fix some typo spotted with codespell (#1278)

Fixed spelling typos on logs, comments and command help text

CONTRIBUTING.md

@@ -144,7 +144,7 @@ cd client
 CGO_ENABLED=0 go build .
 ```
 
-> Windows clients have a Wireguard driver requirement. You can downlowd the wintun driver from https://www.wintun.net/builds/wintun-0.14.1.zip, after decompressing, you can copy the file `windtun\bin\ARCH\wintun.dll` to the same path as your binary file or to `C:\Windows\System32\wintun.dll`.
+> Windows clients have a Wireguard driver requirement. You can download the wintun driver from https://www.wintun.net/builds/wintun-0.14.1.zip, after decompressing, you can copy the file `windtun\bin\ARCH\wintun.dll` to the same path as your binary file or to `C:\Windows\System32\wintun.dll`.
 
 To start NetBird the client in the foreground:
 

client/android/preferences_test.go

@@ -57,11 +57,11 @@ func TestPreferences_ReadUncommitedValues(t *testing.T) {
 	p.SetManagementURL(exampleString)
 	resp, err = p.GetManagementURL()
 	if err != nil {
-		t.Fatalf("failed to read managmenet url: %s", err)
+		t.Fatalf("failed to read management url: %s", err)
 	}
 
 	if resp != exampleString {
-		t.Errorf("unexpected managemenet url: %s", resp)
+		t.Errorf("unexpected management url: %s", resp)
 	}
 
 	p.SetPreSharedKey(exampleString)
@@ -102,11 +102,11 @@ func TestPreferences_Commit(t *testing.T) {
 
 	resp, err = p.GetManagementURL()
 	if err != nil {
-		t.Fatalf("failed to read managmenet url: %s", err)
+		t.Fatalf("failed to read management url: %s", err)
 	}
 
 	if resp != exampleURL {
-		t.Errorf("unexpected managemenet url: %s", resp)
+		t.Errorf("unexpected management url: %s", resp)
 	}
 
 	resp, err = p.GetPreSharedKey()

client/cmd/up.go

@@ -123,7 +123,7 @@ func runInDaemonMode(ctx context.Context, cmd *cobra.Command) error {
 	defer func() {
 		err := conn.Close()
 		if err != nil {
-			log.Warnf("failed closing dameon gRPC client connection %v", err)
+			log.Warnf("failed closing daemon gRPC client connection %v", err)
 			return
 		}
 	}()
@@ -200,11 +200,11 @@ func validateNATExternalIPs(list []string) error {
 
 		subElements := strings.Split(element, "/")
 		if len(subElements) > 2 {
-			return fmt.Errorf("%s is not a valid input for %s. it should be formated as \"String\" or \"String/String\"", element, externalIPMapFlag)
+			return fmt.Errorf("%s is not a valid input for %s. it should be formatted as \"String\" or \"String/String\"", element, externalIPMapFlag)
 		}
 
 		if len(subElements) == 1 && !isValidIP(subElements[0]) {
-			return fmt.Errorf("%s is not a valid input for %s. it should be formated as \"IP\" or \"IP/IP\", or \"IP/Interface Name\"", element, externalIPMapFlag)
+			return fmt.Errorf("%s is not a valid input for %s. it should be formatted as \"IP\" or \"IP/IP\", or \"IP/Interface Name\"", element, externalIPMapFlag)
 		}
 
 		last := 0
@@ -259,7 +259,7 @@ func parseCustomDNSAddress(modified bool) ([]byte, error) {
 	var parsed []byte
 	if modified {
 		if !isValidAddrPort(customDNSAddress) {
-			return nil, fmt.Errorf("%s is invalid, it should be formated as IP:Port string or as an empty string like \"\"", customDNSAddress)
+			return nil, fmt.Errorf("%s is invalid, it should be formatted as IP:Port string or as an empty string like \"\"", customDNSAddress)
 		}
 		if customDNSAddress == "" && logFile != "console" {
 			parsed = []byte("empty")

client/firewall/iptables/manager_linux.go

@@ -192,7 +192,7 @@ func (m *Manager) AddFiltering(
 	}
 	if ipsetName != "" {
 		// ipset name is defined and it means that this rule was created
-		// for it, need to assosiate it with ruleset
+		// for it, need to associate it with ruleset
 		m.rulesets[ipsetName] = ruleset{
 			rule: rule,
 			ips:  map[string]string{rule.ip: ruleID},
@@ -236,7 +236,7 @@ func (m *Manager) DeleteRule(rule fw.Rule) error {
 		}
 
 		// we delete last IP from the set, that means we need to delete
-		// set itself and assosiated firewall rule too
+		// set itself and associated firewall rule too
 		delete(m.rulesets, r.ipsetName)
 
 		if err := ipset.Destroy(r.ipsetName); err != nil {

client/firewall/nftables/manager_linux.go

@@ -754,7 +754,7 @@ func (m *Manager) AllowNetbird() error {
 	}
 
 	if chain == nil {
-		log.Debugf("chain INPUT not found. Skiping add allow netbird rule")
+		log.Debugf("chain INPUT not found. Skipping add allow netbird rule")
 		return nil
 	}
 

client/firewall/nftables/manager_linux_test.go

@@ -148,7 +148,7 @@ func TestNftablesManager(t *testing.T) {
 	// test expectations:
 	// 1) "accept extra routed traffic rule" for the interface
 	// 2) "drop all rule" for the interface
-	require.Len(t, rules, 2, "expected 2 rules after deleteion")
+	require.Len(t, rules, 2, "expected 2 rules after deletion")
 
 	err = manager.Reset()
 	require.NoError(t, err, "failed to reset")

client/firewall/uspfilter/uspfilter.go

@@ -188,7 +188,7 @@ func (m *Manager) DropIncoming(packetData []byte) bool {
 	return m.dropFilter(packetData, m.incomingRules, true)
 }
 
-// dropFilter imlements same logic for booth direction of the traffic
+// dropFilter implements same logic for booth direction of the traffic
 func (m *Manager) dropFilter(packetData []byte, rules map[string]RuleSet, isIncomingPacket bool) bool {
 	m.mutex.RLock()
 	defer m.mutex.RUnlock()

client/internal/acl/manager.go

@@ -53,7 +53,7 @@ func newDefaultManager(fm firewall.Manager) *DefaultManager {
 
 // ApplyFiltering firewall rules to the local firewall manager processed by ACL policy.
 //
-// If allowByDefault is ture it appends allow ALL traffic rules to input and output chains.
+// If allowByDefault is true it appends allow ALL traffic rules to input and output chains.
 func (d *DefaultManager) ApplyFiltering(networkMap *mgmProto.NetworkMap) {
 	d.mutex.Lock()
 	defer d.mutex.Unlock()
@@ -366,7 +366,7 @@ func (d *DefaultManager) squashAcceptRules(
 			protocols[r.Protocol] = map[string]int{}
 		}
 
-		// special case, when we recieve this all network IP address
+		// special case, when we receive this all network IP address
 		// it means that rules for that protocol was already optimized on the
 		// management side
 		if r.PeerIP == "0.0.0.0" {
@@ -393,7 +393,7 @@ func (d *DefaultManager) squashAcceptRules(
 	}
 
 	// order of squashing by protocol is important
-	// only for ther first element ALL, it must be done first
+	// only for their first element ALL, it must be done first
 	protocolOrders := []mgmProto.FirewallRuleProtocol{
 		mgmProto.FirewallRule_ALL,
 		mgmProto.FirewallRule_ICMP,

client/internal/connect.go

@@ -99,7 +99,7 @@ func runClient(ctx context.Context, config *Config, statusRecorder *peer.Status,
 			cancel()
 		}()
 
-		log.Debugf("conecting to the Management service %s", config.ManagementURL.Host)
+		log.Debugf("connecting to the Management service %s", config.ManagementURL.Host)
 		mgmClient, err := mgm.NewClient(engineCtx, config.ManagementURL.Host, myPrivateKey, mgmTlsEnabled)
 		if err != nil {
 			return wrapErr(gstatus.Errorf(codes.FailedPrecondition, "failed connecting to Management Service : %s", err))

client/internal/dns/file_linux.go

@@ -69,7 +69,7 @@ func (f *fileConfigurator) applyDNSConfig(config hostDNSConfig) error {
 		}
 	default:
 		// todo improve this and maybe restart DNS manager from scratch
-		return fmt.Errorf("something happened and file manager is not your prefered host dns configurator, restart the agent")
+		return fmt.Errorf("something happened and file manager is not your preferred host dns configurator, restart the agent")
 	}
 
 	var searchDomains string

client/internal/dns/resolvconf_linux.go

@@ -89,7 +89,7 @@ func (r *resolvconf) applyConfig(content string) error {
 	cmd.Stdin = strings.NewReader(content)
 	_, err := cmd.Output()
 	if err != nil {
-		return fmt.Errorf("got an error while appying resolvconf configuration for %s interface, error: %s", r.ifaceName, err)
+		return fmt.Errorf("got an error while applying resolvconf configuration for %s interface, error: %s", r.ifaceName, err)
 	}
 	return nil
 }

client/internal/dns/server.go

@@ -288,7 +288,7 @@ func (s *DefaultServer) buildUpstreamHandlerUpdate(nameServerGroups []*nbdns.Nam
 		handler := newUpstreamResolver(s.ctx)
 		for _, ns := range nsGroup.NameServers {
 			if ns.NSType != nbdns.UDPNameServerType {
-				log.Warnf("skiping nameserver %s with type %s, this peer supports only %s",
+				log.Warnf("skipping nameserver %s with type %s, this peer supports only %s",
 					ns.IP.String(), ns.NSType.String(), nbdns.UDPNameServerType.String())
 				continue
 			}
@@ -306,7 +306,7 @@ func (s *DefaultServer) buildUpstreamHandlerUpdate(nameServerGroups []*nbdns.Nam
 		// reapply DNS settings, but it not touch the original configuration and serial number
 		// because it is temporal deactivation until next try
 		//
-		// after some period defined by upstream it trys to reactivate self by calling this hook
+		// after some period defined by upstream it tries to reactivate self by calling this hook
 		// everything we need here is just to re-apply current configuration because it already
 		// contains this upstream settings (temporal deactivation not removed it)
 		handler.deactivate, handler.reactivate = s.upstreamCallbacks(nsGroup, handler)

client/internal/dns/server_export_test.go

@@ -19,6 +19,6 @@ func TestGetServerDns(t *testing.T) {
 	}
 
 	if srvB != srv {
-		t.Errorf("missmatch dns instances")
+		t.Errorf("mismatch dns instances")
 	}
 }

client/internal/dns/upstream.go

@@ -53,7 +53,7 @@ func newUpstreamResolver(parentCTX context.Context) *upstreamResolver {
 }
 
 func (u *upstreamResolver) stop() {
-	log.Debugf("stoping serving DNS for upstreams %s", u.upstreamServers)
+	log.Debugf("stopping serving DNS for upstreams %s", u.upstreamServers)
 	u.cancel()
 }
 

client/internal/routemanager/manager.go

@@ -155,7 +155,7 @@ func (m *DefaultManager) classifiesRoutes(newRoutes []*route.Route) (map[string]
 			// if prefix is too small, lets assume is a possible default route which is not yet supported
 			// we skip this route management
 			if newRoute.Network.Bits() < 7 {
-				log.Errorf("this agent version: %s, doesn't support default routes, received %s, skiping this route",
+				log.Errorf("this agent version: %s, doesn't support default routes, received %s, skipping this route",
 					version.NetbirdVersion(), newRoute.Network)
 				continue
 			}

client/internal/routemanager/nftables_linux.go

@@ -487,7 +487,7 @@ func (n *nftablesManager) RemoveRoutingRules(pair routerPair) error {
 	if len(n.rules) == 2 && n.defaultForwardRules[0] != nil {
 		err := n.eraseDefaultForwardRule()
 		if err != nil {
-			log.Errorf("failed to delte default fwd rule: %s", err)
+			log.Errorf("failed to delete default fwd rule: %s", err)
 		}
 	}
 

encryption/encryption.go

@@ -30,7 +30,7 @@ func Decrypt(encryptedMsg []byte, peerPublicKey wgtypes.Key, privateKey wgtypes.
