commit f1277e543421d39104272264dd17b281398fb3aa · pyrox.dev/nixpkgs

nixos/doc/manual/release-notes/rl-2511.section.md

···

       182
       182
        
       

     

       183
       183
        
       - `services.monero` now includes the `environmentFile` option for adding secrets to the Monero daemon config.

     

       184
       184
        
       

     

       185
       185
       +
       - `services.netbird.server` now uses dedicated packages split out due to relicensing of server components to AGPLv3 with version `0.53.0`,

     

       186
       186
       +
       

     

       185
       187
        
       - The new option [networking.ipips](#opt-networking.ipips) has been added to create IP within IP kind of tunnels (including 4in6, ip6ip6 and ipip).

     

       186
       188
        
         With the existing [networking.sits](#opt-networking.sits) option (6in4), it is now possible to create all combinations of IPv4 and IPv6 encapsulation.

     

       187
       189

+1 -1

nixos/modules/services/networking/netbird/management.nix

···

       139
       139
        
         options.services.netbird.server.management = {

     

       140
       140
        
           enable = mkEnableOption "Netbird Management Service";

     

       141
       141
        
       

     

       142
       142
       -
           package = mkPackageOption pkgs "netbird" { };

     

       142
       142
       +
           package = mkPackageOption pkgs "netbird-management" { };

     

       143
       143
        
       

     

       144
       144
        
           domain = mkOption {

     

       145
       145
        
             type = str;

+1 -1

nixos/modules/services/networking/netbird/signal.nix

···

       31
       31
        
         options.services.netbird.server.signal = {

     

       32
       32
        
           enable = mkEnableOption "Netbird's Signal Service";

     

       33
       33
        
       

     

       34
       34
       -
           package = mkPackageOption pkgs "netbird" { };

     

       34
       34
       +
           package = mkPackageOption pkgs "netbird-signal" { };

     

       35
       35
        
       

     

       36
       36
        
           enableNginx = mkEnableOption "Nginx reverse-proxy for the netbird signal service";

     

       37
       37

+72 -28

nixos/tests/netbird.nix

···

       7
       7
        
         ];

     

       8
       8
        
       

     

       9
       9
        
         nodes = {

     

       10
       10
       -
           clients =

     

       10
       10
       +
           node =

     

       11
       11
        
             { ... }:

     

       12
       12
        
             {

     

       13
       13
        
               services.netbird.enable = true;

     
···

       15
       15
        
             };

     

       16
       16
        
         };

     

       17
       17
        
       

     

       18
       18
       -
         # TODO: confirm the whole solution is working end-to-end when netbird server is implemented

     

       19
       19
       -
         testScript = ''

     

       20
       20
       -
           start_all()

     

       21
       21
       -
           def did_start(node, name, interval=0.5, timeout=10):

     

       22
       22
       -
             node.wait_for_unit(f"{name}.service")

     

       23
       23
       -
             node.wait_for_file(f"/var/run/{name}/sock")

     

       24
       24
       -
             # `netbird status` returns a full "Disconnected" status during initialization

     

       25
       25
       -
             # only after a while passes it starts returning "NeedsLogin" help message

     

       26
       26
       -
       

     

       27
       27
       -
             start = time.time()

     

       28
       28
       -
             output = node.succeed(f"{name} status")

     

       29
       29
       -
             while "Disconnected" in output and (time.time() - start) < timeout:

     

       30
       30
       -
               time.sleep(interval)

     

       31
       31
       -
               output = node.succeed(f"{name} status")

     

       32
       32
       -
             assert "NeedsLogin" in output

     

       33
       33
       -
       

     

       34
       34
       -
           did_start(clients, "netbird")

     

       35
       35
       -
           did_start(clients, "netbird-custom")

     

       36
       36
       -
         '';

     

       37
       37
       -
       

     

       38
       18
        
         /*

     

       39
       39
       -
           `netbird status` used to print `Daemon status: NeedsLogin`

     

       40
       40
       -
               https://github.com/netbirdio/netbird/blob/23a14737974e3849fa86408d136cc46db8a885d0/client/cmd/status.go#L154-L164

     

       41
       41
       -
           as the first line, but now it is just:

     

       19
       19
       +
           Historically waiting for the NetBird client daemon initialization helped catch number of bugs with the service,

     

       20
       20
       +
            so we keep try to keep it here in as much details as it makes sense.

