sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-15 23:16:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move the documentation repository to a public repo

Browse Source 
Added a LICENSE and documentation on how to contribute

Updated CI/CD to use the root level code
This commit is contained in:
mlsmaycon
2022-06-20 19:05:25 +02:00
parent 219bc7b9f4
commit 98751bc1f4
64 changed files with 10203 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
.dockerignore Normal file
View File

@@ -0,0 +1,10 @@
.git/
.gitignore
.next/ # Existing Next.js builds
.dockerignore
Dockerfile
docker-compose.yml
node_modules/ # Installed inside container
LICENSE
README.md
AUTHORS

34
.github/workflows/build_n_push.yml vendored Normal file
View File

@@ -0,0 +1,34 @@
name: docs site build and push
on:
push:
branches:
- main
tags:
- "**"
jobs:
docs_build_n_push:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
-
name: Docker meta
id: meta
uses: docker/metadata-action@v3
with:
images: netbirdio/docs.netbird.io
-
name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: netbirdio
password: ${{ secrets.DOCKER_TOKEN }}
-
name: Docker build and push
uses: docker/build-push-action@v2
with:
file: docker/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

24
.gitignore vendored Normal file
View File

@@ -0,0 +1,24 @@
# Dependencies
/node_modules
# Production
/build
# Generated files
.docusaurus
.cache-loader
# Misc
.DS_Store
.env.local
.env.development.local
.env.test.local
.env.production.local
npm-debug.log*
yarn-debug.log*
yarn-error.log*
.idea
package-lock.json

3
AUTHORS Normal file
View File

@@ -0,0 +1,3 @@
Mikhail Bragin (https://github.com/braginini)
Maycon Santos (https://github.com/mlsmaycon)
Wiretrustee UG (haftungsbeschränkt)

13
LICENSE Normal file
View File

@@ -0,0 +1,13 @@
BSD 3-Clause License
Copyright (c) 2022 Wiretrustee UG (haftungsbeschränkt) & AUTHORS
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

45
README.md
View File

@@ -1 +1,44 @@
# docs
# The NetBird documentation
This repository contains assets required to build the [documentation website for NetBird](https://netbird.io/docs/). It is built using [Docusaurus 2](https://docusaurus.io/), a modern static website generator.
We're glad that you want to contribute!
- [Contributing to the docs](#contributing-to-the-docs)
### Requirements
* node 16
* npm 8+
### Installation
```
$ npm install
```
### Local Development
```
$ npm run dev
```
This command starts a local development server and opens up a browser window. Most changes are reflected live without having to restart the server.
## Contributing to the docs
You can click the **Fork** button in the upper-right area of the screen to create a copy of this repository in your GitHub account. This copy is called a _fork_. Make any changes you want in your fork, and when you are ready to send those changes to us, go to your fork and create a new pull request to let us know about it.
Once your pull request is created, a NetBird reviewer will take responsibility for providing clear, actionable feedback. As the owner of the pull request, **it is your responsibility to modify your pull request to address the feedback that has been provided to you by the NetBird reviewer.**
Also, note that you may end up having more than one NetBird reviewer provide you feedback or you may end up getting feedback from a NetBird reviewer that is different than the one initially assigned to provide you feedback.
Furthermore, in some cases, one of your reviewers might ask for a technical review from a NetBird author when needed. Reviewers will do their best to provide feedback in a timely fashion but response time can vary based on circumstances.
## Code of conduct
Participation in the NetBird community is governed by the [NetBirds' Code of Conduct](https://github.com/netbirdio/netbird/blob/main/CODE_OF_CONDUCT.md).
## Thank you
NetBird thrives on community participation, and we appreciate your contributions to our website and our documentation!

3
babel.config.js Normal file
View File

@@ -0,0 +1,3 @@
module.exports = {
presets: [require.resolve('@docusaurus/core/lib/babel/preset')],
};

30
docker/Dockerfile Normal file
View File

@@ -0,0 +1,30 @@
FROM node:16-alpine
# Set working directory
WORKDIR /usr/app
# Install PM2 globally
RUN npm install --global pm2
# Copy package.json and package-lock.json before other files
# Utilise Docker cache to save re-installing dependencies if unchanged
COPY ./package*.json ./
# Install dependencies
RUN npm install --production
# Copy all files
COPY ./ ./
# Build app
RUN npm run build
# Expose the listening port
EXPOSE 3000
# Run container as non-root (unprivileged) user
# The node user is provided in the Node.js Alpine base image
USER node
# Run npm start script with PM2 when container starts
CMD [ "pm2-runtime", "npm", "--", "start" ]

4
docs/examples/_category_.json Normal file
View File

@@ -0,0 +1,4 @@
{
"label": "Examples",
"position": 4
}

92
docs/examples/aws-ecs-client-daemon.md Normal file
View File

@@ -0,0 +1,92 @@
---
sidebar_position: 1
---
# NetBird Client on AWS ECS (Terraform)
<p align="center">
<img src="/docs/img/examples/wiretrustee-on-aws-ecs.png" alt="high-level-dia" width="400"/>
</p>
A common way to run containers in the AWS cloud is to use Elastic Container Service (ECS).
ECS is a fully managed container orchestration service that makes it easy to deploy, manage, and scale containerized applications.
It is best practice and common to run this infrastructure behind security guardrails like strict security groups and private subnets.
Also, a routine for many System's administrators and Developers, is to connect to servers that run their company's software in order to troubleshoot, validate output and even install dependencies.
If you have your systems running in a private network, you got a few options to allow communication to hosts in that network:
* Add a [bastion host](https://en.wikipedia.org/wiki/Bastion_host) or [jump server](https://en.wikipedia.org/wiki/Jump_server).
* Connect a [site-2-site](https://en.wikipedia.org/wiki/Virtual_private_network#Types) VPN.
* [Remote access](https://en.wikipedia.org/wiki/Virtual_private_network#Types) VPN.
* Allow IP(s) address in the server's security group.
All these options are valid and proved to work over the years, but they come with some costs that in the short to mid-term you start to deal with:
* Hard implementation.
* Fragile firewall configuration.
* Yet, another server to secure and maintain.
**In this example, we will run NetBird client configured as a daemon set in ECS deployed with Terraform.**
This allows you to:
* Run NetBird as an ECS native service, you can manage and maintain it the same way you do with your other services.
* Connect to EC2 running on private subnets without the need to open firewall rules or configure bastion servers.
* Access other services connected to your NetBird network and running anywhere.
## Requirements
* Terraform > 1.0.
* A NetBird account with a Setup Key.
* Another NetBird client in your network to validate the connection (possibly your laptop or a machine you are running this example on).
* The [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed.
* An [AWS account](https://aws.amazon.com/free/).
* Your AWS credentials. You can [create a new Access Key on this page](https://console.aws.amazon.com/iam/home?#/security_credentials).
## Notice
> Before getting started with this example, be aware that creating the resources from it may incur charges from AWS.
## Getting started
Clone this repository, download, and install Terraform following the guide [here](https://learn.hashicorp.com/tutorials/terraform/install-cli?in=terraform/aws-get-started).
Login to https://app.netbird.io and [add your machine as a peer](https://app.netbird.io/add-peer), once you are done with the steps described there, copy your [Setup key](https://app.netbird.io/setup-keys).
Using a text editor, edit the [variables.tf](https://github.com/wiretrustee/wiretrustee-examples/tree/master/ecs-client-daemon/variables.tf) file, and update the `wt_setup_key` variable with your setup key. Also, make sure that `ssh_public_key_path` variable is pointing to the correct public key path. If necessary, update the remaining variables according to your requirements and their descriptions.
Before continuing, you may also update the [provider.tf](https://github.com/wiretrustee/wiretrustee-examples/tree/master/ecs-client-daemon/provider.tf) to configure proper AWS region and default tags.
### Creating the resources with Terraform
Follow the steps below to run terraform and create your test environment:
1. From the root of the cloned repository, enter the ecs-client-daemon folder and run terraform init to download the modules and providers used in this example.
```shell
cd ecs-client-daemon
terraform init
```
2. Run terraform plan to get the estimated changes
```shell
terraform plan -out plan.tf
```
3. Run terraform apply to create your infrastructure
```shell
terraform apply plan.tf
```
### Validating the deployment
After a few minutes, the autoscaling group will launch an EC2 instance and there you will find the NetBird's ECS Daemon service running. With that, we can go to our [NetBird dashboard](https://app.netbird.io) and pick the IP of the node that is running NetBird, then we can connect to the node via ssh. For Unix(s) systems:
```shell
ssh ec2-user@100.64.0.200
```
Once you've login, you should be able to see the containers running by using the docker command:
```shell
sudo docker ps
```
### Deleting the infrastructure resources used in the example
Once you are done validating the example, you can remove the resources with the following steps:
1. Run terraform plan with the flag `-destroy`
```shell
terraform plan -out plan.tf -destroy
```
2. Then execute the apply command:
```shell
terraform apply plan.tf
```

27
docs/examples/netbird-docker.md Normal file
View File

@@ -0,0 +1,27 @@
---
sidebar_position: 2
---
# NetBird Client in Docker
One of the simplest ways of running NetBird client application is to use a pre-built [Docker image](https://hub.docker.com/r/netbirdio/netbird).
**Prerequisites:**
* **Docker installed.**
If you don't have docker installed, please refer to the installation guide on the official [Docker website](https://docs.docker.com/get-docker/).
* **NetBird account.**
Register one at [app.netbird.io](https://app.netbird.io/).
You would need to obtain a [setup key](/overview/setup-keys) to associate NetBird client with your account.
The setup key could be found in the NetBird Management dashboard under the Setup Keys tab - [https://app.netbird.io/setup-keys](https://app.netbird.io/setup-keys).
Set the ```WT_SETUP_KEY``` environment variable and run the command.
```bash
docker run --rm --privileged -d -e WT_SETUP_KEY=<SETUP KEY> -v netbird-client:/etc/netbird netbirdio/netbird:latest
```
That is it! Enjoy using NetBird.
If you would like to learn how to run NetBird Client as an ECS agent on AWS, please refer to [this guide](/examples/aws-ecs-client-daemon).

4
docs/getting-started/_category_.json Normal file
View File

@@ -0,0 +1,4 @@
{
"label": "Getting Started",
"position": 3
}

206
docs/getting-started/installation.md Normal file
View File

@@ -0,0 +1,206 @@
---
sidebar_position: 2
title: Installation
---
### Linux
**APT/Debian**
1. Add the repository:
```bash
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg -y
curl -L https://pkgs.wiretrustee.com/debian/public.key | sudo apt-key add -
echo 'deb https://pkgs.wiretrustee.com/debian stable main' | sudo tee /etc/apt/sources.list.d/wiretrustee.list
```
2. Update APT's cache
```bash
sudo apt-get update
```
3. Install the package
```bash
# for CLI only
sudo apt-get install netbird
# for GUI package
sudo apt-get install netbird-ui
```
**RPM/Red hat**
1. Add the repository:
```bash
cat <<EOF | sudo tee /etc/yum.repos.d/wiretrustee.repo
[Wiretrustee]
name=Wiretrustee
baseurl=https://pkgs.wiretrustee.com/yum/
enabled=1
gpgcheck=0
gpgkey=https://pkgs.wiretrustee.com/yum/repodata/repomd.xml.key
repo_gpgcheck=1
EOF
```
2. Install the package
```bash
# for CLI only
sudo yum install netbird
# for GUI package
sudo yum install netbird-ui
```
### macOS
**Homebrew install**
1. Download and install homebrew at https://brew.sh/
2. If wiretrustee was previously installed with homebrew, you will need to run:
```bash
# Stop and uninstall daemon service:
sudo wiretrustee service stop
sudo wiretrustee service uninstall
# unlik the app
brew unlink wiretrustee
```
> netbird will copy any existing configuration from the Wiretrustee's default configuration paths to the new NetBird's default location
3. Install the client
```bash
# for CLI only
brew install netbirdio/tap/netbird
# for GUI package
brew install --cask netbirdio/tap/netbird-ui
```
4. If you installed CLI only, you need to install and start the client daemon service:
```bash
sudo netbird service install
sudo netbird service start
```
### Windows
1. Checkout NetBird [releases](https://github.com/netbirdio/netbird/releases/latest)
2. Download the latest Windows release installer ```netbird_installer_<VERSION>_windows_amd64.exe``` (**Switch VERSION to the latest**):
3. Proceed with the installation steps
4. This will install the UI client in the C:\\Program Files\\NetBird and add the daemon service
5. After installing, you can follow the steps from [Running NetBird with SSO Login](#Running-NetBird-with-SSO-Login) steps.
> To uninstall the client and service, you can use Add/Remove programs
### Binary Install
**Installation from binary (CLI only)**
1. Checkout NetBird [releases](https://github.com/netbirdio/netbird/releases/latest)
2. Download the latest release:
```bash
curl -o ./netbird_<VERSION>.tar.gz https://github.com/netbirdio/netbird/releases/download/v<VERSION>/netbird_<VERSION>_<OS>_<Arch>.tar.gz
```
:::note
You need to replace some variables from the URL above:
- Replace **VERSION** with the latest released verion.
- Replace **OS** with "linux", "darwin" for MacOS or "windows"
- Replace **Arch** with your target system CPU archtecture
:::
3. Decompress
```bash
tar xcf ./netbird_<VERSION>.tar.gz
sudo mv netbird /usr/bin/netbird
chmod +x /usr/bin/netbird
```
After that you may need to add /usr/bin in your PATH environment variable:
````bash
export PATH=$PATH:/usr/bin
````
4. Install and run the service
```bash
sudo netbird service install
sudo netbird service start
```
### Running NetBird with SSO Login
#### Desktop UI Application
If you installed the Desktop UI client, you can launch it and click on Connect.
> It will open your browser, and you will be prompt for email and password. Follow the instructions.
![](/img/getting-started/systray.png)
#### CLI
Alternatively, you could use command line. Simply run
```bash
netbird up
```
> It will open your browser, and you will be prompt for email and password. Follow the instructions.
![](/img/getting-started/netbird-up.png)
Check connection status:
```bash
netbird status
```
### Running NetBird with a Setup Key
In case you are activating a server peer, you can use a [setup key](/overview/setup-keys) as described in the steps below.
> This is especially helpful when you are running multiple server instances with infrastructure-as-code tools like ansible and terraform.
1. Login to the Management Service. You need to have a `setup key` in hand (see [setup keys](/overview/setup-keys)).
For all systems:
```bash
netbird up --setup-key <SETUP KEY>
```
For **Docker**, you can run with the following command:
```bash
docker run --network host --privileged --rm -d -e NB_SETUP_KEY=<SETUP KEY> -v netbird-client:/etc/netbird netbirdio/netbird:<TAG>
```
> TAG > 0.6.0 version
Alternatively, if you are hosting your own Management Service provide `--management-url` property pointing to your Management Service:
```bash
netbird up --setup-key <SETUP KEY> --management-url http://localhost:33073
```
> You could also omit the `--setup-key` property. In this case, the tool will prompt for the key.
2. Check connection status:
```bash
netbird status
```
3. Check your IP:
On **macOS** :
````bash
sudo ifconfig utun100
````
On **Linux**:
```bash
ip addr show wt0
```
On **Windows**:
```bash
netsh interface ip show config name="wt0"
```
### Running NetBird in Docker
```bash
docker run --rm --privileged -d -e WT_SETUP_KEY=<SETUP KEY> -v netbird-client:/etc/netbird netbirdio/netbird:latest
```
See [Docker example](examples/netbird-docker.md) for details.
### Troubleshooting
1. If you are using self-hosted version and haven't specified `--management-url`, the client app will use the default URL
which is ```https://api.wiretrustee.com:33073```.
2. If you have specified a wrong `--management-url` (e.g., just by mistake when self-hosting)
to override it you can do the following:
```bash
netbird down
netbird up --management-url https://<CORRECT HOST:PORT>/
```
To override it see the solution #1 above.

75
docs/getting-started/quickstart.md Normal file
View File

@@ -0,0 +1,75 @@
---
sidebar_position: 1
title: Quickstart Guide
---
Step-by-step video guide on YouTube:
<div class="videowrapper">
<iframe src="https://www.youtube.com/embed/Tu9tPsUWaY0" allow="fullscreen;"></iframe>
</div>
<br/>
This guide describes how to quickly get started with NetBird and create a secure private network with 2 connected machines.
One machine is a Linux laptop, and the other one a EC2 node running on AWS.
Both machines are running Linux but NetBird also works on Windows and MacOS.
1. Sign-up at [https://app.netbird.io/](https://app.netbird.io/)
You can use your Google, GitHub or Microsoft account.
![](/img/getting-started/auth.png)
2. After a successful login you will be redirected to the ```Peers``` screen which is empty because you don't have any peers yet.
Click ```Add peer``` to add a new machine.
![](/img/getting-started/empty-peers.png)
3. Choose your machine operating system (in our case it is ```Linux```) and proceed with the installation steps.
![](/img/getting-started/add-peer.png)
4. If you installed NetBird Desktop UI you can use it to connect to the network instead of running `netbird up` command. Look for `NetBird` in your application list, run it, and click `Connect`.
>
![](/img/getting-started/systray.png)
5. At this point a browser window pops up starting a device registration process. Click confirm and follow the steps if required.
![](/img/getting-started/device-confirmation.png)
6. On the EC2 node repeat the installation steps and run `netbird up` command.
```bash
sudo netbird up
```
7. Copy the verification URL from the terminal output and paste it in your browser. Repeat step #5
![](/img/getting-started/netbird-up.png)
8. Return to ```Peers``` and you should notice 2 new machines with status ```online```
![](/img/getting-started/peers.png)
9. To test the connection you could try pinging devices:
On your laptop:
```bash
ping 100.64.0.2
```
On the EC2 node:
```bash
ping 100.64.0.1
```
10. Done! You now have a secure peer-to-peer private network configured.
<br/>
- Make sure to [star us on GitHub](https://github.com/netbirdio/netbird)
- Follow us [on Twitter](https://twitter.com/netbird)
- Join our [Slack Channel](https://join.slack.com/t/wiretrustee/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A)
- NetBird release page on GitHub: [releases](https://github.com/netbirdio/netbird/releases/latest)