 		return nil, err
 	}
 	if len(encryptedMsg) < nonceSize {
-		return nil, fmt.Errorf("invalid encrypted message lenght")
+		return nil, fmt.Errorf("invalid encrypted message length")
 	}
 	copy(nonce[:], encryptedMsg[:nonceSize])
 	opened, ok := box.Open(nil, encryptedMsg[nonceSize:], nonce, toByte32(peerPublicKey), toByte32(privateKey))

iface/bind/udp_mux_universal.go

@@ -282,7 +282,7 @@ func (a *xorMapped) closeWaiters() {
 		// just exit
 		break
 	default:
-		// notify tha twe have a new addr
+		// notify that twe have a new addr
 		close(a.waitAddrReceived)
 	}
 }

iface/device_wrapper_test.go

@@ -59,7 +59,7 @@ func TestDeviceWrapperRead(t *testing.T) {
 
 		n, err := wrapped.Read(bufs, sizes, offset)
 		if err != nil {
-			t.Errorf("unexpeted error: %v", err)
+			t.Errorf("unexpected error: %v", err)
 			return
 		}
 		if n != 1 {
@@ -105,7 +105,7 @@ func TestDeviceWrapperRead(t *testing.T) {
 
 		n, err := wrapped.Write(bufs, 0)
 		if err != nil {
-			t.Errorf("unexpeted error: %v", err)
+			t.Errorf("unexpected error: %v", err)
 			return
 		}
 		if n != 1 {
@@ -154,7 +154,7 @@ func TestDeviceWrapperRead(t *testing.T) {
 
 		n, err := wrapped.Write(bufs, 0)
 		if err != nil {
-			t.Errorf("unexpeted error: %v", err)
+			t.Errorf("unexpected error: %v", err)
 			return
 		}
 		if n != 0 {
@@ -211,7 +211,7 @@ func TestDeviceWrapperRead(t *testing.T) {
 
 		n, err := wrapped.Read(bufs, sizes, offset)
 		if err != nil {
-			t.Errorf("unexpeted error: %v", err)
+			t.Errorf("unexpected error: %v", err)
 			return
 		}
 		if n != 0 {

iface/iface_test.go

@@ -13,7 +13,7 @@ import (
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
-// keep darwin compability
+// keep darwin compatibility
 const (
 	WgIntNumber = 2000
 )

iface/module_linux.go

@@ -110,7 +110,7 @@ func canCreateFakeWireGuardInterface() bool {
 	// We willingly try to create a device with an invalid
 	// MTU here as the validation of the MTU will be performed after
 	// the validation of the link kind and hence allows us to check
-	// for the existance of the wireguard module without actually
+	// for the existence of the wireguard module without actually
 	// creating a link.
