Netbird - an Open Source, Self Hosted Wireguard based VPN system. Server GUI and client setup ease!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] it's your open source Advocate and I'm back with another video and today I wanted to talk about netb bird now netb bird reached out to me a few weeks ago to ask if I'd be interested in covering their software um this is another wire guard uh VPN option but it is open source it is self-hosted it is very similar in my opinion to net maker um looked really good I haven't tried to install it yet I haven't tried to do anything but one of the things that I I did want to kind of point out which I really appreciate um they're not paying me to sponsor this video they're not doing anything like that but they do have a discount code for any of you who want to try to come use their paid plans so I'll talk about that later in the video so that you know what you can get by using their services but one of the things that I appreciate about any open source project and I've been looking at a lot of Open Source projects lately because I'm getting ready to do a series that I that I just really am excited about and I've been looking for different solutions to different problems that that series would need and I find a lot of things that come up when I search for open source XYZ whatever I'm looking for I go to their pages I check out their homepage they've got tons of great marketing kind of Spiel things like that they show you exactly how to get to their pricing really easy but they do not show you how to get to their open source project so one thing I really appreciate about netb bird is it's right here they're saying hey we're open source and if you click this is going to take you to GitHub where you can see what's going on with our software I cannot tell you how much I appreciate that as an open source Advocate as a person who seeks Out open- Source technology intentionally this little thing right here makes a huge difference and and a lot of projects will have at least the GitHub logo or a link or something that says open source or Community version things like that so that said I really appreciate that net bird has this button right here it makes it so easy to go and look at what they're doing how often are they updating the software and this is the last few days is where I've seen some of the latest uh updates that they've made which is awesome they're pretty new to the game but they've really got a lot of stuff and I think it's just amazing what you can get from the the project so I'm going to jump over to the GitHub page here because it has a really nice checklist but yeah if you look right here four days ago yesterday so you've got some really recent things that are happening on it so they're they're actively developing this which is awesome you can see they've got a nice set of contributors here which is great and U I'm going to jump way down to the bottom real quick one of the things I appreciate is that they say we are based on open source Technologies like wire guard py on Ice which is web RTC curn which I've talked about in the past and then Rosen pass they appreciate what those other open source projects are doing that's awesome thank you for saying that truly truly appreciated whenever I see anybody else appreciating somebody for an open source project but then they also say we'd greatly appreciate it if you could support them not hey here's a place to donate to us we have a business model already but if you'd like to donate something if you appreciate the work that they're doing that's helping us do this go donate to them that's awesome I appreciate them doing that and then linking to these other places that's that's totally awesome that that they do that and and that they make it so easy for you to find that and and for you to be able to go and help keep those projects going as well so I'm going to go back up to the top here because we've got a nice check list of things that they offer so here's their key features so you can see what their connectivity features are so they use the wire guard kernel inside of Linux at least now they've got uh Windows Mac Android they have a beta for iOS out now open wrrt so you can see over here what all they've got already checked off they've got an open wrt version which is awesome because I'm using open wrt which means I could just set my whole network to be on the wire guard Network which is cool they've got Docker of course iOS like I said is in beta so it's not checked yet but they just put out the beta I think yesterday from the time that I'm filming this so be aware that it's it's going and it'll be checked off pretty soon but you'll have pretty much any way you connect to your network or the internet to be able to connect to the net bird Network which is awesome um peer-to-peer connections peer-to-peer encryption using wire guard it has connection relay fallback so sometimes there are networks like your carrier grade networks that don't allow direct peer-to-peer connections to your smartphones and things like that so you do need some kind of relay fallback if that happens which is really nice that they have that so you can set up routes to external networks and then you have Nat reversal if if possible that'll be done as well if you jump over to the management they've got an admin webui and we'll look at that as we go through here they've got the auto peer Discovery and configuration which is really great so they're making this very very low touch you just need to install netb bird and then install the net bird agent on your different devices and things kind of just are done in the background for you to help them discover each other just like when you added when we did head scale a few week weeks ago and you added a tail scale client um you could just show a list of all the other clients it was really great and really cool so this is really awesome I like this the IDP Integrations is pretty great I don't know exactly what they've got so far uh but this SSO and MFA support IDP Integrations are there so definitely like Google you'll have different things like that you can use for your log on instead of just using your email and password um I'm hoping that they'll have where I can use like my custom authentic instead of my own IDP that would be great um Access Control groups and rules private DNS multi-user support activity logging and then you've got SSH access management which is really awesome uh for the automation side they've got a public API you can set up keys for bulk Network provisioning which is really important if you're an Enterprise level person if you're an IT person you're looking for a solution that could help some of your clients maybe you're an MSP and you're looking for a really good VPN solution to help your clients and make it easy that's a fast connection because believe me I love openvpn it is an awesome project and it is has helped me through years of doing things over a VPN but if I can use wire guard I have shown in past videos that on a personal setup wire guard is much much faster than openvpn openvpn Cuts your connection down quite a bit depending on how you set it up but wire guard definitely is just out of the box much faster which is great um so again self-hosting quick start script which is great that's what we're going to use today they've got the IDP group sync with the JWT tokens and then here's the platforms again that they support so this is pretty much all the main ones now if you happen to be a BSD user maybe the Linux version would work for you but I think there's definitely some different things in the networking stack for that so I can't promise you that but if if they're not supporting it and you want it then that's something you should hey you know let them know like hey we'd love to see some BSD support and maybe you can contribute something to help them get that going so I'm pretty excited about this one they've got a lot of really cool stuff and and I love to to see how they put things together like this but um but I do always ask ask them to provide a discount code or some kind of benefit for all of you as viewers so there will be a discount code but I do want you to see the pricing even before the discount code happens and I want to talk about how this is going to support the open- source version so using their hosted services for free that's $0 per month you can have up to five users and a 100 devices right off the bat okay that means you can get on there and try it out with a bunch of devices and five different users that you want to have access to this thing and you get the peer-to-peer connections you get SSO with Google WordPress Azure GitHub you get access controls you get private DNS you get the network routes and you get a management activity log so you can see what's going on for people who are actually managing this setup for you that's this is amazing this is a really great deal right out of the gate just to use their hosted services and not even have to go set up the server yourself now we're self- hosters and I understand that so you want to know how to do that but I did want you to understand like if you just want to test this out here's your way to do it if you like it and you're like man I love this maybe my work would be willing to put this in place then look at this size for teams you can do unlimited users okay that means if you have a th000 employees 10,000 employees 40,000 employees this is what they're saying now they don't they probably don't want 40,000 employees on their Network they might need to have a little discussion with you first but if you've got somebody you know 20 employees or 20 people on a team that you're doing something with you can have a 100 100 machines plus 10 per user so if you had 20 people that's 200 extra machines that's 300 machines plus these users for $5 per user per month $5 that's a $100 a month to be able to have 300 machines and unlimited user or 20 users that that's amazing now you can try it for free and then you get some extra bonuses on top of what you get with the free plan so you get the free plan plus these things that's really awesome let's just say you are a really big business maybe you've got a thousand users that you want to get set up then it's time for you to jump over to this one you get some extra stuff down here of course but then look at this it's same thing unlimited users 100 machines plus 10 per user 10 per user so if you had a 100 users that's ,100 machines at $12 per user per month now if you're a business $1,200 per month might be a pretty smart investment for some encrypted secure networking that's really cool so I like like the pricing I I like that the way that they're kind of starting to work on this and we're about to check out the software and see how it functions so again I'm going to set up a network on a VPS with digital lotion and then we're going to get everything installed and we'll go install a couple of clients and see how well they communicate and we'll look at the user interface and see what all we can do to get started we're going to go over and we need to have a couple of things in place in order to run this at least out on a VPS but really even in your own firewall or inside of your own network so you're going to need a domain name again that could be like a dynamic domain name like Duck DNS or something like that or it could be one that you own which is perfectly fine um and you're going to need something to run it on so if you're running on your Home Server go ahead and set up your VM get everything ready get those ports forwarded that we talked about earlier but I'm going to do this on uh on digital lotion because it's pretty easy so I've got digital lotion here you've got this whole side panel of control and things you can do but really you just go up here click on create droplet that's what they call their virtual private servers I'm in the United States and I am pretty much right in between New York and San Francisco so these doesn't really matter which one I pick but they've got different data centers that you can pick from um this is just the one they Auto picked for me it's fine as we go down I'm going to use the Ubuntu uh version just because I'm I'm very accustomed to that I do want to use an LTS I prefer to do that for things that are going to be long-term type setups so I'm going to use a 20204 version that's a 64 bit we're going to go down and the size here so they kind of start you off with basic but you can jump between these things and see how the prices change depending on what you're trying to get so they've got a lot of options and some of them are more expensive some of them aren't that expensive but if you stay down here at the basic you can get a lot out of it for kind of these self-hosting type situations so right here they've got a set on one that says a premium AMD so that's going to be our premium MD if you go to premium Intel the price changes by a dollar so just kind of notice as you change what the price does and gu just got regular so I'm going to use regular I don't have to have anything super great and if you'll notice there is a little bit more over here on regular so there's a 4 one now this is going to give you 52 megabytes um with one CPU that's that's Ram now they said 2 gigs of RAM is what they suggest so that's going to take us over to here which is about the $12 Mark which is fine it could work here on the on the one CPU you know one gig of RAM but they suggest this one so that's what I'm going to go with to try to be successful you can always play with it and see what you can get like I said I'm an affiliate so if you use my link you will get a credit for digital lotion that you can try before you have to buy anything and if you cancel and don't ever pay I I don't get anything I just like digital lotion I think their setup's really easy if you like Len node or if you like volter they're all pretty similar to be honest but yeah I mean digital lotion just where I'm at and what I'm used to I do recommend if you're setting this up go create an SSH key put it in here so I'm going to use this one and I'm going to use my iMac so that I can access this from either machine these are my public keys that pop up so don't worry about that you're seeing it it's fine we're going to go on down all right we're going to go on down now there's a little there's a few other options here but none of these things that we need right now but down here I'm going to go ahead and name this droplet you can name it anything you want you see they just give you a random name I'm going to go ahead and name this the way that I want it to be called so I'm just going to name this netb bird. opensource is awesome.com so I own the domain opensources awesome.com and I can set up the a records to point to the IP address that they're going to generate for me here in a minute if you have a lot of digital lotion droplets if you're really using them to the fullest tags can really help you sort and find things pretty quickly so it helps to tag things but I've only got a few so I don't need that so going to click click on create it's going to start creating that droplet I'm going to jump over here and I'll show you kind of what we're working with uh in in here with uh cloudflare so uh this is the only domain that I have in Cloud flare I I I don't really use most of the services that they offer um just be aware they have some pretty cool stuff that you can see but let's see I'm going to go to DNS oh actually we're going to go over here to add a record sorry and it's already set to a which is great and we're going to need the name so that was netb bird and you see right here it fills it out net bird. open sources awesome.com is what it's going to be called we're going to need that IP address that we get from digital ocean and then we have to decide if we want this to be proxy or not in this case because it's doing some kind of stuff with with our Network we we don't want it to be proxied um so just be aware of that um and then your time to live is auto but we can set this to whatever we want so I'm going to set it to 5 minutes because we'll have plenty of time to work on other stuff while we're waiting for this to kind of get set in fact we could probably even do 10 minutes and then be a little kind but there we go so we've got 10 minutes set up we just need to grab that IP address from digital ocean when it's finished so it's about to finish up here and we're just going to copy just click on a little copy button we're going to go back here and we're just going to paste that into the IP address field and we've got an A record set up and now all we have to do is save that and that's it it's added so we've got net bir that's going to point to our public IP address for our digital ocean uh droplet so the next thing we need to do is actually access that droplet through an IP address uh or through the the domain name if you've had set up for long enough and we're just going to go here and we're just going to do uh let's see I'm going to make this a little larger for you guys so we're going to do SSH and I'm going to do root because it sets up the root user for you automatically and I'm just going to paste in that IP address it's going to ask if I trust it which I'm trying to go to it so I do and it's going to log me in so we're going to clear this out and first thing I'm going to do is just update it so apt update to Amper Sands apt upgrade Dy we're going to let this thing update and once it's up to date we're going to create a nonroot user that has pseudo privileges to use for the rest of this tutorial all right that completed so I'm just rebooting that server real quick so I just typed in reboot I didn't have to type pseudo CU I was logged in as route anyways but we're going to let that reboot takes about 15 20 seconds they're really fast to reboot which is great and then we'll log right back into it so I'm going to clear that out and I'll just do SSH again uh we'll go ahead let's see if it's back up not yet it's not back up yet we're just going to give it a little more time if you get connection refuse it could just mean that it's still rebooting don't don't freak out about that just kind of give it a few minutes or a little bit of you know a little bit of time and then try again there we go see now it's talking that's great it's going to log Us in awesome and we're going to go back up here to just clear this out and what I want to do is I want to create a nonroot user who has pseudo privileges so we can do that pretty easily with a few commands so add user this is a Debian yuntu command I don't think this is in Fedora if you're on Fedora or a different kind of workstation you would do user ad and then you need to go create the home home directory and set up a password for and things like that but nice thing about add user is it kind of does that for us so I'm just going to say add user Brian that's me it's going to ask me for my password so I'm going to put in a nice strong uh super user password here and then I'm going to confirm it hopefully I typed it correctly yes now you can fill all this out you don't have to but it's up to you and then you're going to go down here and that capital y means that's the default to accept this information so yes now I've created my user but I'm not a super user yet so I need to make myself a super user so I'm going to do user mod hyphen little a capital G and then we're going to say uh pseudo and then we're going to put in the names of the users that we want to have pseudo privileges so I'm going to just it's just me so Brian so it's user Mod Space hyphen little a capital G space pseudo space Brian or whatever username you used of course hit enter and now your user is a super user now the last thing for me is I don't have the ability to log in yet because I'm using SSH keys and not password password authentication now you could go change something in your Etsy uh SSH file to allow password authentication briefly and then do SSH copy ID to push up your SSH keys and all that kind of stuff but the SSH keys I'm going to be using are the exact same ones that I already have in my root user so I'm just going to copy that folder over so it's a little bit quicker a little bit easier to do we're just going to do cp. sl. SSH there we go and I'm going to copy that to slome slban slash so if you put that in SL like that it's going to copy this folder over to this directory and we need this to be SSH let's make sure we get that set correctly and we can actually just take out the dot slash there we go SSH to home Brian and let's see oh I got to use a DHR because it's a folder so sorry about that we got to have CP space- R which means recursive which means everything inside of this folder and then the folder is SSH it's a hidden folder and then we're going to copy that to slome slban and then we have that in slash so it copies it into my folder there we go that's done now we're just going to change the permissions on it so we're going to do Chon Das capital r in this case for recursive Brian colon Brian that's me for my user and me for my group and we're going to say slome slban and that'll get everything uh under it so there we go so now I'm the owner of that SSH key file and I can exit from root and I can just go back and change root to Brian and actually let's try out our domain name and see if we can get in with that yet so netb bird. opensource is awesome.com and do you trust it yes I do so that means that it's routing correctly and we're logged in and I'm logged into netb Bird that's cool all right so we're