Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
oleg
/
ztncui-aio
peilaus alkaen https://github.com/key-networks/ztncui-aio.git
1
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Selaa lähdekoodia

update v1

kmahyyg 4 vuotta sitten
vanhempi
22a51fbdc2
commit
f7eea2f425
8 muutettua tiedostoa jossa 125 lisäystä ja 8 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 16 7
      Dockerfile
  2. 8 0
      argon2g/go.mod
  3. 11 0
      argon2g/go.sum
  4. 1 1
      argon2g/main.go
  5. 0 0
      entrypoint.sh
  6. 19 0
      start_zt1.sh
  7. 53 0
      start_ztncui.sh
  8. 17 0
      supervisord.conf

+ 16 - 7
Dockerfile
Näytä tiedosto 

@@ -22,15 +22,17 @@ RUN apt update -y && \
 
 # BUILD GO UTILS
 
 FROM golang:buster AS argong
 
 WORKDIR /buildsrc
 
-COPY argon2g.go .
 
+COPY argon2g ./
 
 RUN mkdir -p binaries && \
 
-    go get -u golang.org/x/crypto/argon2 && \
 
-    go build -ldflags='-s -w' -trimpath -o binaries/argon2g ./argon2g.go && \
 
+    cd argon2g && \
 
+    go mod download && \
 
+    go build -ldflags='-s -w' -trimpath -o ../binaries/argon2g && \
 
+    cd .. && \
 
     git clone https://github.com/jsha/minica && \
 
     cd minica && \
 
     go mod download && \
 
     go build -ldflags='-s -w' -trimpath -o ../binaries/minica && \
 
-    cd ../ && \
 
+    cd .. && \
 
     git clone https://github.com/tianon/gosu && \
 
     cd gosu && \
 
     go mod download && \
 
@@ -40,7 +42,7 @@ RUN mkdir -p binaries && \
 
 # START RUNNER
 
 FROM debian:sid-slim AS runner
 
 RUN apt update -y && \
 
-    apt install curl gnupg2 ca-certificates unzip supervisor --no-install-recommends -y && \
 
+    apt install curl gnupg2 ca-certificates unzip supervisor net-tools --no-install-recommends -y && \
 
     curl -sL -o ztone.sh https://install.zerotier.com && \
 
     bash ztone.sh && \
 
     rm -f ztone.sh && \
 
@@ -56,12 +58,19 @@ RUN unzip ./artifact.zip && \
 
 COPY --from=argong /buildsrc/binaries/gosu /bin/gosu
 
 COPY --from=argong /buildsrc/binaries/minica /usr/local/bin/minica
 
 COPY --from=argong /buildsrc/binaries/argon2g /usr/local/bin/argon2g
 
-COPY entrypoint.sh /entrypoint.sh
 
+
 
+COPY start_zt1.sh /start_zt1.sh
 
+COPY start_ztncui.sh /start_ztncui.sh
 
 COPY supervisord.conf /etc/supervisord.conf
 
 
+RUN chmod 4755 /bin/gosu && \
 
+    chmod 0755 /usr/local/bin/minica && \
 
+    chmod 0755 /usr/local/bin/argon2g && \
 
+    chmod 0755 /start_*.sh
 
+
 
 EXPOSE 3000
 
 EXPOSE 9993
 
 
 VOLUME ["/opt/key-networks/ztncui/etc"]
 
 VOLUME [ "/var/lib/zerotier-one" ]
 
-ENTRYPOINT [ "/entrypoint.sh" ]
 
+ENTRYPOINT [ "/usr/bin/supervisord" ]

+ 8 - 0
argon2g/go.mod
Näytä tiedosto 

@@ -0,0 +1,8 @@
 
+module argon2g
 
+
 
+go 1.15
 
+
 
+require (
 
+	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
 
+	golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 // indirect
 
+)

+ 11 - 0
argon2g/go.sum
Näytä tiedosto 

@@ -0,0 +1,11 @@
 
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 
+golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad h1:DN0cp81fZ3njFcrLCytUHRSUkqBjfTo4Tx9RJTWs0EY=
 
+golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
 
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 
+golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 h1:myAQVi0cGEoqQVR5POX+8RR2mrocKqNN1hmeMqhX27k=
 
+golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

+ 1 - 1
argon2g.go → argon2g/main.go
Näytä tiedosto 

@@ -46,7 +46,7 @@ func main() {
 
 
 	u1 := UserDef{
 
 		Name:    "admin",
 
-		PassSet: true,
 
+		PassSet: false,
 
 		Hash:    finalhash,
 
 	}
 
 	p1 := PasswdDef{

+ 0 - 0
entrypoint.sh
Näytä tiedosto


+ 19 - 0
start_zt1.sh
Näytä tiedosto 

@@ -0,0 +1,19 @@
 
+#!/bin/bash
 
+
 
+# If the file not exists, mean we need to initialize
 
+if [ ! -f /var/lib/zerotier-one/identity.secret ] ; then 
+    echo "Zerotier-One Configuration is **NOT** initialized."
 