 	//
 	// As a side-effect, this will also let the kernel lazy-load
@@ -271,12 +271,12 @@ func moduleStatus(name string) (status, error) {
 func loadModuleWithDependencies(name, path string) error {
 	deps, err := getModuleDependencies(name)
 	if err != nil {
-		return fmt.Errorf("couldn't load list of module %s dependecies", name)
+		return fmt.Errorf("couldn't load list of module %s dependencies", name)
 	}
 	for _, dep := range deps {
 		err = loadModule(dep.name, dep.path)
 		if err != nil {
-			return fmt.Errorf("couldn't load dependecy module %s for %s", dep.name, name)
+			return fmt.Errorf("couldn't load dependency module %s for %s", dep.name, name)
 		}
 	}
 	return loadModule(name, path)

iface/tun_darwin.go

@@ -20,7 +20,7 @@ func (c *tunDevice) Create() error {
 func (c *tunDevice) assignAddr() error {
 	cmd := exec.Command("ifconfig", c.name, "inet", c.address.IP.String(), c.address.IP.String())
 	if out, err := cmd.CombinedOutput(); err != nil {
-		log.Infof(`adding addreess command "%v" failed with output %s and error: `, cmd.String(), out)
+		log.Infof(`adding address command "%v" failed with output %s and error: `, cmd.String(), out)
 		return err
 	}
 

infrastructure_files/base.setup.env

@@ -6,10 +6,10 @@
 NETBIRD_MGMT_API_PORT=${NETBIRD_MGMT_API_PORT:-33073}
 # Management API endpoint address, used by the Dashboard
 NETBIRD_MGMT_API_ENDPOINT=https://$NETBIRD_DOMAIN:$NETBIRD_MGMT_API_PORT
-# Management Certficate file path. These are generated by the Dashboard container
+# Management Certificate file path. These are generated by the Dashboard container
 NETBIRD_LETSENCRYPT_DOMAIN=$NETBIRD_DOMAIN
 NETBIRD_MGMT_API_CERT_FILE="/etc/letsencrypt/live/$NETBIRD_LETSENCRYPT_DOMAIN/fullchain.pem"
-# Management Certficate key file path.
+# Management Certificate key file path.
 NETBIRD_MGMT_API_CERT_KEY_FILE="/etc/letsencrypt/live/$NETBIRD_LETSENCRYPT_DOMAIN/privkey.pem"
 # By default Management single account mode is enabled and domain set to $NETBIRD_DOMAIN, you may want to set this to your user's email domain
 NETBIRD_MGMT_SINGLE_ACCOUNT_MODE_DOMAIN=$NETBIRD_DOMAIN

infrastructure_files/configure.sh

@@ -125,7 +125,7 @@ if [[ "$NETBIRD_DISABLE_LETSENCRYPT" == "true" ]]; then
   echo "- $NETBIRD_SIGNAL_ENDPOINT/signalexchange.SignalExchange/ -grpc-> signal:80"
   echo "You most likely also have to change NETBIRD_MGMT_API_ENDPOINT in base.setup.env and port-mappings in docker-compose.yml.tmpl and rerun this script."
   echo " The target of the forwards depends on your setup. Beware of the gRPC protocol instead of http for management and signal!"
-  echo "You are also free to remove any occurences of the Letsencrypt-volume $LETSENCRYPT_VOLUMENAME"
+  echo "You are also free to remove any occurrences of the Letsencrypt-volume $LETSENCRYPT_VOLUMENAME"
   echo ""
 
   export NETBIRD_SIGNAL_PROTOCOL="https"

infrastructure_files/turnserver.conf.tmpl

@@ -696,7 +696,7 @@ no-cli
 #web-admin-port=8080
 
 # Web-admin server listen on STUN/TURN worker threads
-# By default it is disabled for security resons! (Not recommended in any production environment!)
+# By default it is disabled for security reasons! (Not recommended in any production environment!)