going to clear out the terminal one more time here and then we've got a little bit more setup to do so we've done a couple of things we've set up our domain main name we've pointed it to our public IP address we've updated our server and we've created our nonroot user that has super user privileges so we're doing really well we've just got to kind of work through these steps a little at a time but we're going to use the netb bird self-hosting quick start guide it says right here five minutes and it shouldn't take too long but there's some things that we need to read through and just make sure we get everything set up now they're gonna they're going to use a zil IDP for your login so it it sets up everything for you um nothing for you to do from that standpoint but there's a couple of things that they do tell you that you want to make sure you get set up correctly so you want that Linux VM and again 1 CPU 2 gigs of of ram we've already set that up which is great um the VM should be publicly accessible so you need certain ports and Port ranges again this is another reason not to have it on your local network we talked about that earlier and then you've got this public domain name which we've already set up and pointed to our virtual public virtual private server which is great so Docker installed on the VM that's going to be an important one JQ installed on the VM and then curl installed on the VM so we want to get those things all installed and set up on this virtual private server that we set up um so we're going to go through and do those things once we've got all of that stuff set we should be pretty much ready to go and we'll have a set of commands down here that we can follow uh to make everything really pretty quick and easy and painless in fact they've got a simple oneliner here which we can use which is great so first let's go get these other things set up and make sure that we've got this stuff installed and ready like they've asked us to all right I've got our virtual server set up and I've created a nonroot user so I did that in the background but you should always do that it's very important for you to have a non-root user with pseudo privileges so that's what I've created here um I've es station into this server and we're going to go ahead and install um curl and JQ so we're going to do Pudu at install curl and then also JQ we're just going to put them both in the same command and then Dy it's going to go through and it's going to say hey we need to install a couple of things things here I already told it yes so it's not going to prompt me just goes through and does the installation and install both of those things pretty quickly so if we do curl we should just get like Hey try curl help if we do JQ it's going to give us a little bit of information about it here's the listing of options for JQ so good we've got them both installed we can clear that out now we need to get Docker now you can go through and do a bunch of manual steps to get Docker um the way that I like to do it is I created a script out here this makes it a lot easier and I'll just give you a oneliner to basically get this running but I've got it out here on my gitlab so we're just going to go down here to the one that says Docker installs and I'll give you a direct link right to what you need and I'll give you the the oneliner command you won't even have to go do what I'm doing right now but I'm going to go in here and I'm going to get the raw version of this I'm just going to grab this blink and I'm going to go back over here and I'm going to say WG Dash and then capital O I'm going to call this install dcker Dosh so that's what we want the file to be called and then we're going to paste in that link so it says WG is going to go grab what's at this link it's going to create it it's going to pull it down and call it a file that's install Docker Dosh so going to do that there we go we'll clear that out and then if we do LS we'll see install Docker Dosh we're going to do chod plus X install doer Dosh which makes this executable and now we can run it with/ install doer. sh when we do that it's going to come up and tell you here's what your operating system looks like it is it's Ubuntu Ubuntu 20204 and then it gives you information that's just to help you pick from here in case you're not sure which one you've got so this should support everything in fact this will support plus so that's 2304 2310 it should work on any of those um you 2 1804 is got its own number Debian 10 11 this should actually be 12 also Centos 78 stream Fedora just so on any of the red hat spins basically is number one you've got Arch Linux for five you've got open suit for six uh arm 64 for raspian for seven and then if you don't want to end up doing this you can just hit eight and it'll quit quit the installer but we want to do number four and it's going to ask us do you want Docker CE yes and then it says Docker compos appears to be installed it is so that's good um so we're just going to hit no for the rest of these so I do have some other uh containers that you could set up if you wanted to try those out but this is going to go through and it's going to try to run updates on the server real quick and as long as it doesn't hit any snag with like the VPS I run the updates first in the background just to make sure everything's updated and then the script runs but with a VPS sometimes it prompts you