     

       42
       21
        
       

     

       43
       43
       -
               Daemon version: 0.26.3

     

       44
       44
       -
               CLI version: 0.26.3

     

       45
       45
       -
               Management: Disconnected

     

       22
       22
       +
           Initially `netbird status` returns a "Disconnected" messages:

     

       23
       23
       +
               OS: linux/amd64

     

       24
       24
       +
               Daemon version: 0.54.0

     

       25
       25
       +
               CLI version: 0.54.0

     

       26
       26
       +
               Profile: default

     

       27
       27
       +
               Management: Disconnected, reason: rpc error: code = FailedPrecondition desc = failed connecting to Management Service : context deadline exceeded

     

       46
       28
        
               Signal: Disconnected

     

       47
       29
        
               Relays: 0/0 Available

     

       48
       30
        
               Nameservers: 0/0 Available

     
···

       50
       32
        
               NetBird IP: N/A

     

       51
       33
        
               Interface type: N/A

     

       52
       34
        
               Quantum resistance: false

     

       53
       53
       -
               Routes: -

     

       35
       35
       +
               Lazy connection: false

     

       36
       36
       +
               Networks: -

     

       37
       37
       +
               Forwarding rules: 0

     

       54
       38
        
               Peers count: 0/0 Connected

     

       39
       39
       +
       

     

       40
       40
       +
           After a while passes it should start returning "NeedsLogin" help message.

     

       41
       41
       +
       

     

       42
       42
       +
           As of ~0.53.0+ in ~30 second intervals the `netbird status` instead of "NeedsLogin" it briefly (for under 2 seconds) crashes with:

     

       43
       43
       +
       

     

       44
       44
       +
               Error: status failed: failed connecting to Management Service : context deadline exceeded

     

       45
       45
       +
       

     

       46
       46
       +
           This might be related to the following log line:

     

       47
       47
       +
       

     

       48
       48
       +
               2025-08-11T15:03:25Z ERRO shared/management/client/grpc.go:65: failed creating connection to Management Service: context deadline exceeded

     

       55
       49
        
         */

     

       50
       50
       +
         # TODO: confirm the whole solution is working end-to-end when netbird server is implemented

     

       51
       51
       +
         testScript = ''

     

       52
       52
       +
           import textwrap

     

       53
       53
       +
           import time

     

       54
       54
       +
       

     

       55
       55
       +
           start_all()

     

       56
       56
       +
       

     

       57
       57
       +
           def run_with_debug(node, cmd, check=True, display=True, **kwargs):

     

       58
       58
       +
             cmd = f"{cmd} 2>&1"

     

       59
       59
       +
             start = time.time()

     

       60
       60
       +
             ret, output = node.execute(cmd, **kwargs)

     

       61
       61
       +
             duration = time.time() - start

     

       62
       62
       +
             txt = f">>> {cmd=} {ret=} {duration=:.2f}:\n{textwrap.indent(output, '... ')}"

     

       63
       63
       +
             if check:

     

       64
       64
       +
               assert ret == 0, txt

     

       65
       65
       +
             if display:

     

       66
       66
       +
               print(txt)

     

       67
       67
       +
             return ret, output

     

       68
       68
       +
       

     

       69
       69
       +
           def wait_until_rcode(node, cmd, rcode=0, retries=30, **kwargs):

     

       70
       70
       +
             def check_success(_last_try):

     

       71
       71
       +
               nonlocal output

     

       72
       72
       +
               ret, output = run_with_debug(node, cmd, **kwargs)

     

       73
       73
       +
               return ret == rcode

     

       74
       74
       +
       

     

       75
       75
       +
             kwargs.setdefault('check', False)

     

       76
       76
       +
             output = None

     

       77
       77
       +
             with node.nested(f"waiting for {cmd=} to exit with {rcode=}"):

     

       78
       78
       +
                 retry(check_success, retries)

     

       79
       79
       +
                 return output

     

       80
       80
       +
       

     

       81
       81
       +
           instances = ["netbird", "netbird-custom"]

     

       82
       82
       +
       

     

       83
       83
       +
           for name in instances:

     

       84
       84
       +
             node.wait_for_unit(f"{name}.service")

     

       85
       85
       +
             node.wait_for_file(f"/var/run/{name}/sock")

     

       86
       86
       +
       

     

       87
       87
       +
           for name in instances:

     

       88
       88
       +
             wait_until_rcode(node, f"{name} status |& grep -C20 Disconnected", 0, retries=5)

     

       89
       89
       +
         ''

     

       90
       90
       +
         # The status used to turn into `NeedsLogin`, but recently started crashing instead.

