&#34;Auto-update&#34; feature for NetBird Client #768

saavagebueno commented

@support-tt commented on GitHub (Apr 4, 2024):

this is already requested with #832 but im with you I and already wrote that we need this in the #832 issue. I think something that you can click update at the webui would be nice because I like a controlled update more then simple update all and then maybe the whole system doesnt work anymore

@support-tt commented on GitHub (Apr 4, 2024): this is already requested with #832 but im with you I and already wrote that we need this in the #832 issue. I think something that you can click update at the webui would be nice because I like a controlled update more then simple update all and then maybe the whole system doesnt work anymore

saavagebueno commented

@PowershellScripter commented on GitHub (Apr 4, 2024):

this is already requested with #832 but im with you I and already wrote that we need this in the #832 issue. I think something that you can click update at the webui would be nice because I like a controlled update more then simple update all and then maybe the whole system doesnt work anymore

I agree with this as it would be great to be able to update controlled on a single system and test the hell out of it and when its verified as much as possible to be stable, be able to go to the management portal and push an update signal to all devices at the same time.
This would give the flexibility of a controlled manual update, but then also allow a scheduled update from the portal in an automatic sense. Maybe even something in the management portal where an admin can publish a netbird client version and have the netbird clients do an api call periodically to check that version against its own version number and if the published version in the portal is newer, then that tells the agent to update itself and also tell it which version to update to. This would be extremely useful for controlling updates and also making sure that systems that are offline and come back online later will still poll for updates.

@PowershellScripter commented on GitHub (Apr 4, 2024): > this is already requested with #832 but im with you I and already wrote that we need this in the #832 issue. I think something that you can click update at the webui would be nice because I like a controlled update more then simple update all and then maybe the whole system doesnt work anymore I agree with this as it would be great to be able to update controlled on a single system and test the hell out of it and when its verified as much as possible to be stable, be able to go to the management portal and push an update signal to all devices at the same time. This would give the flexibility of a controlled manual update, but then also allow a scheduled update from the portal in an automatic sense. Maybe even something in the management portal where an admin can publish a netbird client version and have the netbird clients do an api call periodically to check that version against its own version number and if the published version in the portal is newer, then that tells the agent to update itself and also tell it which version to update to. This would be extremely useful for controlling updates and also making sure that systems that are offline and come back online later will still poll for updates.

saavagebueno commented

@uvbeenzaned commented on GitHub (May 1, 2024):

I am 100% for this feature. We are about to have 100s of devices all around the world connected to a self-hosted Netbird instance and we will need this for sure. Update from the management panel will save us so much time.

@uvbeenzaned commented on GitHub (May 1, 2024): I am 100% for this feature. We are about to have 100s of devices all around the world connected to a self-hosted Netbird instance and we will need this for sure. Update from the management panel will save us so much time.

saavagebueno commented

@paulcchien commented on GitHub (Sep 16, 2024):

If the Netbird web portal (management) have the ability to update the clients (mainly Windows), it would be very helpful.

@paulcchien commented on GitHub (Sep 16, 2024): If the Netbird web portal (management) have the ability to update the clients (mainly Windows), it would be very helpful.

saavagebueno commented

@Cellobita commented on GitHub (Nov 11, 2024):

Tailscale has both: automatic self-updates, and the ability to start a remote update manually from the web portal. Very useful.

@Cellobita commented on GitHub (Nov 11, 2024): Tailscale has both: automatic self-updates, and the ability to start a remote update manually from the web portal. Very useful.

saavagebueno commented

@Rob787 commented on GitHub (Nov 25, 2024):

+1 From our side as well. It is now a nightmare to manage. If at least the Windows client would trigger/ask users to update to new version that would help enormously already.

@Rob787 commented on GitHub (Nov 25, 2024): +1 From our side as well. It is now a nightmare to manage. If at least the Windows client would trigger/ask users to update to new version that would help enormously already.

saavagebueno commented

@libexpand commented on GitHub (Nov 27, 2024):

There can be several updates in a month, and no auto update feature?!

@libexpand commented on GitHub (Nov 27, 2024): There can be several updates in a month, and no auto update feature?!

saavagebueno commented

@jammin84 commented on GitHub (Jan 5, 2025):

I wish you could use the tags to assign a policy that I could configure the update version.

