Add all 5 system tray settings under Client > Settings: Allow SSH,
Block Inbound Connections, Connect on Startup, Enable Lazy Connections,
and Enable Quantum-Resistance. Allow SSH and Enable Lazy Connections
redirect to existing docs. Connect on Startup is a new page. Renames
Post-Quantum Cryptography heading to Enable Quantum-Resistance to match
the GUI label.
* added migration guide from external to embedded idp
* updated guide
* clarify issuer domain used
* improved docs structure and added clarifying notes
* updated guide to match latest binary
* link fixes and added extra psql instructions
* update versions properly
Add documentation for enabling the NetBird enterprise application in
Microsoft Entra ID, including finding the app by Application ID and
granting admin consent for the directory.
* Add backend service configuration guide for reverse proxy trusted proxies
Many self-hosted services (Jellyfin, Home Assistant, Nextcloud, Plex)
require a "trusted proxies" or "known hosts" setting when behind a
reverse proxy. With NetBird, the proxy's IP is a dynamic NetBird IP
from 100.64.0.0/10 that can change on restart, so hardcoding it breaks.
This adds a new doc page with the recommended solution (trust the full
CGNAT range), per-service config examples, Docker bridge network
guidance, and a warning on the reverse proxy overview page.
* Update service-configuration.mdx and move/add images
* Fixing typos
---------
Co-authored-by: Brandon Hopkins <brandon@techhut.tv>
- Create Internal DNS Servers page consolidating nameserver configuration,
private DNS routing, and Active Directory guidance
- Trim DNS Overview, DNS Settings removing duplicated and filler content
- Merge Configuring Nameservers page into Internal DNS Servers
- Replace Quickstart and Configuring Nameservers pages with redirects
- Update navigation sidebar and all internal links
* Add Block Inbound Connections documentation to Client settings
Document the previously undocumented "Block Inbound Connections" client
setting (introduced in v0.46.0). Adds a dedicated feature page under
Client > Settings, updates the sidebar navigation, and adds the
--block-inbound flag to the CLI reference.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Move Post-Quantum Cryptography to Client settings and add systray notes
Move the Rosenpass/post-quantum cryptography page from manage/integrations/
to client/ under the new Settings section. Add redirects for the old URL.
Also add systray toggle instructions to both the Quantum-Resistance and
Lazy Connections pages.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Rename post-quantum cryptography page and fix hydration error
Drop the "Enable" prefix from the page title and filename for a cleaner
topic name. Update redirects and navigation. Fix hydration mismatch
caused by a <div> (Button component) nested inside a <p> tag.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* Reverse Proxy Doc Amendments
- update custom domains page to more closely reflect wording in the UI, added screenshots
- add warning to index page that reverse proxy feature does not currently work with pre-shared keys/rosenpass
* Update navigation order (move reverse proxy below network routes)
* update migration guide to mention the need for TWO cname records (proxy and proxy wildcard)
* Streamlined site-to-site docs in new dedicated section. Removed old use-case guide and added redirects
* restructure use-cases, move network use cases to network sections
* Reorganize network routes and networks documentation structure
- Restructure use cases into by-scenario and by-configuration folders
- Reorganize images to match new doc structure (concepts, by-scenario, by-resource-type)
- Add screenshots for site-to-site guides (home, office, cloud)
- Add policy screenshots for networks use cases
- Update site-to-site docs to use two separate policies instead of bidirectional
- Fix Access Control Groups to use correct destination groups
- Move "Self-Hosted vs Cloud" page to about section
- Update navigation and add redirects for moved pages
- Add CLAUDE.md for Claude Code guidance
* cleaned up network docs/image folder structure
* Align site-to-site use case links and redirects
Co-authored-by: Cursor <cursoragent@cursor.com>
* Update CLAUDE.md with accurate project details
Fix Next.js version (14 → 16), add React 19/Tailwind/Pages Router
details, document MDX page conventions, image paths, and note
absence of test suite.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix broken images and hydration error on networks page
- Restore 6 network index images accidentally deleted in 4116092
- Fix keycloak image filename typo (keycloack -> keycloak)
- Fix hydration mismatch by replacing invalid <p><div> nesting with <div>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Fix 4 broken internal links found in PR review
- Fix missing by-scenario/ segment in site-to-site-home and
site-to-site-office Tile hrefs (network-routes use-cases index)
- Fix lazy-connections typo to lazy-connection (implement-zero-trust)
- Update stale redirect link to direct path for access-control
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Jack Carter <128555021+SunsetDrifter@users.noreply.github.com>
Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* docs: add Zero Trust implementation guide
* minor text and formatting fixes
* various improvements to the zero trust guide
* Added links to other relevant docs pages
* docs: improve Zero Trust implementation guide
- Add guide to navigation menu
- Rewrite section 5.2 on routing peer traffic direction for clarity
- Add documentation links throughout (Networks, Access Control, DNS,
Control Center, Setup Keys, IdP sync, Traffic Events, Event Streaming)
- Add internal section and appendix cross-references
- Remove "Subject" terminology, replace with "source groups" and
clearer user/peer terminology
- Expand acronyms on first use (IdP, SSO, MFA, SIEM, CIDR, VPC, etc.)
