// ============================================================================= // NetBird Configuration // ============================================================================= // Edit this file to add/modify groups, policies, and setup keys. // Changes are applied via CI/CD when merged to main. export interface GroupConfig { name: string; description?: string; } export interface PolicyRuleConfig { name: string; description?: string; sources: string[]; // Group names destinations: string[]; // Group names bidirectional?: boolean; protocol?: string; } export interface PolicyConfig { name: string; description?: string; rules: PolicyRuleConfig[]; } export interface SetupKeyConfig { name: string; groups: string[]; // Group names type?: "one-off" | "reusable"; expiresInDays?: number; // 0 = never usageLimit?: number; // 0 = unlimited } // ============================================================================= // GROUPS // ============================================================================= // Add new groups here. They define logical groupings of peers. export const groups: GroupConfig[] = [ { name: "ground-stations", description: "Ground station devices" }, { name: "pilots", description: "Pilot control stations" }, { name: "operators", description: "Operator workstations" }, { name: "fusion-servers", description: "Data fusion servers" }, // Add new groups below: // { name: "maintenance", description: "Maintenance team devices" }, ]; // ============================================================================= // POLICIES // ============================================================================= // Define access control between groups. export const policies: PolicyConfig[] = [ { name: "pilot-to-ground-station", description: "Allow pilots to connect to ground stations", rules: [ { name: "pilot-gs-access", description: "Pilots can access ground stations", sources: ["pilots"], destinations: ["ground-stations"], bidirectional: true, protocol: "all", }, ], }, { name: "operator-full-access", description: "Operators can access all network resources", rules: [ { name: "operator-all", description: "Full operator access", sources: ["operators"], destinations: ["ground-stations", "pilots", "fusion-servers"], bidirectional: true, protocol: "all", }, ], }, { name: "fusion-to-ground-station", description: "Fusion servers coordinate with ground stations", rules: [ { name: "fusion-gs", description: "Fusion to GS access", sources: ["fusion-servers"], destinations: ["ground-stations"], bidirectional: true, protocol: "all", }, ], }, // Add new policies below: // { // name: "maintenance-access", // description: "Maintenance team can access all devices", // rules: [ // { // name: "maintenance-all", // sources: ["maintenance"], // destinations: ["ground-stations", "pilots", "fusion-servers"], // bidirectional: true, // protocol: "all", // }, // ], // }, ]; // ============================================================================= // SETUP KEYS // ============================================================================= // Setup keys for enrolling new peers. export const setupKeys: SetupKeyConfig[] = [ { name: "ground-station-onboarding", groups: ["ground-stations"], type: "reusable", expiresInDays: 0, // Never expires usageLimit: 0, // Unlimited }, { name: "pilot-onboarding", groups: ["pilots"], type: "reusable", expiresInDays: 30, usageLimit: 0, }, // Add new setup keys below: // { // name: "operator-onboarding", // groups: ["operators"], // type: "reusable", // expiresInDays: 7, // usageLimit: 10, // }, ];