1.2.0pre

Author: tiredofit

Containerfile

@@ -57,6 +57,7 @@ RUN echo "" && \
                             " \
                         && \
     ZT_NET_RUN_DEPS_ALPINE=" \
+                                moreutils \
                                 nodejs \
                                 npm \
                                 postgresql-client \
@@ -76,22 +77,22 @@ RUN echo "" && \
     package build go && \
     \
     clone_git_repo "${ZEROTIER_REPO_URL}" "${ZEROTIER_VERSION}" /usr/src/zerotier && \
-    #build_assets src /build-assets/zerotier/src /usr/src/zerotier && \
-    #build_assets scripts /build-assets/zerotier/scripts && \
+    build_assets src /build-assets/zerotier/src "${GIT_REPO_SRC_ZEROTIER}" && \
+    build_assets scripts /build-assets/zerotier/scripts && \
     \
-    #if [ -d "/build-assets/zerotier/src" ] ; then cp -Rp /build-assets/zerotier/src/* /usr/src/ztnet ; fi; \
-    #if [ -d "/build-assets/zerotier/scripts" ] ; then for script in /build-assets/zerotier/scripts/*.sh; do echo "** Applying $script"; bash $script; done && \ ; fi ; \
+    cd "${GIT_REPO_SRC_ZEROTIER}" && \
     sed -i "s|ZT_SSO_SUPPORTED=1|ZT_SSO_SUPPORTED=0|g" make-linux.mk && \
     make -j $(nproc) -f make-linux.mk ZT_NONFREE=1 ZT_CONTROLLER=0 && \
     make install && \
     rm -rf /var/lib/zerotier-one && \
     container_build_log add "Zerotier" "${ZEROTIER_VERSION}" "${ZEROTIER_REPO_URL}" && \
     \
     clone_git_repo "${ZT_NET_REPO_URL}" "${ZT_NET_VERSION}" /usr/src/ztnet && \
-    #build_assets src /build-assets/zt-net/src /usr/src/ztnet && \
-    #build_assets scripts /build-assets/zt-net/scripts && \
-    #if [ -d "/build-assets/zt-net/src" ] ; then cp -aRp /build-assets/zt-net/src/* /usr/src/ztnet ; fi; \
-    #if [ -d "/build-assets/zt-net/scripts" ] ; then for script in /build-assets/zt-net/scripts/*.sh; do echo "** Applying $script"; bash $script; done && \ ; fi ; \
+    build_assets src /build-assets/zt-net/src /usr/src/ztnet && \
+    build_assets scripts /build-assets/zt-net/scripts && \
+    cd /usr/src/ztnet/ztnodeid && \
+    go mod tidy && \
+    go build -ldflags='-s -w' -trimpath -o /usr/local/bin/ztmkworld cmd/mkworld/main.go && \
     cd /usr/src/ztnet && \
     npm install \
             @prisma/[email protected] \
@@ -104,12 +105,8 @@ RUN echo "" && \
                 && \
     npx prisma generate && \
     npm ci && \
-    SKIP_ENV_VALIDATION=1 npm run build && \
-    cd /usr/src/ztnet/ztnodeid && \
-    go mod tidy && \
-    go build -ldflags='-s -w' -trimpath -o /usr/bin/ztmkworld cmd/mkworld/main.go && \
-    cd /usr/src/ztnet && \
-    mkdir -p /app /app/.next && \
+    SKIP_ENV_VALIDATION=1 npm run build:webpack && \
+    mkdir -p /app/.next && \
     cp next.config.mjs package.json /app/ && \
     cp -R \
             public \
@@ -128,9 +125,9 @@ RUN echo "" && \
         /app/.next/ && \
     cd /app && \
     npm install \
-            @prisma/client \
-            @paralleldrive/cuid2 \
-            && \
+                @prisma/client@6.16.3 \
+                @paralleldrive/cuid2 \
+                && \
     \
     container_build_log add "ZT Net" "${ZT_NET_VERSION}" "${ZT_NET_REPO_URL}" && \
     echo "${ZT_NET_VERSION}" > /app/.ztnet-version && \

README.md

@@ -90,10 +90,10 @@ Images are built for `amd64` by default, with optional support for `arm64` and o
 
 The following directories are used for configuration and can be mapped for persistent storage.
 
-| Directory | Description                   |
-| --------- | ----------------------------- |
-| `/data/`  | ZeroTier state information    |
-| `/logs/`  | zerotier Log Output Directory |
+| Directory | Description                |
+| --------- | -------------------------- |
+| `/data/`  | ZeroTier state information |
+| `/logs/`  | Log Output Directory       |
 
 ### Environment Variables
 
@@ -128,6 +128,7 @@ Below is the complete list of available options that can be used to customize yo
 | `CONTROLLER_ENABLE_PORT_MAPPING`      | Enable Port mapping                                            | `TRUE`              |         |
 | `CONTROLLER_LISTEN_PORT`              | Zerotier Controller listen port                                | `9993`              |         |
 | `CONTROLLER_LOG_FILE`                 | Controller Log File                                            | `controller.log`    |         |
+| `CONTROLLER_LOG_PATH`                 | Where to store logs                                            | `/logs/zerotier/`   |         |
 | `CONTROLLER_MANAGEMENT_NETWORKS`      | Comma seperated value of networks allowed to manage controller | `0.0.0.0/0`         |         |
 | `CONTROLLER_USER`                     | What username to run controller as                             | `root`              |         |
 | `CONTROLLER_NETWORK`                  | (optional) Networks to join as Controller                      |                     | x       |
@@ -136,19 +137,24 @@ Below is the complete list of available options that can be used to customize yo
 
 #### UI Options
 
-| Variable            | Description                                        | Default                                      | `_FILE` |
-| ------------------- | -------------------------------------------------- | -------------------------------------------- | ------- |
-| `ENABLE_NGINX`      | If wanting to use Nginx as proxy to UI_LISTEN_PORT | `TRUE`                                       |         |
-| `NGINX_LISTEN_PORT` | Nginx Listening Port                               | `80`                                         |         |
-| `UI_CONTROLLER_URL` | How can the UI access the controller               | `http://localhost:${CONTROLLER_LISTEN_PORT}` |         |
-| `UI_DB_HOST`        | DB Host for Postgresql                             |                                              | x       |
-| `UI_DB_NAME`        | DB Name for UI                                     |                                              | x       |
-| `UI_DB_PASS`        | Password for UI_DB_USER                            |                                              | x       |
-| `UI_DB_PORT`        | DB Port for Postgresql                             | `5432`                                       | x       |
-| `UI_DB_USER`        | DB User for UI_DB_NAME                             |                                              | x       |
-| `UI_LISTEN_PORT`    | What port for the UI to listen on                  | `3000`                                       |         |
-| `UI_SECRET`         | Random secret for session and cookie storage       | `random`                                     | x       |
-| `UI_SITE_NAME`      | Site name to display on UI                         | `ZTNET`                                      |         |
+| Variable            | Description                                                    | Default                                      | `_FILE` |
+| ------------------- | -------------------------------------------------------------- | -------------------------------------------- | ------- |
+| `ENABLE_NGINX`      | If wanting to use Nginx as proxy to UI_LISTEN_PORT/UI_HOSTNAME | `TRUE`                                       |         |
+| `NGINX_LISTEN_PORT` | Nginx Listening Port                                           | `80`                                         |         |
+| `UI_CONTROLLER_URL` | How can the UI access the controller                           | `http://127.0.0.1:${CONTROLLER_LISTEN_PORT}` |         |
+| `UI_DB_HOST`        | DB Host for Postgresql                                         |                                              | x       |
+| `UI_DB_NAME`        | DB Name for UI                                                 |                                              | x       |
+| `UI_DB_PASS`        | Password for UI_DB_USER                                        |                                              | x       |
+| `UI_DB_PORT`        | DB Port for Postgresql                                         | `5432`                                       | x       |
+| `UI_DB_USER`        | DB User for UI_DB_NAME                                         |                                              | x       |
+| `UI_HOSTNAME`       | (nginx) Internal hostname to access UI for proxy purposes      | `(container_hostname)`                       | x       |
+| `UI_LISTEN_PORT`    | What port for the UI to listen on                              | `3000`                                       |         |
+| `UI_LOG_FILE`       | UI Log File                                                    | `ztnet.log`                                  |         |
+| `UI_LOG_PATH`       | Where to store logs                                            | `/logs/ui/`                                  |         |
+| `UI_PROTOCOL`       | (nginx) Protocol to use for proxy                              | `http`                                       | x       |
+| `UI_SECRET`         | Random secret for session and cookie storage                   | `random`                                     | x       |
+| `UI_SITE_NAME`      | Site name to display on UI                                     | `ZTNET`                                      |         |
+| `UI_USER`           | Run UI as this user                                            | `zerotier`                                   |         |
 
