[misc, client, management] Replace Wiretrustee with Netbird (#3267)

2026-04-18 08:16:39 +00:00 · 2025-02-05 16:49:41 +01:00
parent 0125cd97d8
commit 97d498c59c
36 changed files with 679 additions and 681 deletions
--- a/management/client/client_test.go
+++ b/management/client/client_test.go
@@ -273,8 +273,8 @@ func TestClient_Sync(t *testing.T) {
 		if resp.GetPeerConfig() == nil {
 			t.Error("expecting non nil PeerConfig got nil")
 		}
-		if resp.GetWiretrusteeConfig() == nil {
-			t.Error("expecting non nil WiretrusteeConfig got nil")
+		if resp.GetNetbirdConfig() == nil {
+			t.Error("expecting non nil NetbirdConfig got nil")
 		}
 		if len(resp.GetRemotePeers()) != 1 {
 			t.Errorf("expecting RemotePeers size %d got %d", 1, len(resp.GetRemotePeers()))
@@ -366,15 +366,15 @@ func Test_SystemMetaDataFromClient(t *testing.T) {
 	}

 	expectedMeta := &mgmtProto.PeerSystemMeta{
-		Hostname:           info.Hostname,
-		GoOS:               info.GoOS,
-		Kernel:             info.Kernel,
-		Platform:           info.Platform,
-		OS:                 info.OS,
-		Core:               info.OSVersion,
-		OSVersion:          info.OSVersion,
-		WiretrusteeVersion: info.WiretrusteeVersion,
-		KernelVersion:      info.KernelVersion,
+		Hostname:       info.Hostname,
+		GoOS:           info.GoOS,
+		Kernel:         info.Kernel,
+		Platform:       info.Platform,
+		OS:             info.OS,
+		Core:           info.OSVersion,
+		OSVersion:      info.OSVersion,
+		NetbirdVersion: info.NetbirdVersion,
+		KernelVersion:  info.KernelVersion,

 		NetworkAddresses: protoNetAddr,
 		SysSerialNumber:  info.SystemSerialNumber,
@@ -417,7 +417,7 @@ func isEqual(a, b *mgmtProto.PeerSystemMeta) bool {
 		a.GetPlatform() == b.GetPlatform() &&
 		a.GetOS() == b.GetOS() &&
 		a.GetOSVersion() == b.GetOSVersion() &&
-		a.GetWiretrusteeVersion() == b.GetWiretrusteeVersion() &&
+		a.GetNetbirdVersion() == b.GetNetbirdVersion() &&
 		a.GetUiVersion() == b.GetUiVersion() &&
 		a.GetSysSerialNumber() == b.GetSysSerialNumber() &&
 		a.GetSysProductName() == b.GetSysProductName() &&
--- a/management/client/grpc.go
+++ b/management/client/grpc.go
@@ -521,20 +521,20 @@ func infoToMetaData(info *system.Info) *proto.PeerSystemMeta {
 	}

 	return &proto.PeerSystemMeta{
-		Hostname:           info.Hostname,
-		GoOS:               info.GoOS,
-		OS:                 info.OS,
-		Core:               info.OSVersion,
-		OSVersion:          info.OSVersion,
-		Platform:           info.Platform,
-		Kernel:             info.Kernel,
-		WiretrusteeVersion: info.WiretrusteeVersion,
-		UiVersion:          info.UIVersion,
-		KernelVersion:      info.KernelVersion,
-		NetworkAddresses:   addresses,
-		SysSerialNumber:    info.SystemSerialNumber,
-		SysManufacturer:    info.SystemManufacturer,
-		SysProductName:     info.SystemProductName,
+		Hostname:         info.Hostname,
+		GoOS:             info.GoOS,
+		OS:               info.OS,
+		Core:             info.OSVersion,
+		OSVersion:        info.OSVersion,
+		Platform:         info.Platform,
+		Kernel:           info.Kernel,
+		NetbirdVersion:   info.NetbirdVersion,
+		UiVersion:        info.UIVersion,
+		KernelVersion:    info.KernelVersion,
+		NetworkAddresses: addresses,
+		SysSerialNumber:  info.SystemSerialNumber,
+		SysManufacturer:  info.SystemManufacturer,
+		SysProductName:   info.SystemProductName,
 		Environment: &proto.Environment{
 			Cloud:    info.Environment.Cloud,
 			Platform: info.Environment.Platform,
--- a/management/proto/management.pb.go
+++ b/management/proto/management.pb.go
--- a/management/proto/management.proto
+++ b/management/proto/management.proto
@@ -52,7 +52,7 @@ message EncryptedMessage {

  // encrypted message Body
  bytes body = 2;
-  // Version of the Wiretrustee Management Service protocol
+  // Version of the Netbird Management Service protocol
  int32 version = 3;
 }

@@ -61,11 +61,11 @@ message SyncRequest {
  PeerSystemMeta meta = 1;
 }

-// SyncResponse represents a state that should be applied to the local peer (e.g. Wiretrustee servers config as well as local peer and remote peers configs)
+// SyncResponse represents a state that should be applied to the local peer (e.g. Netbird servers config as well as local peer and remote peers configs)
 message SyncResponse {

  // Global config
-  WiretrusteeConfig wiretrusteeConfig = 1;
+  NetbirdConfig netbirdConfig = 1;

  // Deprecated. Use NetworkMap.PeerConfig
  PeerConfig peerConfig = 2;
@@ -146,7 +146,7 @@ message PeerSystemMeta {
  string core = 4;
  string platform = 5;
  string OS = 6;
-  string wiretrusteeVersion = 7;
+  string netbirdVersion = 7;
  string uiVersion = 8;
  string kernelVersion = 9;
  string OSVersion = 10;
@@ -161,7 +161,7 @@ message PeerSystemMeta {

 message LoginResponse {
  // Global config
-  WiretrusteeConfig wiretrusteeConfig = 1;
+  NetbirdConfig netbirdConfig = 1;
  // Peer local config
  PeerConfig peerConfig = 2;
  // Posture checks to be evaluated by client
@@ -173,14 +173,14 @@ message ServerKeyResponse {
  string key = 1;
  // Key expiration timestamp after which the key should be fetched again by the client
  google.protobuf.Timestamp expiresAt = 2;
-  // Version of the Wiretrustee Management Service protocol
+  // Version of the Netbird Management Service protocol
  int32 version = 3;
 }

 message Empty {}

-// WiretrusteeConfig is a common configuration of any Wiretrustee peer. It contains STUN, TURN, Signal and Management servers configurations
-message WiretrusteeConfig {
+// NetbirdConfig is a common configuration of any Netbird peer. It contains STUN, TURN, Signal and Management servers configurations
+message NetbirdConfig {
  // a list of STUN servers
  repeated HostConfig stuns = 1;
  // a list of TURN servers
@@ -194,7 +194,7 @@ message WiretrusteeConfig {

 // HostConfig describes connection properties of some server (e.g. STUN, Signal, Management)
 message HostConfig {
-  // URI of the resource e.g. turns://stun.wiretrustee.com:4430 or signal.wiretrustee.com:10000
+  // URI of the resource e.g. turns://stun.netbird.io:4430 or signal.netbird.io:10000
  string uri = 1;
  Protocol protocol = 2;

@@ -224,9 +224,9 @@ message ProtectedHostConfig {
 // PeerConfig represents a configuration of a "our" peer.
 // The properties are used to configure local Wireguard
 message PeerConfig {
-  // Peer's virtual IP address within the Wiretrustee VPN (a Wireguard address config)
+  // Peer's virtual IP address within the Netbird VPN (a Wireguard address config)
  string  address = 1;
-  // Wiretrustee DNS server (a Wireguard DNS config)
+  // Netbird DNS server (a Wireguard DNS config)
  string dns = 2;

  // SSHConfig of the peer.
--- a/management/server/config.go
+++ b/management/server/config.go
@@ -106,10 +106,10 @@ type HttpServerConfig struct {
 	ExtraAuthAudience string
 }