"update-auto" - auto update to current
"update-current" - auto update to a fixed version i want across the masses
"update-testing" - update to some new version before deploying to update-current group

@jammin84 commented on GitHub (Jan 5, 2025): I wish you could use the tags to assign a policy that I could configure the update version. "update-auto" - auto update to current "update-current" - auto update to a fixed version i want across the masses "update-testing" - update to some new version before deploying to update-current group

saavagebueno commented

@ramphex commented on GitHub (Jan 20, 2025):

100% need this

@ramphex commented on GitHub (Jan 20, 2025): 100% need this

saavagebueno commented

@betaxab commented on GitHub (Apr 24, 2025):

I hope Netbird can integrate this feature as soon as possible. #3609

@betaxab commented on GitHub (Apr 24, 2025): I hope Netbird can integrate this feature as soon as possible. #3609

saavagebueno commented

@robertgro commented on GitHub (Jul 12, 2025):

Just in case anybody is interested. I already noticed in the past (https://github.com/microsoft/winget-cli/issues/1885#issuecomment-2613074760) that Microsoft's winget package manager implementation is having a hard time dealing with a silent uninstall of apps using the Inno Setup (https://jrsoftware.org/isinfo.php). Netbird is such an app.

After debugging a bit, I somehow managed to get a kind of windows gui automatism working with the Netbird InnoDB setup installer. Here is a proposal for everyone interested:

Disclaimer: use at your own risk. I'm referring to the windows .exe installer file here. Adjustment required, especially (securitywise) if used elsewhere than a dev environment! And please don't consider this the best code available. Apologize for the long text.

Prerequisites:

Netbird already installed and running on a client.
AutoHotkey64.exe has been downloaded from https://www.autohotkey.com/download/ and be placed in a directory of your choice**. Right click the AutoHotkey64.exe file, go to "Properties" and "Compatibility", check "Run this program as administrator" and hit "Apply" (please also consider the licensing if used elsewhere than a dev environment)
Windows 10 (idk if it works under 11)

** remember the path!

How it works:

At first, I utilize powershell to compare the current installed version with the latest version that can be found here https://api.github.com/repos/netbirdio/netbird/releases/latest.
If there is a new version available, I set the location to the Autohotkey directory (here you have to adjust the path, everything else is just relative paths and shouldn't require an adjustment)
Then I get the .exe download url from the JSON response.
After downloading the new netbird installer .exe, I launch the file with powershell administrator privileges
Then I launch the Autohotkey tool with a .ahk script you can find below. I run this tool again with admin privileges and I'm waiting for it's return -Wait
After the automatic installation has been done, the file is being removed, also with elevated UAC (-Verb RunAS).

Here is the netbird_update.ps1 script that should be started as administrator:

$currentNetbirdVersion = netbird version

Write-Host "`nCurrent Netbird version: $currentNetbirdVersion"

$latestNetbirdVersion = (Invoke-RestMethod -Uri 'https://api.github.com/repos/netbirdio/netbird/releases/latest' | Select-Object -ExpandProperty name).Substring(1)

Write-Host "`nLatest Netbird version: $latestNetbirdVersion"

function DownloadNetbirdAndInstall {
    # 1. Find the asset ending with .exe in the latest release
    $ExeAsset = (Invoke-RestMethod -Uri 'https://api.github.com/repos/netbirdio/netbird/releases/latest' | Select-Object -ExpandProperty assets) | Where-Object { $_.name -like '*.exe' }

    # 2. If the asset is found, download it
    if ($ExeAsset) {
        #Adjust the path to your autohotkey directory
        Set-Location $env:userprofile/desktop/development/tools/autohotkey_2.0.19/

        # Get the download URL and the original filename from the found object
        $downloadUrl = $ExeAsset.browser_download_url
        $fileName = $ExeAsset.name
        Write-Host "Found EXE installer: $fileName"
        Write-Host "Downloading from: $downloadUrl"
        # Use Invoke-WebRequest to download the file
        Invoke-WebRequest -Uri $downloadUrl -OutFile $fileName
        Write-Host "Download complete: $fileName"
        Start-Process powershell -ArgumentList "& '.\$fileName'" -Verb RunAS
        Start-Sleep -Seconds 1.5
        Start-Process powershell -ArgumentList " & '.\AutoHotkey64.exe' '.\netbird_update.ahk'" -Verb RunAs -Wait
        Start-Sleep -Seconds 1.5
        Start-Process powershell -ArgumentList " Remove-Item -Path $fileName -Force" -Verb RunAs
    }
    else {
        Write-Host "No .exe installer found in the latest release."
    }
}

if ($currentNetbirdVersion -ne $latestNetbirdVersion) {
    Write-Host "`nUpdating Netbird from version $currentNetbirdVersion to $latestNetbirdVersion..."
    DownloadNetbirdAndInstall
}
else {
    Write-Host "`nNetbird is already up to date."
}

