diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..7623d04d7 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +.git/ +build/ +!build/zerotier diff --git a/CMakeLists.txt b/CMakeLists.txt index 6422c910e..24052fbed 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -142,7 +142,11 @@ set_target_properties( add_executable(zerotier main.cpp) target_include_directories(zerotier PUBLIC ${CMAKE_BINARY_DIR}) add_dependencies(zerotier zerotier_cgo zt_osdep zt_core zt_controller zt_service_io_core) -target_link_libraries(zerotier zerotier_cgo zt_osdep zt_core zt_controller zt_service_io_core) +target_link_libraries(zerotier zerotier_cgo zt_service_io_core zt_core zt_osdep zt_controller ) if (APPLE) target_link_libraries(zerotier "-framework CoreFoundation" "-framework Security") +else(APPLE) + if ("${CMAKE_SYSTEM}" MATCHES "Linux") + target_link_libraries(zerotier "-lpthread" "-lm") + endif ("${CMAKE_SYSTEM}" MATCHES "Linux") endif (APPLE) diff --git a/Makefile b/Makefile index 8210635be..6acaa2fc5 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,5 @@ BUILDDIR := build +TIMESTAMP=$(shell date +"%Y%m%d%H%M") .PHONY: all @@ -20,6 +21,9 @@ central-controller: central-controller-debug: mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Debug -DBUILD_CENTRAL_CONTROLLER=1 && $(MAKE) -j4 +central-controller-docker: + docker build -t registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP} -f controller/central-docker/Dockerfile . + clean: rm -rf ${BUILDDIR} cmake-build-* diff --git a/controller/central-docker/Dockerfile b/controller/central-docker/Dockerfile new file mode 100644 index 000000000..c2cb879ec --- /dev/null +++ b/controller/central-docker/Dockerfile @@ -0,0 +1,28 @@ +# Dockerfile for ZeroTier Central Controllers +FROM centos:8 as builder +MAINTAINER Grant Limberg + +RUN yum update -y +RUN yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf -qy module disable postgresql +RUN yum -y install epel-release && yum -y update && yum clean all && \ + yum groupinstall -y "Development Tools" && \ + yum install -y bash cmake wget postgresql10 postgresql10-devel libpqxx-devel clang jemalloc jemalloc-devel hiredis-devel && \ + wget https://dl.google.com/go/go1.14.4.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.14.4.linux-amd64.tar.gz +ADD . /ZeroTierOne +ENV PATH="/usr/local/go/bin:${PATH}" +RUN cd ZeroTierOne && make clean && make central-controller + +FROM centos:8 +RUN yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm && \ + dnf -qy module disable postgresql && \ + yum -y install epel-release && \ + yum -y update && yum clean all && \ + yum install -y jemalloc jemalloc-devel postgresql10 hiredis + +COPY --from=builder /ZeroTierOne/build/zerotier /usr/local/bin/zerotier +RUN chmod a+x /usr/local/bin/zerotier + +ADD controller/central-docker/main.sh / +RUN chmod a+x /main.sh + +ENTRYPOINT /main.sh diff --git a/controller/central-docker/README.md b/controller/central-docker/README.md new file mode 100644 index 000000000..a954b1c37 --- /dev/null +++ b/controller/central-docker/README.md @@ -0,0 +1,3 @@ +# ZeroTier Central Controller Docker Image + +Dockerfile & startup script for use with [ZeroTier Central](https://my.zerotier.com). Not intended for public use. diff --git a/controller/central-docker/main.sh b/controller/central-docker/main.sh new file mode 100755 index 000000000..e88185154 --- /dev/null +++ b/controller/central-docker/main.sh @@ -0,0 +1,82 @@ +#!/bin/bash + +if [ -z "$ZT_IDENTITY_PATH" ]; then + echo '*** FAILED: ZT_IDENTITY_PATH environment variable is not defined' + exit 1 +fi +if [ -z "$ZT_DB_HOST" ]; then + echo '*** FAILED: ZT_DB_HOST environment variable not defined' + exit 1 +fi +if [ -z "$ZT_DB_PORT" ]; then + echo '*** FAILED: ZT_DB_PORT environment variable not defined' + exit 1 +fi +if [ -z "$ZT_DB_NAME" ]; then + echo '*** FAILED: ZT_DB_NAME environment variable not defined' + exit 1 +fi +if [ -z "$ZT_DB_USER" ]; then + echo '*** FAILED: ZT_DB_USER environment variable not defined' + exit 1 +fi +if [ -z "$ZT_DB_PASSWORD" ]; then + echo '*** FAILED: ZT_DB_PASSWORD environment variable not defined' + exit 1 +fi + +REDIS="" +if [ "$ZT_USE_REDIS" == "true" ]; then + if [ -z "$ZT_REDIS_HOST" ]; then + echo '*** FAILED: ZT_REDIS_HOST environment variable not defined' + exit 1 + fi + + if [ -z "$ZT_REDIS_PORT" ]; then + echo '*** FAILED: ZT_REDIS_PORT enivronment variable not defined' + exit 1 + fi + + if [ -z "$ZT_REDIS_CLUSTER_MODE" ]; then + echo '*** FAILED: ZT_REDIS_CLUSTER_MODE environment variable not defined' + exit 1 + fi + + REDIS="\"redis\": { + \"hostname\": \"${ZT_REDIS_HOST}\", + \"port\": ${ZT_REDIS_PORT}, + \"clusterMode\": ${ZT_REDIS_CLUSTER_MODE}, + \"password\": \"${ZT_REDIS_PASSWORD}\" + } + " +else + REDIS="\"redis\": {}" +fi + +mkdir -p /var/lib/zerotier-one + +pushd /var/lib/zerotier-one +ln -s $ZT_IDENTITY_PATH/identity.public identity.public +ln -s $ZT_IDENTITY_PATH/identity.secret identity.secret +popd + +DEFAULT_PORT=9993 + +echo "{ + \"settings\": { + \"controllerDbPath\": \"postgres:host=${ZT_DB_HOST} port=${ZT_DB_PORT} dbname=${ZT_DB_NAME} user=${ZT_DB_USER} password=${ZT_DB_PASSWORD} sslmode=prefer sslcert=${DB_CLIENT_CERT} sslkey=${DB_CLIENT_KEY} sslrootcert=${DB_SERVER_CA}\", + \"portMappingEnabled\": true, + \"softwareUpdate\": \"disable\", + \"interfacePrefixBlacklist\": [ + \"inot\", + \"nat64\" + ], + ${REDIS} + } +} +" > /var/lib/zerotier-one/local.conf + +export GLIBCXX_FORCE_NEW=1 +export GLIBCPP_FORCE_NEW=1 +export LD_PRELOAD="/usr/lib64/libjemalloc.so" +exec /usr/local/bin/zerotier -p /var/lib/zerotier-one service diff --git a/workspace/identity.public b/workspace/identity.public new file mode 100644 index 000000000..a9302dd5d --- /dev/null +++ b/workspace/identity.public @@ -0,0 +1 @@ +1fdf770508:0:a9abcf61572629da7e6bdb6e906065c6d9715eeab1b3c6d24e87aa1194edc506542e5456c0c27f9aaeec6af93a36958e93d523e72ab3d5813def0b74d1945a8d \ No newline at end of file diff --git a/workspace/local.conf b/workspace/local.conf new file mode 100644 index 000000000..c14be4b44 --- /dev/null +++ b/workspace/local.conf @@ -0,0 +1,13 @@ +{ + "settings": { + "primaryPort": 18666, + "secondaryPort": 305, + "portMapping": true, + "logSizeMax": 128, + "interfacePrefixBlacklist": [ + "lo", + "utun", + "feth" + ] + } +} \ No newline at end of file