. When enabled, the NetBird client will drop all incoming peer traffic — including peer-to-peer connections, routed network traffic, and SSH — regardless of access control policies configured in the management service.
This is a client-side override that takes precedence over any policies received from the management service.
<Note>
Available since NetBird <strong>v0.46.0</strong>.
</Note>
## When to use it
- **Outbound-only peers**: A machine that only needs to access remote resources but should never be reachable by other peers.
- **Temporary lockdown**: Quickly block all inbound access to a machine without modifying server-side policies.
- **Defense-in-depth**: Add a client-side layer of protection alongside your access control policies.
## What it blocks
When Block Inbound Connections is enabled, the client will not add any inbound firewall rules. This means:
- **Peer connections**: Other peers cannot initiate connections to this machine.
- **Routed network traffic**: If this peer acts as a routing peer, inbound traffic to its routed networks is also blocked.
- **SSH access**: NetBird SSH connections to this peer are blocked.
<Note>
This setting overrides all policies from the management service. Even if an access control policy explicitly allows traffic to this peer, inbound connections will still be blocked.
</Note>
## Enabling via the system tray
1. Click the NetBird icon in the system tray.
2. Go to **Settings**.
3. Click **Block Inbound Connections** to toggle the setting.
When enabled, a checkmark will appear next to the menu item.
## Enabling via the CLI
You can enable Block Inbound Connections when starting the NetBird client:
```bash
netbird up --block-inbound
```
To disable it, run:
```bash
netbird up --block-inbound=false
```
<Note>
When toggling this setting via the CLI, the system tray UI may not reflect the change until the NetBird GUI is restarted.
</Note>

15
src/pages/manage/integrations/enable-post-quantum-cryptography.mdx → src/pages/client/post-quantum-cryptography.mdx
View File

@@ -1,6 +1,6 @@
import {Note} from "@/components/mdx";
# Enable post-quantum cryptography
# Post-quantum cryptography
Post-quantum cryptography aims to mitigate risks associated with quantum computing's potential to undermine existing encryption methods.
Current concerns include the possibility of bad actors collecting encrypted network traffic to decrypt it once quantum computers become available.
This 'harvest and decrypt later' strategy threatens the confidentiality of presently secure communications.
@@ -24,6 +24,15 @@ that automatically rotates and applies WireGuard pre-shared keys to every point-
<Note>
This is still an experimental feature, may contain bugs, and is not supported on mobile devices.
</Note>
### Enabling via the system tray
1. Click the NetBird icon in the system tray.
2. Go to **Settings**.
3. Click **Enable Quantum-Resistance** to toggle the setting.
### Enabling via the CLI
Rosenpass can be enabled by setting a flag on client start-up.
```bash
netbird up --enable-rosenpass
@@ -60,9 +69,9 @@ netbird up --enable-rosenpass --rosenpass-permissive
## Get started
<p float="center" >
<div>
<Button name="button" className="button-5" onClick={() => window.open("https://netbird.io/pricing")}>Use NetBird</Button>
</p>
</div>
- Make sure to [star us on GitHub](https://github.com/netbirdio/netbird)
- Follow us [on X](https://x.com/netbird)

1
src/pages/get-started/cli.mdx
View File

@@ -97,6 +97,7 @@ The command will check if the peer is logged in and connect to the management se
--interface-name string Wireguard interface name (default "utun100")
--rosenpass-permissive [Experimental] Enable Rosenpass in permissive mode to allow this peer to accept WireGuard connections without requiring Rosenpass functionality from peers that do not have Rosenpass enabled.
--wireguard-port uint16 Wireguard interface listening port (default 51820)
--block-inbound Block inbound connections. If enabled, the client will not allow any inbound connections to the local machine nor routed networks. This overrides any policies received from the management service.
```
#### Usage
The minimal form of running the command is:

8
src/pages/manage/peers/lazy-connection.mdx
View File

@@ -42,6 +42,14 @@ Once a connection between two peers is established, it will remain open only if
The default inactivity threshold is <strong>60 minutes</strong>, and can be configured via the <code>NB_LAZY_CONN_INACTIVITY_THRESHOLD</code> environment variable (`60`).
</Note>
## Enabling via the system tray
You can toggle Lazy Connections directly from the NetBird system tray:
1. Click the NetBird icon in the system tray.
2. Go to **Settings**.
3. Click **Enable Lazy Connections** to toggle the setting.
## Enabling Lazy Connections on agent
Lazy connections are disabled by default. You can enable Lazy Connections using the following environment variable: