Netbird
List and analyze Netbird network peers, groups, policies, and more.
Netbird MCP Server
A Model Context Protocol (MCP) server for Netbird.
This project is derived from the MCP Server for Grafana by Grafana Labs and is licensed under the same Apache License 2.0.
It also uses MCP Go by Mark III Labs.
Note: this project is still in development.
Installing
Installing from source
Clone the repository
git clone https://github.com/aantti/mcp-netbird
Build and install
cd mcp-netbird && \
make install
Installing from GitHub
go install github.com/aantti/mcp-netbird/cmd/mcp-netbird@latest
Installing via Smithery
To install Netbird MCP Server for Claude Desktop automatically via Smithery:
npx -y @smithery/cli install @aantti/mcp-netbird --client claude
Configuration
The server requires the following environment variables:
NETBIRD_API_TOKEN: Your Netbird API tokenNETBIRD_HOST(optional): The Netbird API host (default isapi.netbird.io)
Features
This server uses the Netbird API to provide LLMs information about Netbird network. Currently it's a 1:1 mapping of select read-only Netbird API resources to tools.
- Uses Netbird API to access configuration and status
- Configurable API endpoint
- Secure token-based authentication for Netbird API
Tools
| Tool | Description | Netbird API |
|---|---|---|
list_netbird_peers | All peers | List all Peers |
list_netbird_port_allocations | All ingress ports for peerId | List all Port Allocations |
list_netbird_groups | All groups | List all Groups |
list_netbird_policies | All policies | List all Policies |
list_netbird_posture_checks | All posture checks | List all Posture Checks |
list_netbird_networks | All networks | List all Networks |
list_netbird_nameservers | All nameserver groups | List all Nameserver Groups |
Adding tools
To add new tools:
- Create a new file in
tools(e.g.,tools/users.go), possibly use existing code as a template - Add API route and response specifics to the new file
- Add the tool to
func newServer()incmd/main.go
Usage
-
Get your Netbird API token from the Netbird management console.
-
Install the
mcp-netbirdbinary using one of the installation methods above. Make sure the binary is in your PATH. -
Add the server configuration to your client configuration file. E.g., for Codeium Windsurf add the following to
~/.codeium/windsurf/mcp_config.json:{ "mcpServers": { "netbird": { "command": "mcp-netbird", "args": [], "env": { "NETBIRD_API_TOKEN": "<your-api-token>" } } } }
For more information on how to add a similar configuration to Claude Desktop, see here.
Note: if you see something along the lines of
[netbird] [error] spawn mcp-netbird ENOENTin Claude Desktop logs, you need to specify the full path tomcp-netbird. On macOS Claude Logs are in~/Library/Logs/Claude.
- Try asking questions along the lines of "Can you explain my Netbird peers, groups and policies to me?"
Docker
Build an image and tag it:
docker build -t mcp-netbird-sse:v1 -f Dockerfile.sse .
Run the image:
docker run --name mcp-netbird -p 8001:8001 -e NETBIRD_API_TOKEN=<your-api-token> mcp-netbird-sse:v1
ToolHive
ToolHive (thv) is a lightweight utility designed to simplify the deployment and management of MCP servers.
You can use ToolHive to deploy and run Netbird MCP as follows:
-
Install
thvas described in ToolHive README. -
Add Netbird API token to
thvsecrets:
thv secret set netbird
-
Build an SSE image as described in the Docker section above
-
Start Netbird MCP with
thv runon port 8080:
thv run --secret netbird,target=NETBIRD_API_TOKEN --transport sse --name thv-mcp-netbird --port 8080 --target-port 8001 mcp-netbird-sse:v1
- When you want to stop the server, use:
thv stop thv-mcp-netbird
Development
Contributions are welcome! Please open an issue or submit a pull request if you have any suggestions or improvements.
This project is written in Go. Install Go following the instructions for your platform.
To run the server manually, use:
export NETBIRD_API_TOKEN=your-token && \
go run cmd/mcp-netbird/main.go
Or in SSE mode:
export NETBIRD_API_TOKEN=your-token && \
go run cmd/mcp-netbird/main.go --transport sse --sse-address :8001
Debugging
The MCP Inspector is an interactive developer tool for testing and debugging MCP servers. Read more about it here.
Here's how to start the MCP Inspector:
export NETBIRD_API_TOKEN=your-token && \
npx @modelcontextprotocol/inspector
Netbird MCP Server can then be tested with either stdio or SSE transport type. For stdio specify the full path to mcp-netbird in the UI.
Testing
TODO: add more tests
Linting
To lint the code, run:
make lint
License
This project is licensed under the Apache License, Version 2.0.
This project includes software developed at Grafana Labs (https://grafana.com/).
This project includes software developed at Mark III Labs (https://github.com/mark3labs/mcp-go).
Related Servers
Aiven
Navigate your Aiven projects and interact with the PostgreSQL®, Apache Kafka®, ClickHouse® and OpenSearch® services
AWS Bedrock KB Retrieval
Query Amazon Bedrock Knowledge Bases using natural language to retrieve relevant information from your data sources.
AWS CDK
Get prescriptive CDK advice, explain CDK Nag rules, check suppressions, generate Bedrock Agent schemas, and discover AWS Solutions Constructs patterns.
AWS Core
Core AWS MCP server providing prompt understanding and server management capabilities.
AWS Cost Analysis
Analyze CDK projects to identify AWS services used and get pricing information from AWS pricing webpages and API.
AWS Documentation
Fetch, convert, and search AWS documentation pages, with recommendations for related content.
AWS Nova Canvas
Generate images using Amazon Nova Canvas with text prompts and color guidance.
Cloudflare
Deploy, configure & interrogate your resources on the Cloudflare developer platform (e.g. Workers/KV/R2/D1)
Convex
Introspect and query your apps deployed to Convex.
DataWorks
A Model Context Protocol (MCP) server that provides tools for AI, allowing it to interact with the DataWorks Open API through a standardized interface. This implementation is based on the Aliyun Open API and enables AI agents to perform cloud resources operations seamlessly.