134
docs/getting-started/self-hosting.md Normal file
View File

@@ -0,0 +1,134 @@
---
sidebar_position: 2
---
# Self-hosting Guide
NetBird is open-source and can be self-hosted on your servers.
It relies on components developed by NetBird Authors [Management Service](https://github.com/netbirdio/netbird/tree/main/management), [Management UI Dashboard](https://github.com/netbirdio/dashboard), [Signal Service](https://github.com/netbirdio/netbird/tree/main/signal),
a 3rd party open-source STUN/TURN service [Coturn](https://github.com/coturn/coturn) and a 3rd party service [Auth0](https://auth0.com/).
:::info auth0
All the components can be self-hosted except for the Auth0 service.
This service offers excellent support for multiple features that we need, and it saved us lots of time.
We couldn't find any suitable open-source solution that would be a good combination of effort and benefit.
There is a free plan that can fulfill most of the personal use-cases.
There were a few discussions about alternatives on [GitHub](https://github.com/netbirdio/dashboard/issues/9).
We'd greatly appreciate any help on integrating one of the open-source Auth0 alternatives.
:::
If you would like to learn more about the architecture please refer to the [Architecture section](/overview/architecture).
### Requirements
- Virtual machine offered by any cloud provider (e.g., AWS, DigitalOcean, Hetzner, Google Cloud, Azure ...).
- Any Linux OS.
- Docker Compose installed (see [Install Docker Compose](https://docs.docker.com/compose/install/)).
- Domain name pointing to the public IP address of your server.
- Open ports ```443, 33071, 33073, 10000``` (Dashboard, Management HTTP API, Management gRpc API, Signal gRpc respectively) on your server.
- Coturn is used for relay using the STUN/TURN protocols. It requires a listening port, UDP 3478, and range of ports, UDP 49152-65535, for dynamic relay connections. These are set as defaults in setup file, but can be configured to your requirements.
- Maybe a cup of coffee or tea :)
### Step-by-step guide
For this tutorial we will be using domain ```demo.netbird.io``` which points to our Ubuntu 22.04 machine hosted at Hetzner.
1. Create Auth0 account at [auth0.com](https://auth0.com/).
2. Get latest released NetBird code:
```bash
#!/bin/bash
REPO="https://github.com/netbirdio/netbird/"
# this command will fetch the latest release e.g. v0.6.1
LATEST_TAG=$(basename $(curl -fs -o/dev/null -w %{redirect_url} ${REPO}releases/latest))
echo $LATEST_TAG
# this comman will clone the latest tag
git clone --depth 1 --branch $LATEST_TAG $REPO
```
and switch to the infra folder that contains docker-compose file:
```bash
cd netbird/infrastructure_files/
```
3. Prepare configuration files.
To simplify the setup we have prepared a script to substitute required properties in the [docker-compose.yml.tmpl](https://github.com/netbirdio/netbird/tree/main/infrastructure_files/docker-compose.yml.tmpl) and [management.json.tmpl](https://github.com/netbirdio/netbird/tree/main/infrastructure_files/management.json.tmpl) files.
The [setup.env](https://github.com/netbirdio/netbird/tree/main/infrastructure_files/setup.env) file contains multiple properties that have to be filled.
:::tip
You need to fill only the first 5 properties, the rest will be filled automatically at a later step.
:::
```bash
# Dashboard domain. e.g. app.mydomain.com
NETBIRD_DOMAIN=""
# e.g. dev-24vkclam.us.auth0.com
NETBIRD_AUTH0_DOMAIN=""
# e.g. 61u3JMXRO0oOevc7gCkZLCwePQvT4lL0
NETBIRD_AUTH0_CLIENT_ID=""
# e.g. https://app.mydomain.com/ or https://app.mydomain.com,
# Make sure you used the exact same value for Identifier
# you used when creating your Auth0 API
NETBIRD_AUTH0_AUDIENCE=""
# e.g. hello@mydomain.com
NETBIRD_LETSENCRYPT_EMAIL=""
```
Please follow the steps to get the values.
4. Set ```NETBIRD_DOMAIN``` to your domain, e.g. `demo.netbird.io`
5. Configure Auth0 ```NETBIRD_AUTH0_DOMAIN``` ```NETBIRD_AUTH0_CLIENT_ID``` properties.
* To obtain these, please use [Auth0 React SDK Guide](https://auth0.com/docs/quickstart/spa/react/01-login#configure-auth0) up until "Install the Auth0 React SDK".
> Use ```https://YOUR DOMAIN``` as ````Allowed Callback URLs````, ```Allowed Logout URLs```, ```Allowed Web Origins``` and ```Allowed Origins (CORS)```
* set the variables in the ```setup.env```
* Make sure that `Token Endpoint Authentication Method` is set to `None` in your Auth0 Default Application
6. Configure ```NETBIRD_AUTH0_AUDIENCE``` property.
* Check [Auth0 Create An API](https://auth0.com/docs/quickstart/backend/golang#create-an-api) section to obtain AuthAudience.
* set the property in the ```setup.env``` file.
7. Configure ```NETBIRD_LETSENCRYPT_EMAIL``` property.
This can be any email address. [Let's Encrypt](https://letsencrypt.org/) will create an account while generating a new certificate.
:::tip
Let's Encrypt will notify you via this email when certificates are about to expire. NetBird supports automatic renewal by default.
:::
8. Make sure all the required properties set in the ```setup.env``` file and run:
```bash
./configure.sh
```
This will export all the properties as environment variables and generate ```docker-compose.yml``` and ```management.json``` files substituting required variables.
9. Run docker compose:
```bash
docker-compose up -d
```
10. Optionally check the logs by running:
```bash
docker-compose logs signal
docker-compose logs management
docker-compose logs coturn
docker-compose logs dashboard
```
### Get in touch
Feel free to ping us on [Slack](https://join.slack.com/t/wiretrustee/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A) if you have any questions
- NetBird managed version: [https://app.netbird.io](https://app.netbird.io)
- Make sure to [star us on GitHub](https://github.com/netbirdio/netbird) :pray:
- Follow us [on Twitter](https://twitter.com/netbird)

23
docs/introduction.md Normal file
View File

@@ -0,0 +1,23 @@
---
id: introduction
slug: /
sidebar_position: 1
---
# Introduction
NetBird is a simple and fast alternative to corporate VPNs built on top of [WireGuard®](https://www.wireguard.com/) making it easy to create secure private networks for your organization or home.
NetBird can connect machines running anywhere in just a few clicks.
It requires near zero configuration effort leaving behind the hassle of opening ports, complex firewall rules, vpn gateways, and so forth.
:::tip open-source
NetBird is an **open-source** project.
Check it out on GitHub: **[https://github.com/netbirdio/netbird](https://github.com/netbirdio/netbird)**
:::
There is no centralized VPN server with NetBird - your computers, devices, machines, and servers connect to each other directly over a fast encrypted tunnel.
It literally takes less than 5 minutes to deploy a secure peer-to-peer VPN with NetBird. Check our [Quick Start Guide](/getting-started/quickstart) to get started.

36
docs/netbird-vs-traditional-vpn.md Normal file
View File

@@ -0,0 +1,36 @@
---
id: netbird-vs-traditional-vpn
title: NetBird vs. Traditional VPN
sidebar_position: 5
---
# NetBird vs. Traditional VPN
### Traditional VPN challenges
In the traditional VPN model, everything converges on a centralized, protected network where all the clients are connecting to a central VPN server.
An increasing amount of connections can easily overload the VPN server.
Even a short downtime of a server can cause expensive system disruptions, and a remote team's inability to work.
Centralized VPNs imply all the traffic going through the central server causing network delays and increased traffic usage.
Such systems require an experienced team to set up and maintain.
Configuring firewalls, setting up NATs, SSO integration, and managing access control lists can be a nightmare.
Traditional centralized VPNs are often compared to a [castle-and-moat](https://en.wikipedia.org/wiki/Moat) model
in which once accessed, user is trusted and can access critical infrastructure and resources without any restrictions.
### NetBird benefits
NetBird decentralizes networks using direct point-to-point connections, as opposed to traditional models.
Consequently, network performance is increased since traffic flows directly between the machines bypassing VPN servers or gateways.
To achieve this, NetBird client applications employ signalling servers to find other machines and negotiate connections.
These are similar to the signaling servers used in [WebRTC](https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/Signaling_and_video_calling#the_signaling_server)
Thanks to [NAT traversal techniques](https://en.wikipedia.org/wiki/NAT_traversal),
outlined in the [Why Wireguard with NetBird](/wireguard-plus-netbird) section,
NetBird installation doesn't require complex network and firewall configuration.
It just works, minimising the maintenance effort.
Finally, each machine or device in the NetBird network verifies incoming connections accepting only the trusted ones.
This is ensured by Wireguard's [Crypto Routing concept](https://www.wireguard.com/#cryptokey-routing).