     

       91
       91
       +
         # leaving the snippets in here, in case some update goes back to the old behavior and can be tested again

     

       92
       92
       +
         + lib.optionalString false ''

     

       93
       93
       +
           for name in instances:

     

       94
       94
       +
             #wait_until_rcode(node, f"{name} status |& grep -C20 NeedsLogin", 0, retries=20)

     

       95
       95
       +
             output = wait_until_rcode(node, f"{name} status", 1, retries=61)

     

       96
       96
       +
             msg = "Error: status failed: failed connecting to Management Service : context deadline exceeded"

     

       97
       97
       +
             assert output.strip() == msg, f"expected {msg=}, got {output=} instead"

     

       98
       98
       +
             wait_until_rcode(node, f"{name} status |& grep -C20 Disconnected", 0, retries=10)

     

       99
       99
       +
         '';

     

       56
       100
        
       }

pkgs/by-name/ne/netbird-management/package.nix

···

       1
       1
       +
       { netbird }:

     

       2
       2
       +
       

     

       3
       3
       +
       netbird.override {

     

       4
       4
       +
         componentName = "management";

     

       5
       5
       +
       }

pkgs/by-name/ne/netbird-relay/package.nix

···

       1
       1
       +
       { netbird }:

     

       2
       2
       +
       

     

       3
       3
       +
       netbird.override {

     

       4
       4
       +
         componentName = "relay";

     

       5
       5
       +
       }

pkgs/by-name/ne/netbird-signal/package.nix

···

       1
       1
       +
       { netbird }:

     

       2
       2
       +
       

     

       3
       3
       +
       netbird.override {

     

       4
       4
       +
         componentName = "signal";

     

       5
       5
       +
       }

+1 -1

pkgs/by-name/ne/netbird-ui/package.nix

···

       1
       1
        
       { netbird }:

     

       2
       2
        
       

     

       3
       3
        
       netbird.override {

     

       4
       4
       -
         ui = true;

     

       4
       4
       +
         componentName = "ui";

     

       5
       5
        
       }

pkgs/by-name/ne/netbird-upload/package.nix

···

       1
       1
       +
       { netbird }:

     

       2
       2
       +
       

     

       3
       3
       +
       netbird.override {

     

       4
       4
       +
         componentName = "upload";

     

       5
       5
       +
       }

+74 -39

pkgs/by-name/ne/netbird/package.nix

···

       12
       12
        
         libX11,

     

       13
       13
        
         libXcursor,

     

       14
       14
        
         libXxf86vm,

     

       15
       15
       -
         ui ? false,

     

       16
       15
        
         netbird-ui,

     

       17
       16
        
         versionCheckHook,

     

       17
       17
       +
         componentName ? "client",

     

       18
       18
        
       }:

     

       19
       19
        
       let

     

       20
       20
       -
         modules =

     

       21
       21
       -
           if ui then

     

       22
       22
       -
             {

     

       23
       23
       -
               "client/ui" = "netbird-ui";

     

       24
       24
       -
             }

     

       25
       25
       -
           else

     

       26
       26
       -
             {

     

       27
       27
       -
               client = "netbird";

     

       28
       28
       -
               management = "netbird-mgmt";

     

       29
       29
       -
               signal = "netbird-signal";

     

       30
       30
       -
             };

     

       20
       20
       +
         /*

     

       21
       21
       +
           License tagging is based off:

     

       22
       22
       +
           - https://github.com/netbirdio/netbird/blob/9e95841252c62b50ae93805c8dfd2b749ac95ea7/LICENSES/REUSE.toml

     

       23
       23
       +
           - https://github.com/netbirdio/netbird/blob/9e95841252c62b50ae93805c8dfd2b749ac95ea7/LICENSE#L1-L2

     

       24
       24
       +
         */

     

       25
       25
       +
         availableComponents = {

     

       26
       26
       +
           client = {

     

       27
       27
       +
             module = "client";

     

       28
       28
       +
             binaryName = "netbird";

     

       29
       29
       +
             license = lib.licenses.bsd3;

     

       30
       30
       +
             versionCheckProgramArg = "version";

     

       31
       31
       +
             hasCompletion = true;

     

       32
       32
       +
           };

     

