User invites is not available on self-hosted deployment #329

@oskardotglobal commented on GitHub (May 15, 2023):

You have to create the users via your configured IDP

@oskardotglobal commented on GitHub (May 15, 2023): You have to create the users via your configured IDP

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, I am using keycloak. How should I create it? Thank you

@chonglee123456 commented on GitHub (May 16, 2023): Hello, I am using keycloak. How should I create it? Thank you

saavagebueno commented

@oskardotglobal commented on GitHub (May 16, 2023):

Log onto Keycloak, select the Realm you created and go to the users section.

@oskardotglobal commented on GitHub (May 16, 2023): Log onto Keycloak, select the Realm you created and go to the users section.

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, can you explain in more detail? I did not find a configured IDP configuration in KEYCLOAK USER. It would be best to have screenshots for guidance. Thank you.

@chonglee123456 commented on GitHub (May 16, 2023): Hello, can you explain in more detail? I did not find a configured IDP configuration in KEYCLOAK USER. It would be best to have screenshots for guidance. Thank you.

saavagebueno commented

@oskardotglobal commented on GitHub (May 16, 2023):

From the keycloak documentation: https://www.keycloak.org/docs/latest/server_admin/index.html#proc-creating-user_server_administration_guide

@oskardotglobal commented on GitHub (May 16, 2023): From the keycloak documentation: https://www.keycloak.org/docs/latest/server_admin/index.html#proc-creating-user_server_administration_guide

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, after learning, the issue of 'Invite user' has not been resolved. Please provide guidance

@chonglee123456 commented on GitHub (May 16, 2023): ![image](https://github.com/netbirdio/netbird/assets/133615355/76eff5d8-bdc3-4f41-b58c-25ce69c86b0e) Hello, after learning, the issue of 'Invite user' has not been resolved. Please provide guidance

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

I am using the official website, and the screenshot is as follows:

@chonglee123456 commented on GitHub (May 16, 2023): I am using the official website, and the screenshot is as follows: ![image](https://github.com/netbirdio/netbird/assets/133615355/c734ac9e-85b7-4581-b53d-7e766856430c)

saavagebueno commented

@mlsmaycon commented on GitHub (May 16, 2023):

Hello @chonglee123456 the invited user feature is not supported by custom IDPs and self-hosted deployments because every IDP has a different way of create user and send emails.

As @oskardotglobal suggested, the case is that as an administrator, you have full control over the IDP service and can create users within your IDP of choice. Once an user object is created on keycloak they will only appear in the NetBird's management system after the user uses the new credentials to authenticate to your NetBird dashboard.

Regarding the user ID instead of email displayed on your screenshot, you can follow the following guide to finishe the keycloak integration: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

@mlsmaycon commented on GitHub (May 16, 2023): Hello @chonglee123456 the invited user feature is not supported by custom IDPs and self-hosted deployments because every IDP has a different way of create user and send emails. As @oskardotglobal suggested, the case is that as an administrator, you have full control over the IDP service and can create users within your IDP of choice. Once an user object is created on keycloak they will only appear in the NetBird's management system after the user uses the new credentials to authenticate to your NetBird dashboard. Regarding the user ID instead of email displayed on your screenshot, you can follow the following guide to finishe the keycloak integration: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, I have followed your instructions to configure, but the user ID display is still not an email address.

@chonglee123456 commented on GitHub (May 16, 2023): Hello, I have followed your instructions to configure, but the user ID display is still not an email address. ![image](https://github.com/netbirdio/netbird/assets/133615355/98ea300b-44a5-4d54-a12d-e45b126dc406)

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, thank you for your multiple help. There is one more request, please provide support. Since I am in China and cannot use Google Play, I hope you can send me an email with the mobile terminal client. Thank you.

在2023-05-17 07：48：35，“Maycon @.***>写道：

您好，自定义 IDP 和自托管部署不支持邀请用户功能，因为每个 IDP 都有不同的方式来创建用户和发送电子邮件。

正如建议的那样，情况是，作为管理员，您可以完全控制 IDP 服务，并且可以在您选择的 IDP 中创建用户。在keycloak上创建用户对象后，只有在用户使用新凭据向NetBird仪表板进行身份验证后，它们才会出现在NetBird的管理系统中。

关于用户ID而不是屏幕截图上显示的电子邮件，您可以按照以下指南完成钥匙斗篷集成：https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

直接回复此电子邮件，在 GitHub 上查看或取消订阅。
您收到此消息是因为您被提及。Message ID: @.***>

@chonglee123456 commented on GitHub (May 16, 2023): Hello, thank you for your multiple help. There is one more request, please provide support. Since I am in China and cannot use Google Play, I hope you can send me an email with the mobile terminal client. Thank you. 在2023-05-17 07：48：35，“Maycon ***@***.***>写道：您好，自定义 IDP 和自托管部署不支持邀请用户功能，因为每个 IDP 都有不同的方式来创建用户和发送电子邮件。正如建议的那样，情况是，作为管理员，您可以完全控制 IDP 服务，并且可以在您选择的 IDP 中创建用户。在keycloak上创建用户对象后，只有在用户使用新凭据向NetBird仪表板进行身份验证后，它们才会出现在NetBird的管理系统中。关于用户ID而不是屏幕截图上显示的电子邮件，您可以按照以下指南完成钥匙斗篷集成：https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client - 直接回复此电子邮件，在 GitHub 上查看或取消订阅。您收到此消息是因为您被提及。Message ID: ***@***.***>

saavagebueno commented

@chonglee123456 commented on GitHub (May 16, 2023):

Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this?

At 2023-05-17 07:48:35, "Maycon Santos" @.***> wrote:

Hello @chonglee123456 the invited user feature is not supported by custom IDPs and self-hosted deployments because every IDP has a different way of create user and send emails.

As @oskardotglobal suggested, the case is that as an administrator, you have full control over the IDP service and can create users within your IDP of choice. Once an user object is created on keycloak they will only appear in the NetBird's management system after the user uses the new credentials to authenticate to your NetBird dashboard.

Regarding the user ID instead of email displayed on your screenshot, you can follow the following guide to finishe the keycloak integration: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 16, 2023): Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this? At 2023-05-17 07:48:35, "Maycon Santos" ***@***.***> wrote: Hello @chonglee123456 the invited user feature is not supported by custom IDPs and self-hosted deployments because every IDP has a different way of create user and send emails. As @oskardotglobal suggested, the case is that as an administrator, you have full control over the IDP service and can create users within your IDP of choice. Once an user object is created on keycloak they will only appear in the NetBird's management system after the user uses the new credentials to authenticate to your NetBird dashboard. Regarding the user ID instead of email displayed on your screenshot, you can follow the following guide to finishe the keycloak integration: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@oskardotglobal commented on GitHub (May 17, 2023):

Hello, I have followed your instructions to configure, but the user ID display is still not an email address.

Did you restart the management service afterwards?
To the Email invites: When creating a user in Keycloak, you should be able to directly send a password reset email to the user, given that SMTP for keycloak is configured.

@oskardotglobal commented on GitHub (May 17, 2023): > Hello, I have followed your instructions to configure, but the user ID display is still not an email address. > ![image](https://user-images.githubusercontent.com/133615355/238801633-98ea300b-44a5-4d54-a12d-e45b126dc406.png) Did you restart the management service afterwards? To the Email invites: When creating a user in Keycloak, you should be able to directly send a password reset email to the user, given that SMTP for keycloak is configured.

saavagebueno commented

@oskardotglobal commented on GitHub (May 17, 2023):

Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this?

What do you mean? 2 Clients are connected and once you download something from the other client they disconnect?

@oskardotglobal commented on GitHub (May 17, 2023): > Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this? What do you mean? 2 Clients are connected and once you download something from the other client they disconnect?

saavagebueno commented

@oskardotglobal commented on GitHub (May 17, 2023):

Hello, thank you for your multiple help. There is one more request, please provide support. Since I am in China and cannot use Google Play, I hope you can send me an email with the mobile terminal client. Thank you.

I don't think the App is available besides from Google Play yet since it isn't open source (yet?). There are Websites through which you can obtain APKs from Google Play, but you probably shouldn't try that.
@mlsmaycon might be able to help here

@oskardotglobal commented on GitHub (May 17, 2023): > Hello, thank you for your multiple help. There is one more request, please provide support. Since I am in China and cannot use Google Play, I hope you can send me an email with the mobile terminal client. Thank you. I don't think the App is available besides from Google Play yet since it isn't open source (yet?). There are Websites through which you can obtain APKs from Google Play, but you probably shouldn't try that. @mlsmaycon might be able to help here

saavagebueno commented

@chonglee123456 commented on GitHub (May 17, 2023):

Hello, FTP service cannot be provided between two computers with Netbird Windows client installed in the VPN. If this service is enabled, the network will be interrupted

At 2023-05-17 12:24:50, "Oskar Manhart" @.***> wrote:

Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this?

What do you mean? 2 Clients are connected and once you download something from the other client they disconnect?

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 17, 2023): Hello, FTP service cannot be provided between two computers with Netbird Windows client installed in the VPN. If this service is enabled, the network will be interrupted At 2023-05-17 12:24:50, "Oskar Manhart" ***@***.***> wrote: Hello, another issue is that when both parties use a Windows client, downloading business between them may cause one party to go offline and cause network interruption. I conducted tests on both the self managed server and the official server platform, and the results were the same. Why is this? What do you mean? 2 Clients are connected and once you download something from the other client they disconnect? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@oskardotglobal commented on GitHub (May 17, 2023):

Moving this into another issue since this is unrelated to the original problem.

@oskardotglobal commented on GitHub (May 17, 2023): Moving this into another issue since this is unrelated to the original problem.

saavagebueno commented

@chonglee123456 commented on GitHub (May 17, 2023):

Following your guidance, KEYCLOAK has been configured, but the email address is still not displayed. As shown in the following figure

At 2023-05-17 12:23:00, "Oskar Manhart" @.***> wrote:

Hello, I have followed your instructions to configure, but the user ID display is still not an email address.

Did you restart the management service afterwards?
To the Email invites: When creating a user in Keycloak, you should be able to directly send a password reset email to the user, given that SMTP for keycloak is configured.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 17, 2023): Following your guidance, KEYCLOAK has been configured, but the email address is still not displayed. As shown in the following figure At 2023-05-17 12:23:00, "Oskar Manhart" ***@***.***> wrote: Hello, I have followed your instructions to configure, but the user ID display is still not an email address. Did you restart the management service afterwards? To the Email invites: When creating a user in Keycloak, you should be able to directly send a password reset email to the user, given that SMTP for keycloak is configured. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@oskardotglobal commented on GitHub (May 17, 2023):

Are you running the latest version of Netbird?

@oskardotglobal commented on GitHub (May 17, 2023): Are you running the latest version of Netbird?

saavagebueno commented

@braginini commented on GitHub (May 17, 2023):

@chonglee123456
Did you configure IdpManagerConfig in management.json?

@braginini commented on GitHub (May 17, 2023): @chonglee123456 Did you configure IdpManagerConfig in management.json?

saavagebueno commented

@chonglee123456 commented on GitHub (May 17, 2023):

Hello, it has been configured and there have been no changes.

At 2023-05-17 17:49:05, "Misha Bragin" @.***> wrote:

@chonglee123456
Did you configure IdpManagerConfig in management.json?

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 17, 2023): Hello, it has been configured and there have been no changes. At 2023-05-17 17:49:05, "Misha Bragin" ***@***.***> wrote: @chonglee123456 Did you configure IdpManagerConfig in management.json? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@chonglee123456 commented on GitHub (May 17, 2023):

YES，v0.21

At 2023-05-17 16:43:05, "Oskar Manhart" @.***> wrote:

Are you running the latest version of Netbird?