 #### DNS Options
 

examples/compose.yml

@@ -16,8 +16,6 @@ services:
       - ./logs:/logs
     environment:
       - TIMEZONE=America/Vancouver
-      - CONTAINER_NAME=zerotier-app
-      - CONTAINER_ENABLE_MONITORING=FALSE
 
       - MODE=CONTROLLER,UI
 
@@ -36,13 +34,13 @@ services:
     restart: always
 
   zerotier-db:
-    image: docker.io/tiredofit/postgres:17
+    image: docker.io/nfrastack/postgres:18
     container_name: zerotier-db
     volumes:
-      - ./db:/var/lib/postgresql/data
+      - ./logs:/logs
+      - ./db:/data
     environment:
       - TIMEZONE=America/Vancouver
-      - CONTAINER_NAME=zerotier-db
 
       - SUPERUSER_PASS=password
       - DB_NAME=zerotier

rootfs/container/defaults/20-zerotier

@@ -2,18 +2,26 @@
 #
 # SPDX-License-Identifier: MIT
 
+LOG_PATH=${LOG_PATH:-"/logs/"}
+LOG_TYPE=${LOG_TYPE:-"FILE"}
+#
 CONTROLLER_ALLOW_TCP_FALLBACK_RELAY=${CONTROLLER_ALLOW_TCP_FALLBACK_RELAY:-"TRUE"}
 CONTROLLER_DATA_PATH=${CONTROLLER_DATA_PATH:-"/data/controller/"}
 CONTROLLER_ENABLE_METRICS=${CONTROLLER_ENABLE_METRICS:-"FALSE"}
 CONTROLLER_ENABLE_PORT_MAPPING=${CONTROLLER_ENABLE_PORT_MAPPING:-"TRUE"}
 CONTROLLER_LISTEN_PORT=${CONTROLLER_LISTEN_PORT:-"9993"}
-CONTROLLER_LOG_FILE=${CONTROLLER_LOG_FILE:-"controller.log"}
+CONTROLLER_LOG_PATH=${CONTROLLER_LOG_PATH:-"${LOG_PATH%/}/controller/"}
+CONTROLLER_LOG_FILE=${CONTROLLER_LOG_FILE:-"zerotier.log"}
+CONTROLLER_LOG_TYPE=${CONTROLLER_LOG_TYPE:-"${LOG_TYPE}"}
 CONTROLLER_MANAGEMENT_NETWORKS=${CONTROLLER_MANAGEMENT_NETWORKS:-"127.0.0.1"}
 CONTROLLER_USER=${CONTROLLER_USER:-"root"}
-LOG_PATH=${LOG_PATH:-"/logs/"}
-LOG_TYPE=${LOG_TYPE:-"FILE"}
 MODE=${MODE:-"CONTROLLER,UI"}
+UI_DB_PORT=${UI_DB_PORT:-"5432"}
+UI_HOSTNAME=${UI_HOSTNAME:-"$(hostname)"}
 UI_LISTEN_PORT=${UI_LISTEN_PORT:-"3000"}
+UI_LOG_FILE=${UI_LOG_FILE:-"ztnet.log"}
+UI_LOG_PATH=${UI_LOG_PATH:-"${LOG_PATH%/}/ui/"}
+UI_LOG_TYPE=${UI_LOG_TYPE:-"${LOG_TYPE}"}
+UI_PROTOCOL=${UI_PROTOCOL:-"http"}
 UI_SITE_NAME=${UI_SITE_NAME:-"ZTNET"}
-UI_DB_PORT=${UI_DB_PORT:-"5432"}
-ZEROTIER_USER=${ZEROTIER_USER:-"zerotier"}
+UI_USER=${UI_USER:-"zerotier"}

rootfs/container/functions/20-zerotier

@@ -54,18 +54,22 @@ complete -F _zerotier_zerotier-cli_completions zerotier-cli
 EOF
 }
 
-zerotier_bootstrap_filesystem() {
-        create_folder \
-                            "${CONTROLLER_DATA_PATH}" \
-                            zerotier:root 750
-
-        ln -sf "${CONTROLLER_DATA_PATH}" /var/lib/zerotier-one
-        create_folder \
-                            "${LOG_PATH}" \
-                            zerotier:root 755
-}
+zerotier_controller_configure() {
+    create_folder \
+                    "${CONTROLLER_DATA_PATH}" \
+                    "${CONTROLLER_USER}":root 750
+
+    ln -sf "${CONTROLLER_DATA_PATH}" /var/lib/zerotier-one
+
+    case "${CONTROLLER_LOG_TYPE,,}" in
+        "file" | "both")
+            create_folder \
+                            "${CONTROLLER_LOG_PATH}" \
+                            "${CONTROLLER_USER}":root 750
+            create_logrotate zerotier-controller "${CONTROLLER_LOG_PATH%/}/${CONTROLLER_LOG_FILE}" "${CONTROLLER_USER}" root
+        ;;
+    esac
 
-zerotier_configure_controller() {
     if var_false "${CONTROLLER_ENABLE_METRICS}" ; then ln -sf /dev/null "${CONTROLLER_DATA_PATH%/}"/metrics.prom ; fi
     for management_network in ${CONTROLLER_MANAGEMENT_NETWORKS//,/$IFS}; do
         management_networks=${management_networks}"\"${management_network}\","
@@ -130,25 +134,40 @@ EOF
     fi
 }
 
-zerotier_configure_ui() {
+zerotier_ui_configure() {
     sanity_var UI_SITE_URL "Site URL eg https://example.com"
 
-    sed -i \
-                -e "s|{{UI_LISTEN_PORT}}|${UI_LISTEN_PORT}|g" \
-            /etc/nginx/sites.enabled/${NGINX_SITE_ENABLED}.conf
+    case "${UI_LOG_TYPE,,}" in
+        "file" | "both" )
+            create_folder \
+                    "${UI_LOG_PATH}" \
+                        "${UI_USER}":root 750
+            create_logrotate zt-net "${UI_LOG_PATH%/}/${UI_LOG_FILE}" "${UI_USER}" root
+        ;;
+    esac
 
     transform_var file \
                         DB_HOST \
                         DB_NAME \
                         DB_PASS \
                         DB_PORT \
                         DB_USER \
-                        UI_SECRET \
                         UI_DB_HOST \
                         UI_DB_NAME \
                         UI_DB_PASS \
                         UI_DB_PORT \
-                        UI_DB_USER
+                        UI_DB_USER \
+                        UI_HOSTNAME \
+                        UI_LISTEN_PORT \
+                        UI_PROTOCOL \
+                        UI_SECRET
+
+    update_template \
+                    /etc/nginx/sites.enabled/"${NGINX_SITE_ENABLED}".conf \
+                                                                        UI_HOSTNAME \
+                                                                        UI_LISTEN_PORT \
+                                                                        UI_PROTOCOL \
+                                                                        UI_SITE_URL
 
     if [ -n "${UI_DB_HOST}" ]; then DB_HOST=${DB_HOST:-${UI_DB_HOST}}; fi
     if [ -n "${UI_DB_NAME}" ]; then DB_NAME=${DB_NAME:-${UI_DB_NAME}}; fi
@@ -164,11 +183,11 @@ ZT_ADDR=${ZT_ADDR}
 NEXT_PUBLIC_APP_VERSION=$(grep -o "ADD: ZT Net .* |" /container/build/${IMAGE_NAME/\//_}/build.log | awk '{print $4}')
 EOF
 
