{"id":13461334,"url":"https://github.com/netbirdio/netbird","last_synced_at":"2026-03-09T22:04:19.281Z","repository":{"id":37038179,"uuid":"357897199","full_name":"netbirdio/netbird","owner":"netbirdio","description":"Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.","archived":false,"fork":false,"pushed_at":"2025-05-06T15:31:05.000Z","size":39752,"stargazers_count":13523,"open_issues_count":864,"forks_count":645,"subscribers_count":101,"default_branch":"main","last_synced_at":"2025-05-06T16:06:47.943Z","etag":null,"topics":["golang","mesh","mesh-networks","nat-traversal","netbird","vpn","wireguard","wireguard-vpn","wiretrustee","zero-trust-network-access"],"latest_commit_sha":null,"homepage":"https://netbird.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/netbirdio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["netbirdio"]}},"created_at":"2021-04-14T12:27:20.000Z","updated_at":"2025-05-06T15:31:09.000Z","dependencies_parsed_at":"2024-04-15T11:10:44.646Z","dependency_job_id":"4728be49-b465-4ce6-8c46-d7d50bf3ae4a","html_url":"https://github.com/netbirdio/netbird","commit_stats":{"total_commits":1709,"total_committers":80,"mean_commits":21.3625,"dds":0.7337624341720304,"last_synced_commit":"37ad370344aec96c01d461db53473c78ed7f7240"},"previous_names":["wiretrustee/wiretrustee"],"tags_count":229,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/netbirdio","download_url":"https://codeload.github.com/netbirdio/netbird/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253979808,"owners_count":21994037,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","mesh","mesh-networks","nat-traversal","netbird","vpn","wireguard","wireguard-vpn","wiretrustee","zero-trust-network-access"],"created_at":"2024-07-31T11:00:34.732Z","updated_at":"2026-02-18T00:30:52.974Z","avatar_url":"https://github.com/netbirdio.png","language":"Go","readme":"\n\u003cdiv align=\"center\"\u003e\n\u003cbr/\u003e\n  \u003cbr/\u003e\n\u003cp align=\"center\"\u003e\n  \u003cimg width=\"234\" src=\"docs/media/logo-full.png\"/\u003e\n\u003c/p\u003e\n  \u003cp\u003e\n   \u003ca href=\"https://img.shields.io/badge/license-BSD--3-blue)\"\u003e\n       \u003cimg src=\"https://sonarcloud.io/api/project_badges/measure?project=netbirdio_netbird\u0026metric=alert_status\" /\u003e\n     \u003c/a\u003e \n     \u003ca href=\"https://github.com/netbirdio/netbird/blob/main/LICENSE\"\u003e\n       \u003cimg src=\"https://img.shields.io/badge/license-BSD--3-blue\" /\u003e\n     \u003c/a\u003e \n    \u003cbr\u003e\n    \u003ca href=\"https://docs.netbird.io/slack-url\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/slack-@netbird-red.svg?logo=slack\"/\u003e\n     \u003c/a\u003e\n    \u003ca href=\"https://forum.netbird.io\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/community forum-@netbird-red.svg?logo=discourse\"/\u003e\n     \u003c/a\u003e  \n     \u003cbr\u003e\n    \u003ca href=\"https://gurubase.io/g/netbird\"\u003e\n        \u003cimg src=\"https://img.shields.io/badge/Gurubase-Ask%20NetBird%20Guru-006BFF\"/\u003e\n     \u003c/a\u003e    \n  \u003c/p\u003e\n\u003c/div\u003e\n\n\n\u003cp align=\"center\"\u003e\n\u003cstrong\u003e\n  Start using NetBird at \u003ca href=\"https://netbird.io/pricing\"\u003enetbird.io\u003c/a\u003e\n  \u003cbr/\u003e\n  See \u003ca href=\"https://netbird.io/docs/\"\u003eDocumentation\u003c/a\u003e\n  \u003cbr/\u003e\n   Join our \u003ca href=\"https://docs.netbird.io/slack-url\"\u003eSlack channel\u003c/a\u003e or our \u003ca href=\"https://forum.netbird.io\"\u003eCommunity forum\u003c/a\u003e\n  \u003cbr/\u003e\n \n\u003c/strong\u003e\n\u003cbr\u003e\n\u003cstrong\u003e\n  🚀 \u003ca href=\"https://careers.netbird.io\"\u003eWe are hiring! Join us at careers.netbird.io\u003c/a\u003e\n\u003c/strong\u003e\n\u003cbr\u003e\n\u003cbr\u003e\n\u003ca href=\"https://registry.terraform.io/providers/netbirdio/netbird/latest\"\u003e\n    New: NetBird terraform provider\n  \u003c/a\u003e \n\u003c/p\u003e\n\n\u003cbr\u003e\n\n**NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home.**\n\n**Connect.** NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth.\n\n**Secure.** NetBird enables secure remote access by applying granular access policies while allowing you to manage them intuitively from a single place. Works universally on any infrastructure.\n\n### Open Source Network Security in a Single Platform\n\nhttps://github.com/user-attachments/assets/10cec749-bb56-4ab3-97af-4e38850108d2\n\n### Self-Host NetBird (Video)\n[![Watch the video](https://img.youtube.com/vi/bZAgpT6nzaQ/0.jpg)](https://youtu.be/bZAgpT6nzaQ)\n\n### Key features\n\n| Connectivity | Management | Security | Automation| Platforms |\n|----|----|----|----|----|\n| \u003cul\u003e\u003cli\u003e- \\[x] Kernel WireGuard\u003c/ul\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Admin Web UI](https://github.com/netbirdio/dashboard)\u003c/ul\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [SSO \u0026 MFA support](https://docs.netbird.io/how-to/installation#running-net-bird-with-sso-login)\u003c/ul\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Public API](https://docs.netbird.io/api)\u003c/ul\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Linux\u003c/ul\u003e\u003c/li\u003e |\n| \u003cul\u003e\u003cli\u003e- \\[x] Peer-to-peer connections\u003c/ul\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Auto peer discovery and configuration\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Access control - groups \u0026 rules](https://docs.netbird.io/how-to/manage-network-access)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Setup keys for bulk network provisioning](https://docs.netbird.io/how-to/register-machines-using-setup-keys)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Mac\u003c/ui\u003e\u003c/li\u003e |\n| \u003cul\u003e\u003cli\u003e- \\[x] Connection relay fallback\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [IdP integrations](https://docs.netbird.io/selfhosted/identity-providers)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Activity logging](https://docs.netbird.io/how-to/audit-events-logging)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Self-hosting quickstart script](https://docs.netbird.io/selfhosted/selfhosted-quickstart)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Windows\u003c/ui\u003e\u003c/li\u003e |\n| \u003cul\u003e\u003cli\u003e- \\[x] [Routes to external networks](https://docs.netbird.io/how-to/routing-traffic-to-private-networks)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Private DNS](https://docs.netbird.io/how-to/manage-dns-in-your-network)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Device posture checks](https://docs.netbird.io/how-to/manage-posture-checks)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] IdP groups sync with JWT\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Android\u003c/ui\u003e\u003c/li\u003e |\n| \u003cul\u003e\u003cli\u003e- \\[x] NAT traversal with BPF\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] [Multiuser support](https://docs.netbird.io/how-to/add-users-to-your-network)\u003c/ui\u003e\u003c/li\u003e | \u003cul\u003e\u003cli\u003e- \\[x] Peer-to-peer encryption\u003c/ui\u003e\u003c/li\u003e || \u003cul\u003e\u003cli\u003e- \\[x] iOS\u003c/ui\u003e\u003c/li\u003e |\n||| \u003cul\u003e\u003cli\u003e- \\[x] [Quantum-resistance with Rosenpass](https://netbird.io/knowledge-hub/the-first-quantum-resistant-mesh-vpn)\u003c/ui\u003e\u003c/li\u003e || \u003cul\u003e\u003cli\u003e- \\[x] OpenWRT\u003c/ui\u003e\u003c/li\u003e |\n||| \u003cul\u003e\u003cli\u003e- \\[x] [Periodic re-authentication](https://docs.netbird.io/how-to/enforce-periodic-user-authentication)\u003c/ui\u003e\u003c/li\u003e || \u003cul\u003e\u003cli\u003e- \\[x] [Serverless](https://docs.netbird.io/how-to/netbird-on-faas)\u003c/ui\u003e\u003c/li\u003e |\n||||| \u003cul\u003e\u003cli\u003e- \\[x] Docker\u003c/ui\u003e\u003c/li\u003e |\n\n### Quickstart with NetBird Cloud\n\n- Download and install NetBird at [https://app.netbird.io/install](https://app.netbird.io/install)\n- Follow the steps to sign-up with Google, Microsoft, GitHub or your email address.\n- Check NetBird [admin UI](https://app.netbird.io/).\n- Add more machines.\n\n### Quickstart with self-hosted NetBird\n\n\u003e This is the quickest way to try self-hosted NetBird. It should take around 5 minutes to get started if you already have a public domain and a VM.\nFollow the [Advanced guide with a custom identity provider](https://docs.netbird.io/selfhosted/selfhosted-guide#advanced-guide-with-a-custom-identity-provider) for installations with different IDPs.\n\n**Infrastructure requirements:**\n- A Linux VM with at least **1CPU** and **2GB** of memory.\n- The VM should be publicly accessible on TCP ports **80** and **443** and UDP port: **3478**.\n- **Public domain** name pointing to the VM.\n\n**Software requirements:**\n- Docker installed on the VM with the docker-compose plugin ([Docker installation guide](https://docs.docker.com/engine/install/)) or docker with docker-compose in version 2 or higher.