Open Luccifer opened 3 months ago
Hi @Luccifer, the script will generate a set of config files. Can you share the content of your management.json
? It looks like the DataStoreEncryptionKey
is missing or wrongly created. Did you have any errors when running the script?
Hi @Luccifer, the script will generate a set of config files. Can you share the content of your
management.json
? It looks like theDataStoreEncryptionKey
is missing or wrongly created. Did you have any errors when running the script?
Ofc!
Here is it from settings:
I also added quotes in this json at 49, 61, 78 and 91-92 LOC (deleted, lines at 91-92 below) 'cause ./configure.sh didnt manage to pass parsing the json, so I chacked, that thoose lines are not in quotes.. "RedirectURLs": ["$NETBIRD_AUTH_PKCE_REDIRECT_URLS"], "UseIDToken": "$NETBIRD_AUTH_PKCE_USE_ID_TOKEN"
Either with or withoud 91-92 lines still cant make working management
And this one in artifacts:
{
"Stuns": [
{
"Proto": "udp",
"URI": "stun:site:3478",
"Username": "",
"Password": null
}
],
"TURNConfig": {
"Turns": [
{
"Proto": "udp",
"URI": "turn:site:3478",
"Username": "self",
"Password": "password"
}
],
"CredentialsTTL": "12h",
"Secret": "secret",
"TimeBasedCredentials": false
},
"Signal": {
"Proto": "https",
"URI": "site:10000",
"Username": "",
"Password": null
},
"ReverseProxy": {
"TrustedHTTPProxies": [],
"TrustedHTTPProxiesCount": 0,
"TrustedPeers": [
"0.0.0.0/0"
]
},
"Datadir": "",
"DataStoreEncryptionKey": "someplaintextpassword",
"StoreConfig": {
"Engine": "sqlite"
},
"HttpConfig": {
"Address": "0.0.0.0:33073",
"AuthIssuer": "https://keycloak.site",
"AuthAudience": "Client5",
"AuthKeysLocation": "https://keycloak.site/protocol/openid-connect/certs",
"AuthUserIDClaim": "",
"CertFile": "",
"CertKey": "",
"IdpSignKeyRefreshEnabled": true,
"OIDCConfigEndpoint": "https://keycloak.site/.well-known/openid-configuration"
},
"IdpManagerConfig": {
"ManagerType": "keycloak",
"ClientConfig": {
"Issuer": "https://keycloak.site",
"TokenEndpoint": "https://keycloak.site/protocol/openid-connect/token",
"ClientID": "netbird-backend",
"ClientSecret": "SuperClientSecretInPlainText",
"GrantType": "client_credentials"
},
"ExtraConfig": {
"AdminEndpoint": "https://keycloak.site"
},
"Auth0ClientCredentials": null,
"AzureClientCredentials": null,
"KeycloakClientCredentials": null,
"ZitadelClientCredentials": null
},
"DeviceAuthorizationFlow": {
"Provider": "hosted",
"ProviderConfig": {
"Audience": "Client5",
"AuthorizationEndpoint": "",
"Domain": "",
"ClientID": "Client5",
"ClientSecret": "",
"TokenEndpoint": "https://keycloak.site/protocol/openid-connect/token",
"DeviceAuthEndpoint": "https://keycloak.site/protocol/openid-connect/auth/device",
"Scope": "openid",
"UseIDToken": false,
"RedirectURLs": null
}
},
"PKCEAuthorizationFlow": {
"ProviderConfig": {
"Audience": "Client5",
"ClientID": "Client5",
"ClientSecret": "",
"Domain": "",
"AuthorizationEndpoint": "https://keycloak.site/protocol/openid-connect/auth",
"TokenEndpoint": "https://keycloak.site/protocol/openid-connect/token",
"Scope": "openid profile email offline_access api",
"RedirectURLs": [
"http://localhost:53000"
],
"UseIDToken": false
}
}
}
If you mean the ./configure.sh script, after I made changes in manifest.json no errors were outputed only notices:
Letsencrypt was disabled, the Https-endpoints cannot be used anymore
and a reverse-proxy with Https needs to be placed in front of netbird!
The following forwards have to be setup:
- https://site.no:443 -http-> dashboard:80
- https://site.no:33073/api -http-> management:33073
- https://site.no:33073/management.ManagementService/ -grpc-> management:33073
- https://site.no:10000/signalexchange.SignalExchange/ -grpc-> signal:80
You most likely also have to change NETBIRD_MGMT_API_ENDPOINT in base.setup.env and port-mappings in docker-compose.yml.tmpl and rerun this script.
The target of the forwards depends on your setup. Beware of the gRPC protocol instead of http for management and signal!
You are also free to remove any occurrences of the Letsencrypt-volume netbird-letsencrypt
Anyways, i didnt find any occurances of NETBIRD_DATASTORE_ENC_KEY in configs..
Did enyone managed to make it start from scratch with advanced tutorial with latest tag, assuming management.json has issues in json-code + some mappings are abscent
Well after 5th clean installation VM Ubuntu 2204 proxmox I made it working with standalone docker compose.
Also I spotted that ./configure.sh sometimes creates folder of management.json/
instead of management.json
Description
Hello! Thanks for a great product!
I am trying to start self-hosted server. Did everything in Quick and Advanced Manual from the official site The docker-compose of management container after starting goes to infinite reboot
Steps To Reproduce
Installing on ubuntu 2204 docker.io and docker-compose from apt Walkthrough the manual Try to start -> Fail with management container
Compose Version
Docker Environment
Logs for management container