 #
 #web-admin-listen-on-workers
 

management/cmd/management.go

@@ -101,7 +101,7 @@ var (
 
 			_, valid := dns.IsDomainName(dnsDomain)
 			if !valid || len(dnsDomain) > 192 {
-				return fmt.Errorf("failed parsing the provided dns-domain. Valid status: %t, Lenght: %d", valid, len(dnsDomain))
+				return fmt.Errorf("failed parsing the provided dns-domain. Valid status: %t, Length: %d", valid, len(dnsDomain))
 			}
 
 			return nil

management/cmd/root.go

@@ -61,7 +61,7 @@ func init() {
 	mgmtCmd.Flags().StringVar(&certFile, "cert-file", "", "Location of your SSL certificate. Can be used when you have an existing certificate and don't want a new certificate be generated automatically. If letsencrypt-domain is specified this property has no effect")
 	mgmtCmd.Flags().StringVar(&certKey, "cert-key", "", "Location of your SSL certificate private key. Can be used when you have an existing certificate and don't want a new certificate be generated automatically. If letsencrypt-domain is specified this property has no effect")
 	mgmtCmd.Flags().BoolVar(&disableMetrics, "disable-anonymous-metrics", false, "disables push of anonymous usage metrics to NetBird")
-	mgmtCmd.Flags().StringVar(&dnsDomain, "dns-domain", defaultSingleAccModeDomain, fmt.Sprintf("Domain used for peer resolution. This is appended to the peer's name, e.g. pi-server. %s. Max lenght is 192 characters to allow appending to a peer name with up to 63 characters.", defaultSingleAccModeDomain))
+	mgmtCmd.Flags().StringVar(&dnsDomain, "dns-domain", defaultSingleAccModeDomain, fmt.Sprintf("Domain used for peer resolution. This is appended to the peer's name, e.g. pi-server. %s. Max length is 192 characters to allow appending to a peer name with up to 63 characters.", defaultSingleAccModeDomain))
 	mgmtCmd.Flags().BoolVar(&idpSignKeyRefreshEnabled, "idp-sign-key-refresh-enabled", false, "Enable cache headers evaluation to determine signing key rotation period. This will refresh the signing key upon expiry.")
 	mgmtCmd.Flags().BoolVar(&userDeleteFromIDPEnabled, "user-delete-from-idp", false, "Allows to delete user from IDP when user is deleted from account")
 	rootCmd.MarkFlagRequired("config") //nolint

management/server/account_test.go

@@ -1116,7 +1116,7 @@ func TestAccountManager_DeletePeer(t *testing.T) {
 	}
 
 	if account.Network.CurrentSerial() != 2 {
-		t.Errorf("expecting Network Serial=%d to be incremented and be equal to 2 after adding and deleteing a peer", account.Network.CurrentSerial())
+		t.Errorf("expecting Network Serial=%d to be incremented and be equal to 2 after adding and deleting a peer", account.Network.CurrentSerial())
 	}
 
 	ev := getEvent(t, account.Id, manager, activity.PeerRemovedByUser)

management/server/dns.go

@@ -216,7 +216,7 @@ func addPeerLabelsToAccount(account *Account, peerLabels lookupMap) {
 			log.Errorf("got an error while generating a peer host label. Peer name %s, error: %v. Trying with the peer's meta hostname", peer.Name, err)
 			label, err = getPeerHostLabel(peer.Meta.Hostname, peerLabels)
 			if err != nil {
-				log.Errorf("got another error while generating a peer host label with hostname. Peer hostname %s, error: %v. Skiping", peer.Meta.Hostname, err)
+				log.Errorf("got another error while generating a peer host label with hostname. Peer hostname %s, error: %v. Skipping", peer.Meta.Hostname, err)
 				continue
 			}
 		}

management/server/grpcserver.go

@@ -169,7 +169,7 @@ func (s *GRPCServer) Sync(req *proto.EncryptedMessage, srv proto.ManagementServi
 				s.cancelPeerRoutines(peer)
 				return nil
 			}
-			log.Debugf("recevied an update for peer %s", peerKey.String())
+			log.Debugf("received an update for peer %s", peerKey.String())
 
 			encryptedResp, err := encryption.EncryptMessage(peerKey, s.wgKey, update.Update)
 			if err != nil {

management/server/http/accounts_handler_test.go

@@ -117,7 +117,7 @@ func TestAccounts_AccountsHandler(t *testing.T) {
