From 96a9151820c2287e3a640c603e7e588b7a8d1388 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Tue, 4 Feb 2025 21:43:15 +0100 Subject: [PATCH 01/24] Added a plugin for Netbird --- net/netbird/+POST_INSTALL.post | 3 + net/netbird/Makefile | 10 + net/netbird/pkg-descr | 1 + .../src/etc/inc/plugins.inc.d/netbird.inc | 30 ++ .../src/etc/rc.syshook.d/carp/30-netbird | 52 ++++ .../netbird/Api/InitialController.php | 17 ++ .../netbird/Api/ServiceController.php | 263 ++++++++++++++++++ .../netbird/Api/SettingsController.php | 16 ++ .../OPNsense/netbird/ConstatusController.php | 15 + .../OPNsense/netbird/IndexController.php | 17 ++ .../OPNsense/netbird/forms/general.xml | 56 ++++ .../OPNsense/netbird/forms/initialup.xml | 25 ++ .../app/models/OPNsense/netbird/ACL/ACL.xml | 9 + .../app/models/OPNsense/netbird/Initial.php | 9 + .../app/models/OPNsense/netbird/Initial.xml | 34 +++ .../app/models/OPNsense/netbird/Menu/Menu.xml | 9 + .../app/models/OPNsense/netbird/Netbird.php | 9 + .../app/models/OPNsense/netbird/Netbird.xml | 46 +++ .../app/views/OPNsense/netbird/constatus.volt | 136 +++++++++ .../mvc/app/views/OPNsense/netbird/index.volt | 79 ++++++ .../scripts/OPNsense/netbird/initialup.sh | 16 ++ .../conf/actions.d/actions_netbird.conf | 53 ++++ .../OPNsense/Syslog/local/netbird.conf | 6 + .../templates/OPNsense/netbird/+TARGETS | 1 + .../templates/OPNsense/netbird/netbird | 6 + 25 files changed, 918 insertions(+) create mode 100644 net/netbird/+POST_INSTALL.post create mode 100644 net/netbird/Makefile create mode 100644 net/netbird/pkg-descr create mode 100644 net/netbird/src/etc/inc/plugins.inc.d/netbird.inc create mode 100755 net/netbird/src/etc/rc.syshook.d/carp/30-netbird create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/ServiceController.php create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/ConstatusController.php create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/general.xml create mode 100644 net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/initialup.xml create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/ACL/ACL.xml create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.xml create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Menu/Menu.xml create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php create mode 100644 net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.xml create mode 100644 net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt create mode 100644 net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/index.volt create mode 100755 net/netbird/src/opnsense/scripts/OPNsense/netbird/initialup.sh create mode 100644 net/netbird/src/opnsense/service/conf/actions.d/actions_netbird.conf create mode 100644 net/netbird/src/opnsense/service/templates/OPNsense/Syslog/local/netbird.conf create mode 100644 net/netbird/src/opnsense/service/templates/OPNsense/netbird/+TARGETS create mode 100644 net/netbird/src/opnsense/service/templates/OPNsense/netbird/netbird diff --git a/net/netbird/+POST_INSTALL.post b/net/netbird/+POST_INSTALL.post new file mode 100644 index 0000000000..25c23adf0f --- /dev/null +++ b/net/netbird/+POST_INSTALL.post @@ -0,0 +1,3 @@ +chmod +x /usr/local/etc/rc.syshook.d/carp/30-netbird +chmod +x /usr/local/opnsense/scripts/OPNsense/netbird/initialup.sh +/etc/rc.d/os-release start diff --git a/net/netbird/Makefile b/net/netbird/Makefile new file mode 100644 index 0000000000..7faad402ae --- /dev/null +++ b/net/netbird/Makefile @@ -0,0 +1,10 @@ +PLUGIN_NAME= netbird +PLUGIN_VERSION= 0.8 +PLUGIN_REVISION= 1 +PLUGIN_DEPENDS= netbird +PLUGIN_COMMENT= Netbird plugin +PLUGIN_MAINTAINER= opn-netbird@sun-ri.se +PLUGIN_WWW= https:/netbird.io +PLUGIN_DEVEL= no +PLUGIN_SUFFIX= +.include "../../Mk/plugins.mk" diff --git a/net/netbird/pkg-descr b/net/netbird/pkg-descr new file mode 100644 index 0000000000..6cd065725a --- /dev/null +++ b/net/netbird/pkg-descr @@ -0,0 +1 @@ +Netbird plugin for OPNSense diff --git