4
docs/other/_category_.json Normal file
View File

@@ -0,0 +1,4 @@
{
"label": "Other",
"position": 5
}

222
docs/other/gsoc-2022.md Normal file
View File

@@ -0,0 +1,222 @@
---
sidebar_position: 1
---
# Google Summer of Code Ideas - 2022
This page lists the all project ideas for [Google Summer of Code 2022](https://summerofcode.withgoogle.com/).
We require all applicants to complete a [task](#task).
Join our [Slack channel](https://join.slack.com/t/wiretrustee/shared_invite/zt-vrahf41g-ik1v7fV8du6t0RwxSrJ96A) and talk to your potential mentors!
### Task
The goal of the task is to get familiar with the system by setting up a self-hosted version of Netbrid.
1. Carefully review projects' documentation.
2. Deploy a self-hosted version of NetBird.
3. Register at least 2 peers in the system (can be a laptop, server or even Raspberry PI).
:::tip multiple peers on a single machine
It is possible to set up multiple peers on the same machine. Find out how!
:::
4. Ping machines and make sure that they are reachable.
5. We might ask you to provide a generated [setup key](/overview/setup-keys) so that we could test your setup.
Please reach out to us with any questions. We believe you will have some! :)
In case this task seems to be difficult, no worries!
You could skip #1 and #2 starting with #3 using managed version of NetBird (https://app.netbird.io).
### Project Ideas
There are a few categories that our ideas fall into:
* **UI** - mostly around our Management service Dashboard ([Github repo](https://github.com/netbirdio/dashboard))
* **Client** - our client application ([Github Repo](https://github.com/netbirdio/netbird/tree/main/client))
* **Server** - our Management and Signal server applications ([Management Github Repo](https://github.com/netbirdio/netbird/tree/main/management) and [Signal Github Repo](https://github.com/netbirdio/netbird/tree/main/signal))
* **Portability** - ability to run client and server applications on different platforms (e.g. OpenWRT)
* **Infrastructure** - deployment, CI/CD, scaling, infrastructure as code improvements, etc.
* **Integrations** - integration between the project and different platforms, like CI/CD, Kubernetes or specific cloud providers.
### Idea: Make NetBird run on routers
:::note
OpenWrt is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices to route network traffic.
https://openwrt.org/
:::
NetBird runs on different platforms and can also be compiled to run on routers. For that, we are thinking to work on this support for the popular wireless router OpenWRT.
We are already building, but we lack packaging and repository for distribution and this is the main goal of this task.
> **Category:** Portability/Infrastructure
>
> **Goal:** Create OpenWRT package (ipk) for one of the popular routers. Setup CI/CD ipk build flow with Github Actions.
>
> **Skills:** Golang, Linux, bash, OpenWRT, cmake
>
> **Project Size:** 175 hours
>
> **Rating:** easy
>
> **Possible mentor:** [Maycon Santos](https://github.com/mlsmaycon)
>
> **Reference:** https://medium.com/@theshemul/make-golang-program-for-router-39bf18529b18
>
> **Reference:** https://openwrt.org/docs/guide-developer/packages
### Idea: Software Firewall with eBPF
:::note
eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in an operating system kernel.
https://ebpf.io/
:::
When running on machines NetBird client application tries to be as efficient as possible.
On Linux machines NetBird can use kernel modules like Wireguard and features like eBPF to be the most efficient.
Besides connectivity, NetBird can control access. Right now it is achieved on a connection level -
if a peer is in the allowed list, it can connect. If not, the connection is rejected.
It is more advantageous to work on a finer level - defining what packets to allow/block and on which ports.
For that eBPF can be integrated into the client application.
The flow could be the following: client receives rules from the Management service and creates ePBF.
> **Category:** Client/Server
>
> **Goal:** MVP of a eBPF port filtering on client applications (Linux)
>
> **Skills:** Golang, Linux
>
> **Project Size:** 350 hours
>
> **Rating:** hard
>
> **Possible mentor:** [Mikhail Bragin](https://github.com/braginini)
>
> **Reference:** https://ebpf.io/
### Idea: NetBird client running in the browser
:::note
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine.
Wasm is designed as a portable compilation target for programming languages, enabling deployment on the web for client
and server applications.
:::
NetBird requires a client application installed to connect machines to each other.
In some environments it might not be possible or forbidden to install applications.
But there always might be an option to run a browser!
The idea of this project is to make NetBird run in the browser using WASM and WebRTC.
A user would log in to the Management Dashboard and open a virtual terminal (e.g. https://xtermjs.org/).
Browser will then establish a connection to the network and user would be able to access remote servers.
> **Category:** UI/Client/Server
>
> **Goal:** Interactive console running in the browser establishing connection to the NetBird network.
>
> **Skills:** Golang, Linux, Javascript
>
> **Project Size:** 350 hours
>
> **Rating:** hard
>
> **Possible mentor:** [Mikhail Bragin](https://github.com/braginini) / [Maycon Santos](https://github.com/mlsmaycon)
>
> **Reference:** https://webassembly.org/
>
> **Reference:** https://webrtc.org/
>
> **Reference:** https://xtermjs.org/
### Idea: Integrate NetBird with Kubernetes
:::note
Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.
:::
Having a private Kubernetes cluster is a best practices that come with some connectivity challenges,
especially to operators and developers that need to access resources running within the cluster like services,
pods and the Kubernetes API.
The idea of this project is to integrate NetBird with Kubernetes by creating a controller that would add an agent
per cluster node and would handle the login process of the agent and store the states in form of Kubernetes secrets.
As Kubernetes is a cloud-native platform, you can imagine that are some caveats that we will have to deal with, like nodes being removed and added all the time,
different network controllers, and different cloud environments.
> **Category:** Client/Infrastructure/Integrations
>
> **Goal:** Integrate NetBird with Kubernetes for automatic provision of agents.
>
> **Skills:** Golang, Linux, Kubernetes API
>
> **Project Size:** 350 hours
>
> **Rating:** hard
>
> **Possible mentor:** [Maycon Santos](https://github.com/mlsmaycon), [Sang Woo Bae](https://github.com/shatoboar)
>
> **Reference:** https://kubernetes.io/
>
> **Reference:** https://kubernetes.io/docs/concepts/architecture/controller/
>
> **Reference:** https://kubernetes.io/blog/2021/06/21/writing-a-controller-for-pod-labels/
### Idea: NetBird Github Action
:::note
GitHub Actions makes it easy to automate all your software workflows, now with world-class CI/CD. Build, test, and deploy your code right from GitHub.
Make code reviews, branch management, and issue triaging work the way you want.
:::
We love Github Actions, because of its primary concept, Actions. They allow us to automate complex workflows and provide a simple interface
to be configured and executed before building or testing our code.
The idea of this project is to create a NetBird agent action, that would download and run an ephemeral agent on Github Actions workflows. The benefits of this
could be great as it would allow many users that rely on the public runners to access private resources, in a secure and dynamic way.
> **Category:** Server/Client/Integrations
>
> **Goal:** Create a NetBird Github Action.
>
> **Skills:** Golang, Bash, Javascript
>
> **Project Size:** 175 hours
>
> **Rating:** easy
>
> **Possible mentor:** [Maycon Santos](https://github.com/mlsmaycon)
>
> **Reference:** https://docs.github.com/en/actions
>
> **Reference:** https://docs.netbird.io/getting-started/quickstart
>
> **Reference:** https://docs.github.com/en/actions/creating-actions/about-custom-actions
### Idea: Mobile Client APPs
Nowadays people are always connected with mobile phones and very often they need to access remote resources with them.
The idea of this project is to create a NetBird mobile app for either Android or iOS that would follow one of the principles of our product, simplicity.
Initially we think to export our Go APIs using GoMobile that would help with a good chuck of the heavy lifting.
> **Category:** UI/Client/Portability
>
> **Goal:** Create a NetBird Mobile Client App.
>
> **Skills:** Golang, Java/Kotlin, XCode, Flutter+Dart
>
> **Project Size:** 350 hours
>
> **Rating:** hard
>
> **Possible mentor:** [Mikhail Bragin](https://github.com/braginini)
>
>
> **Reference:** https://github.com/golang/mobile
>
> **Reference:** https://medium.com/stack-me-up/meet-the-coolest-tech-marriage-flutter-go-369cf11367c9

