{"id":13461334,"url":"https://github.com/netbirdio/netbird","last_synced_at":"2026-06-05T22:01:21.374Z","repository":{"id":37038179,"uuid":"357897199","full_name":"netbirdio/netbird","owner":"netbirdio","description":"Connect your devices into a secure WireGuardยฎ-based overlay network with SSO, MFA and granular access controls.","archived":false,"fork":false,"pushed_at":"2025-05-06T15:31:05.000Z","size":39752,"stargazers_count":13523,"open_issues_count":864,"forks_count":645,"subscribers_count":101,"default_branch":"main","last_synced_at":"2025-05-06T16:06:47.943Z","etag":null,"topics":["golang","mesh","mesh-networks","nat-traversal","netbird","vpn","wireguard","wireguard-vpn","wiretrustee","zero-trust-network-access"],"latest_commit_sha":null,"homepage":"https://netbird.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/netbirdio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["netbirdio"]}},"created_at":"2021-04-14T12:27:20.000Z","updated_at":"2025-05-06T15:31:09.000Z","dependencies_parsed_at":"2024-04-15T11:10:44.646Z","dependency_job_id":"4728be49-b465-4ce6-8c46-d7d50bf3ae4a","html_url":"https://github.com/netbirdio/netbird","commit_stats":{"total_commits":1709,"total_committers":80,"mean_commits":21.3625,"dds":0.7337624341720304,"last_synced_commit":"37ad370344aec96c01d461db53473c78ed7f7240"},"previous_names":["wiretrustee/wiretrustee"],"tags_count":229,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/netbirdio%2Fnetbird/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/netbirdio","download_url":"https://codeload.github.com/netbirdio/netbird/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253979808,"owners_count":21994037,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","mesh","mesh-networks","nat-traversal","netbird","vpn","wireguard","wireguard-vpn","wiretrustee","zero-trust-network-access"],"created_at":"2024-07-31T11:00:34.732Z","updated_at":"2026-06-05T22:01:21.369Z","avatar_url":"https://github.com/netbirdio.png","language":"Go","funding_links":["https://github.com/sponsors/netbirdio"],"categories":["Go","golang","Other APIs","vpn","๐Ÿณ Project List","Table of Contents","Security","Projects","๐Ÿ“Š Data \u0026 Analytics"],"sub_categories":["Virtual Private Network (VPN) \u0026 Remote Access","VPN","Mesh Network"],"readme":"\n\u003cdiv align=\"center\"\u003e\n \u003cp align=\"center\"\u003e\n \u003cimg width=\"234\" src=\"docs/media/logo-full.png\" alt=\"NetBird logo\"/\u003e\n \u003c/p\u003e\n \u003cp align=\"center\"\u003e\n \u003ca href=\"https://sonarcloud.io/dashboard?id=netbirdio_netbird\"\u003e\n \u003cimg src=\"https://sonarcloud.io/api/project_badges/measure?project=netbirdio_netbird\u0026metric=alert_status\" alt=\"SonarCloud alert status\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://github.com/netbirdio/netbird/blob/main/LICENSE\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/license-BSD--3-blue\" alt=\"BSD-3 License\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://docs.netbird.io/slack-url\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/slack-@netbird-red.svg?logo=slack\" alt=\"NetBird Slack\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://forum.netbird.io\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/community%20forum-@netbird-red.svg?logo=discourse\" alt=\"Community forum\"/\u003e\n \u003c/a\u003e\n \u003ca href=\"https://gurubase.io/g/netbird\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Gurubase-Ask%20NetBird%20Guru-006BFF\" alt=\"Gurubase: Ask NetBird Guru\"/\u003e\n \u003c/a\u003e\n \u003c/p\u003e\n\u003c/div\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cstrong\u003e\n Start using NetBird at \u003ca href=\"https://netbird.io/pricing\"\u003enetbird.io\u003c/a\u003e\n \u003cbr/\u003e\n See \u003ca href=\"https://netbird.io/docs/\"\u003eDocumentation\u003c/a\u003e\n \u003cbr/\u003e\n Join our \u003ca href=\"https://docs.netbird.io/slack-url\"\u003eSlack channel\u003c/a\u003e or our \u003ca href=\"https://forum.netbird.io\"\u003eCommunity forum\u003c/a\u003e\n \u003c/strong\u003e\n \u003cbr/\u003e\n \u003cbr/\u003e\n \u003cstrong\u003e\n ๐Ÿš€ \u003ca href=\"https://careers.netbird.io\"\u003eWe are hiring! Join us at careers.netbird.io\u003c/a\u003e\n \u003c/strong\u003e\n\u003c/p\u003e\n\n**NetBird combines a configuration-free peer-to-peer private network and a centralized access control system in a single platform, making it easy to create secure private networks for your organization or home.**\n\n**Connect.