A cmd to start the script may be:

powershell.exe -ExecutionPolicy Unrestricted -File netbird_update.ps1

(Notice that this may require a set-executionpolicy remotesigned to be issued on a powershell terminal on a client beforehand and if the file is being shared, you may also have to Unblock-File -Path .\netbird_update.ps1 it before)

The clue is now that when you have netbird already installed and running and you launch the new netbird installer.exe, a dialogue window pops up, telling you Netbird is already installed and asking you for a proceed confirmation of the removal of the previous version. And here comes the netbird_update.ahk which is doing the UI work for you:

WinWait("Netbird", , 30)
WinActivate("Netbird")
ControlClick("Button1")
WinWaitClose("ahk_exe Netbird.exe")
Sleep 15000
WinWait("Netbird", , 30)
WinActivate("Netbird")
ControlClick("Button2")
Sleep 1000
WinActivate("Netbird")
ControlClick("Button2")
Sleep 1000
WinActivate("Netbird")
ControlClick("Button2")
Sleep 1000
WinActivate("Netbird")
ControlClick("Button2")
Sleep 22000
WinActivate("Netbird")
ControlClick("Button2")

As you can see, this is rather a "messy" solution waiting for the sleep calls to sync with the current progress of the installer. You are free to implement your own (better) logic here.

You may also want to adjust the sleep timers here, as the execution time resource-wise may differ from client to client.

For me, at this point, I'm glad I could figure out a way where I'm free to deploy the script as a new Task in the Windows Task Scheduler on every client peer of my choice, and letting it run after every logon with a 45 seconds delay (and only if all network connections are available), so I don't have to manually check for new netbird updates anymore and also I don't have to update them manually (annoying clicking) anymore. Everything (if adjusted correctly) is running fine automatically and without my intervention.

As a last suggestion, because in my opinion this is also related: the contributors of the Netbird project might also think about switching their installer packaging and deploying strategy in the long-term, due to I also noticed that it takes a while for new netbird packages to appear in the winget-cli pkgs manifests: 0fe4e71dce/manifests/n/Netbird/Netbird for example
and in my favour I'm more of a friend of fewer updates over time with more fixes in it rather then pushing every little PR into a new netbird app version, even if the change is not considered critical. I don't know a good schedule how often is enough and this shall still stay in your hands. A time history of the latest pushes can be found here: https://github.com/netbirdio/netbird/releases and (in JSON) here https://api.github.com/repos/netbirdio/netbird/releases. You can also ignore this recommendation and keep going, because this here may not be the place to discuss this. Nevertheless, you guys are doing a great job and I really appreciate your work!

Thanks for reading, best regards!

edit: and here is a AHK v2 logic without sleep
edit2: bug fix, script is now closing properly

; Netbird AutoHotkey v2 InnoDB Update Script
; MIT License

; Copyright (c) 2025 robertgro

;Permission is hereby granted, free of charge, to any person obtaining a copy
;of this software and associated documentation files (the "Software"), to deal
;in the Software without restriction, including without limitation the rights
;to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
;copies of the Software, and to permit persons to whom the Software is
;furnished to do so, subject to the following conditions:

;The above copyright notice and this permission notice shall be included in all
;copies or substantial portions of the Software.

;THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
;IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
;FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
;AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
;LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
;OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
;SOFTWARE.

