Skip to main content

Netbird (VPN IT Infrastructure mit Wireguard und authentik)

Dieses Tutorial funktioniert noch nicht zu 100%. Ich bleibe immer bei netbird.domain.de/peers mit Ladeloop hängen

https://github.com/netbirdio/netbird/issues/3110 Client failed to connect to Self-Hosted NetBird server: failed while getting Management Service public key

https://github.com/netbirdio/netbird/issues/3007 Stuck on loading screen on "/peers" (Authentik)

https://github.com/netbirdio/netbird/issues/3007#issuecomment-2564843380 < nginx-pm cfg

https://github.com/netbirdio/netbird/issues/2941 Request failed with status code 401 (Authentik) < scope api access & redirects

https://github.com/netbirdio/netbird/issues/2515 Unable to authenticate with Authentik SSO

https://github.com/netbirdio/netbird/issues/2510 Netbird with NGiNX Proxy Manager and Authentik

https://github.com/netbirdio/netbird/issues/2338 Can't access dashboard - Token Invalid, Authentik

https://github.com/netbirdio/netbird/issues/2043 error: failed while getting Management Service public key

https://github.com/netbirdio/netbird/issues/2043#issuecomment-2384470230 < nginx-pm cfg

https://github.com/netbirdio/netbird/issues/1962 netbird dashboard does not open properly

https://github.com/netbirdio/netbird/issues/1742 NGINX reverse proxy question

https://github.com/netbirdio/netbird/issues/1250 Authentik login not working: Login Error: User state: Unauthenticated

https://github.com/netbirdio/netbird/issues/536 Run netbird behind reverse proxy

https://docs.netbird.io/selfhosted/selfhosted-guide#step-2-prepare-configuration-files

https://docs.netbird.io/selfhosted/identity-providers#authentik

image.png

Folge dieser Anleitung: https://docs.netbird.io/selfhosted/selfhosted-guide 
Es wird ein Skript zur Verfügung gestellt, mit dem man eine docker-compose.yml nach eigenen Wünschen aus template Dateien erzeugen kann.
Anleitung ganz genau lesen!
VIDEO DAZU: https://www.youtube.com/watch?v=QQaRB1vL6Q8 

 

Vorschlag für NGINX Proxy Manager Advanced cfg aus gh issue https://github.com/netbirdio/netbird/issues/3110#issuecomment-2567362588 

# This is necessary so that grpc connections do not get closed early
# see https://stackoverflow.com/a/67805465
client_header_timeout 1d;
client_body_timeout 1d;

proxy_set_header        X-Real-IP $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header        X-Scheme $scheme;
proxy_set_header        X-Forwarded-Proto https;
proxy_set_header        X-Forwarded-Host $host;
grpc_set_header         X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header       Authorization $http_authorization;
grpc_set_header         Authorization $http_authorization;

# Proxy dashboard
location / {
    proxy_pass http://nb-dashboard:80;
}
# Proxy Signal
location /signalexchange.SignalExchange/ {
    grpc_pass grpc://nb-signal:80;
    grpc_set_header         Authorization $http_authorization;
    grpc_ssl_verify off;
    grpc_read_timeout 1d;
    grpc_send_timeout 1d;
    grpc_socket_keepalive on;
}
# Proxy Management http endpoint
location /api {
    proxy_pass http://nb-management:443;
}
# Proxy Management grpc endpoint
location /management.ManagementService/ {
    grpc_pass grpc://nb-management:443;
    grpc_set_header         Authorization $http_authorization;
    grpc_ssl_verify off;
    grpc_read_timeout 1d;
    grpc_send_timeout 1d;
    grpc_socket_keepalive on;
}

Back to top