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 17, 2023): YES，v0.21 At 2023-05-17 16:43:05, "Oskar Manhart" ***@***.***> wrote: Are you running the latest version of Netbird? — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@oskardotglobal commented on GitHub (May 19, 2023):

Ok, can you post

Logs (ideally upload them to any paste service)
Your management.json
Your docker-compose.yml

Make sure to redact private data where needed

@oskardotglobal commented on GitHub (May 19, 2023): Ok, can you post - Logs (ideally upload them to any paste service) - Your management.json - Your docker-compose.yml Make sure to redact private data where needed

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

Hello, how can I view the logs

在2023-05-19 @.***>写道：

好的，你能发帖吗

日志（理想情况下将它们上传到任何粘贴服务）
您的管理.json
你的码头工人-compose.yml

确保在需要时编辑私人数据

直接回复此电子邮件，在 GitHub 上查看或取消订阅。
您收到此消息是因为您被提及。Message ID: @.***>

@chonglee123456 commented on GitHub (May 19, 2023): Hello, how can I view the logs 在2023-05-19 ***@***.***>写道：好的，你能发帖吗日志（理想情况下将它们上传到任何粘贴服务）您的管理.json 你的码头工人-compose.yml 确保在需要时编辑私人数据 - 直接回复此电子邮件，在 GitHub 上查看或取消订阅。您收到此消息是因为您被提及。Message ID: ***@***.***>

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

docker-compose logs signal

Attaching to infrastructure_files_signal_1

signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:107: running gRPC backward compatibility server: [::]:10000

signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:129: running gRPC server: [::]:80

signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:132: started Signal Service

signal_1 | 2023-05-19T15:43:59Z INFO signal/server/signal.go:69: peer connected [CuUziGygZ8Q5xs87QApbfHzl9aus4/gUl2cSrLtuoDg=] [streamID 1684511039506305876]

signal_1 | 2023-05-19T15:44:24Z INFO signal/server/signal.go:58: peer disconnected [CuUziGygZ8Q5xs87QApbfHzl9aus4/gUl2cSrLtuoDg=] [streamID 1684511039506305876]

signal_1 | 2023-05-19T15:46:01Z INFO signal/server/signal.go:69: peer connected [XcPxme14uNjW8lBp/yxGcrOOQwCKYx9H7L6nNT9KGCY=] [streamID 1684511161175866194]

signal_1 | 2023-05-19T15:46:07Z INFO signal/server/signal.go:58: peer disconnected [XcPxme14uNjW8lBp/yxGcrOOQwCKYx9H7L6nNT9KGCY=] [streamID 1684511161175866194]

My management.json

{

"Stuns": [

    {

        "Proto": "udp",

        "URI": "stun:fahi.cc:3478",

        "Username": "",

        "Password": null

    }

],

"TURNConfig": {

    "Turns": [

        {

            "Proto": "udp",

            "URI": "turn:fahi.cc:3478",

            "Username": 

            "Password": "

        }

    ],

    "CredentialsTTL": "12h",

    "Secret": "secret",

    "TimeBasedCredentials": false

},

"Signal": {

    "Proto": "http",

    "URI": "fahi.cc:10000",

    "Username": "",

    "Password": null

},

"Datadir": "",

"HttpConfig": {

    "Address": "0.0.0.0:33073",

    "AuthIssuer": "https://defined.ltd/realms/netbird",

    "AuthAudience": "netbird-client",

    "AuthKeysLocation": "https://defined.ltd/realms/netbird/protocol/openid-connect/certs",

    "AuthUserIDClaim": "",

    "CertFile":"/etc/letsencrypt/live/fahi.cc/fullchain.pem",

    "CertKey":"/etc/letsencrypt/live/fahi.cc/privkey.pem",

    "OIDCConfigEndpoint":"https://defined.ltd/realms/netbird/.well-known/openid-configuration"

},

"IdpManagerConfig": {

    "Manager": "none"

 },

"DeviceAuthorizationFlow": {

    "Provider": "hosted",

    "ProviderConfig": {

      "Audience": "netbird-client",

      "Domain": "",

      "ClientID": "netbird-client",

      "TokenEndpoint": "https://defined.ltd/realms/netbird/protocol/openid-connect/token",

