Skip to content

Instantly share code, notes, and snippets.

@laduke

laduke/zeroter-controller.md

Last active September 20, 2018 18:44
Show Gist options
  • Save laduke/5e51512c330fdd09445ea151e8650f99 to your computer and use it in GitHub Desktop.
Save laduke/5e51512c330fdd09445ea151e8650f99 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
zeroter-controller.md

Find your auth token

the authtoken.secret file

  • On Mac this is in "/Library/Application Support/ZeroTier/One". also, the installer copies it to ~/Library/Application
    Support/ZeroTier/One
  • Windows this is usually in "\ProgramData\ZeroTier\One". also, the installer copies it somewhere local to the installing user... I forget
  • On Linux this is usually in "/var/lib/zerotier-one".

You can change the token if you like

get your Node ID

with zerotier-cli

(may need sudo)

zerotier-cli info

200 info 9935981b1e 1.2.12 ONLINE

with curl

curl -X GET 'http://localhost:9993/status/' -H "X-ZT1-AUTH: ${TOKEN}" 

{
 "address": "9935981b1e",
 "clock": 1537309602632,
 "config": {
  "physical": null,
  "settings": {
   "allowTcpFallbackRelay": true,
   "portMappingEnabled": false,
   "primaryPort": 9993,
   "softwareUpdate": "download",
   "softwareUpdateChannel": "release"
  }
 },
 "online": true,
 "planetWorldId": 149604618,
 "planetWorldTimestamp": 1532555817048,
 "publicIdentity": "9935981b1e:0:5cb99fadea4bfe66c7226805a436a4f75883f33d7a1b5da2af75e8907693ed5fe8382cc19e5e92c570a7f78cac1fec14e80f54459b0054e3a8da50d60ec6e68d",
 "tcpFallbackActive": false,
 "version": "1.2.12",
 "versionBuild": 0,
 "versionMajor": 1,
 "versionMinor": 2,
 "versionRev": 12
}

It's the "Address" in the output.

Create a Network

curl -X POST "http://localhost:9993/controller/network/${NODEID}______" -H "X-ZT1-AUTH: ${TOKEN}" -d {}

{
 "authTokens": [
  {}
 ],
 "capabilities": [],
 "creationTime": 1537309027277,
 "enableBroadcast": true,
 "id": "9935981b1e1c6697",
 "ipAssignmentPools": [],
 "mtu": 2800,
 "multicastLimit": 32,
 "name": "",
 "nwid": "9935981b1e1c6697",
 "objtype": "network",
 "private": true,
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 1,
 "routes": [],
 "rules": [
  {
   "not": false,
   "or": false,
   "type": "ACTION_ACCEPT"
  }
 ],
 "tags": [],
 "v4AssignMode": {
  "zt": false
 },
 "v6AssignMode": {
  "6plane": false,
  "rfc4193": false,
  "zt": false
 }
}

A Network ID is the Controller's ID + 6 more characters.

List Networks

curl -X GET "http://localhost:9993/controller/network/" -H "X-ZT1-AUTH: ${TOKEN}" 

["9935981b1e1c6697"]

Get Network Info

curl -X GET "http://localhost:9993/controller/network/${NWID}/" -H "X-ZT1-AUTH: ${TOKEN}" 

{
 "authTokens": [
  {}
 ],
 "capabilities": [],
 "creationTime": 1537309027277,
 "enableBroadcast": true,
 "id": "9935981b1e1c6697",
 "ipAssignmentPools": [],
 "mtu": 2800,
 "multicastLimit": 32,
 "name": "",
 "nwid": "9935981b1e1c6697",
 "objtype": "network",
 "private": true,
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 1,
 "routes": [],
 "rules": [
  {
   "not": false,
   "or": false,
   "type": "ACTION_ACCEPT"
  }
 ],
 "tags": [],
 "v4AssignMode": {
  "zt": false
 },
 "v6AssignMode": {
  "6plane": false,
  "rfc4193": false,
  "zt": false
 }
}

List Network Members

Have a different node join your network first.

curl -X GET "http://localhost:9993/controller/network/${NWID}/member" -H "X-ZT1-AUTH: ${TOKEN}" 

{"7e2d4b9975":1}

Get Member Info

curl -X GET "http://localhost:9993/controller/network/${NWID}/member/${MEMID}" -H "X-ZT1-AUTH: ${TOKEN}" 

{
 "activeBridge": false,
 "address": "7e2d4b9975",
 "authorized": false,
 "capabilities": [],
 "creationTime": 1537309146363,
 "id": "7e2d4b9975",
 "identity": "7e2d4b9975:0:fc4988d42759035d7cafe89374ff58812d48b96afe89d162dd08ef2dac18297a0c52d6d9647b3737c8ffdb3daec4430e6c25cfbb334255951c4d977967930f94",
 "ipAssignments": [],
 "lastAuthorizedCredential": null,
 "lastAuthorizedCredentialType": null,
 "lastAuthorizedTime": 0,
 "lastDeauthorizedTime": 0,
 "noAutoAssignIps": false,
 "nwid": "9935981b1e1c6697",
 "objtype": "member",
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 1,
 "tags": [],
 "vMajor": -1,
 "vMinor": -1,
 "vProto": -1,
 "vRev": -1
}