-// Host represents a Wiretrustee host (e.g. STUN, TURN, Signal)
+// Host represents a Netbird host (e.g. STUN, TURN, Signal)
 type Host struct {
 	Proto Protocol
-	// URI e.g. turns://stun.wiretrustee.com:4430 or signal.wiretrustee.com:10000
+	// URI e.g. turns://stun.netbird.io:4430 or signal.netbird.io:10000
 	URI      string
 	Username string
 	Password string
--- a/management/server/grpcserver.go
+++ b/management/server/grpcserver.go
@@ -381,7 +381,7 @@ func extractPeerMeta(ctx context.Context, meta *proto.PeerSystemMeta) nbpeer.Pee
 		Platform:           meta.GetPlatform(),
 		OS:                 meta.GetOS(),
 		OSVersion:          osVersion,
-		WtVersion:          meta.GetWiretrusteeVersion(),
+		WtVersion:          meta.GetNetbirdVersion(),
 		UIVersion:          meta.GetUiVersion(),
 		KernelVersion:      meta.GetKernelVersion(),
 		NetworkAddresses:   networkAddresses,
@@ -489,9 +489,9 @@ func (s *GRPCServer) Login(ctx context.Context, req *proto.EncryptedMessage) (*p

 	// if peer has reached this point then it has logged in
 	loginResp := &proto.LoginResponse{
-		WiretrusteeConfig: toWiretrusteeConfig(s.config, nil, relayToken),
-		PeerConfig:        toPeerConfig(peer, netMap.Network, s.accountManager.GetDNSDomain(), false),
-		Checks:            toProtocolChecks(ctx, postureChecks),
+		NetbirdConfig: toNetbirdConfig(s.config, nil, relayToken),
+		PeerConfig:    toPeerConfig(peer, netMap.Network, s.accountManager.GetDNSDomain(), false),
+		Checks:        toProtocolChecks(ctx, postureChecks),
 	}
 	encryptedResp, err := encryption.EncryptMessage(peerKey, s.wgKey, loginResp)
 	if err != nil {
@@ -547,7 +547,7 @@ func ToResponseProto(configProto Protocol) proto.HostConfig_Protocol {
 	}
 }

-func toWiretrusteeConfig(config *Config, turnCredentials *Token, relayToken *Token) *proto.WiretrusteeConfig {
+func toNetbirdConfig(config *Config, turnCredentials *Token, relayToken *Token) *proto.NetbirdConfig {
 	if config == nil {
 		return nil
 	}
@@ -595,7 +595,7 @@ func toWiretrusteeConfig(config *Config, turnCredentials *Token, relayToken *Tok
 		}
 	}

-	return &proto.WiretrusteeConfig{
+	return &proto.NetbirdConfig{
 		Stuns: stuns,
 		Turns: turns,
 		Signal: &proto.HostConfig{
@@ -619,8 +619,8 @@ func toPeerConfig(peer *nbpeer.Peer, network *types.Network, dnsName string, dns

 func toSyncResponse(ctx context.Context, config *Config, peer *nbpeer.Peer, turnCredentials *Token, relayCredentials *Token, networkMap *types.NetworkMap, dnsName string, checks []*posture.Checks, dnsCache *DNSConfigCache, dnsResolutionOnRoutingPeerEnbled bool) *proto.SyncResponse {
 	response := &proto.SyncResponse{
-		WiretrusteeConfig: toWiretrusteeConfig(config, turnCredentials, relayCredentials),
-		PeerConfig:        toPeerConfig(peer, networkMap.Network, dnsName, dnsResolutionOnRoutingPeerEnbled),
+		NetbirdConfig: toNetbirdConfig(config, turnCredentials, relayCredentials),
+		PeerConfig:    toPeerConfig(peer, networkMap.Network, dnsName, dnsResolutionOnRoutingPeerEnbled),
 		NetworkMap: &proto.NetworkMap{
 			Serial:    networkMap.Network.CurrentSerial(),
 			Routes:    toProtocolRoutes(networkMap.Routes),
--- a/management/server/management_proto_test.go
+++ b/management/server/management_proto_test.go
@@ -94,7 +94,7 @@ func Test_SyncProtocol(t *testing.T) {
 	mgmtServer, _, mgmtAddr, cleanup, err := startManagementForTest(t, "testdata/store_with_expired_peers.sql", &Config{
 		Stuns: []*Host{{
 			Proto: "udp",
-			URI:   "stun:stun.wiretrustee.com:3468",
+			URI:   "stun:stun.netbird.io:3468",
 		}},
 		TURNConfig: &TURNConfig{
 			TimeBasedCredentials: false,
@@ -102,12 +102,12 @@ func Test_SyncProtocol(t *testing.T) {
 			Secret:               "whatever",
 			Turns: []*Host{{
 				Proto: "udp",
-				URI:   "turn:stun.wiretrustee.com:3468",
+				URI:   "turn:stun.netbird.io:3468",
 			}},
 		},
 		Signal: &Host{
 			Proto: "http",
-			URI:   "signal.wiretrustee.com:10000",
+			URI:   "signal.netbird.io:10000",
 		},
 		Datadir:    dir,
 		HttpConfig: nil,
@@ -173,64 +173,64 @@ func Test_SyncProtocol(t *testing.T) {
 		return
 	}

