First Build alpha 0.1

templates/docker-compose.yml.j2

@@ -0,0 +1,67 @@
+version: '3.8'
+
+networks:
+  {{ docker_network }}:
+    external: true
+
+services:
+  netbird-management:
+    image: {{ netbird_management_image }}
+    container_name: netbird-kunde{{ customer_id }}-management
+    restart: unless-stopped
+    networks:
+      - {{ docker_network }}
+    volumes:
+      - {{ instance_dir }}/data/management:/var/lib/netbird
+      - {{ instance_dir }}/management.json:/etc/netbird/management.json
+    command:
+      - "--port"
+      - "80"
+      - "--log-file"
+      - "console"
+      - "--log-level"
+      - "info"
+      - "--single-account-mode-domain={{ subdomain }}.{{ base_domain }}"
+      - "--dns-domain={{ subdomain }}.{{ base_domain }}"
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/api/accounts"]
+      interval: 30s
+      timeout: 5s
+      retries: 3
+      start_period: 15s
+
+  netbird-signal:
+    image: {{ netbird_signal_image }}
+    container_name: netbird-kunde{{ customer_id }}-signal
+    restart: unless-stopped
+    networks:
+      - {{ docker_network }}
+    volumes:
+      - {{ instance_dir }}/data/signal:/var/lib/netbird
+
+  netbird-relay:
+    image: {{ netbird_relay_image }}
+    container_name: netbird-kunde{{ customer_id }}-relay
+    restart: unless-stopped
+    networks:
+      - {{ docker_network }}
+    ports:
+      - "{{ relay_udp_port }}:3478/udp"
+    env_file:
+      - {{ instance_dir }}/relay.env
+    environment:
+      - NB_ENABLE_STUN=true
+      - NB_STUN_PORTS=3478
+      - NB_LISTEN_ADDRESS=:80
+      - NB_EXPOSED_ADDRESS=rels://{{ subdomain }}.{{ base_domain }}:443
+      - NB_AUTH_SECRET={{ relay_secret }}
+
+  netbird-dashboard:
+    image: {{ netbird_dashboard_image }}
+    container_name: netbird-kunde{{ customer_id }}-dashboard
+    restart: unless-stopped
+    networks:
+      - {{ docker_network }}
+    environment:
+      - NETBIRD_MGMT_API_ENDPOINT=https://{{ subdomain }}.{{ base_domain }}
+      - NETBIRD_MGMT_GRPC_API_ENDPOINT=https://{{ subdomain }}.{{ base_domain }}

templates/management.json.j2

@@ -0,0 +1,63 @@
+{
+  "Stuns": [
+    {
+      "Proto": "udp",
+      "URI": "stun:{{ subdomain }}.{{ base_domain }}:{{ relay_udp_port }}",
+      "Username": "",
+      "Password": null
+    }
+  ],
+  "TURNConfig": {
+    "Turns": [
+      {
+        "Proto": "udp",
+        "URI": "turn:{{ subdomain }}.{{ base_domain }}:{{ relay_udp_port }}",
+        "Username": "netbird",
+        "Password": "{{ relay_secret }}"
+      }
+    ],
+    "CredentialsTTL": "12h",
+    "Secret": "{{ relay_secret }}",
+    "TimeBasedCredentials": false
+  },
+  "Relay": {
+    "Addresses": [
+      "rels://{{ subdomain }}.{{ base_domain }}:443"
+    ],
+    "CredentialsTTL": "12h",
+    "Secret": "{{ relay_secret }}"
+  },
+  "Signal": {
+    "Proto": "https",
+    "URI": "{{ subdomain }}.{{ base_domain }}:443",
+    "Username": "",
+    "Password": null
+  },
+  "HttpConfig": {
+    "AuthIssuer": "https://{{ subdomain }}.{{ base_domain }}",
+    "AuthAudience": "{{ subdomain }}.{{ base_domain }}",
+    "OIDCConfigEndpoint": ""
+  },
+  "IdpManagerConfig": {
+    "ManagerType": "none"
+  },
+  "DeviceAuthorizationFlow": {
+    "Provider": "none"
+  },
+  "PKCEAuthorizationFlow": {
+    "ProviderConfig": {
+      "Audience": "{{ subdomain }}.{{ base_domain }}",
+      "ClientID": "",
+      "ClientSecret": "",
+      "Domain": "",
+      "AuthorizationEndpoint": "",
+      "TokenEndpoint": "",
+      "Scope": "openid profile email",
+      "RedirectURLs": [
+        "https://{{ subdomain }}.{{ base_domain }}/auth/callback"
+      ],
+      "UseIDToken": false
+    }
+  },
+  "DataStoreEncryptionKey": "{{ relay_secret }}"
+}

templates/relay.env.j2

@@ -0,0 +1,7 @@
+# NetBird Relay Environment - Customer {{ customer_id }}
+# {{ subdomain }}.{{ base_domain }}
+NB_AUTH_SECRET={{ relay_secret }}
+NB_LISTEN_ADDRESS=:80
+NB_EXPOSED_ADDRESS=rels://{{ subdomain }}.{{ base_domain }}:443
+NB_ENABLE_STUN=true
+NB_STUN_PORTS=3478