-    #envFilename='.env.production'
-    #nextFolder='/app/.next/'
-
     cd /app
     print_info "[ui] Applying migrations to the database"
+    set -a
+    source /app/.env
+    set +a
     silent npx prisma migrate deploy
     silent print_info "[ui] Migrations applied successfully"
 
@@ -187,9 +206,8 @@ PORT=${UI_LISTEN_PORT}
 NEXTAUTH_SECRET=${UI_SECRET}
 AUTH_SECRET=${UI_SECRET}
 NEXT_PUBLIC_SITE_NAME=${UI_SITE_NAME}
+NEXTAUTH_URL_INTERNAL=http://127.0.0.1:${UI_LISTEN_PORT}
 EOF
-
-    update_template /etc/nginx/sites.enabled/ztnet.conf HOSTNAME
 }
 
 zerotier_setup_container_mode() {

rootfs/container/init/init.d/20-zerotier

@@ -9,21 +9,23 @@ SERVICE_NAME="zerotier"
 
 zerotier_setup_container_mode
 zerotier_add_bash_completion
-zerotier_bootstrap_filesystem
+
 
 if check_container_restarted ; then
     if var_true "${ENABLE_CONTROLLER}" ; then
         print_debug "Configuring Controller"
-        zerotier_configure_controller
+        zerotier_controller_configure
     else
         service_stop 20-controller
     fi
 
     if var_true "${ENABLE_UI}" ; then
         print_debug "Configuring UI"
-        zerotier_configure_ui
+
+        zerotier_ui_configure
     else
         service_stop 10-nginx
+        service_stop 11-nginx-config-reload
         service_stop 20-ui
     fi
 

rootfs/container/run/available/20-controller/run

@@ -4,11 +4,39 @@
 # SPDX-License-Identifier: MIT
 
 source /container/base/functions/container/init
-SERVICE_NAME="zerotier-controller"
+SERVICE_NAME="controller"
 prepare_service 20-zerotier
 check_container_initialized
 
-liftoff
+if [ "${CONTROLLER_USER}" != "root" ] ; then
+    sudo_prefix="sudo -u ${CONTROLLER_USER}"
+fi
+
+case "${CONTROLLER_LOG_TYPE,,}" in
+    both )
+        SHOW_OUTPUT=TRUE
+        ${sudo_prefix} touch "${CONTROLLER_LOG_PATH%/}"/"${CONTROLLER_LOG_FILE}"
+    ;;
+    console )
+        SHOW_OUTPUT=TRUE
+        CONTROLLER_LOG_PATH=/dev
+        CONTROLLER_LOG_FILE=null
 
+    ;;
+    file )
+        SHOW_OUTPUT=FALSE
+        ${sudo_prefix} touch "${CONTROLLER_LOG_PATH%/}"/"${CONTROLLER_LOG_FILE}"
+        silent_arg="silent"
+    ;;
+    none )
+        SHOW_OUTPUT=FALSE
+        CONTROLLER_LOG_PATH=/dev
+        CONTROLLER_LOG_FILE=null
+        silent_arg="silent"
+    ;;
+esac
+
+liftoff
 print_start "Starting Zerotier One $(zerotier-cli -v) in Controller Mode"
-silent exec zerotier-one ${ZEROTIER_ARGS}
+exec ${sudo_prefix} \
+                    zerotier-one ${ZEROTIER_ARGS} 2>&1| ts -m '%Y-%m-%dT%H:%M.%S [controller]' | ${silent_arg} ${sudo_prefix} tee -a "${CONTROLLER_LOG_PATH%/}"/"${CONTROLLER_LOG_FILE}"