-	wiretrusteeConfig := syncResp.GetWiretrusteeConfig()
-	if wiretrusteeConfig == nil {
-		t.Fatal("expecting SyncResponse to have non-nil WiretrusteeConfig")
+	netbirdConfig := syncResp.GetNetbirdConfig()
+	if netbirdConfig == nil {
+		t.Fatal("expecting SyncResponse to have non-nil NetbirdConfig")
 	}

-	if wiretrusteeConfig.GetSignal() == nil {
-		t.Fatal("expecting SyncResponse to have WiretrusteeConfig with non-nil Signal config")
+	if netbirdConfig.GetSignal() == nil {
+		t.Fatal("expecting SyncResponse to have NetbirdConfig with non-nil Signal config")
 	}

 	expectedSignalConfig := &mgmtProto.HostConfig{
-		Uri:      "signal.wiretrustee.com:10000",
+		Uri:      "signal.netbird.io:10000",
 		Protocol: mgmtProto.HostConfig_HTTP,
 	}

-	if wiretrusteeConfig.GetSignal().GetUri() != expectedSignalConfig.GetUri() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected Signal URI: %v, actual: %v",
+	if netbirdConfig.GetSignal().GetUri() != expectedSignalConfig.GetUri() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected Signal URI: %v, actual: %v",
 			expectedSignalConfig.GetUri(),
-			wiretrusteeConfig.GetSignal().GetUri())
+			netbirdConfig.GetSignal().GetUri())
 	}

-	if wiretrusteeConfig.GetSignal().GetProtocol() != expectedSignalConfig.GetProtocol() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected Signal Protocol: %v, actual: %v",
+	if netbirdConfig.GetSignal().GetProtocol() != expectedSignalConfig.GetProtocol() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected Signal Protocol: %v, actual: %v",
 			expectedSignalConfig.GetProtocol().String(),
-			wiretrusteeConfig.GetSignal().GetProtocol())
+			netbirdConfig.GetSignal().GetProtocol())
 	}

 	expectedStunsConfig := &mgmtProto.HostConfig{
-		Uri:      "stun:stun.wiretrustee.com:3468",
+		Uri:      "stun:stun.netbird.io:3468",
 		Protocol: mgmtProto.HostConfig_UDP,
 	}

-	if wiretrusteeConfig.GetStuns()[0].GetUri() != expectedStunsConfig.GetUri() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected STUN URI: %v, actual: %v",
+	if netbirdConfig.GetStuns()[0].GetUri() != expectedStunsConfig.GetUri() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected STUN URI: %v, actual: %v",
 			expectedStunsConfig.GetUri(),
-			wiretrusteeConfig.GetStuns()[0].GetUri())
+			netbirdConfig.GetStuns()[0].GetUri())
 	}

-	if wiretrusteeConfig.GetStuns()[0].GetProtocol() != expectedStunsConfig.GetProtocol() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected STUN Protocol: %v, actual: %v",
+	if netbirdConfig.GetStuns()[0].GetProtocol() != expectedStunsConfig.GetProtocol() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected STUN Protocol: %v, actual: %v",
 			expectedStunsConfig.GetProtocol(),
-			wiretrusteeConfig.GetStuns()[0].GetProtocol())
+			netbirdConfig.GetStuns()[0].GetProtocol())
 	}

 	expectedTRUNHost := &mgmtProto.HostConfig{
-		Uri:      "turn:stun.wiretrustee.com:3468",
+		Uri:      "turn:stun.netbird.io:3468",
 		Protocol: mgmtProto.HostConfig_UDP,
 	}