WinWait "Netbird"
WinActivate "Netbird"
WinWaitActive "Netbird"
ControlClick "Button1"
WinWaitClose "Netbird"

WinWait "Netbird", "Setup"
WinActivate "Netbird"
WinWaitActive "Netbird"
ControlClick "Button2"
ControlClick "Button2"
ControlClick "Button2"
ControlClick "Button2"

Loop {
	Try {
		If ControlGetVisible("&Finish", "Netbird") {
			ControlClick "Button2"
			Break
		}
	}
}

@robertgro commented on GitHub (Jul 12, 2025): Just in case anybody is interested. I already noticed in the past (https://github.com/microsoft/winget-cli/issues/1885#issuecomment-2613074760) that Microsoft's winget package manager implementation is having a hard time dealing with a silent uninstall of apps using the Inno Setup (https://jrsoftware.org/isinfo.php). Netbird is such an app. After debugging a bit, I somehow managed to get a kind of windows gui automatism working with the Netbird InnoDB setup installer. Here is a proposal for everyone interested: --- **Disclaimer:** use at your own risk. I'm referring to the windows .exe installer file here. Adjustment required, especially (securitywise) if used elsewhere than a dev environment! And please don't consider this the best code available. Apologize for the long text. **Prerequisites**: - Netbird already installed and running on a client. - AutoHotkey64.exe has been downloaded from https://www.autohotkey.com/download/ and be placed in a directory of your choice**. Right click the AutoHotkey64.exe file, go to "Properties" and "Compatibility", check "Run this program as administrator" and hit "Apply" _(please also consider the licensing if used elsewhere than a dev environment)_ - Windows 10 (idk if it works under 11) _** remember the path!_ --- **How it works:** 1. At first, I utilize powershell to compare the current installed version with the latest version that can be found here https://api.github.com/repos/netbirdio/netbird/releases/latest. 2. If there is a new version available, I set the location to the Autohotkey directory (here you have to adjust the path, everything else is just relative paths and shouldn't require an adjustment) 3. Then I get the .exe download url from the JSON response. 4. After downloading the new netbird installer .exe, I launch the file with powershell administrator privileges 5. Then I launch the Autohotkey tool with a .ahk script you can find below. I run this tool again with admin privileges and I'm waiting for it's return `-Wait` 6. After the automatic installation has been done, the file is being removed, also with elevated UAC (`-Verb RunAS`). Here is the **netbird_update.ps1** script that should be started as administrator: ``` $currentNetbirdVersion = netbird version Write-Host "`nCurrent Netbird version: $currentNetbirdVersion" $latestNetbirdVersion = (Invoke-RestMethod -Uri 'https://api.github.com/repos/netbirdio/netbird/releases/latest' | Select-Object -ExpandProperty name).Substring(1) Write-Host "`nLatest Netbird version: $latestNetbirdVersion" function DownloadNetbirdAndInstall { # 1. Find the asset ending with .exe in the latest release $ExeAsset = (Invoke-RestMethod -Uri 'https://api.github.com/repos/netbirdio/netbird/releases/latest' | Select-Object -ExpandProperty assets) | Where-Object { $_.name -like '*.exe' } # 2. If the asset is found, download it if ($ExeAsset) { #Adjust the path to your autohotkey directory Set-Location $env:userprofile/desktop/development/tools/autohotkey_2.0.19/ # Get the download URL and the original filename from the found object $downloadUrl = $ExeAsset.browser_download_url $fileName = $ExeAsset.name Write-Host "Found EXE installer: $fileName" Write-Host "Downloading from: $downloadUrl" # Use Invoke-WebRequest to download the file Invoke-WebRequest -Uri $downloadUrl -OutFile $fileName Write-Host "Download complete: $fileName" Start-Process powershell -ArgumentList "& '.\$fileName'" -Verb RunAS Start-Sleep -Seconds 1.5 Start-Process powershell -ArgumentList " & '.\AutoHotkey64.exe' '.\netbird_update.ahk'" -Verb RunAs -Wait Start-Sleep -Seconds 1.5 Start-Process powershell -ArgumentList " Remove-Item -Path $fileName -Force" -Verb RunAs } else { Write-Host "No .exe installer found in the latest release." } } if ($currentNetbirdVersion -ne $latestNetbirdVersion) { Write-Host "`nUpdating Netbird from version $currentNetbirdVersion to $latestNetbirdVersion..." DownloadNetbirdAndInstall } else { Write-Host "`nNetbird is already up to date." } ``` A cmd to start the script may be: ``` powershell.exe -ExecutionPolicy Unrestricted -File netbird_update.ps1 ``` (Notice that this may require a `set-executionpolicy remotesigned` to be issued on a powershell terminal on a client beforehand and if the file is being shared, you may also have to `Unblock-File -Path .