- Add explanations for technical concepts (masquerading, overlay networks,
NAT traversal, protocols, ports)
- Enhance firewall rules section with service explanations and FAQ link
- Improve worked examples with port and protocol context
- Add command-line tool explanations for troubleshooting
- Make guide more accessible for junior network admins and students
* Minor changes and adjustments.
* Add various diagrams
* Add dashboard settings best practices section
* Improve zero trust guide with MDX components, examples, and clarity
- Add Note/Warning MDX components replacing markdown blockquotes
- Add TURN service rules to firewall configuration section
- Add JSON API example for policy creation
- Improve three-tier app diagram with box-drawing characters
- Add Networks vs legacy Network Routes warning for Zero Trust
- Add CIDR posture check limitation note (iOS/Android unsupported)
- Add DNS forwarder port change note (v0.59.0+)
- Add lazy connections feature limitations and version requirements
- Add Users view to Control Center documentation
- Convert verification checklists to Note components
- Fix grammar throughout (serial commas, hyphenation consistency)
- Improve term definitions and service descriptions
* Update zero trust guide to enhance clarity and provide outbound port references
- Replace detailed outbound allowlist rules with links to FAQ and self-hosted guide for port requirements
- Minor adjustments to lazy connections feature description for consistency
---------
Co-authored-by: Brandon Hopkins <76761586+TechHutTV@users.noreply.github.com>
Co-authored-by: Ashley Mensah <ashleyamo982@gmail.com>
Adds a comprehensive reference page for all environment variables used
when self-hosting NetBird, covering Management Server, Signal Server,
Relay Server, Dashboard, and Coturn services. Focuses on the new
embedded identity provider approach, removing deprecated external IDP
configuration variables.
* Add Automatic Updates Documentation
* Add more information and version notes
* Update
* Set version
---------
Co-authored-by: Zoltán Papp <zoltan.pmail@gmail.com>
* docs: Restructure and improve DNS documentation
Reorganizes DNS docs into overview, configuration, settings, and troubleshooting
guides with clearer explanations and UI-aligned terminology
* amendments from Vik's feedback
* clarified IP assignment range
* remove incorrect common mistake note
* - added diagrams
- renamed dns overview.mdx to index.mdx
- updated references/redirects
- created new spacer div class
---------
Co-authored-by: Ashley Mensah <ashley@netbird.io>
* Refactor installation documentation and navigation structure
- Updated the NavigationDocs component to reorganize installation links for NetBird, separating platforms into distinct sections for better clarity.
- Added new installation options for Raspberry Pi and Proxmox VE, enhancing the documentation for additional platforms.
- Improved the installation index page to include a dedicated section for additional platforms, ensuring users can easily find relevant installation instructions.
* Moved info from KH
* Enhance Proxmox VE installation documentation
- Added an introduction to Proxmox VE, explaining its features and suitability for running NetBird.
- Included detailed steps for downloading a container template, emphasizing popular Linux distributions.
- Added a video tutorial section and links to additional resources for setting up Proxmox with NetBird.
* Update NavigationDocscs
* Added <div className="videowrapper">
* Update TUN passthrough instructions for clarity
Clarify instructions for enabling /dev/tun passthrough in Proxmox VE.
* Refactor NavigationDocs component and update documentation structure
- Improved formatting and organization of the NavigationDocs component for better readability.
- Updated the docsNavigation structure to include detailed sections for managing peers, access control, networks, and integrations.
- Removed the identity providers documentation file as part of the restructuring effort.
- Enhanced the overall navigation experience by ensuring all links are properly formatted and accessible.
* Update NavigationDocs to include new SSO links and remove outdated documentation
- Added links for Authentik, Keycloak, Auth0, and JumpCloud under the Single Sign-On section in NavigationDocs.
- Removed the single-sign-on.mdx file as part of the documentation cleanup effort.
* Add more info about self-hosted IdP support
* Update Single Sign-On documentation and NavigationDocs
- Updated titles and added introductory text for Auth0, Authentik, JumpCloud, and Keycloak pages to clarify their use as Identity Providers with NetBird.
- Commented out the links section in NavigationDocs for Single Sign-On to reflect the current documentation state. Didn't make sense to have those and didn't want to confuse people thinking those are the only supported providers.
- Enhanced the index page to include detailed descriptions and setup buttons for Okta ans each OIDC Identity Provider.
* Update paths in structure and documentation for Auth0, Authentik, Keycloak, Microsoft Entra ID, Google Workspace, and JumpCloud. This cleanup enhances clarity and ensures all references point to the correct resources.
---------
Co-authored-by: braginini <bangvalo@gmail.com>
* - Seperated Android and iOS install pages
- Added detailed setup guide for Android, Android TV
* updated image alt tags
* removed dead links, tv.mdx
* redirect old mobile page to install index page
---------
Authored-by: Ashley Mensah <ashley@netbird.io>
- Replaced motion.header with a standard header in Layout component.
- Removed layout props from motion elements in NavigationAPI and NavigationDocs components for improved performance and clarity.
- Updated AnnouncementBannerProvider to make the banner always visible, removing scroll-based hiding logic.
