├── .github ├── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── ISSUE_TEMPLATE.md ├── PULL_REQUEST_TEMPLATE.md ├── SECURITY.md ├── renovate.json └── workflows │ ├── builder.yaml │ └── lint.yaml ├── .mdlrc ├── .vscode ├── settings.json └── tasks.json ├── .yamllint ├── AUTHORS ├── LICENSE.md ├── README.md ├── devcontainer.json ├── netbird ├── .README.j2 ├── DOCS.md ├── Dockerfile ├── build.yaml ├── config.yaml ├── icon.png ├── logo.png ├── rootfs │ └── etc │ │ └── s6-overlay │ │ └── s6-rc.d │ │ ├── netbird │ │ ├── dependencies.d │ │ │ └── base │ │ ├── finish │ │ ├── run │ │ └── type │ │ └── user │ │ └── contents.d │ │ └── netbird └── translations │ └── en.yaml ├── public.pgp └── repository.json /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | .github/* @lfarkas 2 | -------------------------------------------------------------------------------- /.github/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | We as members, contributors, and leaders pledge to make participation in our 6 | community a harassment-free experience for everyone, regardless of age, body 7 | size, visible or invisible disability, ethnicity, sex characteristics, gender 8 | identity and expression, level of experience, education, socio-economic status, 9 | nationality, personal appearance, race, religion, or sexual identity 10 | and orientation. 11 | 12 | We pledge to act and interact in ways that contribute to an open, welcoming, 13 | diverse, inclusive, and healthy community. 14 | 15 | ## Our Standards 16 | 17 | Examples of behavior that contributes to a positive environment for our 18 | community include: 19 | 20 | - Demonstrating empathy and kindness toward other people 21 | - Being respectful of differing opinions, viewpoints, and experiences 22 | - Giving and gracefully accepting constructive feedback 23 | - Accepting responsibility and apologizing to those affected by our mistakes, 24 | and learning from the experience 25 | - Focusing on what is best not just for us as individuals, but for the 26 | overall community 27 | 28 | Examples of unacceptable behavior include: 29 | 30 | - The use of sexualized language or imagery, and sexual attention or 31 | advances of any kind 32 | - Trolling, insulting or derogatory comments, and personal or political attacks 33 | - Public or private harassment 34 | - Publishing others' private information, such as a physical or email 35 | address, without their explicit permission 36 | - Other conduct which could reasonably be considered inappropriate in a 37 | professional setting 38 | 39 | ## Enforcement Responsibilities 40 | 41 | Community leaders are responsible for clarifying and enforcing our standards of 42 | acceptable behavior and will take appropriate and fair corrective action in 43 | response to any behavior that they deem inappropriate, threatening, offensive, 44 | or harmful. 45 | 46 | Community leaders have the right and responsibility to remove, edit, or reject 47 | comments, commits, code, wiki edits, issues, and other contributions that are 48 | not aligned to this Code of Conduct, and will communicate reasons for moderation 49 | decisions when appropriate. 50 | 51 | ## Scope 52 | 53 | This Code of Conduct applies within all community spaces, and also applies when 54 | an individual is officially representing the community in public spaces. 55 | Examples of representing our community include using an official e-mail address, 56 | posting via an official social media account, or acting as an appointed 57 | representative at an online or offline event. 58 | 59 | ## Enforcement 60 | 61 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 62 | reported to the community leaders responsible for enforcement at 63 | . 64 | 65 | All complaints will be reviewed and investigated promptly and fairly. 66 | 67 | All community leaders are obligated to respect the privacy and security of the 68 | reporter of any incident. 69 | 70 | ## Enforcement Guidelines 71 | 72 | Community leaders will follow these Community Impact Guidelines in determining 73 | the consequences for any action they deem in violation of this Code of Conduct: 74 | 75 | ### 1. Correction 76 | 77 | **Community Impact**: Use of inappropriate language or other behavior deemed 78 | unprofessional or unwelcome in the community. 79 | 80 | **Consequence**: A private, written warning from community leaders, providing 81 | clarity around the nature of the violation and an explanation of why the 82 | behavior was inappropriate. A public apology may be requested. 83 | 84 | ### 2. Warning 85 | 86 | **Community Impact**: A violation through a single incident or series 87 | of actions. 88 | 89 | **Consequence**: A warning with consequences for continued behavior. No 90 | interaction with the people involved, including unsolicited interaction with 91 | those enforcing the Code of Conduct, for a specified period of time. This 92 | includes avoiding interactions in community spaces as well as external channels 93 | like social media. Violating these terms may lead to a temporary or 94 | permanent ban. 95 | 96 | ### 3. Temporary Ban 97 | 98 | **Community Impact**: A serious violation of community standards, including 99 | sustained inappropriate behavior. 100 | 101 | **Consequence**: A temporary ban from any sort of interaction or public 102 | communication with the community for a specified period of time. No public or 103 | private interaction with the people involved, including unsolicited interaction 104 | with those enforcing the Code of Conduct, is allowed during this period. 105 | Violating these terms may lead to a permanent ban. 106 | 107 | ### 4. Permanent Ban 108 | 109 | **Community Impact**: Demonstrating a pattern of violation of community 110 | standards, including sustained inappropriate behavior, harassment of an 111 | individual, or aggression toward or disparagement of classes of individuals. 112 | 113 | **Consequence**: A permanent ban from any sort of public interaction within 114 | the community. 115 | 116 | ## Attribution 117 | 118 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], 119 | version 2.0, available at 120 | [https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0]. 121 | 122 | Community Impact Guidelines were inspired by 123 | [Mozilla's code of conduct enforcement ladder][mozilla coc]. 124 | 125 | For answers to common questions about this code of conduct, see the FAQ at 126 | [https://www.contributor-covenant.org/faq][faq]. Translations are available 127 | at [https://www.contributor-covenant.org/translations][translations]. 128 | 129 | [homepage]: https://www.contributor-covenant.org 130 | [v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html 131 | [mozilla coc]: https://github.com/mozilla/diversity 132 | [faq]: https://www.contributor-covenant.org/faq 133 | [translations]: https://www.contributor-covenant.org/translations 134 | -------------------------------------------------------------------------------- /.github/CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing 2 | 3 | When contributing to this repository, please first discuss the change you wish 4 | to make via issue, email, or any other method with the owners of this repository 5 | before making a change. 6 | 7 | Please note we have a code of conduct, please follow it in all your interactions 8 | with the project. 9 | 10 | ## Issues and feature requests 11 | 12 | You've found a bug in the source code, a mistake in the documentation or maybe 13 | you'd like a new feature? You can help us by submitting an issue to our 14 | [GitHub Repository][github]. Before you create an issue, make sure you search 15 | the archive, maybe your question was already answered. 16 | 17 | Even better: You could submit a pull request with a fix / new feature! 18 | 19 | ## Pull request process 20 | 21 | 1. Search our repository for open or closed [pull requests][prs] that relates 22 | to your submission. You don't want to duplicate effort. 23 | 24 | 1. You may merge the pull request in once you have the sign-off of two other 25 | developers, or if you do not have permission to do that, you may request 26 | the second reviewer to merge it for you. 27 | 28 | [github]: https://github.com/netbirdio/addon-netbird/issues 29 | [prs]: https://github.com/netbirdio/addon-netbird/pulls 30 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | # Problem/Motivation 2 | 3 | > (Why the issue was filed) 4 | 5 | ## Expected behavior 6 | 7 | > (What you expected to happen) 8 | 9 | ## Actual behavior 10 | 11 | > (What actually happened) 12 | 13 | ## Steps to reproduce 14 | 15 | > (How can someone else make/see it happen) 16 | 17 | ## Proposed changes 18 | 19 | > (If you have a proposed change, workaround or fix, 20 | > describe the rationale behind it) 21 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | # Proposed Changes 2 | 3 | > (Describe the changes and rationale behind them) 4 | 5 | ## Related Issues 6 | 7 | > ([Github link][autolink-references] to related issues or pull requests) 8 | 9 | [autolink-references]: https://help.github.com/articles/autolinked-references-and-urls/ 10 | -------------------------------------------------------------------------------- /.github/SECURITY.md: -------------------------------------------------------------------------------- 1 | # Security Policy 2 | 3 | I take the security of my software and services seriously. This includes 4 | all open source software I create, maintain or help to maintain. 5 | 6 | If you believe you have found a security vulnerability in any repository 7 | I maintain, including this one, please report it responsible to me as 8 | described below. 9 | 10 | **Please DO NOT report security vulnerabilities publicly!** 11 | 12 | So... DO NOT create a GitHub issue for it ;) 13 | 14 | ## Reporting a vulnerability 15 | 16 | Privately and confidently, send me a detailed description of the vulnerability 17 | you have discovered using an encrypted and authenticated channel. Personally, 18 | I prefer this to be done using PGP encrypted email. Contact information 19 | needed for this is listed down below. 20 | 21 | In the report, please include as much information as possible, including: 22 | 23 | - An extensive description of the vulnerability. 24 | - How it could be exploited. 25 | - The potential impact you think it would have (e.g., DOS attackable, privacy 26 | concerns, leaking of credentials). 27 | - Steps for reproducing the vulnerability. 28 | - Code (if any), that is needed for reproducing the issue. 29 | - If you have an idea for a fix, patch or any other adjustment for mitigating 30 | the vulnerability reported. 31 | 32 | Sorry for the long list, but providing as much information as possible allows 33 | me to act more quickly. Make sure to write your report in the English language. 34 | 35 | Please take care not to violate the privacy of other people in your report. 36 | For example, stack traces or exploit scripts sent to me should never contain 37 | private or personally identifiable information. 38 | 39 | ## After you have reported the vulnerability 40 | 41 | Give me at least a week to investigate and respond to the reported vulnerability 42 | you have found; and up to 60 days to fix and distribute it. This includes a 43 | window for existing users to upgrade, patch or mitigate the issue as well. 44 | 45 | If you intent, at any point, to disclose the vulnerability to someone else 46 | or maybe even publicly, please give me a reasonable advanced notice. 47 | 48 | If any dependent projects are involved, I will take care of informing the 49 | maintainers of those projects as well. 50 | 51 | ## Bug bounty 52 | 53 | Unfortunately, I cannot offer a paid bug bounty program. I will, however, give 54 | my best efforts to show appreciation towards people that took the time and 55 | effort to disclose vulnerabilities responsibly. 56 | 57 | Me, and the open source community, will be forever grateful. 58 | 59 | Oh, and if we ever meet, I'm happy to buy you a beer :) 60 | 61 | ## Contact information 62 | 63 | Please contact me, Levente Farkas, directly on: 64 | 65 | 66 | 67 | GPG Fingerprint: `237A 7BCA 3B60 576F 2054 8FDB B12B 9413 A185 F15C` 68 | 69 | 70 | 71 | ```txt 72 | -----BEGIN PGP PUBLIC KEY BLOCK----- 73 | 74 | mQGiBEBgJ4oRBADZOOFIPp9t/XUU/PsxjIg52v7MTfWsgz6D4tXVA3yP59qslvt8 75 | IOZHslaWzgmKhH9VtaEphWFdzMNaa4XBFliu9TK3RbI4t3CO4h30CvDDTvFMVygz 76 | NBVMhyagV5TWW1PHm32hWtsiHTWTQLejb7ngnhVN03GGhMxost121G5DAwCg6nE8 77 | JpHIl4qZdKh6rjboeI2egPsD/iCDBXnMeVKWSSOX0XrsY5sK80Al+q82hSyBF0v2 78 | LWxhBqqZXwOTFbJbMbmVRtuJTcjl2caJH9vZ2puosbqkaHy/Xs5X13TATbRaeHPE 79 | Nvj2ZPNDpNiBPQp8aTf35EPe3LcSI5cJvkijulN8fmrKh7FabG6vtFE8DKgKEsvI 80 | kwRgA/9yRdSXNPljDVvBoHsT2V8ipXqEjBjG7FoLTWxBJOwbrEqm+PzVnfRV6YGa 81 | Tt/fAQXtaZBZAXLud/7+BNEnM0BllrhdAMRlPEKiVqonDrRaffreaiPRlvNhH6aN 82 | JTlhYeKaQRxFkY1zyHdql4nGytVHdIyeflf34THk3BUsljcPK4hgBCARAgAgFiEE 83 | dgbihJLlGSYttbKJqdWjm4L9Eg0FAmP9ErYCHQEACgkQqdWjm4L9Eg0HSQCfZBdT 84 | u2wIqzh0Hg4MmBCtWVzQSaEAn34JLM+KHpjRtBK20qAQp1qe/gjitCRMZXZlbnRl 85 | IEZhcmthcyA8bGZhcmthc0BsZmFya2FzLm9yZz6IawQQEQIAKwUCU0fmpAWDAeKF 86 | AB4aaHR0cDovL3d3dy5jYWNlcnQub3JnL2Nwcy5waHAACgkQ0rsNAWXQ/Vgy2QCc 87 | CUq6Pk+p9HqGtd2zOlpqaNGWnpMAnjFWroSX86ggY6seuYH9zJgi0DIbiF4EExEC 88 | AB4FAkBgJ4oCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQqdWjm4L9Eg0nxQCg 89 | hiXykDUWbTTigscITnjqkVoZK60An2NJ4md5VhGr8LjnZGd2QMrjUcbvuQENBEBg 90 | J4sQBADe8Fmk1UEcQmM94OIu35vv6H3/g6KoRt2H6cMog9Tj+m0SmZBxzE62F15o 91 | 4gZrK8hg//Hkd+5Qle+O3bMBG1Cqie+rwKrIZh5+vR5fUSF1jX1ePqVzoBHLPldI 92 | qVMOZMjHoF77AnTRUMkXm5NxlBos68UjT07L/2QARol1e/AMywADBgP/fMjB0oka 93 | K3ksGLAq2szkIgtlPrqHNhdD6sHfZflaRBWpIIoN3uTLSzyEGw3o4tIdrynOKr8h 94 | Fbn5ZrvXWeYXOjSMGE7eLzLA2EYyTggGWKx0KTuYHNyfxcpDvVJzfCTKR/5wwKyo 95 | GG2kddW0ICHVrSCao1ZT6kCI36q0gyBzv6OISQQYEQIACQUCQGAniwIbDAAKCRCp 96 | 1aObgv0SDbBrAJ9dLODHWWw0yBMbRCXEL8IqcaiK0QCgsVH/Snd8h48A2qRIF8mA 97 | dQZesS6YMwRj/RVZFgkrBgEEAdpHDwEBB0Bm80iJucuoCDjVsBrt/NOwAommWPkf 98 | GlmR69ulHzeEH7QkTGV2ZW50ZSBGYXJrYXMgPGxmYXJrYXNAbGZhcmthcy5vcmc+ 99 | iJMEExYKADsWIQQjenvKO2BXbyBUj9uxK5QToYXxXAUCY/0VWQIbAwULCQgHAgIi 100 | AgYVCgkICwIEFgIDAQIeBwIXgAAKCRCxK5QToYXxXI7yAP9FVMEaDbknmUxVhDDo 101 | 9tSwGP1JSzISycpA1tPNv4C5eAD8Cmz7kciniFmmAjPDHIlHDOxUXCchI2jpluo2 102 | alQVfQ64OARj/RVZEgorBgEEAZdVAQUBAQdAge9Jj29/to5UKqFOailMYfS+2/qp 103 | o8i3z+r+BdrO1RkDAQgHiHgEGBYKACAWIQQjenvKO2BXbyBUj9uxK5QToYXxXAUC 104 | Y/0VWQIbDAAKCRCxK5QToYXxXCe0AQDfqJCCf6ZQjs3vibnJ+GReWk/V3SBz8hfA 105 | yZAn5gUmEAD/eTNOnoNJ5t4xCI+kuXQCSgDxNjr28hL6VFgaCB3gcww= 106 | =rOwz 107 | -----END PGP PUBLIC KEY BLOCK----- 108 | ``` 109 | -------------------------------------------------------------------------------- /.github/renovate.json: -------------------------------------------------------------------------------- 1 | { 2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json", 3 | "rebaseWhen": "behind-base-branch", 4 | "dependencyDashboard": true, 5 | "labels": [ 6 | "dependencies", 7 | "no-stale" 8 | ], 9 | "commitMessagePrefix": "⬆️", 10 | "commitMessageTopic": "{{depName}}", 11 | "customManagers": [ 12 | { 13 | "customType": "regex", 14 | "fileMatch": [ 15 | "/Dockerfile$", 16 | "/build.yaml$" 17 | ], 18 | "matchStringsStrategy": "any", 19 | "matchStrings": [ 20 | "ARG BUILD_FROM=(?.