4
docs/overview/_category_.json Normal file
View File

@@ -0,0 +1,4 @@
{
"label": "How NetBird Works",
"position": 2
}

105
docs/overview/acls.md Normal file
View File

@@ -0,0 +1,105 @@
---
sidebar_position: 4
---
# Access Control
NetBird allows administrators to restrict access to resources (peers) by creating access rules and
defining what peer groups are permitted to establish connections with one another.
## Introduction
A NetBird account comes with a `Default` rule that allows all peers of the account to connect to each other forming a full mesh network.
In most cases, this is the desired state for a small network or network that has low-security requirements.
When you need to restrict access to certain resources that belong to specific users or services within your organization, you can create rules that dictate who can access what.
Access control rules make use of groups to control connections between peers; these groups can be added as `Source` or `Destination` of a rule and will be evaluated when the Management service distributes the list of peers across your network.
## Concepts
### Groups
A NetBird group works and follows a similar concept to tags in other platforms; they are easily created and can be associated with peers and used in rules to control traffic within your network.
Some characteristics of groups:
- They are unique.
- One group can have multiple peers.
- Peers can belong to multiple groups.
- Rules can have multiple groups in their `Source` and `Destination` lists.
- They are created in the `Access Control` or `Peers` tabs.
- They can only be deleted via API.
- There is a default group called `All`.
### The All Group
The `All` group is a default group to which every peer in your network is automatically added to. This group cannot be modified or deleted.
### Rules
Rules are lists of `Source` and `Destination` groups of peers that can communicate with each other.
Rules are processed when the Management service distributes a network map to all peers of your account. Because you can only create ALLOW rules, there is no processing
order or priority, so the decision to distribute peer information is based on its association with a group belonging to an existing rule.
Currently, the communication between lists of groups in source and destination lists of a rule is bidirectional,
meaning that destinations can also initiate connections to a group of peers listed in the source field of the rule.
The behavior of a network without any rules is to deny traffic. No peers will be able to communicate with each other.
:::tip
If you need to allow peers from the same group to communicate with each other, just add the same group to the `Source` and `Destination` lists.
:::
### The Default Rule
The `Default` rule is created when you first create your account. This rule is very permissive because it allows communication between all peers in your network.
It uses the [`All`](#the-all-group) group as a source and destination. If you want to have better
control over your network, it is recommended that you delete this rule and create more restricted rules with custom groups.
:::tip
If you need to restrict communication within your network, you can create new rules and use different groups, and then remove the default rule to achieve the desired behavior.
:::
### Multiple Mesh Networks
As mentioned above, rules are bidirectional, which is basically the control of how your network will behave as a mesh network.
There is a `Default` rule, which configures a Default mesh connection between all peers of your network. With rules, you can define smaller mesh networks by grouping peers and adding these groups to `Source` and `Destination` lists.
## Managing Rules
### Creating Rules
After accessing the `Access Control` tab, you can click on the `Add Rule` button to create a new rule. This will open a screen
where you need to name the rule, set its status, and add groups to the source and destination lists.
<p align="center">
<img src="/docs/img/overview/create-rule.png" alt="high-level-dia" width="300" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>
If required, you can create new groups by simply entering new names in the input box for either source or destination lists.
<p align="center">
<img src="/docs/img/overview/create-group-in-rule.png" alt="high-level-dia" width="300" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>
Once you are done configuring the rule, click the `Create` button to save it. You will then see your new rule in the table.
<p align="center">
<img src="/docs/img/overview/new-rule-list.png" alt="high-level-dia" width="600" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>
:::caution Reminder
Because of its permissiveness, new rules will take effect once you remove the `Default` rule.
:::
#### Adding peers to groups
If you create a new group when defining a rule, you will need to associate peers with this group.
You can do it by accessing the `Peers` tab and clicking the `Groups` column of any peer you want to associate with the new group.
<p align="center">
<img src="/docs/img/overview/associate-peer-groups.png" alt="high-level-dia" width="300" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>
### Updating Rules
To update a rule, you can click on the rule's `Name` or on either `Sources` and `Destinations` columns. You could also click the menu
button of a rule and select `View`. This will open the same screen where you can update rule groups, description, or status.
### Disabling Rules
To disable a rule, you should follow the steps of [updating rules](#updating-rules) changing its status, and then click on Save.
### Deleting Rules
To delete a rule, you should click on the rule's menu and choose `Delete`. A confirmation window will pop up.
<p align="center">
<img src="/docs/img/overview/delete-rule-menu.png" alt="high-level-dia" width="600" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>
<p align="center">
<img src="/docs/img/overview/delete-rule-popup.png" alt="high-level-dia" width="300" style={{boxShadow: '0 4px 8px 0 rgba(0, 0, 0, 0.2), 0 6px 20px 0 rgba(0, 0, 0, 0.19)'}} />
</p>

123
docs/overview/architecture.md Normal file
View File

@@ -0,0 +1,123 @@
---
sidebar_position: 1
---
# Architecture
### Overview
NetBird is an open source platform consisting of a collection of components, responsible for handling peer-to-peer connections, tunneling, authentication, and network management (IPs, keys, ACLs, etc).
It uses open-source technologies like [WireGuard®](https://www.wireguard.com/), [Pion ICE (WebRTC)](https://github.com/pion/ice), [Coturn](https://github.com/coturn/coturn),
and [software](https://github.com/netbirdio/netbird) developed by NetBird authors to make secure private networks deployment and management simple.
NetBird relies on four components - **Client** application (or agent), **Management**, **Signal** and **Relay** services.
The combination of these elements ensures that direct point-to-point connections are established and only authenticated users (or machines) have access to the resources for which they are authorized.
A **Peer** is a machine or any device that is connected to the network.
It can be a Linux server running in the cloud or on-premises, a personal laptop, or even a Raspberry PI.
<p align="center">
<img src="/docs/img/architecture/high-level-dia.png" alt="high-level-dia" width="781"/>
</p>
With NetBird clients installed and authorized on the Management service, machines form a mesh network connecting to each other directly via an encrypted point-to-point Wireguard tunnel.
<p align="center">
<img src="/docs/img/architecture/mesh.png" alt="high-level-dia"/>
</p>
While it is possible to create a full mesh network, it might be not a desirable outcome. In this case, [ACLs](/overview/acls) can be utilized to limit the access to certain machines.
Let's now take a closer look at each of NetBird's components.
### Management Service
The Management service is the central coordination component for NetBird with a UI dashboard.
It keeps the network state, public Wireguard keys of the peers, authenticates and distributes network changes to peers.
The Management Service's responsibilities include:
* **Registering and authenticating new peers.** Every new machine has to register itself in the network in order to connect to other machines.
After installation, NetBird client requires login that can be done through Identity Provider (IDP) or with a [setup key](/overview/setup-keys).
* **Keeping the network map.** The Management service stores information about all the registered peers including Wireguard public key that was sent during the registration process.
* **Managing private IP addresses.** Each peer receives a unique private IP with which it can be identified in the network.
We use [Carrier Grade NAT](https://en.wikipedia.org/wiki/Carrier-grade_NAT) address space with an allocated address block <em>100.64.0.0/10</em>.
* **Synchronizing network changes to peers.** The Management Service keeps a control channel open to each peer sending network updates.
Whenever a new peer joins the network, all other peers that are authorized to connect to it receive an update.
After that, they are able to establish a connection to the new peer.
* **Creating and managing ACLs.** ACL is a list of peers that a given peer has access to. <em>Coming Soon</em>.
* **Managing private DNS.** [DNS](/overview/dns) allows referring to each of the peers with a fully qualified domain name (FQDN). <em>Coming Soon</em>.
* **Monitoring network activity.** <em>Coming Soon</em>.
* **Wireguard key rotation.** <em>Coming Soon</em>.
The Management service runs in the cloud NetBird-managed. It can also be self-hosted.
<p align="center">
<img src="/docs/img/architecture/management.png" alt="management-dia"/>
</p>
### Client Application
The NetBird Client application (or agent) is a software that is installed on your machines.
It is an entry point to you private network that makes it possible for machines to communicate with each other.
Once installed and registered, a machine becomes a peer in the network.
The Client's roles are the following:
* **Generating private and public Wireguard keys.** These keys are used for packet encryption between peers and for [Wireguard Cryptokey Routing](https://www.wireguard.com/#cryptokey-routing).
To accept the incoming connections, peers have to know each other, therefore, the generated public keys have to be pre-shared on the machines. The client application sends its public key to the Management service which then distributes it to the authorized peers.
* **Handling peer registration and authentication.** Each peer has to be authenticated and registered in the system. The client application requests a user to log in with an Identity Provider (IDP) or a [setup key](/overview/setup-keys) so that the peer can be associated with the organization's account.
* **Receiving network updates from the Management service.**
Each peer receives initial configuration and a list of peers with corresponding public keys and IP addresses so that it can establish a peer-to-peer connection.
* **Establishing peer-to-peer Wireguard connection.** To establish a connection with a remote peer, the Client first discovers the most suitable connection candidate, or simply address (IP:port) that other peer can use to connect to it.
Then sends it to the remote peer via Signal. This message is encrypted with the peer's private key and a public key of the remote peer.
The remote peer does the same and once the peers can reach each other, they establish an encrypted Wireguard tunnel.
:::important
The **private key**, generated by the Client, **never leaves the machine**, ensuring that only the machine that owns the key can decrypt traffic addressed to it.
:::
### Signal Service
The Signal Service or simply Signal is a lightweight piece of software that helps peers to negotiate direct connections.
It does not store any data and no traffic passes through it.
The only Signal's responsibility is:
* **Serve as a notification mechanism for peers.** Before a connection can be established, peers need to find each other and exchange the most suitable connection candidates.
This is done through Signal. After a connection has been established, Signal steps out.
<p align="center">
<img src="/docs/img/architecture/signal.png" alt="signal-dia"/>
</p>
:::important
Messages that are sent over Signal are **peer-to-peer encrypted**, so Signal can't see the contents.
:::
NetBird Signal is very similar to the signaling servers used in [WebRTC](https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/Signaling_and_video_calling#the_signaling_server).
It runs in the cloud NetBird-managed and can be self-hosted.
### Relay Service
The Relay service is a [TURN server](https://webrtc.org/getting-started/turn-server) in WebRTC terminology.
In fact, we use an open-source implementation called [Coturn](https://github.com/coturn/coturn).
The purpose of this service is to be a "plan B" and relay traffic between peers in case a peer-to-peer connection isn't possible.
<p align="center">
<img src="/docs/img/architecture/relay.png" alt="relay-dia"/>
</p>
:::important
Similar to Signal, traffic that flows through the Relay can't be decrypted due to the **Wireguard peer-to-peer encryption**.
:::
It runs in the cloud or can be self-hosted.
### STUN (NAT Traversal)