and because I'm not showing you everything on the screen you don't see the prompt and it'll look like it's hung just pass on by it if that happens so we're getting Docker C installed now if you didn't have Docker compose installed already it would prompt you about Docker compose you would also want to hit yes for this particular project for that one as well all right looks like everything's good it's going to create this Docker network uh yep all right cool so I just do a few things for you through that script it's nothing that you have to worry about or use in this case but it's it's pretty easy to get everything installed that way instead of running a bunch of separate commands so now if we do Docker PS there we go and if we do Docker compose PS same thing so it says no configuration file provided but that means do compos installed I just couldn't find a do composed. file which is fine all right we're going to clear that out we're going to go back to their instructions their quick instructions here and here's the single liner so we're just going to copy this guy and you could just use the copy button over there but sometimes it tries to run it right then so I'm going to do contrl copy or contrl C I'm going to go here control shift V and then I'm just going to use uh control a to jump back to the beginning because we need to go right here and I called my netb bird. opensource is awesome.com that's the only thing I need to change right there because once it gets that set it's going to go run that curl command it's going to pull down their stuff and then it's going to run this script to get everything set up for us we just need to provide them the fully qualified domain name right there that we're setting up for this server so we're going to let this thing run it's going to go pull some stuff down you'll kind of see it as it processes just be patient while it gets running and it'll be up and running in just a minute or so all right once everything runs through it's going to tell you hey you can access your dashboard here and then it's going to give you the uh username of admin at your particular domain and then it's going to give you a nice long strong password that you should copy immediately to keep track of so let's copy that now this is going to be gone this is just a test system so don't worry that you guys can see it but we'll click here it should open up in our browser for us there we go if you control click it'll open up in your browser in this case and the first thing it wants us to do is authenticate so we're going to do admin at and there's that one that's good we'll do that that is from what I tested before I'm going to paste in the correct password I'm going tell it sure now it's going to want you to set up two Factor authentication if you have devices for doing some kind of PH2 or web auin stuff you can do that um I've not had a lot of luck with that with my iPhone so I'm just going to use the normal authenticator with the top token and you click on it and click next and when you have the dark reader on sometimes you can't scan this correctly so I'm going to have to switch this for just a minute so I apologize for the brightness if it comes up and once you get that code on your device whatever you're using for two Factor you want to type that in and hit next it's going to tell you that it's verified you can hit next and it wants you to change the password so we're going to paste in that password we copied earlier and we're going to change this to a new password that we want and then we'll hit next next everything is up to date we're just going to hit next one last time and then put in our authentication code one more time and there we go we're up and running on netb bird server and we used our zitel login so that's really great and you can see here that it's saying hey there's no devices it can't find anything right now so you can just close that little warning for now because we don't have any devices enrolled yet but it wants us to get started enrolling a device so you would just click here and it's going to tell you here's how you do this so if you've got a Linux machine here's what you would use if you've got a Windows machine you would download the installer for their for their agent same way with Mac OS Android you go to the Google Play Store get their app and then here's some information and Docker if you want to run this in a Docker container alongside your other containers you can run it like that now remember iOS is currently in beta so it should be coming along soon but it's not here yet but soon you'll have an iOS tab up here as well so I've got mostly Linux systems so we're going to get the installation is set up of a couple of Linux systems right now all right to install this on one of your Linux machines as a agent client um you want to follow their instructions and they've got this nice oneliner this is the one that I would try on most machines just to make sure that you know if it'll work it makes it a lot easier but if you need to do a manual install you can try these steps here you need to install things on you buntu you can install it in different places uh I'm just going to copy this and we'll go to I've got the command lineup for this machine that I'm on we'll paste it in here and it wants my password as a super user so I'm put that in it's going to add a few things to yuntu here and in this case I'm running on 