*?):(?.*?)\\s+", 21 | "(aarch64|amd64|armhf|armv7|i386):\\s[\"']?(?.*?):(?.*?)[\"']?\\s" 22 | ], 23 | "datasourceTemplate": "docker" 24 | }, 25 | { 26 | "customType": "regex", 27 | "fileMatch": [ 28 | "/Dockerfile$" 29 | ], 30 | "matchStringsStrategy": "any", 31 | "matchStrings": [ 32 | "\\s\\s(?[a-z0-9][a-z0-9-_]+)=(?[a-z0-9-_.]+)\\s+" 33 | ], 34 | "versioningTemplate": "loose", 35 | "datasourceTemplate": "repology", 36 | "depNameTemplate": "alpine_3_19/{{package}}" 37 | }, 38 | { 39 | "customType": "regex", 40 | "fileMatch": [ 41 | "/Dockerfile$" 42 | ], 43 | "matchStrings": [ 44 | "netbirdio/netbird:[\"']?(?.+?)[\"']?\\s+" 45 | ], 46 | "datasourceTemplate": "github-releases", 47 | "depNameTemplate": "netbirdio/netbird" 48 | }, 49 | { 50 | "customType": "regex", 51 | "fileMatch": [ 52 | "/config.yaml$" 53 | ], 54 | "matchStrings": [ 55 | "version:\\s+[\"']?(?.+?)[\"']?\\s+" 56 | ], 57 | "datasourceTemplate": "github-releases", 58 | "depNameTemplate": "netbirdio/netbird" 59 | } 60 | ], 61 | "packageRules": [ 62 | { 63 | "matchDatasources": [ 64 | "repology" 65 | ], 66 | "automerge": true 67 | }, 68 | { 69 | "groupName": "Add-on base image", 70 | "matchDatasources": [ 71 | "docker" 72 | ], 73 | "matchUpdateTypes": [ 74 | "minor", 75 | "patch" 76 | ], 77 | "automerge": true 78 | }, 79 | { 80 | "matchDatasources": [ 81 | "github-releases" 82 | ], 83 | "matchDepNames": [ 84 | "netbirdio/netbird" 85 | ], 86 | "matchUpdateTypes": [ 87 | "minor", 88 | "patch" 89 | ], 90 | "automerge": true 91 | } 92 | ] 93 | } 94 | -------------------------------------------------------------------------------- /.github/workflows/builder.yaml: -------------------------------------------------------------------------------- 1 | name: Builder 2 | 3 | env: 4 | BUILD_ARGS: "--test" 5 | MONITORED_FILES: "build.yaml config.yaml Dockerfile rootfs" 6 | 7 | on: 8 | push: 9 | branches: 10 | - main 11 | pull_request: 12 | branches: 13 | - main 14 | 15 | jobs: 16 | init: 17 | runs-on: ubuntu-latest 18 | name: Initialize builds 19 | outputs: 20 | changed_addons: ${{ steps.changed_addons.outputs.addons }} 21 | changed: ${{ steps.changed_addons.outputs.changed }} 22 | steps: 23 | - name: Check out the repository 24 | uses: actions/checkout@v4.2.2 25 | 26 | - name: Get changed files 27 | id: changed_files 28 | uses: jitterbit/get-changed-files@v1 29 | 30 | - name: Find add-on directories 31 | id: addons 32 | uses: home-assistant/actions/helpers/find-addons@master 33 | 34 | - name: Get changed add-ons 35 | id: changed_addons 36 | run: | 37 | declare -a changed_addons 38 | for addon in ${{ steps.addons.outputs.addons }}; do 39 | if [[ "${{ steps.changed_files.outputs.all }}" =~ $addon ]]; then 40 | for file in ${{ env.MONITORED_FILES }}; do 41 | if [[ "${{ steps.changed_files.outputs.all }}" =~ $addon/$file ]]; then 42 | if [[ ! "${changed_addons[@]}" =~ $addon ]]; then 43 | changed_addons+=("\"${addon}\","); 44 | fi 45 | fi 46 | done 47 | fi 48 | done 49 | 50 | changed=$(echo ${changed_addons[@]} | rev | cut -c 2- | rev) 51 | 52 | if [[ -n ${changed} ]]; then 53 | echo "Changed add-ons: $changed"; 54 | echo "changed=true" >> $GITHUB_OUTPUT; 55 | echo "addons=[$changed]" >> $GITHUB_OUTPUT; 56 | else 57 | echo "No add-on had any monitored files changed (${{ env.MONITORED_FILES }})"; 58 | fi 59 | build: 60 | needs: init 61 | runs-on: ubuntu-latest 62 | if: needs.init.outputs.changed == 'true' 63 | name: Build ${{ matrix.arch }} ${{ matrix.addon }} add-on 64 | strategy: 65 | matrix: 66 | addon: ${{ fromJson(needs.init.outputs.changed_addons) }} 67 | arch: ["aarch64", "amd64", "armhf", "armv7", "i386"] 68 | permissions: 69 | contents: read 70 | packages: write 71 | 72 | steps: 73 | - name: Check out repository 74 | uses: actions/checkout@v4.2.2 75 | 76 | - name: Get information 77 | id: info 78 | uses: home-assistant/actions/helpers/info@master 79 | with: 80 | path: "./${{ matrix.addon }}" 81 | 82 | - name: Check if add-on should be built 83 | id: check 84 | run: | 85 | if [[ "${{ steps.info.outputs.image }}" == "null" ]]; then 86 | echo "Image property is not defined, skipping build" 87 | echo "build_arch=false" >> $GITHUB_OUTPUT; 88 | elif [[ "${{ steps.info.outputs.architectures }}" =~ ${{ matrix.arch }} ]]; then 89 | echo "build_arch=true" >> $GITHUB_OUTPUT; 90 | echo "image=$(echo ${{ steps.info.outputs.image }} | cut -d'/' -f3)" >> $GITHUB_OUTPUT; 91 | if [[ -z "${{ github.head_ref }}" ]] && [[ "${{ github.event_name }}" == "push" ]]; then 92 | echo "BUILD_ARGS=" >> $GITHUB_ENV; 93 | fi 94 | else 95 | echo "${{ matrix.arch }} is not a valid arch for ${{ matrix.addon }}, skipping build"; 96 | echo "build_arch=false" >> $GITHUB_OUTPUT; 97 | fi 98 | 99 | - name: Login to GitHub Container Registry 100 | if: env.BUILD_ARGS != '--test' 101 | uses: docker/login-action@v3.4.0 102 | with: 103 | registry: ghcr.io 104 | username: ${{ github.repository_owner }} 105 | password: ${{ secrets.GITHUB_TOKEN }} 106 | 107 | - name: Build ${{ matrix.addon }} add-on 108 | if: steps.check.outputs.build_arch == 'true' 109 | uses: home-assistant/builder@2025.03.0 110 | with: 111 | args: | 112 | ${{ env.BUILD_ARGS }} \ 113 | --${{ matrix.arch }} \ 114 | --target /data/${{ matrix.addon }} \ 115 | --image "${{ steps.check.outputs.image }}" \ 116 | --docker-hub "ghcr.io/${{ github.repository_owner }}" \ 117 | --addon 118 | -------------------------------------------------------------------------------- /.github/workflows/lint.yaml: -------------------------------------------------------------------------------- 1 | name: Lint 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | pull_request: 8 | branches: 9 | - main 10 | schedule: 11 | - cron: "0 0 * * *" 12 | 13 | jobs: 14 | find: 15 | name: Find add-ons 16 | runs-on: ubuntu-latest 17 | outputs: 18 | addons: ${{ steps.addons.outputs.addons_list }} 19 | steps: 20 | - name: ⤵️ Check out code from GitHub 21 | uses: actions/checkout@v4.2.2 22 | 23 | - name: 🔍 Find add-on directories 24 | id: addons 25 | uses: home-assistant/actions/helpers/find-addons@master 26 | 27 | lint: 28 | name: Lint add-on ${{ matrix.path }} 29 | runs-on: ubuntu-latest 30 | needs: find 31 | strategy: 32 | matrix: 33 | path: ${{ fromJson(needs.find.outputs.addons) }} 34 | steps: 35 | - name: ⤵️ Check out code from GitHub 36 | uses: actions/checkout@v4.2.2 37 | 38 | - name: 🚀 Run Home Assistant Add-on Lint 39 | uses: frenck/action-addon-linter@v2.18 40 | with: 41 | path: "./${{ matrix.path }}" 42 | -------------------------------------------------------------------------------- /.mdlrc: -------------------------------------------------------------------------------- 1 | rules "~MD024" -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- 1 | { 2 | "files.associations": { 3 | "*.yaml": "home-assistant" 4 | } 5 | } -------------------------------------------------------------------------------- /.vscode/tasks.