5
docs/overview/dns.md Normal file
View File

@@ -0,0 +1,5 @@
---
sidebar_position: 5
---
# Private DNS

26
docs/overview/general-flow.md Normal file
View File

@@ -0,0 +1,26 @@
---
sidebar_position: 2
---
# General Flow Overview
Below is a high level, step-by-step overview of the flow of communications within NetBird.
1. Administrator creates an account at [app.netbird.io](https://app.netbird.io/).
2. The system automatically generates a new network with an allocated address block <em>100.64.0.0/10</em>.
3. The system automatically generates 2 [setup keys](/overview/setup-keys) that can be used for authenticating new machines.
4. Administrator (or a user) installs NetBird client and runs ```netbird up``` command providing one of the setup keys.
5. NetBird client generates Wireguard private and public keys along with the initial configuration.
6. NetBird client sends a registration request to the NetBird Management service calling Login gRPC endpoint, providing setup key, Wireguard public key and additional information about the machine.
7. NetBird Management service checks the provided setup key, registers the machine and returns initial configuration to the NetBird client.
8. NetBird client receives initial configuration and starts the engine configuring Wireguard, connecting to the Signal Service channel, and the Management Service network updates channel.
9. NetBird client receives network map update from the Management Service that includes a list of peers/machines to connect to, and a private IP address.
10. For each peer NetBird client initiates a connection process by sending a connection offer message through the Signal service indicating its intent to connect, and a Wireguard public key.
11. If the client wasn't the initiator of the connection and receives an offer message, it checks whether the initiator is in the allowed peers list and sends an acknowledgement message through Signal.
12. Once the acknowledgement message has been received, NetBird Client (on both ends) starts a connection negotiation process using [Interactive Connectivity Establishment protocol (ICE)](https://datatracker.ietf.org/doc/html/rfc8445).
13. Once the direct connection between peers has been established successfully, NetBird Client starts proxying data to Wireguard.
14. In case a direct Wireguard connection is possible (e.g., peers are in the same network or one of the peers has a public IP), NetBird Client establishes a direct Wireguard connection avoiding proxy.
15. NetBird Client keeps a connection to the Management service receiving network updates such as new peers joining the network or peers deleted from the network.
16. When a new peer joins the network, the NetBird client receives an update and triggers connection (see #10).
17. When network administrator removes a peer, the NetBird client receives an update and removes the connection.

36
docs/overview/setup-keys.md Normal file
View File

@@ -0,0 +1,36 @@
---
sidebar_position: 3
---
# Setup Keys
Setup key is a pre-authentication key that allows to register new machines in your network.
It simply associates a machine with an account on a first run.
The setup key can be provided as a parameter to the ```netbird up``` command.
This makes it possible to run automated deployments with infrastructure-as-code software like Ansible, Cloudformation or Terraform.
```bash
sudo netbird up --setup-key <SETUP KEY>
```
### Types of Setup Keys
There are 2 types of setup keys:
* **One-off key**. This type of key can be used only once to authenticate a machine.
* **Reusable key**. This type of key can be used multiple times to authenticate machines.
### Using Setup Keys
Setup keys are available in the NetBird Management dashboard under the Setup Keys tab [https://app.netbird.io/setup-keys](https://app.netbird.io/setup-keys).
By default, we generate 2 setup keys right after account creation. You can easily add new or revoke keys.
![](/img/architecture/setup-keys.png)
:::tip revoking a key
When revoking a key, all machines authenticated with this key will remain connected in the network. The same logic applies when the key expires.
:::
### Expiration
Setup keys are set to expire after 30 days. When expired, the setup key can't be used anymore.

39
docs/wireguard-plus-netbird.md Normal file
View File

@@ -0,0 +1,39 @@
---
id: wireguard-plus-netbird
title: Why Wireguard with NetBird?
sidebar_position: 6
---
WireGuard is a modern and extremely fast VPN tunnel utilizing state-of-the-art [cryptography](https://www.wireguard.com/protocol/)
and NetBird uses Wireguard to establish a secure tunnel between machines.
Built with simplicity in mind, Wireguard ensures that traffic between two machines is encrypted and flowing, however, it requires a few things to be done beforehand.
First, in order to connect, the machines have to be configured.
On each machine, you need to generate private and public keys and prepare a WireGuard configuration file.
The configuration also includes a private IP address that should be unique per machine.
Secondly, to accept the incoming traffic, the machines have to trust each other.
The generated public keys have to be pre-shared on the machines.
This works similarly to SSH with its authorised_keys file.
Lastly, the connectivity between the machines has to be ensured.
To make machines reach one another, you are required to set a WireGuard endpoint property which indicates the IP address and port of the remote machine to connect to.
On many occasions, machines are hidden behind firewalls and NAT devices,
meaning that you may need to configure a port forwarding or open holes in your firewall to ensure the machines are reachable.
The undertakings mentioned above might not be complicated if you have just a few machines, but the complexity grows as the number of machines increases.
NetBird simplifies the setup by automatically generating private and public keys, assigning unique private IP addresses, and takes care of sharing public keys between the machines.
It is worth mentioning that the private key never leaves the machine.
So only the machine that owns the key can decrypt traffic addressed to it.
The same applies also to the relayed traffic mentioned below.
Furthermore, NetBird ensures connectivity by leveraging advanced [NAT traversal techniques](https://en.wikipedia.org/wiki/NAT_traversal)
and removing the necessity of port forwarding, opening holes in the firewall, and having a public static IP address.
In cases when a direct peer-to-peer connection isn't possible, all traffic is relayed securely between peers.
NetBird also monitors the connection health and restarts broken connections.
There are a few more things that we are working on to make secure private networks simple. A few examples are ACLs, MFA and activity monitoring.
Check out the WireGuard [Quick Start](https://www.wireguard.com/quickstart/) guide to learn more about configuring "plain" WireGuard without NetBird.

