From d8de837c607acf1a233ed2e2c1913e1a0d566ed2 Mon Sep 17 00:00:00 2001 From: Joseph Henry Date: Tue, 27 Aug 2019 14:43:30 -0700 Subject: [PATCH 1/6] LinuxEthernetTap addIps virtual function fix for SYNOLOGY builds --- osdep/EthernetTap.hpp | 1 + osdep/LinuxEthernetTap.cpp | 10 +++++----- osdep/LinuxEthernetTap.hpp | 4 +--- service/OneService.cpp | 3 ++- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/osdep/EthernetTap.hpp b/osdep/EthernetTap.hpp index 26503de0e..e39b41509 100644 --- a/osdep/EthernetTap.hpp +++ b/osdep/EthernetTap.hpp @@ -45,6 +45,7 @@ public: virtual void setEnabled(bool en) = 0; virtual bool enabled() const = 0; virtual bool addIp(const InetAddress &ip) = 0; + virtual bool addIps(std::vector ips) = 0; virtual bool removeIp(const InetAddress &ip) = 0; virtual std::vector ips() const = 0; virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len) = 0; diff --git a/osdep/LinuxEthernetTap.cpp b/osdep/LinuxEthernetTap.cpp index 06a87bdcb..b340561ed 100644 --- a/osdep/LinuxEthernetTap.cpp +++ b/osdep/LinuxEthernetTap.cpp @@ -261,10 +261,9 @@ static bool ___removeIp(const std::string &_dev,const InetAddress &ip) return true; } -#ifdef __SYNOLOGY__ -bool LinuxEthernetTap::addIpSyn(std::vector ips) +bool LinuxEthernetTap::addIps(std::vector ips) { - // Here we fill out interface config (ifcfg-dev) to prevent it from being killed +#ifdef __SYNOLOGY__ std::string filepath = "/etc/sysconfig/network-scripts/ifcfg-"+_dev; std::string cfg_contents = "DEVICE="+_dev+"\nBOOTPROTO=static"; int ip4=0,ip6=0,ip4_tot=0,ip6_tot=0; @@ -292,13 +291,14 @@ bool LinuxEthernetTap::addIpSyn(std::vector ips) } } OSUtils::writeFile(filepath.c_str(), cfg_contents.c_str(), cfg_contents.length()); - // Finaly, add IPs + // Finally, add IPs for(int i=0; i<(int)ips.size(); i++){ LinuxNetLink::getInstance().addAddress(ips[i], _dev.c_str()); } return true; -} #endif // __SYNOLOGY__ + return false; +} bool LinuxEthernetTap::addIp(const InetAddress &ip) { diff --git a/osdep/LinuxEthernetTap.hpp b/osdep/LinuxEthernetTap.hpp index 3660fb39f..7503c5231 100644 --- a/osdep/LinuxEthernetTap.hpp +++ b/osdep/LinuxEthernetTap.hpp @@ -46,9 +46,7 @@ public: virtual void setEnabled(bool en); virtual bool enabled() const; virtual bool addIp(const InetAddress &ip); -#ifdef __SYNOLOGY__ - bool addIpSyn(std::vector ips); -#endif + virtual bool addIps(std::vector ips); virtual bool removeIp(const InetAddress &ip); virtual std::vector ips() const; virtual void put(const MAC &from,const MAC &to,unsigned int etherType,const void *data,unsigned int len); diff --git a/service/OneService.cpp b/service/OneService.cpp index 77b60b37e..f3ec3e665 100644 --- a/service/OneService.cpp +++ b/service/OneService.cpp @@ -1715,8 +1715,9 @@ public: } } #ifdef __SYNOLOGY__ - if (!n.tap->addIpSyn(newManagedIps)) + if (!n.tap->addIps(newManagedIps)) { fprintf(stderr,"ERROR: unable to add ip addresses to ifcfg" ZT_EOL_S); + } #else for(std::vector::iterator ip(newManagedIps.begin());ip!=newManagedIps.end();++ip) { if (std::find(n.managedIps.begin(),n.managedIps.end(),*ip) == n.managedIps.end()) { From e51cf0d4d28605a0663cb14345378075868df1e6 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Tue, 27 Aug 2019 15:14:55 -0700 Subject: [PATCH 2/6] moved elsewhere for controller builds --- docker/Dockerfile | 19 ----------- docker/main.sh | 80 ----------------------------------------------- 2 files changed, 99 deletions(-) delete mode 100644 docker/Dockerfile delete mode 100644 docker/main.sh diff --git a/docker/Dockerfile b/docker/Dockerfile deleted file mode 100644 index ae3eed6b6..000000000 --- a/docker/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -# Dockerfile for ZeroTier Central Controllers -FROM centos:7 -MAINTAINER Adam Ierymekno , Grant Limberg - -RUN yum update -y -RUN yum install -y https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm -RUN yum install -y bash postgresql10 libpqxx-devel librabbitmq -RUN yum clean all - -#RUN yum -y install epel-release && yum -y update && yum clean all -#RUN yum -y install clang jemalloc jemalloc-devel - -ADD zerotier-one /usr/local/bin/zerotier-one -RUN chmod a+x /usr/local/bin/zerotier-one - -ADD docker/main.sh / -RUN chmod a+x /main.sh - -ENTRYPOINT /main.sh diff --git a/docker/main.sh b/docker/main.sh deleted file mode 100644 index b8d3b142c..000000000 --- a/docker/main.