netbirdio / netbird

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

https://netbird.io

BSD 3-Clause "New" or "Revised" License

11.26k stars 517 forks source link

Run netbird locally #1716

Open scorpio2k2 opened 8 months ago

scorpio2k2 commented 8 months ago

Describe the problem

I was checking the Quickstart guide for self hosting but I don't want to expose port 80 and 443 to the internet.

Expected behavior

How can it be installed without exposing port 80 and 443?

Are you using NetBird Cloud?

jiangslee commented 8 months ago

1267

mlsmaycon commented 8 months ago

@scorpio2k2 unless you are running on localhost and connecting clients locally, too, you need an SSL certificate; the guide tries to handle certificates with caddy or certbot, but you should be able to configure the dashboard container (nginx) or caddy configuration files with paths to your certificates.

scorpio2k2 commented 8 months ago

I was able to install it with getting-started-with-zitadel script but now I have other questions:

How upgrades are handled now?
How certificates are renewed?

mlsmaycon commented 8 months ago

Certificates are handled by Caddy, which auto-renews them every three months using either Zerossl or Let's Encrypt.

For upgrades, you just need to pull new images: https://docs.netbird.io/selfhosted/selfhosted-quickstart#upgrade