       33
       33
       +
           ui = {

     

       34
       34
       +
             module = "client/ui";

     

       35
       35
       +
             binaryName = "netbird-ui";

     

       36
       36
       +
             license = lib.licenses.bsd3;

     

       37
       37
       +
           };

     

       38
       38
       +
           upload = {

     

       39
       39
       +
             module = "upload-server";

     

       40
       40
       +
             binaryName = "netbird-upload";

     

       41
       41
       +
             license = lib.licenses.bsd3;

     

       42
       42
       +
           };

     

       43
       43
       +
           management = {

     

       44
       44
       +
             module = "management";

     

       45
       45
       +
             binaryName = "netbird-mgmt";

     

       46
       46
       +
             license = lib.licenses.agpl3Only;

     

       47
       47
       +
             versionCheckProgramArg = "--version";

     

       48
       48
       +
             hasCompletion = true;

     

       49
       49
       +
           };

     

       50
       50
       +
           signal = {

     

       51
       51
       +
             module = "signal";

     

       52
       52
       +
             binaryName = "netbird-signal";

     

       53
       53
       +
             license = lib.licenses.agpl3Only;

     

       54
       54
       +
             hasCompletion = true;

     

       55
       55
       +
           };

     

       56
       56
       +
           relay = {

     

       57
       57
       +
             module = "relay";

     

       58
       58
       +
             binaryName = "netbird-relay";

     

       59
       59
       +
             license = lib.licenses.agpl3Only;

     

       60
       60
       +
           };

     

       61
       61
       +
         };

     

       62
       62
       +
         isUI = componentName == "ui";

     

       63
       63
       +
         component = availableComponents.${componentName};

     

       31
       64
        
       in

     

       32
       65
        
       buildGoModule (finalAttrs: {

     

       33
       33
       -
         pname = "netbird";

     

       34
       34
       -
         version = "0.49.0";

     

       66
       66
       +
         pname = "netbird-${componentName}";

     

       67
       67
       +
         version = "0.54.0";

     

       35
       68
        
       

     

       36
       69
        
         src = fetchFromGitHub {

     

       37
       70
        
           owner = "netbirdio";

     

       38
       71
        
           repo = "netbird";

     

       39
       72
        
           tag = "v${finalAttrs.version}";

     

       40
       40
       -
           hash = "sha256-Hv0A9/NTMzRAf9YvYGvRLyy2gdigF9y2NfylE8bLcTw=";

     

       73
       73
       +
           hash = "sha256-qKYJa7q7scEbbxLHaosaurrjXR5ABxCAnuUcy80yKEc=";

     

       41
       74
        
         };

     

       42
       75
        
       

     

       43
       43
       -
         vendorHash = "sha256-t/X/muMwHVwg8Or+pFTSEQEsnkKLuApoVUmMhyCImWI=";

     

       76
       76
       +
         vendorHash = "sha256-uVVm+iDGP2eZ5GVXWJrWZQ7LpHdZccRIiHPIFs6oAPo=";

     

       44
       77
        
       

     

       45
       45
       -
         nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config;

     

       78
       78
       +
         nativeBuildInputs = [ installShellFiles ] ++ lib.optional isUI pkg-config;

     

       46
       79
        
       

     

       47
       47
       -
         buildInputs = lib.optionals (stdenv.hostPlatform.isLinux && ui) [

     

       80
       80
       +
         buildInputs = lib.optionals (stdenv.hostPlatform.isLinux && isUI) [

     

       48
       81
        
           gtk3

     

       49
       82
        
           libayatana-appindicator

     

       50
       83
        
           libX11

     
···

       52
       85
        
           libXxf86vm

     

       53
       86
        
         ];

     

       54
       87
        
       

     

       55
       55
       -
         subPackages = lib.attrNames modules;

     

       88
       88
       +
         subPackages = [ component.module ];

     

       56
       89
        
       

     

       57
       90
        
         ldflags = [

     

       58
       91
        
           "-s"

     
···

       73
       106
        
         '';

     

       74
       107
        
       

     

       75
       108
        
         postInstall =

     

       76
       76
       -
           lib.concatStringsSep "\n" (

     

       77
       77
       -
             lib.mapAttrsToList (

     

       78
       78
       -
               module: binary:

     

       79
       79
       -
               ''

     

       80
       80
       -
                 mv $out/bin/${lib.last (lib.splitString "/" module)} $out/bin/${binary}