      "DeviceAuthEndpoint": "https://defined.ltd/realms/netbird/protocol/openid-connect/auth/device",

      "Scope": "openid",

      "UseIDToken": false

     }

}

}

MY docker-compose.yml
version: "3"
services:
#UI dashboard
dashboard:
image: wiretrustee/dashboard:latest
restart: unless-stopped
ports:
- 80:80
- 443:443
environment:
# Endpoints
- NETBIRD_MGMT_API_ENDPOINT=https://fahi.cc:33073
- NETBIRD_MGMT_GRPC_API_ENDPOINT=https://fahi.cc:33073
# OIDC
- AUTH_AUDIENCE=netbird-client
- AUTH_CLIENT_ID=netbird-client
- AUTH_AUTHORITY=https://defined.ltd/realms/netbird
- USE_AUTH0=false
- AUTH_SUPPORTED_SCOPES=openid profile email offline_access api
- AUTH_REDIRECT_URI=
- AUTH_SILENT_REDIRECT_URI=
- NETBIRD_TOKEN_SOURCE=accessToken
# SSL
- NGINX_SSL_PORT=443
# Letsencrypt
- LETSENCRYPT_DOMAIN=fahi.cc
- @.***
volumes:
- netbird-letsencrypt:/etc/letsencrypt/

Signal

signal:
image: netbirdio/signal:latest
restart: unless-stopped
volumes:
- netbird-signal:/var/lib/netbird
ports:
- 10000:80

# port and command for Let's Encrypt validation

- 443:443

command: ["--letsencrypt-domain", "fahi.cc", "--log-file", "console"]

Management

management:
image: netbirdio/management:latest
restart: unless-stopped
depends_on:
- dashboard
volumes:
- netbird-mgmt:/var/lib/netbird
- netbird-letsencrypt:/etc/letsencrypt:ro
- ./management.json:/etc/netbird/management.json
ports:
- 33073:443 #API port

# command for Let's Encrypt validation without dashboard container

command: ["--letsencrypt-domain", "fahi.cc", "--log-file", "console"]

command: [
  "--port", "443",
  "--log-file", "console",
  "--disable-anonymous-metrics=false",
  "--single-account-mode-domain=fahi.cc",
  "--dns-domain=netbird",

"--disable-single-account-mode"
]

Coturn

coturn:
image: coturn/coturn
restart: unless-stopped
domainname: fahi.cc
volumes:
- ./turnserver.conf:/etc/turnserver.conf:ro
# - ./privkey.pem:/etc/coturn/private/privkey.pem:ro
# - ./cert.pem:/etc/coturn/certs/cert.pem:ro
network_mode: host
command:
- -c /etc/turnserver.conf

volumes:
netbird-mgmt:
netbird-signal:
netbird-letsencrypt:

@chonglee123456 commented on GitHub (May 19, 2023): docker-compose logs signal Attaching to infrastructure_files_signal_1 signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:107: running gRPC backward compatibility server: [::]:10000 signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:129: running gRPC server: [::]:80 signal_1 | 2023-05-19T15:43:58Z INFO signal/cmd/run.go:132: started Signal Service signal_1 | 2023-05-19T15:43:59Z INFO signal/server/signal.go:69: peer connected [CuUziGygZ8Q5xs87QApbfHzl9aus4/gUl2cSrLtuoDg=] [streamID 1684511039506305876] signal_1 | 2023-05-19T15:44:24Z INFO signal/server/signal.go:58: peer disconnected [CuUziGygZ8Q5xs87QApbfHzl9aus4/gUl2cSrLtuoDg=] [streamID 1684511039506305876] signal_1 | 2023-05-19T15:46:01Z INFO signal/server/signal.go:69: peer connected [XcPxme14uNjW8lBp/yxGcrOOQwCKYx9H7L6nNT9KGCY=] [streamID 1684511161175866194] signal_1 | 2023-05-19T15:46:07Z INFO signal/server/signal.go:58: peer disconnected [XcPxme14uNjW8lBp/yxGcrOOQwCKYx9H7L6nNT9KGCY=] [streamID 1684511161175866194] My management.json { "Stuns": [ { "Proto": "udp", "URI": "stun:fahi.cc:3478", "Username": "", "Password": null } ], "TURNConfig": { "Turns": [ { "Proto": "udp", "URI": "turn:fahi.cc:3478", "Username": "Password": " } ], "CredentialsTTL": "12h", "Secret": "secret", "TimeBasedCredentials": false }, "Signal": { "Proto": "http", "URI": "fahi.cc:10000", "Username": "", "Password": null }, "Datadir": "", "HttpConfig": { "Address": "0.0.0.0:33073", "AuthIssuer": "https://defined.ltd/realms/netbird", "AuthAudience": "netbird-client", "AuthKeysLocation": "https://defined.ltd/realms/netbird/protocol/openid-connect/certs", "AuthUserIDClaim": "", "CertFile":"/etc/letsencrypt/live/fahi.cc/fullchain.pem", "CertKey":"/etc/letsencrypt/live/fahi.cc/privkey.pem", "OIDCConfigEndpoint":"https://defined.ltd/realms/netbird/.well-known/openid-configuration" }, "IdpManagerConfig": { "Manager": "none" }, "DeviceAuthorizationFlow": { "Provider": "hosted", "ProviderConfig": { "Audience": "netbird-client", "Domain": "", "ClientID": "netbird-client", "TokenEndpoint": "https://defined.ltd/realms/netbird/protocol/openid-connect/token", "DeviceAuthEndpoint": "https://defined.ltd/realms/netbird/protocol/openid-connect/auth/device", "Scope": "openid", "UseIDToken": false } } } MY docker-compose.yml version: "3" services: #UI dashboard dashboard: image: wiretrustee/dashboard:latest restart: unless-stopped ports: - 80:80 - 443:443 environment: # Endpoints - NETBIRD_MGMT_API_ENDPOINT=https://fahi.cc:33073 - NETBIRD_MGMT_GRPC_API_ENDPOINT=https://fahi.cc:33073 # OIDC - AUTH_AUDIENCE=netbird-client - AUTH_CLIENT_ID=netbird-client - AUTH_AUTHORITY=https://defined.ltd/realms/netbird - USE_AUTH0=false - AUTH_SUPPORTED_SCOPES=openid profile email offline_access api - AUTH_REDIRECT_URI= - AUTH_SILENT_REDIRECT_URI= - NETBIRD_TOKEN_SOURCE=accessToken # SSL - NGINX_SSL_PORT=443 # Letsencrypt - LETSENCRYPT_DOMAIN=fahi.cc - ***@***.*** volumes: - netbird-letsencrypt:/etc/letsencrypt/ # Signal signal: image: netbirdio/signal:latest restart: unless-stopped volumes: - netbird-signal:/var/lib/netbird ports: - 10000:80 # # port and command for Let's Encrypt validation # - 443:443 # command: ["--letsencrypt-domain", "fahi.cc", "--log-file", "console"] # Management management: image: netbirdio/management:latest restart: unless-stopped depends_on: - dashboard volumes: - netbird-mgmt:/var/lib/netbird - netbird-letsencrypt:/etc/letsencrypt:ro - ./management.json:/etc/netbird/management.json ports: - 33073:443 #API port # # command for Let's Encrypt validation without dashboard container # command: ["--letsencrypt-domain", "fahi.cc", "--log-file", "console"] command: [ "--port", "443", "--log-file", "console", "--disable-anonymous-metrics=false", "--single-account-mode-domain=fahi.cc", "--dns-domain=netbird", "--disable-single-account-mode" ] # Coturn coturn: image: coturn/coturn restart: unless-stopped domainname: fahi.cc volumes: - ./turnserver.conf:/etc/turnserver.conf:ro # - ./privkey.pem:/etc/coturn/private/privkey.pem:ro # - ./cert.pem:/etc/coturn/certs/cert.pem:ro network_mode: host command: - -c /etc/turnserver.conf volumes: netbird-mgmt: netbird-signal: netbird-letsencrypt:

saavagebueno commented

@oskardotglobal commented on GitHub (May 19, 2023):

"IdpManagerConfig": {
"Manager": "none"
},

You didn't do the keycloak setup properly. Follow the Keycloak setup guide carefully from step 8 again: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

Also, I'd remove that turn password from your message really quickly if I were you, since you also include all the domains someone could just connect and maybe even cause harm.