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "2.0.0", 3 | "tasks": [ 4 | { 5 | "label": "Start Home Assistant", 6 | "type": "shell", 7 | "command": "supervisor_run", 8 | "group": { 9 | "kind": "test", 10 | "isDefault": true 11 | }, 12 | "presentation": { 13 | "reveal": "always", 14 | "panel": "new" 15 | }, 16 | "problemMatcher": [] 17 | }, 18 | { 19 | "label": "Start Addon", 20 | "type": "shell", 21 | "command": "ha addons stop \"local_${input:addonName}\"; ha addons start \"local_${input:addonName}\"; docker logs --follow \"addon_local_${input:addonName}\"", 22 | "group": { 23 | "kind": "test", 24 | "isDefault": false 25 | }, 26 | "presentation": { 27 | "reveal": "always", 28 | "panel": "new" 29 | }, 30 | "problemMatcher": [], 31 | "runOptions": { 32 | "reevaluateOnRerun": false 33 | } 34 | }, 35 | { 36 | "label": "Rebuild and Start Addon", 37 | "type": "shell", 38 | "command": "ha addons rebuild \"local_${input:addonName}\"; ha addons start \"local_${input:addonName}\"; docker logs --follow \"addon_local_${input:addonName}\"", 39 | "group": { 40 | "kind": "test", 41 | "isDefault": false 42 | }, 43 | "presentation": { 44 | "reveal": "always", 45 | "panel": "new" 46 | }, 47 | "problemMatcher": [] 48 | } 49 | ], 50 | "inputs": [ 51 | { 52 | "id": "addonName", 53 | "type": "pickString", 54 | "description": "Name of addon (to add your addon to this list, please edit .vscode/tasks.json)", 55 | "options": [ 56 | "example", 57 | ] 58 | } 59 | ] 60 | } 61 | -------------------------------------------------------------------------------- /.yamllint: -------------------------------------------------------------------------------- 1 | --- 2 | rules: 3 | braces: 4 | level: error 5 | min-spaces-inside: 0 6 | max-spaces-inside: 1 7 | min-spaces-inside-empty: -1 8 | max-spaces-inside-empty: -1 9 | brackets: 10 | level: error 11 | min-spaces-inside: 0 12 | max-spaces-inside: 0 13 | min-spaces-inside-empty: -1 14 | max-spaces-inside-empty: -1 15 | colons: 16 | level: error 17 | max-spaces-before: 0 18 | max-spaces-after: 1 19 | commas: 20 | level: error 21 | max-spaces-before: 0 22 | min-spaces-after: 1 23 | max-spaces-after: 1 24 | comments: 25 | level: error 26 | require-starting-space: true 27 | min-spaces-from-content: 2 28 | comments-indentation: 29 | level: error 30 | document-end: 31 | level: error 32 | present: false 33 | document-start: 34 | level: error 35 | present: true 36 | empty-lines: 37 | level: error 38 | max: 1 39 | max-start: 0 40 | max-end: 1 41 | hyphens: 42 | level: error 43 | max-spaces-after: 1 44 | indentation: 45 | level: error 46 | spaces: 2 47 | indent-sequences: true 48 | check-multi-line-strings: false 49 | key-duplicates: 50 | level: error 51 | line-length: 52 | ignore: | 53 | .github/support.yml 54 | level: warning 55 | max: 120 56 | allow-non-breakable-words: true 57 | allow-non-breakable-inline-mappings: true 58 | new-line-at-end-of-file: 59 | level: error 60 | new-lines: 61 | level: error 62 | type: unix 63 | trailing-spaces: 64 | level: error 65 | truthy: 66 | level: error 67 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Levente Farkas (https://github.com/lfarkas) -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- 1 | # MIT License 2 | 3 | Copyright (c) 2023 Wiretrustee UG (haftungsbeschränkt) & AUTHORS 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Home Assistant Add-on: NetBird 2 | 3 | ![Project Stage][project-stage-shield] 4 | [![License][license-shield]](LICENSE.md) 5 | 6 | ![Supports aarch64 Architecture][aarch64-shield] 7 | ![Supports amd64 Architecture][amd64-shield] 8 | ![Supports armhf Architecture][armhf-shield] 9 | ![Supports armv7 Architecture][armv7-shield] 10 | ![Supports i386 Architecture][i386-shield] 11 | 12 | ![Project Maintenance][maintenance-shield] 13 | [![GitHub Activity][commits-shield]][commits] 14 | 15 | ## About 16 | 17 | [NetBird](https://netbird.io/)® is a simple and fast alternative to corporate VPNs built on top of [WireGuard](https://www.wireguard.com/)® making it easy to create secure private networks for your organization or home. 18 | 19 | [NetBird](https://netbird.io/)® can connect machines running anywhere in just a few clicks. 20 | 21 | It requires near zero configuration effort leaving behind the hassle of opening ports, complex firewall rules, vpn gateways, and so forth. 22 | 23 | 24 | ## Installation 25 | First add the repository: 26 | 27 | [![Add to Home Assistant](https://my.home-assistant.io/badges/supervisor_add_addon_repository.svg)](https://my.home-assistant.io/redirect/supervisor_add_addon_repository/?repository_url=https%3A%2F%2Fgithub.com%2Fnetbirdio%2Faddon-netbird) 28 | 29 | Then install the add-on "NetBird Client": 30 | 31 | [![Open your Home Assistant instance and show the dashboard of a Supervisor add-on.](https://my.home-assistant.io/badges/supervisor_addon.svg)](https://my.home-assistant.io/redirect/supervisor_addon/?addon=7edd9457_netbird&repository_url=https%3A%2F%2Fgithub.com%2Fnetbirdio%2Faddon-netbird) 32 | 33 | [:books: Read the full add-on documentation][docs] 34 | 35 | ## Support 36 | 37 | Got questions? 38 | 39 | You have several options to get them answered: 40 | 41 | - The [Home Assistant Community Add-ons Discord chat server][discord] for add-on 42 | support and feature requests. 43 | - The [Home Assistant Discord chat server][discord-ha] for general Home 44 | Assistant discussions and questions. 45 | - The Home Assistant [Community Forum][forum]. 46 | - Join the [Reddit subreddit][reddit] in [/r/homeassistant][reddit] 47 | 48 | You could also [open an issue here][issue] GitHub. 49 | 50 | ## Contributing 51 | 52 | This is an active open-source project. We are always open to people who want to 53 | use the code or contribute to it. 54 | 55 | Thank you for being involved! :heart_eyes: 56 | 57 | ## License 58 | 59 | MIT License 60 | 61 | Copyright (c) 2023 Wiretrustee UG (haftungsbeschränkt) & AUTHORS 62 | 63 | Permission is hereby granted, free of charge, to any person obtaining a copy 64 | of this software and associated documentation files (the "Software"), to deal 65 | in the Software without restriction, including without limitation the rights 66 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 67 | copies of the Software, and to permit persons to whom the Software is 68 | furnished to do so, subject to the following conditions: 69 | 70 | The above copyright notice and this permission notice shall be included in all 71 | copies or substantial portions of the Software. 72 | 73 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 74 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 75 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 76 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 77 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 78 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 79 | SOFTWARE. 