\n- [jq](https://jqlang.github.io/jq/) installed. In most distributions\n  Usually available in the official repositories and can be installed with `sudo apt install jq` or `sudo yum install jq`\n- [curl](https://curl.se/) installed.\n  Usually available in the official repositories and can be installed with `sudo apt install curl` or `sudo yum install curl`\n\n**Steps**\n- Download and run the installation script:\n```bash\nexport NETBIRD_DOMAIN=netbird.example.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started.sh | bash\n```\n- Once finished, you can manage the resources via `docker-compose`\n\n### A bit on NetBird internals\n-  Every machine in the network runs [NetBird Agent (or Client)](client/) that manages WireGuard.\n-  Every agent connects to [Management Service](management/) that holds network state, manages peer IPs, and distributes network updates to agents (peers).\n-  NetBird agent uses WebRTC ICE implemented in [pion/ice library](https://github.com/pion/ice) to discover connection candidates when establishing a peer-to-peer connection between machines.\n-  Connection candidates are discovered with the help of [STUN](https://en.wikipedia.org/wiki/STUN) servers.\n-  Agents negotiate a connection through [Signal Service](signal/) passing p2p encrypted messages with candidates.\n-  Sometimes the NAT traversal is unsuccessful due to strict NATs (e.g. mobile carrier-grade NAT) and a p2p connection isn't possible. When this occurs the system falls back to a relay server called [TURN](https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_NAT), and a secure WireGuard tunnel is established via the TURN server. \n \n[Coturn](https://github.com/coturn/coturn) is the one that has been successfully used for STUN and TURN in NetBird setups.\n\n\u003cp float=\"left\" align=\"middle\"\u003e\n  \u003cimg src=\"https://docs.netbird.io/docs-static/img/about-netbird/high-level-dia.png\" width=\"700\"/\u003e\n\u003c/p\u003e\n\nSee a complete [architecture overview](https://docs.netbird.io/about-netbird/how-netbird-works#architecture) for details.\n\n### Community projects\n-  [NetBird installer script](https://github.com/physk/netbird-installer)\n-  [NetBird ansible collection by Dominion Solutions](https://galaxy.ansible.com/ui/repo/published/dominion_solutions/netbird/)\n\n**Note**: The `main` branch may be in an *unstable or even broken state* during development.\nFor stable versions, see [releases](https://github.com/netbirdio/netbird/releases).\n\n### Support acknowledgement\n\nIn November 2022, NetBird joined the [StartUpSecure program](https://www.forschung-it-sicherheit-kommunikationssysteme.de/foerderung/bekanntmachungen/startup-secure) sponsored by The Federal Ministry of Education and Research of The Federal Republic of Germany. Together with [CISPA Helmholtz Center for Information Security](https://cispa.de/en) NetBird brings the security best practices and simplicity to private networking.\n\n![CISPA_Logo_BLACK_EN_RZ_RGB (1)](https://user-images.githubusercontent.com/700848/203091324-c6d311a0-22b5-4b05-a288-91cbc6cdcc46.png)\n\n### Testimonials\nWe use open-source technologies like [WireGuard®](https://www.wireguard.com/), [Pion ICE (WebRTC)](https://github.com/pion/ice), [Coturn](https://github.com/coturn/coturn), and [Rosenpass](https://rosenpass.eu). We very much appreciate the work these guys are doing and we'd greatly appreciate if you could support them in any way (e.g., by giving a star or a contribution).\n\n### Legal\nThis repository is licensed under BSD-3-Clause license that applies to all parts of the repository except for the directories management/, signal/ and relay/.\nThose directories are licensed under the GNU Affero General Public License version 3.0 (AGPLv3). See the respective LICENSE files inside each directory.\n\n_WireGuard_ and the _WireGuard_ logo are [registered trademarks](https://www.wireguard.com/trademark-policy/) of Jason A. Donenfeld.\n \n\n","funding_links":["https://github.com/sponsors/netbirdio"],"categories":["Go","golang","Other APIs","vpn","🐳 Project List","Projects","Table of Contents","Security"],"sub_categories":["Virtual Private Network (VPN) \u0026 Remote Access","Mesh Network","VPN"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetbirdio%2Fnetbird","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetbirdio%2Fnetbird","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetbirdio%2Fnetbird/lists"}