 			expectedID:    accountID,
 		},
 		{
-			name:           "PutAccount OK wiht JWT",
+			name:           "PutAccount OK with JWT",
 			expectedBody:   true,
 			requestType:    http.MethodPut,
 			requestPath:    "/api/accounts/" + accountID,
@@ -134,7 +134,7 @@ func TestAccounts_AccountsHandler(t *testing.T) {
 			expectedID:    accountID,
 		},
 		{
-			name:           "PutAccount OK wiht JWT Propagation",
+			name:           "PutAccount OK with JWT Propagation",
 			expectedBody:   true,
 			requestType:    http.MethodPut,
 			requestPath:    "/api/accounts/" + accountID,

management/server/http/util/util.go

@@ -18,7 +18,7 @@ type ErrorResponse struct {
 	Code    int    `json:"code"`
 }
 
-// WriteJSONObject simply writes object to the HTTP reponse in JSON format
+// WriteJSONObject simply writes object to the HTTP response in JSON format
 func WriteJSONObject(w http.ResponseWriter, obj interface{}) {
 	w.WriteHeader(http.StatusOK)
 	w.Header().Set("Content-Type", "application/json; charset=UTF-8")

management/server/peer.go

@@ -731,7 +731,7 @@ func checkAuth(loginUserID string, peer *Peer) error {
 		return status.Errorf(status.PermissionDenied, "peer login has expired, please log in once more")
 	}
 	if peer.UserID != loginUserID {
-		log.Warnf("user mismatch when loggin in peer %s: peer user %s, login user %s ", peer.ID, peer.UserID, loginUserID)
+		log.Warnf("user mismatch when logging in peer %s: peer user %s, login user %s ", peer.ID, peer.UserID, loginUserID)
 		return status.Errorf(status.Unauthenticated, "can't login")
 	}
 	return nil

management/server/policy.go

@@ -43,7 +43,7 @@ const (
 )
 
 const (
-	// PolicyRuleFlowDirect allows trafic from source to destination
+	// PolicyRuleFlowDirect allows traffic from source to destination
 	PolicyRuleFlowDirect = PolicyRuleDirection("direct")
 	// PolicyRuleFlowBidirect allows traffic to both directions
 	PolicyRuleFlowBidirect = PolicyRuleDirection("bidirect")

management/server/policy_test.go

@@ -111,8 +111,8 @@ func TestAccount_getPeersByPolicy(t *testing.T) {
 	t.Run("check that all peers get map", func(t *testing.T) {
 		for _, p := range account.Peers {
 			peers, firewallRules := account.getPeerConnectionResources(p.ID)
-			assert.GreaterOrEqual(t, len(peers), 2, "mininum number peers should present")
-			assert.GreaterOrEqual(t, len(firewallRules), 2, "mininum number of firewall rules should present")
+			assert.GreaterOrEqual(t, len(peers), 2, "minimum number peers should present")
+			assert.GreaterOrEqual(t, len(firewallRules), 2, "minimum number of firewall rules should present")
 		}
 	})
 

management/server/user.go

@@ -719,7 +719,7 @@ func (am *DefaultAccountManager) SaveUser(accountID, initiatorUserID string, upd
 
 	if update.AutoGroups != nil && account.Settings.GroupsPropagationEnabled {
 		removedGroups := difference(oldUser.AutoGroups, update.AutoGroups)
-		// need force update all auto groups in any case they will not be dublicated
+		// need force update all auto groups in any case they will not be duplicated
 		account.UserGroupsAddToPeers(oldUser.Id, update.AutoGroups...)
 		account.UserGroupsRemoveFromPeers(oldUser.Id, removedGroups...)
 

release_files/install.sh

@@ -360,7 +360,7 @@ if type uname >/dev/null 2>&1; then
                 echo "NetBird UI installation will be omitted as $ARCH is not a compatible architecture"
             fi
 
-            # Allow netbird UI installation for linux running desktop enviroment
+            # Allow netbird UI installation for linux running desktop environment
             if [ -z "$XDG_CURRENT_DESKTOP" ];then
                 SKIP_UI_APP=true
                 echo "NetBird UI installation will be omitted as Linux does not run desktop environment"

version/update_test.go

@@ -82,7 +82,7 @@ func TestDaemonUpdate(t *testing.T) {
 
 	waitTimeout(wg)
 	if onUpdate != true {
-		t.Errorf("invalid dameon version check")
+		t.Errorf("invalid daemon version check")
 	}
 }