-	if wiretrusteeConfig.GetTurns()[0].GetHostConfig().GetUri() != expectedTRUNHost.GetUri() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected TURN URI: %v, actual: %v",
+	if netbirdConfig.GetTurns()[0].GetHostConfig().GetUri() != expectedTRUNHost.GetUri() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected TURN URI: %v, actual: %v",
 			expectedTRUNHost.GetUri(),
-			wiretrusteeConfig.GetTurns()[0].GetHostConfig().GetUri())
+			netbirdConfig.GetTurns()[0].GetHostConfig().GetUri())
 	}

-	if wiretrusteeConfig.GetTurns()[0].GetHostConfig().GetProtocol() != expectedTRUNHost.GetProtocol() {
-		t.Fatalf("expecting SyncResponse to have WiretrusteeConfig with expected TURN Protocol: %v, actual: %v",
+	if netbirdConfig.GetTurns()[0].GetHostConfig().GetProtocol() != expectedTRUNHost.GetProtocol() {
+		t.Fatalf("expecting SyncResponse to have NetbirdConfig with expected TURN Protocol: %v, actual: %v",
 			expectedTRUNHost.GetProtocol().String(),
-			wiretrusteeConfig.GetTurns()[0].GetHostConfig().GetProtocol())
+			netbirdConfig.GetTurns()[0].GetHostConfig().GetProtocol())
 	}

 	// ensure backward compatibility
@@ -285,13 +285,13 @@ func loginPeerWithValidSetupKey(key wgtypes.Key, client mgmtProto.ManagementServ
 	}

 	meta := &mgmtProto.PeerSystemMeta{
-		Hostname:           key.PublicKey().String(),
-		GoOS:               runtime.GOOS,
-		OS:                 runtime.GOOS,
-		Core:               "core",
-		Platform:           "platform",
-		Kernel:             "kernel",
-		WiretrusteeVersion: "",
+		Hostname:       key.PublicKey().String(),
+		GoOS:           runtime.GOOS,
+		OS:             runtime.GOOS,
+		Core:           "core",
+		Platform:       "platform",
+		Kernel:         "kernel",
+		NetbirdVersion: "",
 	}
 	message, err := encryption.EncryptMessage(*serverKey, key, &mgmtProto.LoginRequest{SetupKey: TestValidSetupKey, Meta: meta})
 	if err != nil {
@@ -498,7 +498,7 @@ func testSyncStatusRace(t *testing.T) {
 	mgmtServer, am, mgmtAddr, cleanup, err := startManagementForTest(t, "testdata/store_with_expired_peers.sql", &Config{
 		Stuns: []*Host{{
 			Proto: "udp",
-			URI:   "stun:stun.wiretrustee.com:3468",
+			URI:   "stun:stun.netbird.io:3468",
 		}},
 		TURNConfig: &TURNConfig{
 			TimeBasedCredentials: false,
@@ -506,12 +506,12 @@ func testSyncStatusRace(t *testing.T) {
 			Secret:               "whatever",
 			Turns: []*Host{{
 				Proto: "udp",
-				URI:   "turn:stun.wiretrustee.com:3468",
+				URI:   "turn:stun.netbird.io:3468",
 			}},
 		},
 		Signal: &Host{
 			Proto: "http",
-			URI:   "signal.wiretrustee.com:10000",
+			URI:   "signal.netbird.io:10000",
 		},
 		Datadir:    dir,
 		HttpConfig: nil,
@@ -670,7 +670,7 @@ func Test_LoginPerformance(t *testing.T) {
 			mgmtServer, am, _, cleanup, err := startManagementForTest(t, "testdata/store_with_expired_peers.sql", &Config{
 				Stuns: []*Host{{
 					Proto: "udp",
-					URI:   "stun:stun.wiretrustee.com:3468",
+					URI:   "stun:stun.netbird.io:3468",
 				}},
 				TURNConfig: &TURNConfig{
 					TimeBasedCredentials: false,
@@ -678,12 +678,12 @@ func Test_LoginPerformance(t *testing.T) {
 					Secret:               "whatever",
 					Turns: []*Host{{
 						Proto: "udp",
-						URI:   "turn:stun.wiretrustee.com:3468",
+						URI:   "turn:stun.netbird.io:3468",
 					}},
 				},
 				Signal: &Host{
 					Proto: "http",
-					URI:   "signal.wiretrustee.com:10000",
+					URI:   "signal.netbird.io:10000",
 				},
 				Datadir:    dir,
 				HttpConfig: nil,
@@ -730,13 +730,13 @@ func Test_LoginPerformance(t *testing.T) {
 						}