80 | 81 | [aarch64-shield]: https://img.shields.io/badge/aarch64-yes-green.svg 82 | [amd64-shield]: https://img.shields.io/badge/amd64-yes-green.svg 83 | [armhf-shield]: https://img.shields.io/badge/armhf-yes-green.svg 84 | [armv7-shield]: https://img.shields.io/badge/armv7-yes-green.svg 85 | [commits-shield]: https://img.shields.io/github/commit-activity/y/lfarkas/addon-netbird.svg 86 | [commits]: https://github.com/netbirdio/addon-netbird/commits/main 87 | [discord-ha]: https://discord.gg/c5DvZ4e 88 | [discord]: https://discord.me/hassioaddons 89 | [docs]: https://github.com/netbirdio/addon-netbird/blob/main/netbird/DOCS.md 90 | [forum]: https://community.home-assistant.io/t/repository-community-hass-io-add-ons/24705 91 | [i386-shield]: https://img.shields.io/badge/i386-yes-green.svg 92 | [issue]: https://github.com/netbirdio/addon-netbird/issues 93 | [license-shield]: https://img.shields.io/github/license/lfarkas/addon-netbird.svg 94 | [maintenance-shield]: https://img.shields.io/maintenance/yes/2023.svg 95 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg 96 | [reddit]: https://reddit.com/r/homeassistant 97 | -------------------------------------------------------------------------------- /devcontainer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Netbird Home Assistant add-on repository", 3 | "image": "ghcr.io/home-assistant/devcontainer:addons", 4 | "appPort": [ 5 | "7123:8123", 6 | "7357:4357" 7 | ], 8 | "postStartCommand": "bash devcontainer_bootstrap", 9 | "runArgs": [ 10 | "-e", 11 | "GIT_EDITOR=code --wait", 12 | "--privileged" 13 | ], 14 | "remoteUser": "root", 15 | "containerEnv": { 16 | "WORKSPACE_DIRECTORY": "${containerWorkspaceFolder}" 17 | }, 18 | "extensions": [ 19 | "timonwong.shellcheck", 20 | "esbenp.prettier-vscode" 21 | ], 22 | "mounts": [ 23 | "type=volume,target=/var/lib/docker" 24 | ], 25 | "settings": { 26 | "terminal.integrated.profiles.linux": { 27 | "zsh": { 28 | "path": "/usr/bin/zsh" 29 | } 30 | }, 31 | "terminal.integrated.defaultProfile.linux": "zsh", 32 | "editor.formatOnPaste": false, 33 | "editor.formatOnSave": true, 34 | "editor.formatOnType": true, 35 | "files.trimTrailingWhitespace": true 36 | } 37 | } -------------------------------------------------------------------------------- /netbird/.README.j2: -------------------------------------------------------------------------------- 1 | # Home Assistant Community Add-on: NetBird 2 | 3 | [![Release][release-shield]][release] ![Project Stage][project-stage-shield] ![Project Maintenance][maintenance-shield] 4 | 5 | [![Discord][discord-shield]][discord] [![Community Forum][forum-shield]][forum] 6 | 7 | NetBird Client add-on by Community Home Assistant add-ons. 8 | 9 | ## About 10 | 11 | NetBird is a simple and fast alternative to corporate VPNs built on top of WireGuard® making it easy to create secure private networks for your organization or home. 12 | 13 | NetBird can connect machines running anywhere in just a few clicks. 14 | 15 | It requires near zero configuration effort leaving behind the hassle of opening ports, complex firewall rules, vpn gateways, and so forth. 16 | 17 | {% if channel == "edge" %} 18 | ## WARNING! THIS IS AN EDGE VERSION! 19 | 20 | This Home Assistant Add-ons repository contains edge builds of add-ons. 21 | Edge builds add-ons are based upon the latest development version. 22 | 23 | - They may not work at all. 24 | - They might stop working at any time. 25 | - They could have a negative impact on your system. 26 | 27 | This repository was created for: 28 | 29 | - Anybody willing to test. 30 | - Anybody interested in trying out upcoming add-ons or add-on features. 31 | - Developers. 32 | 33 | If you are more interested in stable releases of our add-ons: 34 | 35 | 36 | 37 | {% endif %} 38 | {% if channel == "beta" %} 39 | ## WARNING! THIS IS A BETA VERSION! 40 | 41 | This Home Assistant Add-ons repository contains beta releases of add-ons. 42 | 43 | - They might stop working at any time. 44 | - They could have a negative impact on your system. 45 | 46 | This repository was created for: 47 | 48 | - Anybody willing to test. 49 | - Anybody interested in trying out upcoming add-ons or add-on features. 50 | 51 | If you are more interested in stable releases of our add-ons: 52 | 53 | 54 | 55 | {% endif %} 56 | [discord-shield]: https://img.shields.io/discord/478094546522079232.svg 57 | [discord]: https://discord.me/hassioaddons 58 | [forum-shield]: https://img.shields.io/badge/community-forum-brightgreen.svg 59 | [forum]: https://community.home-assistant.io 60 | [maintenance-shield]: https://img.shields.io/maintenance/yes/2023.svg 61 | [project-stage-shield]: https://img.shields.io/badge/project%20stage-experimental-yellow.svg 62 | [release-shield]: https://img.shields.io/badge/version-{{ version }}-blue.svg 63 | [release]: {{ repo }}/tree/{{ version }} 64 | -------------------------------------------------------------------------------- /netbird/DOCS.md: -------------------------------------------------------------------------------- 1 | # Home Assistant Community Add-on: NetBird 2 | 3 | [NetBird][netbird] is an open-source VPN management platform built on top of WireGuard® making it easy to create secure private networks for your organization or home. 4 | 5 | It requires zero configuration effort leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth. 6 | 7 | NetBird uses NAT traversal techniques to automatically create an overlay peer-to-peer network connecting machines regardless of location (home, office, data center, container, cloud, or edge environments and now HASSIO with this add-on), unifying virtual private network management experience. 8 | 9 | ## Installation 10 | 11 | The installation of this add-on is pretty straightforward and not different in 12 | comparison to installing any other Home Assistant add-on. 13 | 14 | 1. Add my Hass.io add-ons repository (****) to your Hass.io instance. 15 | 1. Click the Home Assistant My button below to open the add-on on your Home 16 | Assistant instance. 17 | 18 | [![Open this add-on in your Home Assistant instance.][addon-badge]][addon] 19 | 20 | 1. Install the "NetBird" add-on. 21 | 1. If you are using the central NetBird instance you can either use the URL generated in the log or you can use a `setup_key`. If hosting your own then you'll want to set `admin_url` & `management_url` and again only need to set up the `setup_key` if you don't want to login via the log generated URL. 22 | 1. If you would like to change the auto generated hostname (which is the docker container id in case of hassio) set the `hostname`. 23 | 1. If you would like to enable Rosenpass set the `rosenpass` to `true`. 24 | 1. If you would like to enable Rosenpass in permissive way set the `rosenpass_permissive` to true. 25 | 1. Start the "NetBird" add-on. 26 | 1. Feels free to check the logs for `NetBird` to make sure its booted correctly. 27 | 1. This client will show up in your NetBird dashboard. 