2310 with KDE so it looks like this is going to have a similar command structure to um tail scale where it's got a command line interface it it's fine for the net bird folks I'm begging people who are making things that are intended for Linux users to connect to a network a gooey is an important thing in this day and age even on Linux so for instance tail scale does not make a does not make one but tray scale is this one that I'm using here for tail scale so I'm going to show you what it looks like here and you can see I've got this list of all of the machines and devices that I have on my network and if I click on one of them I can see the details for it it brings them up over here on the right side I can do a few actions from here as well and the top machine listed is the machine that I'm currently on so I can see some information about it so I've got all of this really great stuff that I can see about the different machines and servers that I have on my network it's really useful I love a gooey it's really great it's okay to have the command line but Linux users are getting to the point where goys are just as important to us as they are to the rest of the world so please for the netb bird folks for everybody else out there that's making any kind of VPN software you need to have a goey uh even for Linux or Unix yes we like command line but not everybody's like that anymore they get into this software you should be able to do everything from a graphical user interface as well as from the command line so please consider that so we've gotten into our actual user interface here and what happens is this creates your netb bird account but it also creates a zadel account so there's a users section over here but it doesn't actually let you use these users um or create users from here you actually need to do that from the zadel UI so if we just take this and copy it and then bring it to another Tab and we actually need to change this to be and then it's slui console this is going to take us over to our zadel Management console and there's more to be set up on that as you would expect because it is a fullon single sign on solution kind of like authentic or aelia or some of those so there's there's a bit of stuff to be set up so you can see here it has three of six complete so the script that we ran to install the server actually set a lot of three of these things up and these other three are the things that we can go set up so you can do set up your brand you can go and Grant users and and then your SMTP settings are important so this one if you want to add more users you're going to need to set this up because then it emails that user to say Hey you know you've been set up with an account you need to go and actually verify that account so just be aware of that I'm not doing a zadel video I just wanted you to understand like hey if you want to add users you need to kind of go this route where you add that you go to your urlu console and that'll bring you to your zadel install and then you can add users from there um and then they can authenticate back to your netb bird install okay that said the the fun part that we want to get to is actually adding a client so a couple of things that you should be aware of so I'm using Cloud flare if you're using Cloud flare you need to know this so let me go back into Cloud flare and show you this because when I initially got here and I tried to set up a tried to set up an actual um device I was getting some errors and I couldn't figure out what was going on so I emailed the guys over at nitb bird and they were super helpful they helped me work through it they got me to send them some logs and things like that after I told them what was going on so one of the things that they told me that I I guess I didn't either I don't think it was there I looked but in in their system they use grpc for some communication protocols and you need to make sure that that's enabled so You' go to your cloudflare url or or setup you go down here to network and there's these different options here under Network and one of these options is grpc so you just need to kind of scroll down through here and you're looking for the grpc option uh let's see right here under Network and you'll see this is now enabled it was disabled when I first started trying to do this so the first thing is go make sure you enable this if you're using Cloud flare or if you use another host that's similar to Cloud flare you might need to make sure that grpc is enabled once I did that um the other part that I had uh set up incorrectly here in the server that we set up earlier um I needed to go into uh so I had to do pseudo Nano slz hosts and I'll authenticate real quick and in here um this Loop this local host and and also a loop back address were both set up and they had netb bird. opensources a.com and then nird um set up as well so I just had to get rid of those things so it just says Local Host right here um once you remove those other entries then you should be good but if you have those entries here where local host or the loot back address is pointing to your domain name it's going to create problems whenever your your um systems try to authenticate whenever your different clients try to authenticate so two things you want to make sure to do is one make sure grpc is on if you're using Cloud flare if you're not using Cloud flare you probably don't need to worry