 						meta := &mgmtProto.PeerSystemMeta{
-							Hostname:           key.PublicKey().String(),
-							GoOS:               runtime.GOOS,
-							OS:                 runtime.GOOS,
-							Core:               "core",
-							Platform:           "platform",
-							Kernel:             "kernel",
-							WiretrusteeVersion: "",
+							Hostname:       key.PublicKey().String(),
+							GoOS:           runtime.GOOS,
+							OS:             runtime.GOOS,
+							Core:           "core",
+							Platform:       "platform",
+							Kernel:         "kernel",
+							NetbirdVersion: "",
 						}

 						peerLogin := PeerLogin{
--- a/management/server/management_test.go
+++ b/management/server/management_test.go
@@ -47,7 +47,7 @@ var _ = Describe("Management service", func() {
 		level, _ := log.ParseLevel("Debug")
 		log.SetLevel(level)
 		var err error
-		dataDir, err = os.MkdirTemp("", "wiretrustee_mgmt_test_tmp_*")
+		dataDir, err = os.MkdirTemp("", "netbird_mgmt_test_tmp_*")
 		Expect(err).NotTo(HaveOccurred())

 		var listener net.Listener
@@ -109,23 +109,23 @@ var _ = Describe("Management service", func() {
 				Expect(err).NotTo(HaveOccurred())

 				expectedSignalConfig := &mgmtProto.HostConfig{
-					Uri:      "signal.wiretrustee.com:10000",
+					Uri:      "signal.netbird.io:10000",
 					Protocol: mgmtProto.HostConfig_HTTP,
 				}
 				expectedStunsConfig := &mgmtProto.HostConfig{
-					Uri:      "stun:stun.wiretrustee.com:3468",
+					Uri:      "stun:stun.netbird.io:3468",
 					Protocol: mgmtProto.HostConfig_UDP,
 				}
 				expectedTRUNHost := &mgmtProto.HostConfig{
-					Uri:      "turn:stun.wiretrustee.com:3468",
+					Uri:      "turn:stun.netbird.io:3468",
 					Protocol: mgmtProto.HostConfig_UDP,
 				}

-				Expect(resp.WiretrusteeConfig.Signal).To(BeEquivalentTo(expectedSignalConfig))
-				Expect(resp.WiretrusteeConfig.Stuns).To(ConsistOf(expectedStunsConfig))
+				Expect(resp.NetbirdConfig.Signal).To(BeEquivalentTo(expectedSignalConfig))
+				Expect(resp.NetbirdConfig.Stuns).To(ConsistOf(expectedStunsConfig))
 				// TURN validation is special because credentials are dynamically generated
-				Expect(resp.WiretrusteeConfig.Turns).To(HaveLen(1))
-				actualTURN := resp.WiretrusteeConfig.Turns[0]
+				Expect(resp.NetbirdConfig.Turns).To(HaveLen(1))
+				actualTURN := resp.NetbirdConfig.Turns[0]
 				Expect(len(actualTURN.User) > 0).To(BeTrue())
 				Expect(actualTURN.HostConfig).To(BeEquivalentTo(expectedTRUNHost))
 				Expect(len(resp.NetworkMap.OfflinePeers) == 0).To(BeTrue())
@@ -286,25 +286,25 @@ var _ = Describe("Management service", func() {
 				Expect(err).NotTo(HaveOccurred())

 				expectedSignalConfig := &mgmtProto.HostConfig{
-					Uri:      "signal.wiretrustee.com:10000",
+					Uri:      "signal.netbird.io:10000",
 					Protocol: mgmtProto.HostConfig_HTTP,
 				}
 				expectedStunsConfig := &mgmtProto.HostConfig{
-					Uri:      "stun:stun.wiretrustee.com:3468",
+					Uri:      "stun:stun.netbird.io:3468",
 					Protocol: mgmtProto.HostConfig_UDP,
 				}
 				expectedTurnsConfig := &mgmtProto.ProtectedHostConfig{
 					HostConfig: &mgmtProto.HostConfig{
-						Uri:      "turn:stun.wiretrustee.com:3468",
+						Uri:      "turn:stun.netbird.io:3468",
 						Protocol: mgmtProto.HostConfig_UDP,
 					},
 					User:     "some_user",
 					Password: "some_password",
 				}

-				Expect(decryptedResp.GetWiretrusteeConfig().Signal).To(BeEquivalentTo(expectedSignalConfig))
-				Expect(decryptedResp.GetWiretrusteeConfig().Stuns).To(ConsistOf(expectedStunsConfig))
-				Expect(decryptedResp.GetWiretrusteeConfig().Turns).To(ConsistOf(expectedTurnsConfig))
+				Expect(decryptedResp.GetNetbirdConfig().Signal).To(BeEquivalentTo(expectedSignalConfig))
+				Expect(decryptedResp.GetNetbirdConfig().Stuns).To(ConsistOf(expectedStunsConfig))
+				Expect(decryptedResp.GetNetbirdConfig().Turns).To(ConsistOf(expectedTurnsConfig))
 			})
 		})
 	})
@@ -449,13 +449,13 @@ func loginPeerWithValidSetupKey(serverPubKey wgtypes.Key, key wgtypes.Key, clien
 	defer GinkgoRecover()

 	meta := &mgmtProto.PeerSystemMeta{
-		Hostname:           key.PublicKey().String(),
-		GoOS:               runtime.GOOS,
-		OS:                 runtime.GOOS,
-		Core:               "core",
-		Platform:           "platform",
-		Kernel:             "kernel",
-		WiretrusteeVersion: "",
+		Hostname:       key.PublicKey().String(),
+		GoOS:           runtime.GOOS,
+		OS:             runtime.GOOS,
+		Core:           "core",
+		Platform:       "platform",
+		Kernel:         "kernel",
+		NetbirdVersion: "",
 	}
 	message, err := encryption.EncryptMessage(serverPubKey, key, &mgmtProto.LoginRequest{SetupKey: ValidSetupKey, Meta: meta})
 	Expect(err).NotTo(HaveOccurred())
--- a/management/server/peer_test.go
+++ b/management/server/peer_test.go
@@ -1099,13 +1099,13 @@ func TestToSyncResponse(t *testing.T) {
 	assert.Equal(t, "192.168.1.1/24", response.PeerConfig.Address)
 	assert.Equal(t, "peer1.example.com", response.PeerConfig.Fqdn)
 	assert.Equal(t, true, response.PeerConfig.SshConfig.SshEnabled)
-	// assert wiretrustee config
-	assert.Equal(t, "signal.uri", response.WiretrusteeConfig.Signal.Uri)
-	assert.Equal(t, proto.HostConfig_HTTPS, response.WiretrusteeConfig.Signal.GetProtocol())
-	assert.Equal(t, "stun.uri", response.WiretrusteeConfig.Stuns[0].Uri)
-	assert.Equal(t, "turn.uri", response.WiretrusteeConfig.Turns[0].HostConfig.GetUri())
-	assert.Equal(t, "turn-user", response.WiretrusteeConfig.Turns[0].User)
-	assert.Equal(t, "turn-pass", response.WiretrusteeConfig.Turns[0].Password)
+	// assert netbird config
+	assert.Equal(t, "signal.uri", response.NetbirdConfig.Signal.Uri)
+	assert.Equal(t, proto.HostConfig_HTTPS, response.NetbirdConfig.Signal.GetProtocol())
+	assert.Equal(t, "stun.uri", response.NetbirdConfig.Stuns[0].Uri)
+	assert.Equal(t, "turn.uri", response.NetbirdConfig.Turns[0].HostConfig.GetUri())
+	assert.Equal(t, "turn-user", response.NetbirdConfig.Turns[0].User)
+	assert.Equal(t, "turn-pass", response.NetbirdConfig.Turns[0].Password)
 	// assert RemotePeers
 	assert.Equal(t, 1, len(response.RemotePeers))
 	assert.Equal(t, "192.168.1.2/32", response.RemotePeers[0].AllowedIps[0])
--- a/management/server/testdata/management.json
+++ b/management/server/testdata/management.json
@@ -2,7 +2,7 @@
    "Stuns": [
        {
            "Proto": "udp",
-            "URI": "stun:stun.wiretrustee.com:3468",
+            "URI": "stun:stun.netbird.io:3468",
            "Username": "",
            "Password": null
        }
@@ -11,7 +11,7 @@
        "Turns": [
            {
                "Proto": "udp",
-                "URI": "turn:stun.wiretrustee.com:3468",
+                "URI": "turn:stun.netbird.io:3468",
                "Username": "some_user",
                "Password": "some_password"
            }
@@ -22,7 +22,7 @@
    },
    "Signal": {
        "Proto": "http",
-        "URI": "signal.wiretrustee.com:10000",
+        "URI": "signal.netbird.io:10000",
        "Username": "",
        "Password": null
    },
@@ -44,4 +44,4 @@
            "GrantType": "client_credentials"
        }
    }
-}
+}
--- a/management/server/token_mgr.go
+++ b/management/server/token_mgr.go
@@ -199,7 +199,7 @@ func (m *TimeBasedAuthSecretsManager) pushNewTURNAndRelayTokens(ctx context.Cont
 	}

 	update := &proto.SyncResponse{
-		WiretrusteeConfig: &proto.WiretrusteeConfig{
+		NetbirdConfig: &proto.NetbirdConfig{
 			Turns: turns,
 		},
 	}
@@ -208,7 +208,7 @@ func (m *TimeBasedAuthSecretsManager) pushNewTURNAndRelayTokens(ctx context.Cont
 	if m.relayCfg != nil {
 		token, err := m.GenerateRelayToken()
 		if err == nil {
-			update.WiretrusteeConfig.Relay = &proto.RelayConfig{
+			update.NetbirdConfig.Relay = &proto.RelayConfig{
 				Urls:           m.relayCfg.Addresses,
 				TokenPayload:   token.Payload,
 				TokenSignature: token.Signature,
@@ -228,7 +228,7 @@ func (m *TimeBasedAuthSecretsManager) pushNewRelayTokens(ctx context.Context, pe
 	}

 	update := &proto.SyncResponse{
-		WiretrusteeConfig: &proto.WiretrusteeConfig{
+		NetbirdConfig: &proto.NetbirdConfig{
 			Relay: &proto.RelayConfig{
 				Urls:           m.relayCfg.Addresses,
 				TokenPayload:   string(relayToken.Payload),
--- a/management/server/token_mgr_test.go
+++ b/management/server/token_mgr_test.go
@@ -18,7 +18,7 @@ import (

 var TurnTestHost = &Host{
 	Proto:    UDP,
-	URI:      "turn:turn.wiretrustee.com:77777",
+	URI:      "turn:turn.netbird.io:77777",
 	Username: "username",
 	Password: "",
 }
@@ -124,7 +124,7 @@ loop:
 	var firstRelayUpdate, secondRelayUpdate *proto.RelayConfig

 	for _, update := range updates {
-		if turns := update.Update.GetWiretrusteeConfig().GetTurns(); len(turns) > 0 {
+		if turns := update.Update.GetNetbirdConfig().GetTurns(); len(turns) > 0 {
 			turnUpdates++
 			if turnUpdates == 1 {
 				firstTurnUpdate = turns[0]
@@ -132,9 +132,9 @@ loop:
 				secondTurnUpdate = turns[0]
 			}
 		}
-		if relay := update.Update.GetWiretrusteeConfig().GetRelay(); relay != nil {
+		if relay := update.Update.GetNetbirdConfig().GetRelay(); relay != nil {
 			// avoid updating on turn updates since they also send relay credentials
-			if update.Update.GetWiretrusteeConfig().GetTurns() == nil {
+			if update.Update.GetNetbirdConfig().GetTurns() == nil {
 				relayUpdates++
 				if relayUpdates == 1 {
 					firstRelayUpdate = relay