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/bash - -if [ -z "$ZT_IDENTITY_PATH" ]; then - echo '*** FAILED: ZT_IDENTITY_PATH environment variable is not defined' - exit 1 -fi -if [ -z "$ZT_DB_HOST" ]; then - echo '*** FAILED: ZT_DB_HOST environment variable not defined' - exit 1 -fi -if [ -z "$ZT_DB_PORT" ]; then - echo '*** FAILED: ZT_DB_PORT environment variable not defined' - exit 1 -fi -if [ -z "$ZT_DB_NAME" ]; then - echo '*** FAILED: ZT_DB_NAME environment variable not defined' - exit 1 -fi -if [ -z "$ZT_DB_USER" ]; then - echo '*** FAILED: ZT_DB_USER environment variable not defined' - exit 1 -fi -if [ -z "$ZT_DB_PASSWORD" ]; then - echo '*** FAILED: ZT_DB_PASSWORD environment variable not defined' - exit 1 -fi - -RMQ="" -if [ "$ZT_USE_RABBITMQ" == "true" ]; then - if [ -z "$RABBITMQ_HOST" ]; then - echo '*** FAILED: RABBITMQ_HOST environment variable not defined' - exit 1 - fi - if [ -z "$RABBITMQ_PORT" ]; then - echo '*** FAILED: RABBITMQ_PORT environment variable not defined' - exit 1 - fi - if [ -z "$RABBITMQ_USERNAME" ]; then - echo '*** FAILED: RABBITMQ_USERNAME environment variable not defined' - exit 1 - fi - if [ -z "$RABBITMQ_PASSWORD" ]; then - echo '*** FAILED: RABBITMQ_PASSWORD environment variable not defined' - exit 1 - fi - RMQ=", \"rabbitmq\": { - \"host\": \"${RABBITMQ_HOST}\", - \"port\": ${RABBITMQ_PORT}, - \"username\": \"${RABBITMQ_USERNAME}\", - \"password\": \"${RABBITMQ_PASSWORD}\" - }" -fi - -mkdir -p /var/lib/zerotier-one - -pushd /var/lib/zerotier-one -ln -s $ZT_IDENTITY_PATH/identity.public identity.public -ln -s $ZT_IDENTITY_PATH/identity.secret identity.secret -popd - -DEFAULT_PORT=9993 - -echo "{ - \"settings\": { - \"portMappingEnabled\": true, - \"softwareUpdate\": \"disable\", - \"interfacePrefixBlacklist\": [ - \"inot\", - \"nat64\" - ], - \"controllerDbPath\": \"postgres:host=${ZT_DB_HOST} port=${ZT_DB_PORT} dbname=${ZT_DB_NAME} user=${ZT_DB_USER} password=${ZT_DB_PASSWORD} sslmode=prefer sslcert=${DB_CLIENT_CERT} sslkey=${DB_CLIENT_KEY} sslrootcert=${DB_SERVER_CA}\" - ${RMQ} - } -} -" > /var/lib/zerotier-one/local.conf - -export GLIBCXX_FORCE_NEW=1 -export GLIBCPP_FORCE_NEW=1 -export LD_PRELOAD="/usr/lib64/libjemalloc.so" -exec /usr/local/bin/zerotier-one -p${ZT_CONTROLLER_PORT:-$DEFAULT_PORT} /var/lib/zerotier-one From 5cda292d159db9ebd2ce0b208b16fd4e120b95ca Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Tue, 27 Aug 2019 15:16:05 -0700 Subject: [PATCH 3/6] comment out `docker` docker target from makefile because broken --- make-linux.mk | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/make-linux.mk b/make-linux.mk index d48697067..60dd2c7cd 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -331,9 +331,9 @@ realclean: distclean official: FORCE make -j4 ZT_OFFICIAL=1 all -docker: FORCE - make clean ; make -j4 one - docker build -f docker/Dockerfile . +#docker: FORCE +# make clean ; make -j4 one +# docker build -f docker/Dockerfile . central-controller: FORCE make -j4 LDLIBS="-L/usr/pgsql-10/lib/ -lpq -Lext/librabbitmq/centos_x64/lib/ -lrabbitmq" CXXFLAGS="-I/usr/pgsql-10/include -I./ext/librabbitmq/centos_x64/include -fPIC" DEFS="-DZT_CONTROLLER_USE_LIBPQ -DZT_CONTROLLER" ZT_OFFICIAL=1 ZT_USE_X64_ASM_ED25519=1 one From ddc904a50246ef9350f99c3c3e952527a7f7dd8d Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Tue, 27 Aug 2019 15:27:41 -0700 Subject: [PATCH 4/6] remove docker line from readme --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 