about that one two go into your hosts file on your server and make sure that the fully qualified domain name is not being pointed at by Local Host which is 127.0.0.1 or by loopback which is 127.0 1.1 once you've done that uh you should be ready to go and actually set up one of your clients so I've already run the installer for the client um it's just a oneliner again super easy but we'll do it on another machine here in just a minute but I'll show you what it takes to get installed so I'm going to zoom this up a little bit when you go here and you say hey I'm going to create a new one it gives you the command so this is the command that we run to install the client on Linux and then down here it tells you here's how you do this but you can just copy this and then we can go back and we can just paste that in there and it's going to come up and you see it opens up the browser Tab and it says hey do you want to go ahead and authenticate yes I do and this is the one that I want to use and it's going to say hey you did it good job so then over here it's going to tell us everything should be good so now we can do netb bird d-el so if you want to see all the options you have for netb bird um here they are so you've got you can do command line completion so you can set that up you can use net bird down bird help Net bird login net bird service net bird self nird status nird up and nird version so you can see all those things and then you've got some different flags depending on what you're trying to accomplish and it tells you what these different flags do so the one we want to use is status which is status of the nird service so we'll do netb bird status and you can see here I've got what the version is CLI version we've got the management is connected we've got the signal connected and then we've got this is my the name of my machine so this is kind of like my host name for this machine that I could actually get to um we've got 100. 196.75 13316 and then here's the interface type which is Through the Wire guard kernel which is great and then the peers count is z z because I haven't set up any other peers yet so we we we know that there's no other peers here I went and set up the other machine and you can see it here on my netb bird site so you can see that they're both both listed and they both have their own domain names now if I open up my terminal again let's set up a new tab here and I'll make the font a bit bigger so you'll notice I don't have the SSH server turned on for either one of these but I'm going to be a to SSH because I have the SSH server running on those systems anyways so I don't know that this is going to do anything in this case for my machines but we'll give it a shot here let's let's just see um first by IP address let's do this one I think if I just click it it copies it yeah so if we do SSH Brian at and I can paste in that IP address and we can just and we're in so I'm already on that machine you can see it's there and if I do net status from it you can see that it's connected see what its IP address is which is the one we just connected to and then it shows one of one peers is connected so as you add more peers you'll see that there's you know however many and then many aren't connected and it'll give you that information it's pretty nice in the CLI but again Au is really nice so we've got that working that's great this is netd I think it's a really great system I've really enjoyed using it and as you can tell there is some really great options here I'd love to see you guys get out there and just take them up on this teams option $5 per user per month even if just for yourself this just lets them know like hey I appreciate what you're doing and I'd love to see you continue this and keep it going and really for anything that you've got that's open source out there guys that you're using if you have the opportunity if you have the ability to go support them monetarily please consider doing that because it does keep those projects going those projects that you love to use and it makes everybody else have a good experience with those projects as well and it makes it so those projects can continue to do amazing work I hope you enjoyed this if you did like subscribe tell your friends about it so they can come along the journey with us and I'll talk to you next [Music] time it's your open source Advocate and I'm back and I've set up a store with a little bit of merchandise I love being your open source Advocate but I want you guys to be the open source Advocates with me so if you want to get out there and get some of this stuff and if you do let me know what you think of it thank you for subscribing

Info

Channel: Awesome Open Source

Views: 38,156

Rating: undefined out of 5

Keywords: open, source, opensource, open-source, self, hosted, selfhosted, self-hosted, free, libre, software, server, web, browser, linux, mac, macos, os x, windows, microsoft, unix, bsd, ios, android, pi, raspberry, desktop, vps, tutorial, how to, setup, installation, instructions, cli, command line, terminal, interface, network, networking, news, projects, tailscale, headscale, vpn, openvpn, cisco, netbird, wireguard, wire guard, zitadel, idp, user, provision, provisioning, docker, oauth, oidc, ldap, saml, private, virtual, encrypted, p2p, peer to peer

Id: _-vfSgqmOUI

Channel Id: undefined

Length: 38min 53sec (2333 seconds)

Published: Sat Nov 18 2023