** NetBird creates a WireGuard-based overlay network that automatically connects your machines over an encrypted tunnel, leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth.\n\n**Secure.** NetBird enables secure remote access by applying granular access policies while allowing you to manage them intuitively from a single place. Works universally on any infrastructure.\n\nhttps://github.com/user-attachments/assets/10cec749-bb56-4ab3-97af-4e38850108d2\n\n### Self-host NetBird (video)\n\n[![Watch the video](https://img.youtube.com/vi/bZAgpT6nzaQ/0.jpg)](https://youtu.be/bZAgpT6nzaQ)\n\n### Key features\n\n| Connectivity | Management | Security | Automation | Platforms |\n|---|---|---|---|---|\n| โœ“ [Kernel WireGuard](https://docs.netbird.io/about-netbird/why-wireguard-with-netbird) | โœ“ [Admin Web UI](https://github.com/netbirdio/dashboard) | โœ“ [SSO \u0026 MFA support](https://docs.netbird.io/how-to/installation#running-net-bird-with-sso-login) | โœ“ [Public API](https://docs.netbird.io/api) | โœ“ [Linux](https://docs.netbird.io/get-started/install/linux) |\n| โœ“ [Peer-to-peer connections](https://docs.netbird.io/about-netbird/how-netbird-works) | โœ“ Auto peer discovery and configuration | โœ“ [Access control: groups \u0026 rules](https://docs.netbird.io/how-to/manage-network-access) | โœ“ [Setup keys for bulk provisioning](https://docs.netbird.io/how-to/register-machines-using-setup-keys) | โœ“ [macOS](https://docs.netbird.io/get-started/install/macos) |\n| โœ“ Connection relay fallback | โœ“ [IdP integrations](https://docs.netbird.io/selfhosted/identity-providers) | โœ“ [Activity logging](https://docs.netbird.io/how-to/audit-events-logging) | โœ“ [Self-hosting quickstart script](https://docs.netbird.io/selfhosted/selfhosted-quickstart) | โœ“ [Windows](https://docs.netbird.io/get-started/install/windows) |\n| โœ“ [Routes to external networks](https://docs.netbird.io/how-to/routing-traffic-to-private-networks) | โœ“ [Private DNS](https://docs.netbird.io/how-to/manage-dns-in-your-network) | โœ“ [Traffic events](https://docs.netbird.io/manage/activity/traffic-events-logging) | โœ“ [IdP groups sync with JWT](https://docs.netbird.io/manage/team/idp-sync) | โœ“ [Android](https://docs.netbird.io/get-started/install/android) |\n| โœ“ [Domain-based DNS routes](https://docs.netbird.io/manage/dns/dns-aliases-for-routed-networks) | โœ“ [Custom DNS zones](https://docs.netbird.io/manage/dns/custom-zones) | โœ“ [Device posture checks](https://docs.netbird.io/how-to/manage-posture-checks) | โœ“ [Terraform provider](https://registry.terraform.io/providers/netbirdio/netbird/latest) | โœ“ [Android TV](https://docs.netbird.io/get-started/install/android-tv) |\n| โœ“ [Exit nodes](https://docs.netbird.io/manage/network-routes/use-cases/exit-nodes) | โœ“ [Multiuser support](https://docs.netbird.io/how-to/add-users-to-your-network) | โœ“ Peer-to-peer encryption | โœ“ [Ansible collection](https://github.com/netbirdio/ansible-netbird) | โœ“ [iOS](https://docs.netbird.io/get-started/install/ios) |\n| โœ“ [IPv6 dual-stack overlay](https://docs.netbird.io/manage/settings/ipv6) | โœ“ [Multi-account profile switching](https://docs.netbird.io/client/profiles) | โœ“ [SSH with central access policies](https://docs.netbird.io/manage/peers/ssh) | | โœ“ [Apple TV](https://docs.netbird.io/get-started/install/tvos) |\n| โœ“ [Browser SSH \u0026 RDP](https://docs.netbird.io/manage/peers/browser-client) | | โœ“ [Quantum-resistance with Rosenpass](https://netbird.io/knowledge-hub/the-first-quantum-resistant-mesh-vpn) | | โœ“ FreeBSD |\n| โœ“ [Reverse proxy with auto-TLS](https://docs.netbird.io/manage/reverse-proxy) | | โœ“ [Periodic re-authentication](https://docs.netbird.io/how-to/enforce-periodic-user-authentication) | | โœ“ [pfSense](https://docs.netbird.io/get-started/install/pfsense) |\n| | | | | โœ“ [OPNsense](https://docs.netbird.io/get-started/install/opnsense) |\n| | | | | โœ“ [MikroTik RouterOS](https://docs.netbird.io/use-cases/homelab/client-on-mikrotik-router) |\n| | | | | โœ“ OpenWRT |\n| | | | | โœ“ [Synology](https://docs.netbird.io/get-started/install/synology) |\n| | | | | โœ“ [TrueNAS](https://docs.netbird.io/get-started/install/truenas) |\n| | | | | โœ“ [Proxmox](https://docs.netbird.io/get-started/install/proxmox-ve) |\n| | | | | โœ“ [Raspberry Pi](https://docs.netbird.io/get-started/install/raspberrypi) |\n| | | | | โœ“ [Serverless](https://docs.netbird.io/how-to/netbird-on-faas) |\n| | | | | โœ“ [Container](https://docs.netbird.io/get-started/install/docker) |\n\n### Quickstart with NetBird Cloud\n\n- Download and install NetBird at [https://app.netbird.io/install](https://app.netbird.io/install).