a/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc new file mode 100644 index 0000000000..3ebfb42b8a --- /dev/null +++ b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc @@ -0,0 +1,30 @@ +general->Enabled->__toString() == 1; +} + +function netbird_services() +{ + $services = array(); + + if (!netbird_enabled()) { + return $services; + } + + $services[] = array( + 'description' => gettext('Netbird'), + 'configd' => array( + 'restart' => array('netbird restart'), + 'start' => array('netbird start'), + 'stop' => array('netbird stop'), + ), + 'name' => 'netbird', + 'pidfile' => '/var/run/netbird.pid' + ); + + return $services; +} + diff --git a/net/netbird/src/etc/rc.syshook.d/carp/30-netbird b/net/netbird/src/etc/rc.syshook.d/carp/30-netbird new file mode 100755 index 0000000000..f6e281ad84 --- /dev/null +++ b/net/netbird/src/etc/rc.syshook.d/carp/30-netbird @@ -0,0 +1,52 @@ +#!/usr/local/bin/php +general->Enabled->__toString(); + + +if(!$enabled) { + exit(0); +} + +$carpif = $model->general->CarpIf->__toString(); + +if($carpif == '') { + exit(0); +} + +$target_vhid = $model->general->VHID; +$subsystem = !empty($argv[1]) ? $argv[1] : ''; +$type = !empty($argv[2]) ? $argv[2] : ''; + +if ($type != 'MASTER' && $type != 'BACKUP') { + exit(1); +} + +if (!strstr($subsystem, '@')) { + exit(1); +} + +list ($vhid, $iface) = explode('@', $subsystem); +$friendly = convert_real_interface_to_friendly_interface_name($iface); + + +if ($carpif != $friendly || $vhid != $target_vhid) { + exit(0); +} + +switch ($type) { + case 'MASTER': + shell_exec('/usr/local/bin/netbird up'); + break; + case 'BACKUP': + shell_exec('/usr/local/bin/netbird down'); + break; +} + diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php new file mode 100644 index 0000000000..56934899a0 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php @@ -0,0 +1,17 @@ +configdRun("netbird con-status"); + if ($bckResult !== null) { + return nl2br(htmlspecialchars($bckResult)); + } + return "Error retrieving connection status"; + } + + public function searchFilter($array, $value): bool + { + foreach ($array as $val) { + if (str_contains(strval($val), strtolower($value))) { + return true; + } + } + return false; + } + + public function upDownStatusAction(): string + { + $backend = new Backend(); + $bckResult = $backend->configdRun("netbird status"); + if (!str_contains($bckResult, "is running")) { + return json_encode(array('updown' => "NOT RUNNING", 'status' => "Netbird is not running")); + } + $bckResult = $backend->configdRun("netbird short-con-status"); + $txtStatus = nl2br(htmlspecialchars($bckResult)); + $bckResult = $backend->configdRun("netbird con-status-json"); + $status = json_decode($bckResult, true); + if (!$status['publicKey']) { + return json_encode(array('updown' => "DOWN", 'status' => $txtStatus)); + } + return json_encode(array('updown' => "UP", 'status' => $txtStatus)); + } + + public function searchAction(): string + { + $request = $this->request; + $backend = new Backend(); + $bckResult = $backend->configdRun("netbird status"); + if (!str_contains($bckResult, "is running")) { + return json_encode(array('current' => 1, 'rowCount' => 0, 'total' => 0, 'rows' => array())); + } + $bckResult = $backend->configdRun("netbird con-status-json"); + $status = json_decode($bckResult, true); + $itemsPerPage = $request->get('rowCount', 'int', -1); + $currentPage = $request->get('current', 'int', 1); + $sortBy = array('status'); + $sortDescending = false; + + + $searchPhrase = strtolower($request->get('searchPhrase', 'string', '')); + if (!$status['peers']['details']) { + return json_encode(array('current' => 1, 'rowCount' => 0, 'total' => 0, 'rows' => array())); + } + $details = $status['peers']['details']; + $details = array_filter($details, function ($item) use ($searchPhrase) { + return $this->searchFilter($item, $searchPhrase); + }); + $detailsFlat = array(); + foreach ($details as $detail) { + $detailsFlat[] = $this->flattenOneLevel($detail); + } + if ($request->hasPost('sort') && is_array($request->get("sort")) && !empty($request->get("sort"))) { + $sortBy = array_keys($request->get("sort")); + if (!empty($sortBy) && $request->get("sort")[$sortBy[0]] == "desc") { + $sortDescending = true; + } + + } + $sortValues = array(); + foreach ($detailsFlat as $detail) { + $sortValues[] = $detail[$sortBy[0]]; + } + array_multisort($sortValues, $sortDescending ? SORT_DESC : SORT_ASC, $detailsFlat); + $page = array_slice($detailsFlat, ($currentPage - 1) * $itemsPerPage, $itemsPerPage); + $page = $this->convertFieldsToDisplay($page); + $result = array('current' => $currentPage, 'rowCount' => count($page), 'total' => count($detailsFlat), 'rows' => $page); + return json_encode($result); + } + + private function flattenOneLevel($array): array + { + $result = array(); + foreach ($array as $key => $value) { + if (is_array($value)) { + foreach ($value as $subkey => $subvalue) { + if ($key == "routes") { + $result[$key] = implode("
", $value); + } + else { + $result[$key . "." . $subkey] = $subvalue; + } + } + } else { + $result[$key] = $value; + } + } + return $result; + } + + public function setUpAction(): string + { + $backend = new Backend(); + try { + return $backend->configdRun("netbird set-up"); + } catch (\Exception $e) { + return "Error running netbird up" . "\n" . $e->getMessage(); + } + } + + public function initialUpAction(): string + { + $backend = new Backend(); + $mdlInitial = new Initial(); + $key = $mdlInitial->initial->setupkey->__toString(); + $api = $mdlInitial->initial->mgmtservice->__toString(); + $hostname = $mdlInitial->initial->hostname->__toString(); + if ($hostname == "") { + $hostname = gethostname(); + if(!$hostname){ + $hostname = "OPNsense"; + }else{ + if(str_contains($hostname, ".")){ + $hostname = explode(".", $hostname)[0]; + } + } + + $mdlInitial->initial->hostname = $hostname; + } + $mdlInitial->initial->setupkey = "00000000-0000-0000-0000-000000000000"; + $mdlInitial->initial->initsure = 0; + + $mdlInitial->serializeToConfig(); + $cnf = Config::getInstance(); + $cnf->save(); + + $bckresult = $backend->configdRun("netbird set-up-initial " . escapeshellarg($api) . " " . escapeshellarg($key) . " " . escapeshellarg($hostname)); + return nl2br(htmlspecialchars($bckresult)); + } + + public function setDownAction(): string + { + $backend = new Backend(); + try { + return $backend->configdRun("netbird set-down"); + } catch (\Exception $e) { + return "Error running netbird down" . "\n" . $e->getMessage(); + } + } + + public function reloadAction() + { + $status = "failed"; + if ($this->request->isPost()) { + try { + $mdlNetbird = new Netbird(); + $backend = new Backend(); + if (trim($backend->configdRun('template reload OPNsense/netbird')) == "OK") { + $status = "ok"; + } + + $enabled = $mdlNetbird->general->Enabled->__toString() == 1; + $carpEnabled = $mdlNetbird->general->CarpIf->__toString() != ''; + $disableClientRoutes = $mdlNetbird->general->DisableClientRoutes->__toString() == 1; + $disableServerRoutes = $mdlNetbird->general->DisableServerRoutes->__toString() == 1; + $disableDNS = $mdlNetbird->general->DisableDNS->__toString() == 1; + $rpEnabled = $mdlNetbird->general->QuantumEnabled->__toString() == 1; + $rpPermissive = $mdlNetbird->general->QuantumPermissive->__toString() == 1; + $wgPort = $mdlNetbird->general->WgPort->__toString(); + $netbirdConfigJson = file_get_contents(self::NETBIRD_CONFIG_JSON); + $netbirdConfig = json_decode($netbirdConfigJson, true); + $netbirdConfig["DisableAutoConnect"] = $carpEnabled; + $netbirdConfig["DisableClientRoutes"] = $disableClientRoutes; + $netbirdConfig["DisableServerRoutes"] = $disableServerRoutes; + $netbirdConfig["DisableDNS"] = $disableDNS; + $netbirdConfig["RosenpassEnabled"] = $rpEnabled; + $netbirdConfig["RosenpassPermissive"] = $rpPermissive; + $netbirdConfig["WgPort"] = intval($wgPort); + $netbirdConfigJson = json_encode($netbirdConfig); + file_put_contents(self::NETBIRD_CONFIG_JSON, $netbirdConfigJson); + $action = $enabled ? "restart" : "stop"; + $backend->configdRun("netbird $action"); + } catch (\Exception $e) { + $status = "failed"; + syslog(LOG_ERR, "netbird: failed to reload configuration: " . $e->getMessage()); + } + } + return array("status" => $status); + } + + /** + * @param array $page + * @return array + */ + public function convertFieldsToDisplay(array $page): array + { + for ($i = 0; $i < count($page); $i++) { + $page[$i]['latency'] = round($page[$i]['latency'] / 1000000, 2) . " ms"; + $received = $page[$i]['transferReceived']; + $rcvUnit = "KiB"; + $received /= 1024; + if ($received > 1024) { + $received /= 1024; + $rcvUnit = "MiB"; + } + if ($received > 1024) { + $received /= 1024; + $rcvUnit = "GiB"; + } + + $sent = $page[$i]['transferSent']; + $sentUnit = "KiB"; + $sent /= 1024; + if ($sent > 1024) { + $sent /= 1024; + $sentUnit = "MiB"; + } + if ($sent > 1024) { + $sent /= 1024; + $sentUnit = "GiB"; + } + $page[$i]['transferReceived'] = round($received, 2) . " " . $rcvUnit; + $page[$i]['transferSent'] = round($sent, 2) . " " . $sentUnit; + $page[$i]['lastStatusUpdate'] = date("Y-m-d H:i:s", strtotime($page[$i]['lastStatusUpdate'])); + $page[$i]['lastWireguardHandshake'] = date("Y-m-d H:i:s", strtotime($page[$i]['lastWireguardHandshake'])); + foreach ($page[$i] as $key => $value) { + if ($value == "true") { + $page[$i][$key] = 1; + } elseif ($value == "false") { + $page[$i][$key] = 0; + } + + } + } + return $page; + } +} diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php new file mode 100644 index 0000000000..b2a190e34e --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php @@ -0,0 +1,16 @@ +view->pick('OPNsense/netbird/constatus'); + } +} diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php new file mode 100644 index 0000000000..012e8a5f4d --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php @@ -0,0 +1,17 @@ +view->generalForm = $this->getForm("general"); + $this->view->initialUpForm = $this->getForm("initialup"); + $this->view->pick('OPNsense/netbird/index'); + } +} diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/general.xml b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/general.xml new file mode 100644 index 0000000000..94513a0cd5 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/general.xml @@ -0,0 +1,56 @@ +
+ + netbird.general.Enabled + + checkbox + Enable Netbird + + + netbird.general.WgPort + + text + + + netbird.general.DisableDNS + + checkbox + Disables DNS lookups for the Netbird network. + + + netbird.general.DisableServerRoutes + + checkbox + Prevents Netbird from being a routing peer for other Netbird peers. + + + netbird.general.DisableClientRoutes + + checkbox + Prevents Netbird from setting client routes to other remote peers. + + + netbird.general.QuantumEnabled + + checkbox + Enable Rosenpass + + + netbird.general.QuantumPermissive + + checkbox + Enable Rosenpass permissive mode + + + netbird.general.CarpIf + + dropdown + If set to none Netbird up is executed and auto connect is enabled. If an interface is selected auto + connect is disabled. Please trigger a CARP event or execute Netbird up manually on the MASTER node. + + + + netbird.general.VHID + + text + +
diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/initialup.xml b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/initialup.xml new file mode 100644 index 0000000000..eb4db002f0 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/forms/initialup.xml @@ -0,0 +1,25 @@ +
+ + netbird.initial.mgmtservice + + text + + + netbird.initial.setupkey + + text + + + netbird.initial.hostname + + text + If empty the system hostname excluding the domain part will be used. + + + netbird.initial.initsure + + checkbox + If you enable this checkbox and submit the form your old netbird config will be deleted. In case of an error it will get restored. Should something go terribly wrong you can find the backups + in the configuration folder. (/usr/local/etc/netbird) + +
diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/ACL/ACL.xml b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/ACL/ACL.xml new file mode 100644 index 0000000000..d5e38af314 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/ACL/ACL.xml @@ -0,0 +1,9 @@ + + + VPN: Netbird + + ui/netbird/* + api/netbird/* + + + diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php new file mode 100644 index 0000000000..3bc45b425c --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php @@ -0,0 +1,9 @@ + + //OPNsense/netbird-initial + + Netbird initial setup + + + + + + + N + 00000000-0000-0000-0000-000000000000 + /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i + Please specify a valid setup key. + + + Y + https://api.netbird.io:443 + + + N + N + N + N + N + Please specify a valid hostname. + + + 0 + Y + + + + diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Menu/Menu.xml b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Menu/Menu.xml new file mode 100644 index 0000000000..50e8700c8d --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Menu/Menu.xml @@ -0,0 +1,9 @@ + + + + + + + + + diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php new file mode 100644 index 0000000000..7f2c6d0695 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php @@ -0,0 +1,9 @@ + + //OPNsense/netbird + 0.8.1 + Netbird plugin + + + + + + 0 + Y + + + Y + 51820 + + + 0 + Y + + + 1 + Y + + + 1 + Y + + + 1 + Y + + + 0 + Y + + + N + + + N + 1 + + + + diff --git a/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt new file mode 100644 index 0000000000..11825a2599 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt @@ -0,0 +1,136 @@ + +
+

Netbird Connection

+ +
+
+ + +
+ +
+

Peers

+ + + + + + + + + + + + + + + + + + + + + + + +
{{ lang._('FQDN') }}{{ lang._('Routes') }}{{ lang._('IP') }}{{ lang._('Direct') }}{{ lang._('Status') }}{{ lang._('Last Handshake') }}{{ lang._('Last Status Update') }}{{ lang._('Received') }}{{ lang._('Sent') }}{{ lang._('Latency') }}{{ lang._('Connection Type') }}{{ lang._('QR') }}{{ lang._('ICE TL') }}{{ lang._('ICE TR') }}{{ lang._('ICE EP Local') }}{{ lang._('ICE EP Remote') }}
+
+
+

{{ lang._('Status Output') }}

+
+
+
+ +
+ +
diff --git a/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/index.volt b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/index.volt new file mode 100644 index 0000000000..7b7ee919a2 --- /dev/null +++ b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/index.volt @@ -0,0 +1,79 @@ + + + + +
+ {{ partial("layout_partials/base_form",['fields':generalForm,'id':'frm_GeneralSettings']) }} +
+ +
+ +
+ +
+ {{ partial("layout_partials/base_form",['fields':initialUpForm,'id':'frm_InitialUp']) }} +
+ +
+ +
+ + \ No newline at end of file diff --git a/net/netbird/src/opnsense/scripts/OPNsense/netbird/initialup.sh b/net/netbird/src/opnsense/scripts/OPNsense/netbird/initialup.sh new file mode 100755 index 0000000000..e338ef4054 --- /dev/null +++ b/net/netbird/src/opnsense/scripts/OPNsense/netbird/initialup.sh @@ -0,0 +1,16 @@ +#!/bin/sh +timestamp=$(date +%s) +/usr/local/etc/rc.d/netbird stop +echo "Deleting old configuration file" +mv /usr/local/etc/netbird/config.json /usr/local/etc/netbird/config.json.$timestamp +/usr/local/etc/rc.d/netbird start +/usr/local/bin/netbird up $@ 2>&1 +if [ $? -ne 0 ]; then + /usr/local/etc/rc.d/netbird stop + echo "Failed to bring up netbird" + echo "Restoring old configuration file" + mv /usr/local/etc/netbird/config.json /usr/local/etc/netbird/config.json.$timestamp.fail + mv /usr/local/etc/netbird/config.json.$timestamp /usr/local/etc/netbird/config.json + /usr/local/etc/rc.d/netbird start +fi +exit 0 \ No newline at end of file diff --git a/net/netbird/src/opnsense/service/conf/actions.d/actions_netbird.conf b/net/netbird/src/opnsense/service/conf/actions.d/actions_netbird.conf new file mode 100644 index 0000000000..9a1b71bbe1 --- /dev/null +++ b/net/netbird/src/opnsense/service/conf/actions.d/actions_netbird.conf @@ -0,0 +1,53 @@ +[start] +command:/usr/local/etc/rc.d/netbird start +parameters: +type:script +message:starting netbird + +[stop] +command:/usr/local/etc/rc.d/netbird stop +parameters: +type:script +message:stopping netbird + +[restart] +command:/usr/local/etc/rc.d/netbird restart +parameters: +type:script +message:restarting netbird + +[status] +command:/usr/local/etc/rc.d/netbird status; exit 0 +type:script_output +message:get netbird status + +[con-status] +command:/usr/local/bin/netbird status -d; exit 0 +type:script_output +message:get netbird connection status + +[set-up] +command:/usr/local/bin/netbird up +type:script +message:set netbird up + +[set-up-initial] +command:/usr/local/opnsense/scripts/OPNsense/netbird/initialup.sh +parameters: -m %s -k %s -n %s +type:script_output +message:setup netbird + +[set-down] +command:/usr/local/bin/netbird down +type:script +message:set netbird down + +[short-con-status] +command:/usr/local/bin/netbird status; exit 0 +type:script_output +message:get short netbird connection status + +[con-status-json] +command:/usr/local/bin/netbird status --json; exit 0 +type:script_output +message:get netbird connection status \ No newline at end of file diff --git a/net/netbird/src/opnsense/service/templates/OPNsense/Syslog/local/netbird.conf b/net/netbird/src/opnsense/service/templates/OPNsense/Syslog/local/netbird.conf new file mode 100644 index 0000000000..c16a43df75 --- /dev/null +++ b/net/netbird/src/opnsense/service/templates/OPNsense/Syslog/local/netbird.conf @@ -0,0 +1,6 @@ +################################################################### +# Local syslog-ng configuration filter definition [netbird]. +################################################################### +filter f_local_netbird { + program("netbird"); +}; diff --git a/net/netbird/src/opnsense/service/templates/OPNsense/netbird/+TARGETS b/net/netbird/src/opnsense/service/templates/OPNsense/netbird/+TARGETS new file mode 100644 index 0000000000..123637703d --- /dev/null +++ b/net/netbird/src/opnsense/service/templates/OPNsense/netbird/+TARGETS @@ -0,0 +1 @@ +netbird:/etc/rc.conf.d/netbird \ No newline at end of file diff --git a/net/netbird/src/opnsense/service/templates/OPNsense/netbird/netbird b/net/netbird/src/opnsense/service/templates/OPNsense/netbird/netbird new file mode 100644 index 0000000000..519a06f2d7 --- /dev/null +++ b/net/netbird/src/opnsense/service/templates/OPNsense/netbird/netbird @@ -0,0 +1,6 @@ +{% if helpers.exists('OPNsense.netbird.general.Enabled') and OPNsense.netbird.general.Enabled|default("0") == '1' %} +netbird_enable="YES" +{% else %} +netbird_enable="NO" +{% endif %} +osrelease_enable="YES" From 47c7df713b3d5f2cba23585821fd966ba2515be1 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Tue, 13 May 2025 15:07:35 +0200 Subject: [PATCH 02/24] Update net/netbird/Makefile Start with 0.1 Co-authored-by: Franco Fichtner --- net/netbird/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/netbird/Makefile b/net/netbird/Makefile index 7faad402ae..243bbcb56c 100644 --- a/net/netbird/Makefile +++ b/net/netbird/Makefile @@ -1,6 +1,5 @@ PLUGIN_NAME= netbird -PLUGIN_VERSION= 0.8 -PLUGIN_REVISION= 1 +PLUGIN_VERSION= 0.1 PLUGIN_DEPENDS= netbird PLUGIN_COMMENT= Netbird plugin PLUGIN_MAINTAINER= opn-netbird@sun-ri.se From e835f4465af9d37189c19ef46b135475e54e00f0 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sun, 18 May 2025 21:52:13 +0200 Subject: [PATCH 03/24] Remove the post-install file, not needed --- net/netbird/+POST_INSTALL.post | 3 --- 1 file changed, 3 deletions(-) delete mode 100644 net/netbird/+POST_INSTALL.post diff --git a/net/netbird/+POST_INSTALL.post b/net/netbird/+POST_INSTALL.post deleted file mode 100644 index 25c23adf0f..0000000000 --- a/net/netbird/+POST_INSTALL.post +++ /dev/null @@ -1,3 +0,0 @@ -chmod +x /usr/local/etc/rc.syshook.d/carp/30-netbird -chmod +x /usr/local/opnsense/scripts/OPNsense/netbird/initialup.sh -/etc/rc.d/os-release start From 7e418a66cedcec6d8dbecd30a4b9896bc2fcca52 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sun, 18 May 2025 21:55:31 +0200 Subject: [PATCH 04/24] Update net/netbird/Makefile Co-authored-by: Franco Fichtner --- net/netbird/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/netbird/Makefile b/net/netbird/Makefile index 243bbcb56c..36b7fbcd44 100644 --- a/net/netbird/Makefile +++ b/net/netbird/Makefile @@ -4,6 +4,5 @@ PLUGIN_DEPENDS= netbird PLUGIN_COMMENT= Netbird plugin PLUGIN_MAINTAINER= opn-netbird@sun-ri.se PLUGIN_WWW= https:/netbird.io -PLUGIN_DEVEL= no -PLUGIN_SUFFIX= +PLUGIN_DEVEL= yes .include "../../Mk/plugins.mk" From 9b7dfb93b16c48e37a903d8b87958bffcb4dc989 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sun, 18 May 2025 21:56:57 +0200 Subject: [PATCH 05/24] Update net/netbird/src/etc/inc/plugins.inc.d/netbird.inc Co-authored-by: Franco Fichtner --- net/netbird/src/etc/inc/plugins.inc.d/netbird.inc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc index 3ebfb42b8a..de82b63f5f 100644 --- a/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc +++ b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc @@ -2,8 +2,7 @@ function netbird_enabled() { - $mdlNetbird = new \OPNsense\netbird\Netbird(); - return $mdlNetbird->general->Enabled->__toString() == 1; + return !(new \OPNsense\netbird\Netbird())->general->Enabled->isEmpty(); } function netbird_services() From f32085dde0d93629fcfc8e746a9c9b6011c00da9 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sun, 18 May 2025 22:22:38 +0200 Subject: [PATCH 06/24] Fixed pkg-descr and plugin_comment --- net/netbird/Makefile | 7 ++++--- net/netbird/pkg-descr | 19 ++++++++++++++++++- 2 files changed, 22 insertions(+), 4 deletions(-) diff --git a/net/netbird/Makefile b/net/netbird/Makefile index 36b7fbcd44..ab3854bc97 100644 --- a/net/netbird/Makefile +++ b/net/netbird/Makefile @@ -1,8 +1,9 @@ PLUGIN_NAME= netbird PLUGIN_VERSION= 0.1 PLUGIN_DEPENDS= netbird -PLUGIN_COMMENT= Netbird plugin +PLUGIN_COMMENT= Peer-to-peer VPN that seamlessly connects your devices PLUGIN_MAINTAINER= opn-netbird@sun-ri.se -PLUGIN_WWW= https:/netbird.io +PLUGIN_WWW= https://netbird.io PLUGIN_DEVEL= yes -.include "../../Mk/plugins.mk" + +.include "../../Mk/plugins.mk" \ No newline at end of file diff --git a/net/netbird/pkg-descr b/net/netbird/pkg-descr index 6cd065725a..2bd1408875 100644 --- a/net/netbird/pkg-descr +++ b/net/netbird/pkg-descr @@ -1 +1,18 @@ -Netbird plugin for OPNSense +NetBird is an open-source WireGuard-based overlay network combined with +Zero Trust Network Access, providing secure and reliable connectivity +to internal resources. + +Key features: +- Zero-config VPN: Easily create secure connections between devices without +manual network setup. +- Built on WireGuard: Leverages WireGuard's high-performance encryption for +fast and secure communication. +- Self-hosted or Cloud-managed: Users can deploy their own NetBird management +server or use NetBird Cloud for centralized control. +- Access Control & Routing: Fine-grained access control policies and automatic +network routing simplify connectivity. +- This FreeBSD port provides the NetBird client daemon and CLI tools, allowing +FreeBSD systems to join a NetBird mesh network and securely communicate with +other peers. + +For more details, visit: https://netbird.io \ No newline at end of file From 59e9a9d55a8d0f346491163b7efab27d4fe33906 Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sat, 24 May 2025 20:18:57 +0200 Subject: [PATCH 07/24] Update netbird.inc --- .../src/etc/inc/plugins.inc.d/netbird.inc | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc index de82b63f5f..9fcd8c22f6 100644 --- a/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc +++ b/net/netbird/src/etc/inc/plugins.inc.d/netbird.inc @@ -1,5 +1,33 @@ general->Enabled->isEmpty(); From 5e11bc32290f969d0d379764b89971ce19ddb0de Mon Sep 17 00:00:00 2001 From: Gauss23 Date: Sat, 24 May 2025 20:19:25 +0200 Subject: [PATCH 08/24] Update InitialController.php --- .../netbird/Api/InitialController.php | 28 ++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php index 56934899a0..c60ed75888 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php @@ -1,5 +1,31 @@ Date: Sat, 24 May 2025 20:20:25 +0200 Subject: [PATCH 09/24] Update 30-netbird --- .../src/etc/rc.syshook.d/carp/30-netbird | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/net/netbird/src/etc/rc.syshook.d/carp/30-netbird b/net/netbird/src/etc/rc.syshook.d/carp/30-netbird index f6e281ad84..7fa07978a2 100755 --- a/net/netbird/src/etc/rc.syshook.d/carp/30-netbird +++ b/net/netbird/src/etc/rc.syshook.d/carp/30-netbird @@ -1,6 +1,33 @@ #!/usr/local/bin/php Date: Sat, 24 May 2025 20:21:08 +0200 Subject: [PATCH 10/24] Update InitialController.php --- .../app/controllers/OPNsense/netbird/Api/InitialController.php | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php index c60ed75888..e74610aa99 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/InitialController.php @@ -1,4 +1,5 @@ Date: Sat, 24 May 2025 20:21:36 +0200 Subject: [PATCH 11/24] Update ServiceController.php --- .../netbird/Api/ServiceController.php | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/ServiceController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/ServiceController.php index 6a1f8ac2d0..a20e78d17d 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/ServiceController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/ServiceController.php @@ -1,5 +1,33 @@ Date: Sat, 24 May 2025 20:21:52 +0200 Subject: [PATCH 12/24] Update SettingsController.php --- .../netbird/Api/SettingsController.php | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php index b2a190e34e..8f880f942a 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/Api/SettingsController.php @@ -1,5 +1,32 @@ Date: Sat, 24 May 2025 20:22:19 +0200 Subject: [PATCH 13/24] Update ConstatusController.php --- .../OPNsense/netbird/ConstatusController.php | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/ConstatusController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/ConstatusController.php index 8678f5044b..a288e391ee 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/ConstatusController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/ConstatusController.php @@ -1,5 +1,33 @@ Date: Sat, 24 May 2025 20:22:33 +0200 Subject: [PATCH 14/24] Update IndexController.php --- .../OPNsense/netbird/IndexController.php | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php index 012e8a5f4d..f17874e21f 100644 --- a/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php +++ b/net/netbird/src/opnsense/mvc/app/controllers/OPNsense/netbird/IndexController.php @@ -1,5 +1,33 @@ Date: Sat, 24 May 2025 20:23:14 +0200 Subject: [PATCH 15/24] Update Initial.php --- .../app/models/OPNsense/netbird/Initial.php | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php index 3bc45b425c..e629015fe1 100644 --- a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Initial.php @@ -1,5 +1,33 @@ Date: Sat, 24 May 2025 20:23:27 +0200 Subject: [PATCH 16/24] Update Netbird.php --- .../app/models/OPNsense/netbird/Netbird.php | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php index 7f2c6d0695..76dbf47846 100644 --- a/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php +++ b/net/netbird/src/opnsense/mvc/app/models/OPNsense/netbird/Netbird.php @@ -1,5 +1,33 @@ Date: Sat, 24 May 2025 20:28:18 +0200 Subject: [PATCH 17/24] Update constatus.volt --- .../app/views/OPNsense/netbird/constatus.volt | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt index 11825a2599..ae5f50320a 100644 --- a/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt +++ b/net/netbird/src/opnsense/mvc/app/views/OPNsense/netbird/constatus.volt @@ -1,3 +1,33 @@ +{# + +Copyright (C) 2025 Ralph Moser, PJ Monitoring GmbH +Copyright (C) 2025 squared GmbH +Copyright (C) 2025 Christopher Linn, BackendMedia IT-Services GmbH +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +#} +