-
-
Save mdPlusPlus/0f6285c6402aa4aff4aa4a9e5dfc38c0 to your computer and use it in GitHub Desktop.
| FROM ubuntu:latest | |
| LABEL \ | |
| maintainer="mdPlusPlus" \ | |
| description="Host your own ZeroTier network controller and manage it via ztncui." | |
| # Avoid tzdata configuration | |
| ARG DEBIAN_FRONTEND=noninteractive | |
| # Dependencies | |
| ## TODO Figure out how to always get latest Node.js LTS release | |
| RUN \ | |
| apt update && \ | |
| apt install -y --no-install-recommends curl g++ git gpg gpg-agent make && \ | |
| curl -sL https://deb.nodesource.com/setup_12.x | bash - && \ | |
| apt install -y --no-install-recommends nodejs npm ca-certificates && \ | |
| npm install -g npm && \ | |
| npm install -g node-gyp && \ | |
| curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg' | gpg --import ; \ | |
| apt clean && \ | |
| rm -rf /var/lib/apt/lists/* | |
| # User (so zerotier-one is not using the reserved id 999) | |
| RUN \ | |
| groupadd -g 2000 zerotier-one && \ | |
| useradd -u 2000 -g 2000 zerotier-one && \ | |
| mkdir -p /home/zerotier-one && \ | |
| chown -R zerotier-one:zerotier-one /home/zerotier-one | |
| # ZeroTier-One | |
| RUN \ | |
| if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | bash; fi; exit 0 | |
| # ztncui | |
| RUN \ | |
| mkdir -p /opt/ztncui && chown zerotier-one:zerotier-one /opt/ztncui && \ | |
| su zerotier-one -c "git clone https://github.com/key-networks/ztncui /opt/ztncui && \ | |
| cd /opt/ztncui/src && \ | |
| mv -v etc/default.passwd ../passwd.orig && \ | |
| echo 'HTTPS_PORT=3443' >> .env" && \ | |
| su zerotier-one -c "cd /opt/ztncui/src && npm install" | |
| # Clean | |
| ## TODO | |
| # Volumes | |
| VOLUME ["/var/lib/zerotier-one/"] | |
| VOLUME ["/opt/ztncui/src/etc/"] | |
| # Ports | |
| # HTTP: | |
| #EXPOSE 3000/tcp | |
| # HTTPS: | |
| EXPOSE 3443/tcp | |
| # Start | |
| CMD \ | |
| chown -R zerotier-one:zerotier-one /var/lib/zerotier-one/ /opt/ztncui/src/etc/ && \ | |
| su zerotier-one -c "zerotier-one -U -d" && \ | |
| while [ ! -f /var/lib/zerotier-one/authtoken.secret ]; do sleep 1; done && \ | |
| chmod g+r /var/lib/zerotier-one/authtoken.secret && \ | |
| su zerotier-one -c "mkdir -p /opt/ztncui/src/etc/tls" && \ | |
| if [ ! -f /opt/ztncui/src/etc/passwd ]; then su zerotier-one -c "mv -v /opt/ztncui/passwd.orig /opt/ztncui/src/etc/passwd"; fi && \ | |
| if [ ! -f /opt/ztncui/src/etc/tls/privkey.pem ]; then su zerotier-one -c "openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout /opt/ztncui/src/etc/tls/privkey.pem -out /opt/ztncui/src/etc/tls/fullchain.pem -subj '/C=XY/ST=XY/L=XY/O=XY/OU=XY/CN=XY'"; fi && \ | |
| su zerotier-one -c "cd /opt/ztncui/src && npm start" |
I didn't really "move on". It just struck my curiosity and I wanted to play with it a little. I'd definitely consider it in the future if I ever need the functionality again. However, there are other solutions (Nebula, TOR, I2P) I have to try out first to make a competent decision.
Feel free to drop a link if you ever publish your own version.
New version fixes key-networks/ztncui-containerized#8.
Would you mind also updating the docker hub image please? => https://hub.docker.com/r/mdplusplus/zerotier-network-controller-ui
I am struggling using your Dockerfile to build my own. My first try to build something on my own :-)
Should already be up-to-date (Updated 10 days ago)
Should already be up-to-date (
Updated 10 days ago)
Thanks but that is weird, I obviously checked before posting the docker hub link and asking you if you would update. Must have been the internet gremlins hiding that update from me :-)
Excellent. Thanks so much @mdPlusPlus.
Hi there. This is a great tool. I'm testing it right now. One question, how do I set flow rules in the network?
Thank you
Not implemented in ztcui, you have to directly speak to the zerotier-one instance (I think JSON-RPC?). There was a pull request to get this feature merged into ztncui, but it was never cleanly submitted and the author has gone silent.
If anyone is willing to clean that up, I'm sure @key-networks would be willing to merge it: key-networks/ztncui#21
seems the zt version of this image is still 1.4.6 - would you mind updating the image to 1.6.2 please? I am still clueless on how to use your dockerfile and build my own.
https://hub.docker.com/r/keynetworks/ztncui now contains zerotier-one-1.6.2, no longer needs --cap-add=NET_ADMIN and avoids UID/GID clashes in Ubuntu.
so I can switch from using
image: mdplusplus/zerotier-network-controller-ui
to
image: keynetworks/ztncui:latest
as you have included all the same fixes in your image?
In theory, yes. Just test and let us know how it goes.
Good to back up your data beforehand.
@key-networks: Good to see you still working on that project!
@mdPlusPlus: Thanks for your help with identifying the previous issues.
thx. I am trying to build my own, based on your Dockerfile and keep it updated. No upload to hub.docker.com, just for my personal use.
Just curios, are you still using zerotier and this image or did you move on?