     

       109
       109
       +
           let

     

       110
       110
       +
             builtBinaryName = lib.last (lib.splitString "/" component.module);

     

       111
       111
       +
           in

     

       112
       112
       +
           ''

     

       113
       113
       +
             mv $out/bin/${builtBinaryName} $out/bin/${component.binaryName}

     

       114
       114
       +
           ''

     

       115
       115
       +
           +

     

       116
       116
       +
             lib.optionalString

     

       117
       117
       +
               (stdenv.buildPlatform.canExecute stdenv.hostPlatform && (component.hasCompletion or false))

     

       81
       118
        
               ''

     

       82
       82
       -
               + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform && !ui) ''

     

       83
       83
       -
                 installShellCompletion --cmd ${binary} \

     

       84
       84
       -
                   --bash <($out/bin/${binary} completion bash) \

     

       85
       85
       -
                   --fish <($out/bin/${binary} completion fish) \

     

       86
       86
       -
                   --zsh <($out/bin/${binary} completion zsh)

     

       119
       119
       +
                 installShellCompletion --cmd ${component.binaryName} \

     

       120
       120
       +
                   --bash <($out/bin/${component.binaryName} completion bash) \

     

       121
       121
       +
                   --fish <($out/bin/${component.binaryName} completion fish) \

     

       122
       122
       +
                   --zsh <($out/bin/${component.binaryName} completion zsh)

     

       87
       123
        
               ''

     

       88
       88
       -
             ) modules

     

       89
       89
       -
           )

     

       90
       90
       -
           + lib.optionalString (stdenv.hostPlatform.isLinux && ui) ''

     

       124
       124
       +
           # assemble & adjust netbird.desktop files for the GUI

     

       125
       125
       +
           + lib.optionalString (stdenv.hostPlatform.isLinux && isUI) ''

     

       91
       126
        
             install -Dm644 "$src/client/ui/assets/netbird-systemtray-connected.png" "$out/share/pixmaps/netbird.png"

     

       92
       127
        
             install -Dm644 "$src/client/ui/build/netbird.desktop" "$out/share/applications/netbird.desktop"

     

       93
       128
        
       

     

       94
       129
        
             substituteInPlace $out/share/applications/netbird.desktop \

     

       95
       95
       -
               --replace-fail "Exec=/usr/bin/netbird-ui" "Exec=$out/bin/netbird-ui"

     

       130
       130
       +
               --replace-fail "Exec=/usr/bin/netbird-ui" "Exec=$out/bin/${component.binaryName}"

     

       96
       131
        
           '';

     

       97
       132
        
       

     

       98
       133
        
         nativeInstallCheckInputs = [

     

       99
       134
        
           versionCheckHook

     

       100
       135
        
         ];

     

       101
       101
       -
         versionCheckProgram = "${placeholder "out"}/bin/${finalAttrs.meta.mainProgram}";

     

       102
       102
       -
         versionCheckProgramArg = "version";

     

       103
       103
       -
         # Disabled for the `netbird-ui` version because it does a network request.

     

       104
       104
       -
         doInstallCheck = !ui;

     

       136
       136
       +
         versionCheckProgram = "${placeholder "out"}/bin/${component.binaryName}";

     

       137
       137
       +
         versionCheckProgramArg = component.versionCheckProgramArg or "version";

     

       138
       138
       +
         doInstallCheck = component ? versionCheckProgramArg;

     

       105
       139
        
       

     

       106
       140
        
         passthru = {

     

       107
       141
        
           tests = {

     
···

       115
       149
        
           homepage = "https://netbird.io";

     

       116
       150
        
           changelog = "https://github.com/netbirdio/netbird/releases/tag/v${finalAttrs.version}";

     

       117
       151
        
           description = "Connect your devices into a single secure private WireGuard®-based mesh network with SSO/MFA and simple access controls";

     

       118
       118
       -
           license = lib.licenses.bsd3;

     

       152
       152
       +
           license = component.license;

     

       119
       153
        
           maintainers = with lib.maintainers; [

     

       154
       154
       +
             nazarewk

     

       120
       155
        
             saturn745

     

       121
       156
        
             loc

     

       122
       157
        
           ];

     

       123
       123
       -
           mainProgram = if ui then "netbird-ui" else "netbird";

     

       158
       158
       +
           mainProgram = component.binaryName;

     

       124
       159
        
         };

     

       125
       160
        
       })