28 | 29 | ## Configuration 30 | 31 | You'll see the config file at `/addon_config/*_netbird/config.json` after first boot. 32 | 33 | ### Option: `log_level` 34 | 35 | The `log_level` option controls the level of log output by the addon and can 36 | be changed to be more or less verbose, which might be useful when you are 37 | dealing with an unknown issue. Possible values are: 38 | 39 | - `trace`: Show every detail, like all called internal functions. 40 | - `debug`: Shows detailed debug information. 41 | - `info`: Normal (usually) interesting events. 42 | - `notice`: Normal but significant events. 43 | - `warning`: Exceptional occurrences that are not errors. 44 | - `error`: Runtime errors that do not require immediate action. 45 | - `fatal`: Something went terribly wrong. Add-on becomes unusable. 46 | 47 | Please note that each level automatically includes log messages from a 48 | more severe level, e.g., `debug` also shows `info` messages. By default, 49 | the `log_level` is set to `info`, which is the recommended setting unless 50 | you are troubleshooting. 51 | 52 | ### Option: `admin_url` 53 | 54 | Admin Panel URL [http|https]://[host]:[port] (default "") 55 | 56 | Tells NetBird the URL through which you administrate your NetBird clients. 57 | You'll find that the log generates a login URL you can use instead of configuring a `setup_key`. (If you're not already connected to a NetBird instance.) 58 | 59 | ### Option: `management_url` 60 | 61 | Management Service URL [http|https]://[host]:[port] (default "") 62 | 63 | The client will use this URL to communicate with your NetBird instance api. 64 | 65 | ### Option: `setup_key` 66 | 67 | Setup key obtained from the Management Service Dashboard (used to register peer) 68 | 69 | This token is like a password for connecting your client to NetBird, you can leave this 70 | option empty if you would prefer to login via a URL generated in the log with the `admin_url`. 71 | 72 | ### Option: `hostname` 73 | 74 | Hostname in the NetBird network (used to during registration) 75 | 76 | This hostname will be used in the Peers to identify your machine. 77 | 78 | ### Option: `rosenpass` 79 | 80 | Rosenpass can be enabled by setting a flag on client start-up. 81 | 82 | Rosenpass is a post-quantum secure key-exchange protocol that enhances WireGuard 83 | VPNs against quantum computer attacks. It employs advanced cryptographic methods 84 | Classic McEliece and Kyber. 85 | 86 | ### Option: `rosenpass_permissive` 87 | 88 | Rosenpass can be enabled in permissive way. 89 | 90 | Enabling Rosenpass on one peer assumes that all peers have Rosenpass enabled. If one of the peers does not enable this feature or run an older version that lacks Rosenpass, the connection won't work. To allow non-Rosenpass enabled peers to connect to a Rosenpass peer, the permissive mode can be activated. In this case, the NetBird client will default to a standard WireGuard connection without pre-shared keys for those connections that don't support Rosenpass. It will continue negotiating PSKs with Rosenpass for the rest, ensuring enhanced security wherever possible. 91 | 92 | ### Option: `env_vars` 93 | 94 | Extra environment variables 95 | 96 | Extra environment variables to pass to the NetBird client 97 | This is a list of environment variables that will be passed to the NetBird client. 98 | You can use this to configure the client further. 99 | 100 | ## Changelog & Releases 101 | 102 | This repository keeps a change log using [GitHub's releases][releases] 103 | functionality. 104 | 105 | Releases are based on [Semantic Versioning][semver], and use the format 106 | of `MAJOR.MINOR.PATCH`. In a nutshell, the version will be incremented 107 | based on the following: 108 | 109 | - `MAJOR`: Incompatible or major changes. 110 | - `MINOR`: Backwards-compatible new features and enhancements. 111 | - `PATCH`: Backwards-compatible bugfixes and package updates. 112 | 113 | ## Support 114 | 115 | Got questions? 116 | 117 | You have several options to get them answered: 118 | 119 | - The [Home Assistant Community Add-ons Discord chat server][discord] for add-on 120 | support and feature requests. 121 | - The [Home Assistant Discord chat server][discord-ha] for general Home 122 | Assistant discussions and questions. 123 | - The Home Assistant [Community Forum][forum]. 124 | - Join the [Reddit subreddit][reddit] in [/r/homeassistant][reddit] 125 | 126 | You could also [open an issue here][issue] GitHub. 127 | 128 | ## Authors & contributors 129 | 130 | The original setup of this repository was by [Levente Farkas][lfarkas]. 131 | 132 | For a full list of all authors and contributors, 133 | check [the contributor's page][contributors]. 134 | 135 | ## License 136 | 137 | MIT License 138 | 139 | Copyright (c) 2019-2022 Franck Nijhof 140 | Copyright (c) 2022-2023 Daniel Burgess 141 | Copyright (c) 2023-2023 Levente Farkas 142 | 143 | Permission is hereby granted, free of charge, to any person obtaining a copy 144 | of this software and associated documentation files (the "Software"), to deal 145 | in the Software without restriction, including without limitation the rights 146 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 147 | copies of the Software, and to permit persons to whom the Software is 148 | furnished to do so, subject to the following conditions: 149 | 150 | The above copyright notice and this permission notice shall be included in all 151 | copies or substantial portions of the Software. 152 | 153 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 154 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 155 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 156 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 157 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 158 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 159 | SOFTWARE. 160 | 161 | [addon-badge]: https://my.home-assistant.io/badges/supervisor_addon.svg 162 | [addon]: https://my.home-assistant.io/redirect/supervisor_addon/?addon=a0d7b954_netbird&repository_url=https%3A%2F%2Fgithub.com%2Fnetbirdio%2Faddon-netbird 163 | [contributors]: https://github.com/hassio-addons/addon-netbird/graphs/contributors 164 | [discord-ha]: https://discord.gg/c5DvZ4e 165 | [discord]: https://discord.me/hassioaddons 166 | [forum]: https://community.home-assistant.io/t/repository-community-hass-io-add-ons/24705 167 | [issue]: https://github.com/netbirdio/addon-netbird/issues 168 | [reddit]: https://reddit.com/r/homeassistant 169 | [releases]: https://github.com/netbirdio/addon-netbird/releases 170 | [semver]: http://semver.org/spec/v2.0.0.html 171 | [netbird]: https://github.com/netbirdio/netbird 172 | [lfarkas]: https://github.com/lfarkas 173 | -------------------------------------------------------------------------------- /netbird/Dockerfile: -------------------------------------------------------------------------------- 1 | ARG BUILD_FROM=ghcr.io/hassio-addons/base:17.2.5 2 | 3 | FROM netbirdio/netbird:0.46.0 as netbird-container 4 | 5 | # hadolint ignore=DL3006 6 | FROM ${BUILD_FROM} 7 | 8 | RUN apk add --no-cache nftables=1.1.1-r0 9 | 10 | # Copy root filesystem 11 | COPY rootfs / 12 | COPY --from=netbird-container /usr/local/bin/netbird /usr/local/bin/netbird 13 | 14 | # Build arguments 15 | ARG BUILD_VERSION 16 | ARG BUILD_ARCH 17 | ARG BUILD_DATE 18 | ARG BUILD_DESCRIPTION 19 | ARG BUILD_NAME 