Background
After a CI deploy to edge (which restarts Docker/Caddy), the NetBird agent's
WireGuard state breaks. All peers get stuck in "Connecting" (0/N connected)
even though Management and Signal remain up. This causes all proxied services
(Jellyfin, Jellyseerr, etc.) to return 502 until manually fixed.
Fix is sudo systemctl restart netbird on edge.
What to add
- Quick fix: add
sudo systemctl restart netbird as final SSH step in the CI deploy workflow
- Proper fix: investigate why Docker/Caddy restart disrupts the NetBird WireGuard interface and add a systemd
After=docker.service or PartOf=docker.service dependency so the agent restarts automatically when Docker does
Background
After a CI deploy to edge (which restarts Docker/Caddy), the NetBird agent's
WireGuard state breaks. All peers get stuck in "Connecting" (0/N connected)
even though Management and Signal remain up. This causes all proxied services
(Jellyfin, Jellyseerr, etc.) to return 502 until manually fixed.
Fix is
sudo systemctl restart netbirdon edge.What to add
sudo systemctl restart netbirdas final SSH step in the CI deploy workflowAfter=docker.serviceorPartOf=docker.servicedependency so the agent restarts automatically when Docker does