- Remove redundant echo statements
- Improve comments
- Rename `PIPE` to `TAIL_PIPE` to clarify purpose
- Remove traps used during testing and consolidate on INT TERM and HUP
(TERM being the usual case)
- Normal exit when ZeroTier aborts or exits just calls termination
handler
- Termination handler unconditionally removes iptables rules but
conditionally clobbers processes.
- All logging includes date.
Tested combination of waiting on ZeroTier + TERM trap correctly
handling:
1. Docker commands to restart, terminate, recreate, stack down, etc.
2. A reboot while the container is running (assuming restart unless
stopped).
3. External action clobbering the ZeroTier daemon.
Signed-off-by: Phill Kelley <34226495+Paraphraser@users.noreply.github.com>
than one network can be specified as defaults.
First cut at improved launch/tear-down so iptables entries do not get
duplicated, especially if the zerotier daemon quits because networking
has not come up properly after a reboot.
Signed-off-by: Phill Kelley <34226495+Paraphraser@users.noreply.github.com>
1. Support `ZEROTIER_ONE_USE_IPTABLES_NFT` environment variable. If
omitted or has any value other than `true`, `iptables` is used
(maintains backwards compatibility). If `true`, substitutes
`iptables-nft`. This definitely seems to be necessary on Raspberry Pi
running Bullseye.
2. Support `ZEROTIER_ONE_LOCAL_PHYS` environment variable. Defaults to
`eth0` if omitted (maintains backwards compatibility). Allows for
overriding to `wlan0` (eg Raspberry Pi Zero 2W), or both `eth0 wlan0` to
support multiple subnets or failover modes, or similar situations (eg
extra network interface cards).
3. Support `ZEROTIER_ONE_NETWORK_ID` as an alternative to the `join`
command. Means container will always fail safe if its persistent storage
is erased - will look like a new identity but can be authorised and
will then be reachable for additional configuration.
4. Support `PUID` + `PGID` environment variables. Default to 999 and
994, respectively, mimicking what happens on a "native" install of
ZeroTier-One (on a Raspberry Pi).
5. Perform unconditional reset of ownership (PUID:PGID) throughout
persistent store on each launch. This avoids many permission problems
that can sometimes occur in docker environments.
6. Add launch message with date. Assists in assessing recency of
"sendto: Network unreachable" messages that can occur after a reboot
where the container resumes before networking is available.
Signed-off-by: Phill Kelley <34226495+Paraphraser@users.noreply.github.com>
1. Rename files with "bridge" in the name to "router".
2. Edit file contents referring to "bridge" so they refer to "router".
3. Update README to reflect this change, plus point to the relevant
link in the ZeroTier documentation.
Signed-off-by: Phill Kelley <34226495+Paraphraser@users.noreply.github.com>