20 | ARG BUILD_REF 21 | ARG BUILD_REPOSITORY 22 | 23 | # Labels 24 | LABEL \ 25 | io.hass.name="${BUILD_NAME}" \ 26 | io.hass.description="${BUILD_DESCRIPTION}" \ 27 | io.hass.arch="${BUILD_ARCH}" \ 28 | io.hass.type="addon" \ 29 | io.hass.version=${BUILD_VERSION} \ 30 | maintainer="Levente Farkas " \ 31 | org.opencontainers.image.title="${BUILD_NAME}" \ 32 | org.opencontainers.image.description="${BUILD_DESCRIPTION}" \ 33 | org.opencontainers.image.vendor="Home Assistant Community Add-ons" \ 34 | org.opencontainers.image.authors="Levente Farkas " \ 35 | org.opencontainers.image.licenses="MIT" \ 36 | org.opencontainers.image.url="https://addons.community" \ 37 | org.opencontainers.image.source="https://github.com/${BUILD_REPOSITORY}" \ 38 | org.opencontainers.image.documentation="https://github.com/${BUILD_REPOSITORY}/blob/main/README.md" \ 39 | org.opencontainers.image.created=${BUILD_DATE} \ 40 | org.opencontainers.image.revision=${BUILD_REF} \ 41 | org.opencontainers.image.version=${BUILD_VERSION} 42 | -------------------------------------------------------------------------------- /netbird/build.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | build_from: 3 | aarch64: ghcr.io/hassio-addons/base:17.2.5 4 | amd64: ghcr.io/hassio-addons/base:17.2.5 5 | armhf: ghcr.io/hassio-addons/base:17.2.5 6 | armv7: ghcr.io/hassio-addons/base:17.2.5 7 | i386: ghcr.io/hassio-addons/base:17.2.5 8 | codenotary: 9 | base_image: notary@home-assistant.io 10 | signer: lfarkas@lfarkas.org 11 | -------------------------------------------------------------------------------- /netbird/config.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | name: NetBird 3 | version: v0.46.0 4 | slug: netbird 5 | description: Connect your devices into a single secure private WireGuard®-based mesh network. 6 | url: https://github.com/netbirdio/addon-netbird 7 | codenotary: lfarkas@lfarkas.org 8 | startup: services 9 | panel_icon: mdi:vpn 10 | init: false 11 | arch: 12 | - aarch64 13 | - amd64 14 | - armhf 15 | - armv7 16 | - i386 17 | host_network: true 18 | host_dbus: true 19 | privileged: 20 | - SYS_ADMIN 21 | - SYS_RESOURCE 22 | - NET_ADMIN 23 | - NET_RAW 24 | - BPF 25 | map: 26 | - homeassistant_config:rw 27 | - addon_config:rw 28 | options: 29 | admin_url: "" 30 | management_url: "" 31 | setup_key: "" 32 | hostname: "" 33 | rosenpass: false 34 | rosenpass_permissive: false 35 | env_vars: [] 36 | schema: 37 | admin_url: str 38 | management_url: str 39 | setup_key: str 40 | hostname: str 41 | rosenpass: bool 42 | rosenpass_permissive: bool 43 | env_vars: 44 | - name: match(^NB_([A-Z0-9_])+$) 45 | value: str 46 | log_level: list(trace|debug|info|notice|warning|error|fatal)? 47 | -------------------------------------------------------------------------------- /netbird/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netbirdio/addon-netbird/eb640216c6d940df29bddcf10f280fd0fea0a911/netbird/icon.png -------------------------------------------------------------------------------- /netbird/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netbirdio/addon-netbird/eb640216c6d940df29bddcf10f280fd0fea0a911/netbird/logo.png -------------------------------------------------------------------------------- /netbird/rootfs/etc/s6-overlay/s6-rc.d/netbird/dependencies.d/base: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netbirdio/addon-netbird/eb640216c6d940df29bddcf10f280fd0fea0a911/netbird/rootfs/etc/s6-overlay/s6-rc.d/netbird/dependencies.d/base -------------------------------------------------------------------------------- /netbird/rootfs/etc/s6-overlay/s6-rc.d/netbird/finish: -------------------------------------------------------------------------------- 1 | #!/command/with-contenv bashio 2 | # shellcheck shell=bash 3 | # ============================================================================== 4 | # Home Assistant Community Add-on: NetBird Client 5 | # ============================================================================== 6 | declare exit_code 7 | readonly exit_code_container=$( /run/s6-linux-init-container-results/exitcode 23 | fi 24 | 25 | # If the signal is SIGTERM, we should halt the container and take down 26 | # the whole process tree. 27 | [[ "${exit_code_signal}" -eq 15 ]] && exec /run/s6/basedir/bin/halt 28 | 29 | # The service exited with a non-zero exit code, which means it crashed. 30 | elif [[ "${exit_code_service}" -ne 0 ]]; then 31 | 32 | # The service might be a result of another service crashing. Only 33 | # overwrite the container exit code if it is not already set. 34 | if [[ "${exit_code_container}" -eq 0 ]]; then 35 | echo "${exit_code_service}" > /run/s6-linux-init-container-results/exitcode 36 | fi 37 | 38 | # We should halt the container and take down the whole process tree. 39 | exec /run/s6/basedir/bin/halt 40 | 41 | # The service exited with a zero exit code, which means it exited, let 42 | # S6 supervision restart it. 43 | else 44 | bashio::log.info "Service ${service} restarting..." 45 | fi 46 | -------------------------------------------------------------------------------- /netbird/rootfs/etc/s6-overlay/s6-rc.d/netbird/run: -------------------------------------------------------------------------------- 1 | #!/command/with-contenv bashio 2 | # shellcheck shell=bash 3 | # ============================================================================== 4 | # Home Assistant Community Add-on: NetBird Client 5 | # Runs NetBird Client 6 | # ============================================================================== 7 | declare -a options 8 | declare name 9 | declare value 10 | 11 | 12 | # Get the options configured in HASS GUI 13 | readonly CONFIG_OLD_PATH=/homeassistant/netbird/config.json 14 | readonly CONFIG_PATH=/config/config.json 15 | 16 | [ -f "${CONFIG_OLD_PATH}" ] && mv "${CONFIG_OLD_PATH}" "${CONFIG_PATH}" 17 | 18 | admin_url="$(bashio::config 'admin_url')" 19 | management_url="$(bashio::config 'management_url')" 20 | setup_key="$(bashio::config 'setup_key')" 21 | hostname="$(bashio::config 'hostname')" 22 | rosenpass="$(bashio::config 'rosenpass')" 23 | rosenpass_permissive="$(bashio::config 'rosenpass_permissive')" 24 | log_level="$(bashio::config 'log_level')" 25 | 26 | options+=(--foreground-mode) 27 | options+=(--config "${CONFIG_PATH}") 28 | options+=(--log-file console) 29 | 30 | if [ "${admin_url}" = "" ]; then 31 | bashio::log.info "Using Default Admin URL" 32 | else 33 | bashio::log.info "Using ${admin_url} as Admin URL" 34 | options+=(--admin-url "${admin_url}") 35 | fi 36 | 37 | if [ "${management_url}" = "" ]; then 38 | bashio::log.info "Using Default Management URL" 39 | else 40 | bashio::log.info "Using ${management_url} as Management URL" 41 | options+=(--management-url "${management_url}") 42 | fi 43 | 44 | if [ "${setup_key}" = "" ]; then 45 | bashio::log.info "No Setup Key Set" 46 | bashio::log.info "This client will only show up in dashboards it's already registered with." 47 | else 48 | bashio::log.info "Using ${setup_key} as Setup Key" 49 | options+=(--setup-key "${setup_key}") 50 | fi 51 | 52 | if [ "${hostname}" = "" ]; then 53 | bashio::log.info "No Hostname Set" 54 | bashio::log.info "This client will use the default (-netbird-client) as hostname in peers." 55 | else 56 | bashio::log.info "Using ${hostname} as hostname" 57 | options+=(--hostname "${hostname}") 58 | fi 59 | 60 | if ! ${rosenpass}; then 61 | bashio::log.info "Rosenpass disabled" 62 | options+=(--enable-rosenpass=false) 63 | else 64 | bashio::log.info "Rosenpass enabled" 65 | options+=(--enable-rosenpass) 66 | if ${rosenpass_permissive}; then 67 | bashio::log.info "Rosenpass permissive mode enabled" 68 | options+=(--rosenpass-permissive) 69 | fi 70 | fi 71 | 72 | if [ "${log_level}" = "" ] || [ "${log_level}" = "null" ]; then 73 | bashio::log.info "No log level Set" 74 | bashio::log.info "This client will use the default logging." 75 | else 76 | bashio::log.info "Using ${log_level} as logging level" 77 | options+=(--log-level "${log_level}") 78 | fi 79 | 80 | # Load custom environment variables 81 | for var in $(bashio::config 'env_vars|keys'); do 82 | name=$(bashio::config "env_vars[${var}].name") 83 | value=$(bashio::config "env_vars[${var}].value") 84 | bashio::log.info "Setting ${name} to ${value}" 85 | export "${name}=${value}" 86 | done 87 | 88 | # dirty hack to get dns working 89 | # with this netbird can regonize the host running systemd-resolved 90 | CONTENT=$(cat /etc/resolv.conf) 91 | echo '# systemd-resolved' > /etc/resolv.conf 92 | echo "$CONTENT" >> /etc/resolv.conf 93 | 94 | bashio::log.info "Starting NetBird Client..." 95 | bashio::log.info "netbird up " "${options[@]}" 96 | netbird up "${options[@]}" 97 | -------------------------------------------------------------------------------- /netbird/rootfs/etc/s6-overlay/s6-rc.d/netbird/type: -------------------------------------------------------------------------------- 1 | longrun 2 | -------------------------------------------------------------------------------- /netbird/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/netbird: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/netbirdio/addon-netbird/eb640216c6d940df29bddcf10f280fd0fea0a911/netbird/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/netbird -------------------------------------------------------------------------------- /netbird/translations/en.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | configuration: 3 | log_level: 4 | name: Log level 5 | description: The amount of logging the add-on should do. 6 | admin_url: 7 | name: Admin Panel URL 8 | description: >- 9 | Admin Panel URL [http|https]://[host]:[port] (default "https://app.netbird.io") 10 | 11 | Tells NetBird the URL through which you administrate your NetBird clients. 12 | You'll find that the log generates a login URL you can use instead of configuring a `setup_key`. 13 | (If you're not already connected to a NetBird instance.) 14 | management_url: 15 | name: Management URL 16 | description: >- 17 | Management Service URL [http|https]://[host]:[port] (default "https://api.netbird.io:443") 18 | 19 | The client will use this URL to communicate with your NetBird instance api. 20 | setup_key: 21 | name: Setup Key 22 | description: >- 23 | Setup key obtained from the Management Service Dashboard (used to register peer) 24 | This token is like a password for connecting your client to NetBird, you can 25 | leave this option empty if you would prefer to login via a URL generated in 26 | the log with the `admin_url`. 27 | hostname: 28 | name: Hostname 29 | description: >- 30 | Hostname of the client (default "netbird-client") 31 | This is the name of the client that will be displayed in the NetBird dashboard. 32 | rosenpass: 33 | name: Rosenpass 34 | description: >- 35 | Rosenpass can be enabled by setting a flag on client start-up. 36 | Rosenpass is a post-quantum secure key-exchange protocol that enhances WireGuard 37 | VPNs against quantum computer attacks. It employs advanced cryptographic methods 38 | Classic McEliece and Kyber. 39 | rosenpass_permissive: 40 | name: Rosenpass Permissive 41 | description: >- 42 | Rosenpass permissive mode can be enabled by setting a flag on client start-up. 43 | This mode allows the client to connect to a non-Rosenpass server. 44 | env_vars: 45 | name: Extra environment variables 46 | description: >- 47 | Extra environment variables to pass to the NetBird client 48 | This is a list of environment variables that will be passed to the NetBird client. 49 | You can use this to configure the client further. 50 | -------------------------------------------------------------------------------- /public.pgp: -------------------------------------------------------------------------------- 1 | -----BEGIN PGP PUBLIC KEY BLOCK----- 2 | 3 | mQGiBEBgJ4oRBADZOOFIPp9t/XUU/PsxjIg52v7MTfWsgz6D4tXVA3yP59qslvt8 4 | IOZHslaWzgmKhH9VtaEphWFdzMNaa4XBFliu9TK3RbI4t3CO4h30CvDDTvFMVygz 5 | NBVMhyagV5TWW1PHm32hWtsiHTWTQLejb7ngnhVN03GGhMxost121G5DAwCg6nE8 6 | JpHIl4qZdKh6rjboeI2egPsD/iCDBXnMeVKWSSOX0XrsY5sK80Al+q82hSyBF0v2 7 | LWxhBqqZXwOTFbJbMbmVRtuJTcjl2caJH9vZ2puosbqkaHy/Xs5X13TATbRaeHPE 8 | Nvj2ZPNDpNiBPQp8aTf35EPe3LcSI5cJvkijulN8fmrKh7FabG6vtFE8DKgKEsvI 9 | kwRgA/9yRdSXNPljDVvBoHsT2V8ipXqEjBjG7FoLTWxBJOwbrEqm+PzVnfRV6YGa 10 | Tt/fAQXtaZBZAXLud/7+BNEnM0BllrhdAMRlPEKiVqonDrRaffreaiPRlvNhH6aN 11 | JTlhYeKaQRxFkY1zyHdql4nGytVHdIyeflf34THk3BUsljcPK4hgBCARAgAgFiEE 12 | dgbihJLlGSYttbKJqdWjm4L9Eg0FAmP9ErYCHQEACgkQqdWjm4L9Eg0HSQCfZBdT 13 | u2wIqzh0Hg4MmBCtWVzQSaEAn34JLM+KHpjRtBK20qAQp1qe/gjitCRMZXZlbnRl 14 | IEZhcmthcyA8bGZhcmthc0BsZmFya2FzLm9yZz6IawQQEQIAKwUCU0fmpAWDAeKF 15 | AB4aaHR0cDovL3d3dy5jYWNlcnQub3JnL2Nwcy5waHAACgkQ0rsNAWXQ/Vgy2QCc 16 | CUq6Pk+p9HqGtd2zOlpqaNGWnpMAnjFWroSX86ggY6seuYH9zJgi0DIbiF4EExEC 17 | AB4FAkBgJ4oCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQqdWjm4L9Eg0nxQCg 18 | hiXykDUWbTTigscITnjqkVoZK60An2NJ4md5VhGr8LjnZGd2QMrjUcbvuQENBEBg 19 | J4sQBADe8Fmk1UEcQmM94OIu35vv6H3/g6KoRt2H6cMog9Tj+m0SmZBxzE62F15o 20 | 4gZrK8hg//Hkd+5Qle+O3bMBG1Cqie+rwKrIZh5+vR5fUSF1jX1ePqVzoBHLPldI 21 | qVMOZMjHoF77AnTRUMkXm5NxlBos68UjT07L/2QARol1e/AMywADBgP/fMjB0oka 22 | K3ksGLAq2szkIgtlPrqHNhdD6sHfZflaRBWpIIoN3uTLSzyEGw3o4tIdrynOKr8h 23 | Fbn5ZrvXWeYXOjSMGE7eLzLA2EYyTggGWKx0KTuYHNyfxcpDvVJzfCTKR/5wwKyo 24 | GG2kddW0ICHVrSCao1ZT6kCI36q0gyBzv6OISQQYEQIACQUCQGAniwIbDAAKCRCp 25 | 1aObgv0SDbBrAJ9dLODHWWw0yBMbRCXEL8IqcaiK0QCgsVH/Snd8h48A2qRIF8mA 26 | dQZesS6YMwRj/RVZFgkrBgEEAdpHDwEBB0Bm80iJucuoCDjVsBrt/NOwAommWPkf 27 | GlmR69ulHzeEH7QkTGV2ZW50ZSBGYXJrYXMgPGxmYXJrYXNAbGZhcmthcy5vcmc+ 28 | iJMEExYKADsWIQQjenvKO2BXbyBUj9uxK5QToYXxXAUCY/0VWQIbAwULCQgHAgIi 29 | AgYVCgkICwIEFgIDAQIeBwIXgAAKCRCxK5QToYXxXI7yAP9FVMEaDbknmUxVhDDo 30 | 9tSwGP1JSzISycpA1tPNv4C5eAD8Cmz7kciniFmmAjPDHIlHDOxUXCchI2jpluo2 31 | alQVfQ64OARj/RVZEgorBgEEAZdVAQUBAQdAge9Jj29/to5UKqFOailMYfS+2/qp 32 | o8i3z+r+BdrO1RkDAQgHiHgEGBYKACAWIQQjenvKO2BXbyBUj9uxK5QToYXxXAUC 33 | Y/0VWQIbDAAKCRCxK5QToYXxXCe0AQDfqJCCf6ZQjs3vibnJ+GReWk/V3SBz8hfA 34 | yZAn5gUmEAD/eTNOnoNJ5t4xCI+kuXQCSgDxNjr28hL6VFgaCB3gcww= 35 | =rOwz 36 | -----END PGP PUBLIC KEY BLOCK----- 37 | -------------------------------------------------------------------------------- /repository.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "NetBird Home Assistant Add-ons", 3 | "url": "https://github.com/netbirdio/addon-netbird", 4 | "maintainer": "Levente Farkas " 5 | } 6 | --------------------------------------------------------------------------------