+    usermod -aG zerotier-one root
 
+    mkdir -p /var/lib/zerotier-one
 
+    rm -rf /var/lib/zerotier-one/*
 
+    ln -sf /usr/sbin/zerotier-one /var/lib/zerotier-one/zerotier-cli
 
+    ln -sf /usr/sbin/zerotier-one /var/lib/zerotier-one/zerotier-idtool
 
+    ln -sf /usr/sbin/zerotier-one /var/lib/zerotier-one/zerotier-one
 
+    chown zerotier-one:zerotier-one /var/lib/zerotier-one    # zerotier-one user home
 
+    #chown -R zerotier-one:zerotier-one /var/lib/zerotier-one  # zerotier-one will change this at runtime. 
+else
 
+    echo "Zerotier-One Configuration is initialized."
 
+fi
 
+
 
+# zt1 must run as root.
 
+/usr/sbin/zerotier-one

+ 53 - 0
start_ztncui.sh
Näytä tiedosto 

@@ -0,0 +1,53 @@
 
+#!/bin/bash
 
+
 
+if [ ! -z $MYADDR ]; then
 
+    echo "Set Your IP Address to continue."
 
+    exit 2
 
+fi
 
+
 
+MYDOMAIN=${MYDOMAIN:-ztncui.docker.test}   # Used for minica
 
+ZTNCUI_PASSWD=${ZTNCUI_PASSWD:-password}   # Used for argon2g
 
+MYADDR=${MYADDR}
 
+HTTP_ALL_INTERFACES=${HTTP_ALL_INTERFACES}
 
+HTTP_PORT=${HTTP_PORT:-3000}
 
+HTTPS_PORT=${HTTPS_PORT:-3443}
 
+
 
+while [ ! -f /var/lib/zerotier-one/authtoken.secret ]; do
 
+    echo "ZT1 AuthToken is not found... Wait for ZT1 to start..."
 
+    sleep 2
 
+done
 
+chown zerotier-one.zerotier-one /var/lib/zerotier-one/authtoken.secret
 
+chmod 640 /var/lib/zerotier-one/authtoken.secret
 
+
 
+cd /opt/key-networks/ztncui
 
+
 
+echo "MYADDR=$MYADDR" > /opt/key-networks/ztncui/.env
 
+echo "HTTP_PORT=$HTTP_PORT" >> /opt/key-networks/ztncui/.env
 
+if [ ! -z $HTTP_ALL_INTERFACES ]; then
 
+  echo "HTTP_ALL_INTERFACES=$HTTP_ALL_INTERFACES" >> /opt/key-networks/ztncui/.env
 
+else
 
+  [ ! -z $HTTPS_PORT ] && echo "HTTPS_PORT=$HTTPS_PORT" >> /opt/key-networks/ztncui/.env
 
+fi
 
+
 
+mkdir -p etc/storage 
+mkdir -p etc/tls
 
+
 
+if [ ! -f etc/passwd ]; then
 
+    cd etc/passwd
 
+    echo $ZTNCUI_PASSWD | /usr/bin/argon2g 
+    cd ../../
 
+fi
 
+
 
+if [ ! -f etc/tls/fullchain.pem ] || [ ! -f etc/tls/privkey.pem ]; then
 
+    cd etc/tls
 
+    /usr/bin/minica -domains "$MYDOMAIN"
 
+    cp -f "$MYDOMAIN/cert.pem" fullchain.pem
 
+    cp -f "$MYDOMAIN/key.pem" privkey.pem
 
+    cd ../../
 
+fi
 
+
 
+chown -R zerotier-one:zerotier-one /opt/key-networks/ztncui
 
+chmod 0755 /opt/key-networks/ztncui/ztncui
 
+chown root:root /opt/key-networks/ztncui/ztncui
 
+
 
+gosu zerotier-one:zerotier-one /opt/key-networks/ztncui/ztncui

+ 17 - 0
supervisord.conf
Näytä tiedosto 

@@ -0,0 +1,17 @@
 
+[program:ztone]
 
+command=/start_zt1.sh
 
+autostart=true
 
+startsecs=10
 
+startretries=3
 
+priority=5
 
+redirect_stderr=true
 
+stdout_logfile=/var/log/docker-ztone.log
 
+
 
+[program:ztncui]
 
+command=/start_ztncui.sh
 
+autostart=true
 
+startsecs=10
 
+startretries=3
 
+priority=10
 
+redirect_stderr=true
 
+stdout_logfile=/var/log/docker-ztncui.log