20220811 ZeroTier - old-menu branch - PR 2 of 2

Paraphraser · Paraphraser · commit 51fa1dcae0f4 · 2022-08-11T23:01:28.000+10:00
Adds first cut of ZeroTier in the form of two containers:

* ZeroTier-client from `zyclonite:zerotier`
* ZeroTier-router from `zyclonite:zerotier-router`

The two containers are mutually exclusive (no menu check - docker-compose
will complain about port conflicts). My guess is that IOTstack users will
generally prefer the router because it is closer to WireGuard
functionality, and is likely what an IOTstack user will be looking for
if they find themselves stuck behind CGNAT.

ZeroTier-client is the standard client. Has no environment variables or
other preconfiguration. Needs to be instructed to join the user's
ZeroTier network after first launch. Otherwise works "as is".

ZeroTier-router is built on top of ZeroTier-client and adds management
of iptables rules at startup/shutdown to support routing to/from the
local network. Has environment variables with defaults appropriate for
IOTstack.

Adds documentation stub pointing to master branch wiki.

Signed-off-by: Phill Kelley &lt;34226495+Paraphraser@users.noreply.github.com&gt;
diff --git a/.templates/zerotier-client/service.yml b/.templates/zerotier-client/service.yml
@@ -0,0 +1,12 @@
+  zerotier-client:
+    image: zyclonite/zerotier
+    container_name: zerotier
+    devices:
+      - /dev/net/tun
+    network_mode: host
+    volumes:
+      - /var/lib/zerotier-one:/var/lib/zerotier-one
+    cap_add:
+      - NET_ADMIN
+      - SYS_ADMIN
+
diff --git a/.templates/zerotier-router/service.yml b/.templates/zerotier-router/service.yml
@@ -0,0 +1,22 @@
+  zerotier-router:
+    image: zyclonite/zerotier:router
+    container_name: zerotier
+    devices:
+      - /dev/net/tun
+    network_mode: host
+    volumes:
+      - /var/lib/zerotier-one:/var/lib/zerotier-one
+    cap_add:
+      - NET_ADMIN
+      - SYS_ADMIN
+      - NET_RAW
+    restart: unless-stopped
+    environment:
+      - TZ=Etc/UTC
+      - ZEROTIER_ONE_LOCAL_PHYS=eth0
+    # - ZEROTIER_ONE_NETWORK_IDS=yourNetworkID
+      - ZEROTIER_ONE_USE_IPTABLES_NFT=true
+      - ZEROTIER_ONE_GATEWAY_MODE=both
+      - PUID=1000
+      - PGID=1000
+
diff --git a/docs/Containers/ZeroTier.md b/docs/Containers/ZeroTier.md
@@ -0,0 +1,3 @@
+# ZeroTier
+
+This is the old-menu branch documentation. Please refer to [this page of the IOTstack Wiki](https://sensorsiot.github.io/IOTstack/Containers/ZeroTier/).
diff --git a/menu.sh b/menu.sh
@@ -59,6 +59,8 @@ declare -A cont_array=(
 	[dozzle]="Dozzle"
 	[octoprint]="OctoPrint"
 	[wireguard]="Wireguard"
+	[zerotier-client]="ZeroTier-client"
+	[zerotier-router]="ZeroTier-router"
 	[heimdall]="Heimdall Application Dashboard"
 	[dashmachine]="DashMachine"
 	[homer]="Homer"
@@ -105,6 +107,8 @@ declare -a keylist=(
 	"dozzle"
 	"octoprint"
 	"wireguard"
+	"zerotier-client"
+	"zerotier-router"
 	"heimdall"
 	"dashmachine"
 	"homer"

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# ZeroTier`
	`2`	`+`
	`3`	`+This is the old-menu branch documentation. Please refer to [this page of the IOTstack Wiki](https://sensorsiot.github.io/IOTstack/Containers/ZeroTier/).`