Configure a Managed Route and IP Auto-Assign Range on the network

curl -X POST "http://localhost:9993/controller/network/${NWID}/" -H "X-ZT1-AUTH: ${TOKEN}" -d '{"ipAssignmentPools": [{"ipRangeStart": "192.168.192.1", "ipRangeEnd": "192.168.192.254"}], "routes": [{"target": "192.168.192.0/24", "via": null}], "v4AssignMode": "zt"}'

{
 "authTokens": [
  {}
 ],
 "capabilities": [],
 "creationTime": 1537309027277,
 "enableBroadcast": true,
 "id": "9935981b1e1c6697",
 "ipAssignmentPools": [
  {
   "ipRangeEnd": "192.168.192.254",
   "ipRangeStart": "192.168.192.1"
  }
 ],
 "mtu": 2800,
 "multicastLimit": 32,
 "name": "",
 "nwid": "9935981b1e1c6697",
 "objtype": "network",
 "private": true,
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 2,
 "routes": [
  {
   "target": "192.168.192.0/24",
   "via": null
  }
 ],
 "rules": [
  {
   "not": false,
   "or": false,
   "type": "ACTION_ACCEPT"
  }
 ],
 "tags": [],
 "v4AssignMode": {
  "zt": true
 },
 "v6AssignMode": {
  "6plane": false,
  "rfc4193": false,
  "zt": false
 }
}

Authorize a member

curl -X POST "http://localhost:9993/controller/network/${NWID}/member/${MEMID}" -H "X-ZT1-AUTH: ${TOKEN}" -d '{"authorized": true}'

{
 "activeBridge": false,
 "address": "7e2d4b9975",
 "authorized": true,
 "capabilities": [],
 "creationTime": 1537309146363,
 "id": "7e2d4b9975",
 "identity": "7e2d4b9975:0:fc4988d42759035d7cafe89374ff58812d48b96afe89d162dd08ef2dac18297a0c52d6d9647b3737c8ffdb3daec4430e6c25cfbb334255951c4d977967930f94",
 "ipAssignments": [],
 "lastAuthorizedCredential": null,
 "lastAuthorizedCredentialType": "api",
 "lastAuthorizedTime": 1537309495749,
 "lastDeauthorizedTime": 0,
 "noAutoAssignIps": false,
 "nwid": "9935981b1e1c6697",
 "objtype": "member",
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 2,
 "tags": [],
 "vMajor": -1,
 "vMinor": -1,
 "vProto": -1,
 "vRev": -1
}

Network Info Again

curl -X GET "http://localhost:9993/controller/network/${NWID}/" -H "X-ZT1-AUTH: ${TOKEN}" 

{
 "authTokens": [
  {}
 ],
 "capabilities": [],
 "creationTime": 1537309027277,
 "enableBroadcast": true,
 "id": "9935981b1e1c6697",
 "ipAssignmentPools": [
  {
   "ipRangeEnd": "192.168.192.254",
   "ipRangeStart": "192.168.192.1"
  }
 ],
 "mtu": 2800,
 "multicastLimit": 32,
 "name": "",
 "nwid": "9935981b1e1c6697",
 "objtype": "network",
 "private": true,
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 2,
 "routes": [
  {
   "target": "192.168.192.0/24",
   "via": null
  }
 ],
 "rules": [
  {
   "not": false,
   "or": false,
   "type": "ACTION_ACCEPT"
  }
 ],
 "tags": [],
 "v4AssignMode": {
  "zt": true
 },
 "v6AssignMode": {
  "6plane": false,
  "rfc4193": false,
  "zt": false
 }
}

Member Info Again

curl -X GET "http://localhost:9993/controller/network/${NWID}/member/${MEMID}" -H "X-ZT1-AUTH: ${TOKEN}" 

{
 "activeBridge": false,
 "address": "7e2d4b9975",
 "authorized": true,
 "capabilities": [],
 "creationTime": 1537309146363,
 "id": "7e2d4b9975",
 "identity": "7e2d4b9975:0:fc4988d42759035d7cafe89374ff58812d48b96afe89d162dd08ef2dac18297a0c52d6d9647b3737c8ffdb3daec4430e6c25cfbb334255951c4d977967930f94",
 "ipAssignments": [
  "192.168.192.190"
 ],
 "lastAuthorizedCredential": null,
 "lastAuthorizedCredentialType": "api",
 "lastAuthorizedTime": 1537309495749,
 "lastDeauthorizedTime": 0,
 "noAutoAssignIps": false,
 "nwid": "9935981b1e1c6697",
 "objtype": "member",
 "remoteTraceLevel": 0,
 "remoteTraceTarget": null,
 "revision": 3,
 "tags": [],
 "vMajor": 1,
 "vMinor": 2,
 "vProto": 9,
 "vRev": 12
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment