sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-18 00:06:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,537 Commits 364 Branches 321 Tags
1d8390b935a7ce9e7280ac45752eacc541beeb0f
Commit Graph

2537 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alisdair MacLeod
1d8390b935 refactor layout and structure 2026-01-26 09:28:46 +00:00
pascal
2851e38a1f add management API to store 2026-01-16 16:16:29 +01:00
pascal
51261fe7a9 proxy service proto 2026-01-16 14:48:33 +01:00
pascal
304321d019 put grpc endpoint on management and send test exposed service 2026-01-16 14:24:39 +01:00
pascal
f8c3295645 Merge branch 'main' into prototype/reverse-proxy 2026-01-16 13:07:52 +01:00
Misha Bragin
1ff7abe909 [management, client] Fix SSH server audience validator (#5105) 
* **New Features**
  * SSH server JWT validation now accepts multiple audiences with backward-compatible handling of the previous single-audience setting and a guard ensuring at least one audience is configured.
* **Tests**
  * Test suites updated and new tests added to cover multiple-audience scenarios and compatibility with existing behavior.
* **Other**
  * Startup logging enhanced to report configured audiences for JWT auth.
 2026-01-16 12:28:17 +01:00
pascal
183619d1e1 cleanup 2026-01-16 12:01:52 +01:00
Bethuel Mmbaga
067c77e49e [management] Add custom dns zones (#4849) 2026-01-16 12:12:05 +03:00
pascal
3b832d1f21 discard client logs 2026-01-15 17:59:07 +01:00
pascal
fcb849698f add cert manager with self signed cert support 2026-01-15 17:54:16 +01:00
Maycon Santos
291e640b28 [client] Change priority between local and dns route handlers (#5106) 
* Change priority between local and dns route handlers

* update priority tests
 2026-01-15 17:30:10 +01:00
pascal
7527e0ebdb use embedded netbird agent for tunneling 2026-01-15 17:03:27 +01:00
Pascal Fischer
efb954b7d6 [management] adapt ratelimiting (#5080) 2026-01-15 16:39:14 +01:00
pascal
ed5f98da5b cleanup 2026-01-15 14:54:33 +01:00
pascal
12b38e25da using go http reverseproxy with OIDC auth 2026-01-14 23:53:55 +01:00
pascal
626e892e3b trying embedded caddy reverse proxy 2026-01-14 17:16:42 +01:00
Vlad
cac9326d3d [management] fetch all users data from external cache in one request (#5104) 
---------

Co-authored-by: pascal <pascal@netbird.io>
 2026-01-14 17:09:17 +01:00
Viktor Liu
520d9c66cf [client] Fix netstack upstream dns and add wasm debug methods (#4648) 2026-01-14 13:56:16 +01:00
Misha Bragin
ff10498a8b Feature/embedded STUN (#5062) 2026-01-14 13:13:30 +01:00
Zoltan Papp
00b747ad5d Handle fallback for invalid loginuid in ui-post-install.sh. (#5099) 2026-01-14 09:53:14 +01:00
Zoltan Papp
d9118eb239 [client] Fix WASM peer connection to lazy peers (#5097) 
WASM peers now properly initiate relay connections instead of waiting for offers that lazy peers won't send.
 2026-01-13 13:33:15 +01:00
Nima Sadeghifard
94de656fae [misc] Add hiring announcement with link to careers.netbird.io (#5095) 2026-01-12 19:06:28 +01:00
Misha Bragin
37abab8b69 [management] Check config compatibility (#5087) 
* Enforce HttpConfig overwrite when embeddedIdp is enabled

