I just switched to NetBird self-host after doing the manual wireguard song and dance. So far so good, I’m just running into some double proxy issues.
Previously, I had a VPS with Caddy pointing to my internal caddy through a wireguard tunnel. The tunnel itself was between the VPS and my opnsense box, similarly with how it’s setup with netbird (the management is on the VPS, client on opnsense).
# This was the VPS's caddyfile block, more or less
handle {
reverse_proxy "https://192.168.2.250" {
header_up Host {host}
transport http {
tls_server_name {host}
}
}
}
I wanted to know if someone already did something like this and how.
I am using a custom domain for the netbird proxy and the domains are 1:1 to how they are inside and outside (auth.ysnt.live → auth.ysnt.live)
Not too familiar with traefik but I’m assuming it uses that for the proxy, I just don’t know if it’s something I can do without some change being made to the proxy itself.
Any advice would be much appreciated!
Using the script from the docs to install, haven’t touched anything other than adding the domain through Custom Domains.
I can confirm it does work when I’m on the netbird network itself, using a dns record and ACLs that let me use that resource.
Have you tried these troubleshooting steps?
- Reviewed client troubleshooting (if applicable)
- Checked for newer NetBird versions
- Searched for similar issues on GitHub (including closed ones)
- Restarted the NetBird client
- Disabled other VPN software
- Checked firewall settings