3b9326ace..b571459d0 100644 --- a/README.md +++ b/README.md @@ -32,7 +32,6 @@ The base path contains the ZeroTier One service main entry point (`one.cpp`), se - `controller/`: the reference network controller implementation, which is built and included by default on desktop and server build targets. - `debian/`: files for building Debian packages on Linux. - `doc/`: manual pages and other documentation. - - `docker/`: Dockerfile to build as a container for containerized Linux systems and Kubernetes clusters. - `ext/`: third party libraries, binaries that we ship for convenience on some platforms (Mac and Windows), and installation support files. - `include/`: include files for the ZeroTier core. - `java/`: a JNI wrapper used with our Android mobile app. (The whole Android app is not open source but may be made so in the future.) From e5bf4565da8e83526797e75d0d594cb4f16ece24 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Tue, 27 Aug 2019 15:43:11 -0700 Subject: [PATCH 5/6] readme in central controller docker folder --- ext/central-controller-docker/README.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ext/central-controller-docker/README.md diff --git a/ext/central-controller-docker/README.md b/ext/central-controller-docker/README.md new file mode 100644 index 000000000..a954b1c37 --- /dev/null +++ b/ext/central-controller-docker/README.md @@ -0,0 +1,3 @@ +# ZeroTier Central Controller Docker Image + +Dockerfile & startup script for use with [ZeroTier Central](https://my.zerotier.com). Not intended for public use. From 1cf953c046cb001c1860826793c3e84e1a2d2911 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Tue, 27 Aug 2019 16:57:07 -0700 Subject: [PATCH 6/6] working docker image for end users. GitHub Issue #1013 --- .../linux/zerotier-containerized/Dockerfile | 12 ++++-------- make-linux.mk | 5 ++--- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/ext/installfiles/linux/zerotier-containerized/Dockerfile b/ext/installfiles/linux/zerotier-containerized/Dockerfile index fd18eebb7..3d580566c 100644 --- a/ext/installfiles/linux/zerotier-containerized/Dockerfile +++ b/ext/installfiles/linux/zerotier-containerized/Dockerfile @@ -7,17 +7,13 @@ FROM debian:buster-slim as builder RUN apt-get update && apt-get install -y curl gnupg RUN apt-key adv --keyserver ha.pool.sks-keyservers.net --recv-keys 0x1657198823e52a61 && \ echo "deb http://download.zerotier.com/debian/buster buster main" > /etc/apt/sources.list.d/zerotier.list -RUN apt-get update && apt-get install -y zerotier-one=1.2.12 -RUN curl https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/ext/installfiles/linux/zerotier-containerized/main.sh > /var/lib/zerotier-one/main.sh +RUN apt-get update && apt-get install -y zerotier-one=1.4.4 +COPY ext/installfiles/linux/zerotier-containerized/main.sh /var/lib/zerotier-one/main.sh -FROM alpine:latest -LABEL version="1.2.12" +FROM debian:buster-slim +LABEL version="1.4.4" LABEL description="Containerized ZeroTier One for use on CoreOS or other Docker-only Linux hosts." -# Uncomment to build in container -# RUN apk add --update alpine-sdk linux-headers -RUN apk add --update libgcc libstdc++ - # ZeroTier relies on UDP port 9993 EXPOSE 9993/udp diff --git a/make-linux.mk b/make-linux.mk index 60dd2c7cd..0fe1f0518 100644 --- a/make-linux.mk +++ b/make-linux.mk @@ -331,9 +331,8 @@ realclean: distclean official: FORCE make -j4 ZT_OFFICIAL=1 all -#docker: FORCE -# make clean ; make -j4 one -# docker build -f docker/Dockerfile . +docker: FORCE + docker build -f ext/installfiles/linux/zerotier-containerized/Dockerfile -t zerotier-containerized . central-controller: FORCE make -j4 LDLIBS="-L/usr/pgsql-10/lib/ -lpq -Lext/librabbitmq/centos_x64/lib/ -lrabbitmq" CXXFLAGS="-I/usr/pgsql-10/include -I./ext/librabbitmq/centos_x64/include -fPIC" DEFS="-DZT_CONTROLLER_USE_LIBPQ -DZT_CONTROLLER" ZT_OFFICIAL=1 ZT_USE_X64_ASM_ED25519=1 one