\netbird_update.ps1` it before) The clue is now that when you have netbird already installed and running and you launch the new netbird installer.exe, a dialogue window pops up, telling you Netbird is already installed and asking you for a proceed confirmation of the removal of the previous version. And here comes the **netbird_update.ahk** which is doing the UI work for you: ``` WinWait("Netbird", , 30) WinActivate("Netbird") ControlClick("Button1") WinWaitClose("ahk_exe Netbird.exe") Sleep 15000 WinWait("Netbird", , 30) WinActivate("Netbird") ControlClick("Button2") Sleep 1000 WinActivate("Netbird") ControlClick("Button2") Sleep 1000 WinActivate("Netbird") ControlClick("Button2") Sleep 1000 WinActivate("Netbird") ControlClick("Button2") Sleep 22000 WinActivate("Netbird") ControlClick("Button2") ``` As you can see, this is rather a "messy" solution waiting for the sleep calls to sync with the current progress of the installer. You are free to implement your own (better) logic here. You may also want to adjust the sleep timers here, as the execution time resource-wise may differ from client to client. --- For me, at this point, I'm glad I could figure out a way where I'm free to deploy the script as a new Task in the **Windows Task Scheduler** on every client peer of my choice, and letting it run after every logon with a 45 seconds delay (and only if all network connections are available), so I don't have to manually check for new netbird updates anymore and also I don't have to update them manually (annoying clicking) anymore. Everything (if adjusted correctly) is running fine automatically and without my intervention. As a last suggestion, because in my opinion this is also related: the contributors of the Netbird project might also think about switching their installer packaging and deploying strategy in the long-term, due to I also noticed that it takes a while for new netbird packages to appear in the winget-cli pkgs manifests: https://github.com/microsoft/winget-pkgs/tree/0fe4e71dce46ad4ae15439ca46cfc7d9b7497d34/manifests/n/Netbird/Netbird for example and in my favour I'm more of a friend of fewer updates over time with more fixes in it rather then pushing every little PR into a new netbird app version, even if the change is not considered critical. I don't know a good schedule how often is enough and this shall still stay in your hands. A time history of the latest pushes can be found here: https://github.com/netbirdio/netbird/releases and (in JSON) here https://api.github.com/repos/netbirdio/netbird/releases. You can also ignore this recommendation and keep going, because this here may not be the place to discuss this. Nevertheless, you guys are doing a great job and I really appreciate your work! Thanks for reading, best regards! edit: and here is a AHK v2 logic without sleep edit2: bug fix, script is now closing properly ``` ; Netbird AutoHotkey v2 InnoDB Update Script ; MIT License ; Copyright (c) 2025 robertgro ;Permission is hereby granted, free of charge, to any person obtaining a copy ;of this software and associated documentation files (the "Software"), to deal ;in the Software without restriction, including without limitation the rights ;to use, copy, modify, merge, publish, distribute, sublicense, and/or sell ;copies of the Software, and to permit persons to whom the Software is ;furnished to do so, subject to the following conditions: ;The above copyright notice and this permission notice shall be included in all ;copies or substantial portions of the Software. ;THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR ;IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, ;FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE ;AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ;LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, ;OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE ;SOFTWARE. WinWait "Netbird" WinActivate "Netbird" WinWaitActive "Netbird" ControlClick "Button1" WinWaitClose "Netbird" WinWait "Netbird", "Setup" WinActivate "Netbird" WinWaitActive "Netbird" ControlClick "Button2" ControlClick "Button2" ControlClick "Button2" ControlClick "Button2" Loop { Try { If ControlGetVisible("&Finish", "Netbird") { ControlClick "Button2" Break } } } ```

saavagebueno commented

@Retract1822 commented on GitHub (Sep 3, 2025):

I would love to see this implemented across all platforms (Windows, Mac, Linux) as two options:

Self auto-update (can be set from the client or the admin portal)
Allow to push update from the portal

@Retract1822 commented on GitHub (Sep 3, 2025): I would love to see this implemented across all platforms (Windows, Mac, Linux) as two options: 1. Self auto-update (can be set from the client or the admin portal) 2. Allow to push update from the portal

saavagebueno commented