91
docusaurus.config.js Normal file
View File

@@ -0,0 +1,91 @@
// @ts-check
// Note: type annotations allow type checking and IDEs autocompletion
const lightCodeTheme = require('prism-react-renderer/themes/github');
const darkCodeTheme = require('prism-react-renderer/themes/dracula');
/** @type {import('@docusaurus/types').Config} */
const config = {
title: 'NetBird Documentation',
tagline: '',
url: 'https://netbird.io',
baseUrl: '/docs/',
onBrokenLinks: 'throw',
onBrokenMarkdownLinks: 'warn',
favicon: '/img/favicon.ico',
organizationName: 'netbirdio',
projectName: 'netbird',
presets: [
[
'@docusaurus/preset-classic',
({
docs: {
sidebarPath: require.resolve('./sidebars.js'),
routeBasePath: '/',
editUrl: 'https://github.com/netbirdio/docs/tree/main',
},
theme: {
customCss: require.resolve('./src/css/custom.css'),
},
googleAnalytics: {
trackingID: 'UA-188381981-2',
anonymizeIP: true,
},
})
],
],
themeConfig:
/** @type {import('@docusaurus/preset-classic').ThemeConfig} */
({
navbar: {
title: '',
logo: {
alt: 'netbird Logo',
src: '/img/logo.svg',
srcDark: '/img/logo-dark.svg',
href: '/',
},
items: [
{
to: 'https://netbird.io/',
label: 'Home',
position: 'right',
target: '_self'
}, // or position: 'right'
{
type: 'doc',
docId: 'introduction',
position: 'right',
label: 'Docs',
},
{
to: 'https://netbird.io/blog/',
label: 'Blog',
position: 'right',
target: '_self'
},
{
href: 'https://github.com/netbirdio/netbird',
label: 'GitHub',
position: 'right',
},
],
},
prism: {
theme: lightCodeTheme,
darkTheme: darkCodeTheme,
},
announcementBar: {
id: 'announcementBar-docs',
content:
'⭐ If you like NetBird, give it a star on <a target="_blank" rel="noopener noreferrer" href="https://github.com/netbirdio/netbird">GitHub</a></a>',
backgroundColor: '#e3e3e3',
textColor: '#091E42',
isCloseable: true,
},
}),
};
module.exports = config;

42
package.json Normal file
View File

@@ -0,0 +1,42 @@
{
"name": "wiretrustee-docs",
"version": "1.0.0",
"private": true,
"scripts": {
"docusaurus": "docusaurus",
"start": "docusaurus serve",
"dev": "docusaurus start --host 0.0.0.0",
"build": "docusaurus build",
"swizzle": "docusaurus swizzle",
"deploy": "docusaurus deploy",
"clear": "docusaurus clear",
"serve": "docusaurus serve",
"write-translations": "docusaurus write-translations",
"write-heading-ids": "docusaurus write-heading-ids"
},
"dependencies": {
"@docusaurus/core": "2.0.0-beta.20",
"@docusaurus/plugin-google-analytics": "^2.0.0-beta.21",
"@docusaurus/preset-classic": "2.0.0-beta.20",
"@mdx-js/react": "^1.6.21",
"@svgr/webpack": "^5.5.0",
"clsx": "^1.1.1",
"file-loader": "^6.2.0",
"prism-react-renderer": "^1.2.1",
"react": "^17.0.1",
"react-dom": "^17.0.1",
"url-loader": "^4.1.1"
},
"browserslist": {
"production": [
">0.5%",
"not dead",
"not op_mini all"
],
"development": [
"last 1 chrome version",
"last 1 firefox version",
"last 1 safari version"
]
}
}

31
sidebars.js Normal file
View File

@@ -0,0 +1,31 @@
/**
* Creating a sidebar enables you to:
- create an ordered group of docs
- render a sidebar for each doc of that group
- provide next/previous navigation
The sidebars can be generated from the filesystem, or explicitly defined here.
Create as many sidebars as you want.
*/
// @ts-check
/** @type {import('@docusaurus/plugin-content-docs').SidebarsConfig} */
const sidebars = {
// By default, Docusaurus generates a sidebar from the docs folder structure
tutorialSidebar: [{type: 'autogenerated', dirName: '.'}],
// But you can create a sidebar manually
/*
tutorialSidebar: [
{
type: 'category',
label: 'Tutorial',
items: ['hello'],
},
],
*/
};
module.exports = sidebars;

64
src/components/HomepageFeatures.js Normal file
View File

@@ -0,0 +1,64 @@
import React from 'react';
import clsx from 'clsx';
import styles from './HomepageFeatures.module.css';
const FeatureList = [
{
title: 'Easy to Use',
Svg: require('../../static/img/undraw_docusaurus_mountain.svg').default,
description: (
<>
Docusaurus was designed from the ground up to be easily installed and
used to get your website up and running quickly.
</>
),
},
{
title: 'Focus on What Matters',
Svg: require('../../static/img/undraw_docusaurus_tree.svg').default,
description: (
<>
Docusaurus lets you focus on your docs, and we&apos;ll do the chores. Go
ahead and move your docs into the <code>docs</code> directory.
</>
),
},
{
title: 'Powered by React',
Svg: require('../../static/img/undraw_docusaurus_react.svg').default,
description: (
<>
Extend or customize your website layout by reusing React. Docusaurus can
be extended while reusing the same header and footer.
</>
),
},
];
function Feature({Svg, title, description}) {
return (
<div className={clsx('col col--4')}>
<div className="text--center">
<Svg className={styles.featureSvg} alt={title} />
</div>
<div className="text--center padding-horiz--md">
<h3>{title}</h3>
<p>{description}</p>
</div>
</div>
);
}
export default function HomepageFeatures() {
return (
<section className={styles.features}>
<div className="container">
<div className="row">
{FeatureList.map((props, idx) => (
<Feature key={idx} {...props} />
))}
</div>
</div>
</section>
);
}

11
src/components/HomepageFeatures.module.css Normal file
View File

@@ -0,0 +1,11 @@
.features {
display: flex;
align-items: center;
padding: 2rem 0;
width: 100%;
}
.featureSvg {
height: 200px;
width: 200px;
}

55
src/css/custom.css Normal file
View File

@@ -0,0 +1,55 @@
/**
* Any CSS included here will be global. The classic template
* bundles Infima by default. Infima is a CSS framework designed to
* work well for content-centric websites.
*/
:root {
--site-primary-hue-saturation: 100%;
--ifm-color-primary: #2e2e2e;
--ifm-color-primary-dark: #585656;
--ifm-color-primary-darker: #535252;
--ifm-color-primary-darkest: #454343;
--ifm-color-primary-light: #6c6a6a;
--ifm-color-primary-lighter: #716e6e;
--ifm-color-primary-lightest: #7f7d7d;
}
.markdown {
--ifm-link-color: #0aa6c2;
}
.table-of-contents {
--ifm-color-primary: #0aa6c2;
}
.docusaurus-highlight-code-line {
background-color: rgba(0, 0, 0, 0.1);
display: block;
margin: 0 calc(-1 * var(--ifm-pre-padding));
padding: 0 var(--ifm-pre-padding);
}
html[data-theme='dark'] .docusaurus-highlight-code-line {
background-color: rgba(0, 0, 0, 0.3);
}
[data-theme='dark'] {
--ifm-color-primary: hsl(var(--site-primary-hue-saturation) 90%);
}
.videowrapper {
float: none;
clear: both;
width: 100%;
position: relative;
padding-bottom: 56.25%;
padding-top: 25px;
height: 0;
}
.videowrapper iframe {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
}

0
static/.nojekyll Normal file
View File

BIN
static/img/architecture/acls.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 130 KiB

BIN
static/img/architecture/high-level-dia.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
static/img/architecture/management.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 44 KiB

BIN
static/img/architecture/mesh.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 34 KiB

BIN
static/img/architecture/relay.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB

BIN
static/img/architecture/setup-keys.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 53 KiB

BIN
static/img/architecture/signal.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 43 KiB

BIN
static/img/examples/wiretrustee-on-aws-ecs.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 222 KiB

BIN
static/img/favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 104 KiB

BIN
static/img/getting-started/add-peer.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 81 KiB

BIN
static/img/getting-started/auth.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 37 KiB

BIN
static/img/getting-started/device-confirmation.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 94 KiB

BIN
static/img/getting-started/empty-peers.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
static/img/getting-started/high-level-dia.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 42 KiB

BIN
static/img/getting-started/logo-full.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
static/img/getting-started/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 10 KiB

BIN
static/img/getting-started/netbird-up.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

BIN
static/img/getting-started/peerA.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 409 KiB

BIN
static/img/getting-started/peerB.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 526 KiB

BIN
static/img/getting-started/peers.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 5.9 MiB

BIN
static/img/getting-started/peers.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 52 KiB

BIN
static/img/getting-started/systray.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 13 KiB