* Disable offline_access scope in dashboard by default

* Add group propagation foundation to embedded idp

* Require groups scope in dex config for okt and pocket

* remove offline_access from device default scopes
 2026-01-12 17:09:03 +01:00
Viktor Liu
b12c084a50 [client] Fall through dns chain for custom dns zones (#5081) 2026-01-12 13:56:39 +01:00
Viktor Liu
394ad19507 [client] Chase CNAMEs in local resolver to ensure musl compatibility (#5046) 2026-01-12 12:35:38 +01:00
Misha Bragin
614e7d5b90 Validate OIDC issuer when creating or updating (#5074) v0.62.2 2026-01-09 09:45:43 -05:00
Misha Bragin
f7967f9ae3 Feature/resolve local jwks keys (#5073) 2026-01-09 09:41:27 -05:00
Vlad
684fc0d2a2 [management] fix the issue with duplicated peers with the same key (#5053) 2026-01-09 11:49:26 +01:00
Viktor Liu
0ad0c81899 [client] Reorder userspace ACL checks to fail faster for better performance (#4226) 2026-01-09 09:13:04 +01:00
Viktor Liu
e8863fbb55 [client] Add non-root ICMP support to userspace firewall forwarder (#4792) 2026-01-09 02:53:37 +08:00
Zoltan Papp
9c9d8e17d7 Revert "Revert "[relay] Update GO version and QUIC version (#4736)" (#5055)" (#5071) 
This reverts commit 24df442198.
 2026-01-08 18:58:22 +01:00
Diego Noguês
fb71b0d04b [infrastructure] fix: disable Caddy debug (#5067) v0.62.1 2026-01-08 12:49:45 +01:00
Maycon Santos
ab7d6b2196 [misc] add new getting started to release (#5057) 2026-01-08 12:12:50 +01:00
Maycon Santos
9c5b2575e3 [misc] add embedded provider support metrics 
count local vs idp users if embedded
 2026-01-08 12:12:19 +01:00
Bethuel Mmbaga
00e2689ffb [management] Fix race condition in experimental network map when deleting account (#5064) 2026-01-08 14:10:09 +03:00
Misha Bragin
cf535f8c61 [management] Fix role change in transaction and update readme (#5060) 2026-01-08 12:07:59 +01:00
Maycon Santos
24df442198 Revert "[relay] Update GO version and QUIC version (#4736)" (#5055) 
This reverts commit 8722b79799.
v0.62.0 		2026-01-07 19:02:20 +01:00
Zoltan Papp
8722b79799 [relay] Update GO version and QUIC version (#4736) 
- Go 1.25.5
- QUIC 0.55.0
 2026-01-07 16:30:29 +01:00
Vlad
afcdef6121 [management] add ssh authorized users to network map cache (#5048) 2026-01-07 15:53:18 +01:00
Zoltan Papp
12a7fa24d7 Add support for disabling eBPF WireGuard proxy via environment variable (#5047) 2026-01-07 15:34:52 +01:00
Zoltan Papp
6ff9aa0366 Refactor SSH server to manage listener lifecycle and expose active address via Addr method. (#5036) 2026-01-07 15:34:26 +01:00
Misha Bragin
e586c20e36 [management, infrastructure, idp] Simplified IdP Management - Embedded IdP (#5008) 
Embed Dex as a built-in IdP to simplify self-hosting setup.
Adds an embedded OIDC Identity Provider (Dex) with local user management and optional external IdP connectors (Google/GitHub/OIDC/SAML), plus device-auth flow for CLI login. Introduces instance onboarding/setup endpoints (including owner creation), field-level encryption for sensitive user data, a streamlined self-hosting provisioning script, and expanded APIs + test coverage for IdP management.

more at https://github.com/netbirdio/netbird/pull/5008#issuecomment-3718987393
 2026-01-07 14:52:32 +01:00
Pascal Fischer
5393ad948f [management] fix nil handling for extra settings (#5049) 2026-01-07 13:05:39 +01:00
Bethuel Mmbaga
20d6beff1b [management] Increment network serial on peer update (#5051) 
Increment the serial on peer update and prevent double serial increments and account updates when updating a user while there are peers set to expire
 2026-01-07 14:59:49 +03:00
Bethuel Mmbaga
d35b7d675c [management] Refactor integrated peer deletion (#5042) 2026-01-07 14:00:39 +03:00
Viktor Liu
f012fb8592 [client] Add port forwarding to ssh proxy (#5031) 
* Implement port forwarding for the ssh proxy

* Allow user switching for port forwarding
 2026-01-07 12:18:04 +08:00
Vlad
7142d45ef3 [management] network map builder concurrent batch processing for peer updates (#5040) 2026-01-06 19:25:55 +01:00
Dennis Schridde
9bd578d4ea Fix ui-post-install.sh to use the full username (#4809) 
Fixes #4808 by extracting the full username by:

- Get PID using pgrep
- Get UID from PID using /proc/${PID}/loginuid
- Get user name from UID using id
Also replaces "complex" pipe from ps to sed with a (hopefully) "simpler" (as in requiring less knowledge about the arguments of ps and regexps) invocation of cat and id.
 2026-01-06 11:36:19 +01:00
Pascal Fischer
f022e34287 [shared] allow setting a user agent for the rest client (#5037) 2026-01-06 10:52:36 +01:00
Bethuel Mmbaga
7bb4fc3450 [management] Refactor integrated peer validator (#5035) 2026-01-05 20:55:22 +03:00