Netbird package not customizable enought

NemYr · July 24, 2025, 2:44pm

I'm playing a bit with netbird, and I feel like the netbird package lacks configuration customization.
Thats why I modified it a bit to have a /etc/config/netbird configuration file so you can actually tune it a bit, here are the files for thoses who are interested in the same feature:

The service file in /etc/init.d/netbird:

#!/bin/sh /etc/rc.common

START=90
STOP=10
USE_PROCD=1

handle_netbird_instance() {
	local section="$1"

	config_get_bool enabled "$section" 'enabled' 0
	if [ $enabled -le 0 ]; then
		return 1
	fi
	
	config_get_bool allow_server_ssh "$section" 'allow_server_ssh' 0
	config_get daemon_addr "$section" daemon_addr
	config_get config "$section" config
	config_get log_level "$section" log_level
	config_get log_file "$section" log_file
	config_get management_url "$section" management_url

	allow_server_ssh_value="false"
	if [ ${allow_server_ssh} -gt 0 ]; then 
		allow_server_ssh_value="true"
	fi

	config_filename="${config:-/etc/netbird/config.${section}.json}"

	[ -f "${config_filename}" ] && sed 's/"ServerSSHAllowed"\s*:[^,]*/"ServerSSHAllowed": '"${allow_server_ssh_value}"'/' "${config_filename}"

	procd_open_instance "$section"
	procd_set_param command /usr/bin/netbird
	procd_append_param command service run
	procd_append_param command --config "${config_filename}"
	procd_append_param command --log-level "${log_level:-info}"
	procd_append_param command --daemon-addr "${daemon_addr:-unix:///var/run/${section}.sock}"
	procd_append_param command --log-file "${log_file:-syslog}"
	procd_append_param command --management-url "${management_url:-https://api.netbird.io:443}"
	procd_set_param pidfile /var/run/netbird.pid
	procd_close_instance

	return 0
}

handle_netbird_triggers() {
	local section="$1"

	config_get_bool enabled "$1" 'enabled' 0
	if [ $enabled -le 0 ]; then
		return 1
	fi

	config_get trigger_iface "$section" trigger_iface
	if [ -z "$trigger_iface" ]; then
		return 1
	fi

	procd_add_interface_trigger "interface.*" "$trigger_iface" /etc/init.d/netbird restart
}

service_triggers() {
	config_load 'netbird'
	config_foreach handle_netbird_triggers netbird
}

start_service() {
	config_load 'netbird'
	config_foreach handle_netbird_instance netbird
}

The configuration file in /etc/config/netbird:

#config netbird netbird
#    option enabled '1'
#    option allow_server_ssh '0'
#    option daemon_addr 'unix:///var/run/netbird.sock'
#    option config '/etc/netbird/config.json'
#    option log_level 'info'
#    option log_file 'syslog'
#    option management_url 'https://api.netbird.io:443'
#    option trigger_iface 'wan'

brada4 · July 24, 2025, 4:22pm

That should go as a pull request in packages github.

NemYr · July 25, 2025, 7:21am

While I agree with this, I don't have the time to create a pull request and handle all the comments.

wehagy · July 28, 2025, 12:00am

Not customizable enough? You are very kind @NemYr. netbird is not customizable at all. I'm the maintainer, and this is a shame for me, but I have plans to eventually make it customizable and create a luci-app-netbird too. In fact, I have an init file I am using, but it is not good for general use, and I need to test it more.

The NetBird team plans to launch the stable version this year, maybe I'll wait until then.

Thanks for sharing your work, maybe this will inspire someone to open a PR, or myself to steal some code

NemYr · July 28, 2025, 7:45am

Hi, you are free to steal part or the whole stuff . I don't have any issue with netbird because I don't use nor need mwan3. I only have 1 4G modem (Quectel) and a direct netbird connectivity. Currently, I also have an OpenVPN running as well next to netbird and everything is fine. I also updated netbird package to 0.51.2

stangri · July 28, 2025, 8:14pm

@NemYr if you want to improve the init script further, look into uci_load_validate(), which allows you to both validate config and load values from it in one call.