121
static/img/logo-dark.svg Normal file
View File

@@ -0,0 +1,121 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="500"
height="90"
viewBox="0 0 132.29167 23.812502"
version="1.1"
id="svg1203"
inkscape:version="1.1.1 (1:1.1+202109281944+c3084ef5ed)"
sodipodi:docname="logo-dark.svg"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<sodipodi:namedview
id="namedview1205"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0"
inkscape:pagecheckerboard="0"
inkscape:document-units="mm"
showgrid="false"
width="650px"
units="px"
inkscape:zoom="1.4289282"
inkscape:cx="334.86637"
inkscape:cy="27.993009"
inkscape:window-width="2560"
inkscape:window-height="1335"
inkscape:window-x="1920"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="layer1"
inkscape:snap-global="false" />
<defs
id="defs1200">
<inkscape:path-effect
effect="fillet_chamfer"
id="path-effect57379"
is_visible="true"
lpeversion="1"
satellites_param="F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1"
unit="px"
method="auto"
mode="F"
radius="17"
chamfer_steps="1"
flexible="false"
use_knot_distance="true"
apply_no_radius="true"
apply_with_radius="true"
only_selected="false"
hide_knots="false" />
</defs>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1">
<path
style="fill:#ffe6d5;stroke:none;stroke-width:1.4928;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
id="rect4955"
width="43"
height="18.151592"
x="87.122803"
y="2.9803145"
inkscape:export-filename="/home/braginini/Documents/projects/my/wiretrustee/wiretrustee.com-nextjs/public/brand-assets/logo.png"
inkscape:export-xdpi="100"
inkscape:export-ydpi="100"
sodipodi:type="rect"
d="m 91.620719,2.9803145 34.004171,0 a 4.4979167,4.4979167 45 0 1 4.49791,4.4979167 V 16.63399 a 4.4979167,4.4979167 135 0 1 -4.49791,4.497917 H 91.620719 A 4.4979167,4.4979167 45 0 1 87.122803,16.63399 V 7.4782312 a 4.4979167,4.4979167 135 0 1 4.497916,-4.4979167 z"
inkscape:path-effect="#path-effect57379" />
<text
xml:space="preserve"
style="font-size:10.9361px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;stroke-width:0.264583"
x="92.88604"
y="15.806503"
id="text3179"><tspan
sodipodi:role="line"
id="tspan3177"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:10.9361px;font-family:Poppins;-inkscape-font-specification:'Poppins Bold';fill:#fb923c;fill-opacity:1;stroke-width:0.264583"
x="92.88604"
y="15.806503">DOCS</tspan></text>
<text
xml:space="preserve"
style="font-size:16.9333px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#4d4d4d;stroke-width:0.0700042"
x="21.543421"
y="17.592438"
id="text1870"
inkscape:export-filename="/home/braginini/Downloads/netbird-logo-dark.png"
inkscape:export-xdpi="329.58896"
inkscape:export-ydpi="329.58896"><tspan
sodipodi:role="line"
id="tspan1868"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.9333px;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#e6e6e6;fill-opacity:1;stroke-width:0.0700042"
x="21.543421"
y="17.592438">netbird</tspan></text>
<g
id="g23427"
inkscape:export-filename="/home/braginini/Downloads/netbird-logo-dark.png"
inkscape:export-xdpi="329.58896"
inkscape:export-ydpi="329.58896"
style="font-size:16.9333px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#4d4d4d;stroke-width:0.264583"
transform="translate(-0.38486311,1.9008189)">
<path
d="m 15.348219,3.1412816 c -2.167926,0.2003778 -3.24418,1.4485057 -3.651956,2.078214 l -0.183409,0.3175001 c -0.01267,0.026458 -0.02096,0.044097 -0.02096,0.044097 l -0.0022,-0.00353 L 5.3599149,16.194095 H 13.003622 L 20.539697,3.1412816 h -5.191478"
style="fill:#f68330;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path30" />
<path
d="M 13.003622,16.194095 2.5842592,5.1401206 c 0,0 11.7850008,-3.1637113 12.9315288,6.7137144 l -2.512166,4.34026"
style="fill:#f68330;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path32" />
<path
d="m 11.460889,5.6273068 -3.1974364,5.5381882 4.7401694,5.0286 2.51079,-4.348409 C 15.117819,8.4488236 13.462092,6.5967402 11.460889,5.6273068"
style="fill:#f35e32;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path34" />
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 5.2 KiB

121
static/img/logo.svg Normal file
View File

@@ -0,0 +1,121 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="500"
height="90"
viewBox="0 0 132.29167 23.812502"
version="1.1"
id="svg1203"
inkscape:version="1.1.1 (1:1.1+202109281944+c3084ef5ed)"
sodipodi:docname="logo.svg"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg">
<sodipodi:namedview
id="namedview1205"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0"
inkscape:pagecheckerboard="0"
inkscape:document-units="mm"
showgrid="false"
width="650px"
units="px"
inkscape:zoom="1.4289282"
inkscape:cx="334.86637"
inkscape:cy="27.993009"
inkscape:window-width="2560"
inkscape:window-height="1335"
inkscape:window-x="1920"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="layer1"
inkscape:snap-global="false" />
<defs
id="defs1200">
<inkscape:path-effect
effect="fillet_chamfer"
id="path-effect57379"
is_visible="true"
lpeversion="1"
satellites_param="F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1 @ F,0,0,1,0,4.4979167,0,1"
unit="px"
method="auto"
mode="F"
radius="17"
chamfer_steps="1"
flexible="false"
use_knot_distance="true"
apply_no_radius="true"
apply_with_radius="true"
only_selected="false"
hide_knots="false" />
</defs>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1">
<path
style="fill:#ffe6d5;stroke:none;stroke-width:1.4928;stroke-linecap:round;stroke-linejoin:round;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
id="rect4955"
width="43"
height="18.151592"
x="87.122803"
y="2.9803145"
inkscape:export-filename="/home/braginini/Documents/projects/my/wiretrustee/wiretrustee.com-nextjs/public/brand-assets/logo.png"
inkscape:export-xdpi="100"
inkscape:export-ydpi="100"
sodipodi:type="rect"
d="m 91.620719,2.9803145 34.004171,0 a 4.4979167,4.4979167 45 0 1 4.49791,4.4979167 V 16.63399 a 4.4979167,4.4979167 135 0 1 -4.49791,4.497917 H 91.620719 A 4.4979167,4.4979167 45 0 1 87.122803,16.63399 V 7.4782312 a 4.4979167,4.4979167 135 0 1 4.497916,-4.4979167 z"
inkscape:path-effect="#path-effect57379" />
<text
xml:space="preserve"
style="font-size:10.9361px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;stroke-width:0.264583"
x="92.88604"
y="15.806503"
id="text3179"><tspan
sodipodi:role="line"
id="tspan3177"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:10.9361px;font-family:Poppins;-inkscape-font-specification:'Poppins Bold';fill:#fb923c;fill-opacity:1;stroke-width:0.264583"
x="92.88604"
y="15.806503">DOCS</tspan></text>
<text
xml:space="preserve"
style="font-size:16.9333px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#4d4d4d;stroke-width:0.0700042"
x="21.543421"
y="17.592438"
id="text1870"
inkscape:export-filename="/home/braginini/Downloads/netbird-logo-dark.png"
inkscape:export-xdpi="329.58896"
inkscape:export-ydpi="329.58896"><tspan
sodipodi:role="line"
id="tspan1868"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:16.9333px;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#4d4d4d;fill-opacity:1;stroke-width:0.0700042"
x="21.543421"
y="17.592438">netbird</tspan></text>
<g
id="g23427"
inkscape:export-filename="/home/braginini/Downloads/netbird-logo-dark.png"
inkscape:export-xdpi="329.58896"
inkscape:export-ydpi="329.58896"
style="font-size:16.9333px;line-height:1.25;font-family:Poppins;-inkscape-font-specification:Poppins;fill:#4d4d4d;stroke-width:0.264583"
transform="translate(-0.38486311,1.9008189)">
<path
d="m 15.348219,3.1412816 c -2.167926,0.2003778 -3.24418,1.4485057 -3.651956,2.078214 l -0.183409,0.3175001 c -0.01267,0.026458 -0.02096,0.044097 -0.02096,0.044097 l -0.0022,-0.00353 L 5.3599149,16.194095 H 13.003622 L 20.539697,3.1412816 h -5.191478"
style="fill:#f68330;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path30" />
<path
d="M 13.003622,16.194095 2.5842592,5.1401206 c 0,0 11.7850008,-3.1637113 12.9315288,6.7137144 l -2.512166,4.34026"
style="fill:#f68330;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path32" />
<path
d="m 11.460889,5.6273068 -3.1974364,5.5381882 4.7401694,5.0286 2.51079,-4.348409 C 15.117819,8.4488236 13.462092,6.5967402 11.460889,5.6273068"
style="fill:#f35e32;fill-opacity:1;fill-rule:nonzero;stroke:none;stroke-width:0.0093339"
id="path34" />
</g>
</g>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 5.2 KiB

BIN
static/img/overview/associate-peer-groups.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 66 KiB

BIN
static/img/overview/create-group-in-rule.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 36 KiB

BIN
static/img/overview/create-rule.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 124 KiB

BIN
static/img/overview/delete-rule-menu.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 101 KiB

BIN
static/img/overview/delete-rule-popup.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 KiB

BIN
static/img/overview/new-rule-list.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 137 KiB

8341
yarn.lock Normal file
View File

File diff suppressed because it is too large Load Diff