\n- Follow the steps to sign up with Google, Microsoft, GitHub or your email address.\n- Check the NetBird [admin UI](https://app.netbird.io/).\n\n### Quickstart with self-hosted NetBird\n\nThis is the quickest way to try self-hosted NetBird. It should take around 5 minutes to get started if you already have a public domain and a VM. Follow the [Advanced guide with a custom identity provider](https://docs.netbird.io/selfhosted/selfhosted-guide#advanced-guide-with-a-custom-identity-provider) for installations with different IdPs.\n\n**Infrastructure requirements:**\n- A Linux VM with at least **1 CPU** and **2 GB** of memory.\n- The VM should be publicly accessible on TCP ports **80** and **443** and UDP port **3478**.\n- A **public domain** name pointing to the VM.\n\n**Software requirements:**\n- Docker with the Compose plugin (Compose v2 or higher). See the [Docker installation guide](https://docs.docker.com/engine/install/).\n\n**Steps**\n- Download and run the installation script:\n```bash\nexport NETBIRD_DOMAIN=netbird.example.com; curl -fsSL https://github.com/netbirdio/netbird/releases/latest/download/getting-started.sh | bash\n```\n\n### A bit on NetBird internals\n- Every machine in the network runs the [NetBird agent](client/), which manages WireGuard.\n- Every agent connects to the [Management Service](management/), which holds network state, manages peer IPs, and distributes updates to agents.\n- Agents use ICE (via [pion/ice](https://github.com/pion/ice)) to discover connection candidates for peer-to-peer connections.\n- Candidates are discovered with the help of [STUN](https://en.wikipedia.org/wiki/STUN) servers.\n- Agents negotiate a connection through the [Signal Service](signal/), exchanging end-to-end encrypted messages with candidates.\n- When NAT traversal fails (e.g. mobile carrier-grade NAT) and a direct p2p connection isn't possible, the system falls back to a [Relay Service](relay/) and a secure WireGuard tunnel is established through it.\n\n\u003cp float=\"left\" align=\"middle\"\u003e\n \u003cimg src=\"https://docs.netbird.io/docs-static/img/about-netbird/high-level-dia.png\" width=\"700\" alt=\"NetBird high-level architecture diagram\"/\u003e\n\u003c/p\u003e\n\nSee a complete [architecture overview](https://docs.netbird.io/about-netbird/how-netbird-works#architecture) for details.\n\n### Community projects\n- [NetBird installer script](https://github.com/physk/netbird-installer)\n- [netbird-tui](https://github.com/n0pashkov/netbird-tui) - terminal UI for managing NetBird peers, routes, and settings\n- [caddy-netbird](https://github.com/lixmal/caddy-netbird) - Caddy plugin that embeds a NetBird client for proxying HTTP and TCP/UDP traffic through NetBird networks\n\n**Note**: The `main` branch may be in an *unstable or even broken state* during development.\nFor stable versions, see [releases](https://github.com/netbirdio/netbird/releases).\n\n### Support acknowledgement\n\nIn November 2022, NetBird joined the [StartUpSecure program](https://www.forschung-it-sicherheit-kommunikationssysteme.de/foerderung/bekanntmachungen/startup-secure) sponsored by the Federal Ministry of Education and Research of the Federal Republic of Germany. Together with the [CISPA Helmholtz Center for Information Security](https://cispa.de/en), NetBird brings security best practices and simplicity to private networking.\n\n![CISPA_Logo_BLACK_EN_RZ_RGB (1)](https://user-images.githubusercontent.com/700848/203091324-c6d311a0-22b5-4b05-a288-91cbc6cdcc46.png)\n\n### Acknowledgements\nWe build on open-source technologies like [WireGuardยฎ](https://www.wireguard.com/), [Pion ICE](https://github.com/pion/ice), and [Rosenpass](https://rosenpass.eu). We greatly appreciate the work these projects are doing, and we'd love it if you could support them too (e.g., by starring or contributing).\n\n### Legal\nThis repository is licensed under the BSD-3-Clause license, which applies to all parts of the repository except for the directories management/, signal/ and relay/.\nThose directories are licensed under the GNU Affero General Public License version 3.0 (AGPLv3). See the respective LICENSE files inside each directory.\n\n_WireGuard_ and the _WireGuard_ logo are [registered trademarks](https://www.wireguard.com/trademark-policy/) of Jason A. Donenfeld.\n \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetbirdio%2Fnetbird","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnetbirdio%2Fnetbird","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnetbirdio%2Fnetbird/lists"}