Netbird VPS Deployment

I plan on self hosting netbird on a VPS (digital ocean) to connect 4 sites I have plus mobile clients. All 4 sites have pfsense as their firewall. Since there’s no package yet for pfsense I figured I would just attach a WG interface to grab all the traffic behind each firewall and send it through to the VPS which would also be my exit node.

  1. I do plan on pointing a domain at the VPS IP address to run services/reverse proxy. Should I put a pfsense firewall at the VPS to run the reverse proxy or is there a way to point the traffic coming in to the HQ site I have that runs all the services. With this, can I use the HQ site to run all the DNS? Or do I deploy a UFW?

  2. What type of CPU/RAM combination would you recommend for the VPS?

  3. If I need all the clients behind each site to talk to each other/HQ site are there any specific rules within each pfsense firewall or the coordination server I need to do?

Thanks for the insights and conversation. Happy Holidays!

If it were me I’d setup wired guard on pfsense and call it a day. What are you wanting to gain by using netbird? Do you have a special requirement?

I have 4 sites and mobile clients I am trying to connect. Doing just WG by itself would be miserable.

Sounds like a good plan. Here are some thoughts:

  1. The Linux firewall is super capable. I wouldn’t bother with a pfSense instance in front of it, but do set up a firewall on the host (ufw will work great and docker will open ports as needed). And you should set up fail2ban.

  2. Check the documentation, but I don’t think you need anything extravagant.

  3. You should allow known IPs in fail2ban, but otherwise, only the server needs ports exposed.

1 Like

Thank you so much, I appreciate you.

.

You can use the HQ site to handle services and DNS, while a reverse proxy on the VPS can direct traffic. A UFW on the VPS should secure traffic. For inter-site communication, configure specific firewall rules on each pfSense to route traffic properly. For the VPS, 2-4GB RAM and 2 cores should suffice. My professor assigned a detailed literature review for my research paper, and I was unsure where to begin. I opted for Academized’s Literature Review Writing Service: Buy a Perfect Paper buy literature review service, and it was a game-changer. The review was well-organized, detailed, and supported by reliable sources. It made the process so much easier and helped me meet my deadline with ease. I highly recommend Academized for literature review assistance!