starred/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-03-31 06:34:14 -04:00
Code Issues Packages Projects Releases Wiki Activity

[self-hosted] remove unused config example (#5383)

Browse Source
This commit is contained in:
Misha Bragin
2026-02-19 08:14:11 +01:00
committed by GitHub
parent a322dce42a
commit 4b5294e596
2 changed files with 54 additions and 169 deletions
Download Patch File Download Diff File Expand all files Collapse all files

111
combined/config-simple.yaml.example
View File

@@ -1,111 +0,0 @@
# NetBird Combined Server Configuration
# Copy this file to config.yaml and customize for your deployment
#
# This is a Management server with optional embedded Signal, Relay, and STUN services.
# By default, all services run locally. You can use external services instead by
# setting the corresponding override fields.
#
# Architecture:
# - Management: Always runs locally (this IS the management server)
# - Signal: Local by default; set 'signalUri' to use external (disables local)
# - Relay: Local by default; set 'relays' to use external (disables local)
# - STUN: Local on port 3478 by default; set 'stuns' to use external instead
server:
# Main HTTP/gRPC port for all services (Management, Signal, Relay)
listenAddress: ":443"
# Public address that peers will use to connect to this server
# Used for relay connections and management DNS domain
# Format: protocol://hostname:port (e.g., https://server.mycompany.com:443)
exposedAddress: "https://server.mycompany.com:443"
# STUN server ports (defaults to [3478] if not specified; set 'stuns' to use external)
# stunPorts:
# - 3478
# Metrics endpoint port
metricsPort: 9090
# Healthcheck endpoint address
healthcheckAddress: ":9000"
# Logging configuration
logLevel: "info" # Default log level for all components: panic, fatal, error, warn, info, debug, trace
logFile: "console" # "console" or path to log file
# TLS configuration (optional)
tls:
certFile: ""
keyFile: ""
letsencrypt:
enabled: false
dataDir: ""
domains: []
email: ""
awsRoute53: false
# Shared secret for relay authentication (required when running local relay)
authSecret: "your-secret-key-here"
# Data directory for all services
dataDir: "/var/lib/netbird/"
# ============================================================================
# External Service Overrides (optional)
# Use these to point to external Signal, Relay, or STUN servers instead of
# running them locally. When set, the corresponding local service is disabled.
# ============================================================================
# External STUN servers - disables local STUN server
# stuns:
# - uri: "stun:stun.example.com:3478"
# - uri: "stun:stun.example.com:3479"
# External relay servers - disables local relay server
# relays:
# addresses:
# - "rels://relay.example.com:443"
# credentialsTTL: "12h"
# secret: "relay-shared-secret"
# External signal server - disables local signal server
# signalUri: "https://signal.example.com:443"
# ============================================================================
# Management Settings
# ============================================================================
# Metrics and updates
disableAnonymousMetrics: false
disableGeoliteUpdate: false
# Embedded authentication/identity provider (Dex) configuration (always enabled)
auth:
# OIDC issuer URL - must be publicly accessible
issuer: "https://server.mycompany.com/oauth2"
localAuthDisabled: false
signKeyRefreshEnabled: false
# OAuth2 redirect URIs for dashboard
dashboardRedirectURIs:
- "https://app.netbird.io/nb-auth"
- "https://app.netbird.io/nb-silent-auth"
# OAuth2 redirect URIs for CLI
cliRedirectURIs:
- "http://localhost:53000/"
# Optional initial admin user
# owner:
# email: "admin@example.com"
# password: "initial-password"
# Store configuration
store:
engine: "sqlite" # sqlite, postgres, or mysql
dsn: "" # Connection string for postgres or mysql
encryptionKey: ""
# Reverse proxy settings (optional)
# reverseProxy:
# trustedHTTPProxies: []
# trustedHTTPProxiesCount: 0
# trustedPeers: []

112
combined/config.yaml.example
View File

@@ -1,11 +1,29 @@
# Simplified Combined NetBird Server Configuration # NetBird Combined Server Configuration
# Copy this file to config.yaml and customize for your deployment # Copy this file to config.yaml and customize for your deployment
#
# This is a Management server with optional embedded Signal, Relay, and STUN services.
# By default, all services run locally. You can use external services instead by
# setting the corresponding override fields.
#
# Architecture:
# - Management: Always runs locally (this IS the management server)
# - Signal: Local by default; set 'signalUri' to use external (disables local)
# - Relay: Local by default; set 'relays' to use external (disables local)
# - STUN: Local on port 3478 by default; set 'stuns' to use external instead
# Server-wide settings
server: server:
# Main HTTP/gRPC port for all services (Management, Signal, Relay) # Main HTTP/gRPC port for all services (Management, Signal, Relay)
listenAddress: ":443" listenAddress: ":443"
# Public address that peers will use to connect to this server
# Used for relay connections and management DNS domain
# Format: protocol://hostname:port (e.g., https://server.mycompany.com:443)
exposedAddress: "https://server.mycompany.com:443"
# STUN server ports (defaults to [3478] if not specified; set 'stuns' to use external)
# stunPorts:
# - 3478
# Metrics endpoint port # Metrics endpoint port
metricsPort: 9090 metricsPort: 9090
@@ -13,7 +31,7 @@ server:
healthcheckAddress: ":9000" healthcheckAddress: ":9000"
# Logging configuration # Logging configuration
logLevel: "info" # panic, fatal, error, warn, info, debug, trace logLevel: "info" # Default log level for all components: panic, fatal, error, warn, info, debug, trace
logFile: "console" # "console" or path to log file logFile: "console" # "console" or path to log file
# TLS configuration (optional) # TLS configuration (optional)
@@ -27,53 +45,45 @@ server:
email: "" email: ""
awsRoute53: false awsRoute53: false
# Relay service configuration # Shared secret for relay authentication (required when running local relay)
relay:
# Enable/disable the relay service
enabled: true
# Public address that peers will use to connect to this relay
# Format: hostname:port or ip:port
exposedAddress: "relay.example.com:443"
# Shared secret for relay authentication (required when enabled)
authSecret: "your-secret-key-here" authSecret: "your-secret-key-here"
# Log level for relay (reserved for future use, currently uses global log level) # Data directory for all services
logLevel: "info"
# Embedded STUN server (optional)
stun:
enabled: false
ports: [3478]
logLevel: "info"
# Signal service configuration
signal:
# Enable/disable the signal service
enabled: true
# Log level for signal (reserved for future use, currently uses global log level)
logLevel: "info"
# Management service configuration
management:
# Enable/disable the management service
enabled: true
# Data directory for management service
dataDir: "/var/lib/netbird/" dataDir: "/var/lib/netbird/"
# DNS domain for the management server # ============================================================================
dnsDomain: "" # External Service Overrides (optional)
# Use these to point to external Signal, Relay, or STUN servers instead of
# running them locally. When set, the corresponding local service is disabled.
# ============================================================================
# External STUN servers - disables local STUN server
# stuns:
# - uri: "stun:stun.example.com:3478"
# - uri: "stun:stun.example.com:3479"
# External relay servers - disables local relay server
# relays:
# addresses:
# - "rels://relay.example.com:443"
# credentialsTTL: "12h"
# secret: "relay-shared-secret"
# External signal server - disables local signal server
# signalUri: "https://signal.example.com:443"
# ============================================================================
# Management Settings
# ============================================================================
# Metrics and updates # Metrics and updates
disableAnonymousMetrics: false disableAnonymousMetrics: false
disableGeoliteUpdate: false disableGeoliteUpdate: false
# Embedded authentication/identity provider (Dex) configuration (always enabled)
auth: auth:
# OIDC issuer URL - must be publicly accessible # OIDC issuer URL - must be publicly accessible
issuer: "https://management.example.com/oauth2" issuer: "https://example.com/oauth2"
localAuthDisabled: false localAuthDisabled: false
signKeyRefreshEnabled: false signKeyRefreshEnabled: false
# OAuth2 redirect URIs for dashboard # OAuth2 redirect URIs for dashboard
@@ -88,28 +98,14 @@ management:
# email: "admin@example.com" # email: "admin@example.com"
# password: "initial-password" # password: "initial-password"
# External STUN servers (for client config)
stuns: []
# - uri: "stun:stun.example.com:3478"
# External relay servers (for client config)
relays:
addresses: []
# - "rels://relay.example.com:443"
credentialsTTL: "12h"
secret: ""
# External signal server URI (for client config)
signalUri: ""
# Store configuration # Store configuration
store: store:
engine: "sqlite" # sqlite, postgres, or mysql engine: "sqlite" # sqlite, postgres, or mysql
dsn: "" # Connection string for postgres or mysql dsn: "" # Connection string for postgres or mysql
encryptionKey: "" encryptionKey: ""
# Reverse proxy settings # Reverse proxy settings (optional)
reverseProxy: # reverseProxy:
trustedHTTPProxies: [] # trustedHTTPProxies: []
trustedHTTPProxiesCount: 0 # trustedHTTPProxiesCount: 0
trustedPeers: [] # trustedPeers: []