netbird/signal
Viktor Liu 17b1099032
Enhance DNS failover reliability (#1637)
* Fix using wrong array index in log to avoid potential panic

* Increase gRPC connection timeout and add the timeout resolv.conf option

This makes sure the dns client is able to failover to a second
configured nameserver, if present. That is the case then when using the
dns `file` manager and a resolv.conf file generated for netbird.

* On file backup restore, remove the first NS if it's the netbird NS

* Bump dns mangager discovery message from debug to info to ease debugging
2024-03-01 15:17:35 +01:00
..
client Enhance DNS failover reliability (#1637) 2024-03-01 15:17:35 +01:00
cmd Log version when starting management and signal (#1649) 2024-02-29 16:05:47 +01:00
peer Fix Register/Deregister race on Signal (#431) 2022-08-22 12:21:19 +02:00
proto Integrate Rosenpass (#1153) 2024-01-08 12:25:35 +01:00
server Fix Register/Deregister race on Signal (#431) 2022-08-22 12:21:19 +02:00
Dockerfile Rename wiretrustee-signal to netbird-signal (#313) 2022-05-13 21:51:41 +02:00
main.go Rename module to netbirdio/netbird (#288) 2022-03-26 12:08:54 +01:00
README.md Rebrand client cli (#320) 2022-05-22 18:53:47 +02:00

netbird Signal Server

This is a netbird signal-exchange server and client library to exchange connection information between netbird peers

Command Options

The CLI accepts the command management with the following options:

start Netbird Signal Server daemon

Usage:
  netbird-signal run [flags]

Flags:
  -h, --help                        help for run
      --letsencrypt-domain string   a domain to issue Let's Encrypt certificate for. Enables TLS using Let's Encrypt. Will fetch and renew certificate, and run the server with TLS
      --port int                    Server port to listen on (e.g. 10000) (default 10000)
      --ssl-dir string              server ssl directory location. *Required only for Let's Encrypt certificates. (default "/var/lib/netbird/")

Global Flags:
      --log-file string    sets Netbird log path. If console is specified the the log will be output to stdout (default "/var/log/netbird/signal.log")
      --log-level string    (default "info")

Running the Signal service (Docker)

We have packed the Signal server into docker image. You can pull the image from Docker Hub and execute it with the following commands:

docker pull netbirdio/signal:latest
docker run -d --name netbird-signal -p 10000:10000 netbirdio/signal:latest

The default log-level is set to INFO, if you need you can change it using by updating the docker cmd as followed:

docker run -d --name netbird-signal -p 10000:10000 netbirdio/signal:latest --log-level DEBUG

Run with TLS (Let's Encrypt).

By specifying the --letsencrypt-domain the daemon will handle SSL certificate request and configuration.

In the following example 10000 is the signal service default port, and 443 will be used as port for Let's Encrypt challenge and HTTP API.

The server where you are running a container has to have a public IP (for Let's Encrypt certificate challenge).

Replace with your server's public domain (e.g. mydomain.com or subdomain sub.mydomain.com).

# create a volume
docker volume create wiretrustee-signal
# run the docker container
docker run -d --name netbird-signal \
-p 10000:10000  \
-p 443:443  \
-v netbird-signal:/var/lib/netbird  \
netbirdio/signal:latest \
--letsencrypt-domain <YOUR-DOMAIN>

For development purposes:

The project uses gRpc library and defines service in protobuf file located in: proto/signalexchange.proto

To build the project you have to do the following things.

Install golang gRpc tools:

#!/bin/bash
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.26
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.1

Generate gRpc code:

#!/bin/bash
protoc -I proto/ proto/signalexchange.proto --go_out=. --go-grpc_out=.