@oskardotglobal commented on GitHub (May 19, 2023): > "IdpManagerConfig": { > "Manager": "none" > }, You didn't do the keycloak setup properly. Follow the Keycloak setup guide carefully from step 8 again: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client Also, I'd remove that turn password from your message really quickly if I were you, since you also include all the domains someone could just connect and maybe even cause harm.

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

Hello, I have set it as shown in the figure below, but it has not been successful. Please support me. thank you

At 2023-05-20 00:28:33, "Oskar Manhart" @.***> wrote:

"IdpManagerConfig": {
"Manager": "none"
},

You didn't do the keycloak setup properly. Follow the Keycloak setup guide carefully from step 8 again: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client

Also, I'd remove that turn password from your message really quickly if I were you, since you also include all the domains someone could just connect and maybe even cause harm.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you were mentioned.Message ID: @.***>

@chonglee123456 commented on GitHub (May 19, 2023): Hello, I have set it as shown in the figure below, but it has not been successful. Please support me. thank you At 2023-05-20 00:28:33, "Oskar Manhart" ***@***.***> wrote: "IdpManagerConfig": { "Manager": "none" }, You didn't do the keycloak setup properly. Follow the Keycloak setup guide carefully from step 8 again: https://netbird.io/docs/integrations/identity-providers/self-hosted/using-netbird-with-keycloak#step-8-create-a-netbird-backend-client Also, I'd remove that turn password from your message really quickly if I were you, since you also include all the domains someone could just connect and maybe even cause harm. — Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.Message ID: ***@***.***>

saavagebueno commented

@oskardotglobal commented on GitHub (May 19, 2023):

That didn't quite work, were you trying to attach an image? I don't think the e-mail replies support that. Try a link or send the image directly via github

@oskardotglobal commented on GitHub (May 19, 2023): That didn't quite work, were you trying to attach an image? I don't think the e-mail replies support that. Try a link or send the image directly via github

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

I have configured the management. json and the error is shown in the following figure. Please provide guidance. Thank you
Uploading 屏幕截图 2023-05-20 083317.png…

@chonglee123456 commented on GitHub (May 19, 2023): I have configured the management. json and the error is shown in the following figure. Please provide guidance. Thank you ![Uploading 屏幕截图 2023-05-20 083317.png…]()

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

@chonglee123456 commented on GitHub (May 19, 2023): ![屏幕截图 2023-05-20 083317](https://github.com/netbirdio/netbird/assets/133615355/f72f2a03-54dc-4746-8346-3fb89776bdfe)

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

Please advise where the error is? thank you

@chonglee123456 commented on GitHub (May 19, 2023): Please advise where the error is? thank you

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

@chonglee123456 commented on GitHub (May 19, 2023): ![image](https://github.com/netbirdio/netbird/assets/133615355/2f948a2f-1bb2-48d6-82a2-ee6cabf86231)

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

The problem has been resolved, thank you

@chonglee123456 commented on GitHub (May 19, 2023): The problem has been resolved, thank you

saavagebueno commented

@chonglee123456 commented on GitHub (May 19, 2023):

The problem has been resolved, thank you

@chonglee123456 commented on GitHub (May 19, 2023): The problem has been resolved, thank you

saavagebueno commented

@oskardotglobal commented on GitHub (May 20, 2023):

Ok, perfect. If that's everything, please close the issue.

@oskardotglobal commented on GitHub (May 20, 2023): Ok, perfect. If that's everything, please close the issue.

saavagebueno commented