services: # UI dashboard dashboard: image: netbirdio/dashboard:latest restart: unless-stopped ports: - "127.0.0.1:10004:80" environment: # This points to the central Apache proxy - NETBIRD_MGMT_API_ENDPOINT=https://vpn02.test.com - NETBIRD_MGMT_GRPC_API_ENDPOINT=https://vpn02.test.com # THIS IS THE CRITICAL FIX for the localhost error - AUTH_AUTHORITY=https://sso.test.com/realms/test - AUTH_AUDIENCE=netbird-vpn02-client - AUTH_CLIENT_ID=netbird-vpn02-client - USE_AUTH0=false - AUTH_SUPPORTED_SCOPES=openid profile email offline_access api - NETBIRD_TOKEN_SOURCE=accessToken logging: &logging driver: "json-file" options: { max-size: "500m", max-file: "2" } # Signal Service signal: image: netbirdio/signal:latest restart: unless-stopped ports: # Listens internally only - "127.0.0.1:10003:80" logging: *logging # Management Service management: image: netbirdio/management:latest restart: unless-stopped volumes: - netbird-mgmt:/var/lib/netbird # THIS IS THE CRITICAL FIX: Maps the host's certs into the container - /etc/letsencrypt:/etc/letsencrypt:ro - ./management.json:/etc/netbird/management.json ports: # Listens internally only - "127.0.0.1:10005:80" command: - "--log-file" - "console" - "--dns-domain" - "netbird.selfhosted" logging: *logging # Relay and Coturn services remain unchanged relay: image: netbirdio/relay:latest restart: unless-stopped environment: - NB_LOG_LEVEL=info - NB_LISTEN_ADDRESS=:33080 - NB_EXPOSED_ADDRESS=vpn02.test.com:33080 - NB_AUTH_SECRET=[redacted] ports: - "33080:33080" logging: *logging coturn: image: coturn/coturn:latest restart: unless-stopped volumes: - ./turnserver.conf:/etc/turnserver.conf:ro - /opt/netbird/certs:/etc/netbird/certs:ro network_mode: host command: - "-c /etc/turnserver.conf" logging: *logging volumes: netbird-mgmt: netbird-signal: