Fix linux link ordering and add Dockerfile for central controllers

Builds but obviously won't actually do anything yet

.dockerignore

@@ -0,0 +1,3 @@
+.git/
+build/
+!build/zerotier

CMakeLists.txt

@@ -142,7 +142,11 @@ set_target_properties(
 add_executable(zerotier main.cpp)
 target_include_directories(zerotier PUBLIC ${CMAKE_BINARY_DIR})
 add_dependencies(zerotier zerotier_cgo zt_osdep zt_core zt_controller zt_service_io_core)
-target_link_libraries(zerotier zerotier_cgo zt_osdep zt_core zt_controller zt_service_io_core)
+target_link_libraries(zerotier zerotier_cgo zt_service_io_core zt_core zt_osdep zt_controller )
 if (APPLE)
 	target_link_libraries(zerotier "-framework CoreFoundation" "-framework Security")
+else(APPLE)
+	if ("${CMAKE_SYSTEM}" MATCHES "Linux")
+		target_link_libraries(zerotier "-lpthread" "-lm")
+	endif ("${CMAKE_SYSTEM}" MATCHES "Linux")
 endif (APPLE)

Makefile

@@ -1,4 +1,5 @@
 BUILDDIR := build
+TIMESTAMP=$(shell date +"%Y%m%d%H%M")
 
 .PHONY: all
 
@@ -20,6 +21,9 @@ central-controller:
 central-controller-debug:
 	mkdir -p ${BUILDDIR} && cd ${BUILDDIR} && cmake .. -DCMAKE_BUILD_TYPE=Debug -DBUILD_CENTRAL_CONTROLLER=1 && $(MAKE) -j4
 
+central-controller-docker:
+	docker build -t registry.zerotier.com/zerotier-central/ztcentral-controller:${TIMESTAMP} -f controller/central-docker/Dockerfile .
+
 clean:
 	rm -rf ${BUILDDIR} cmake-build-*
 

controller/central-docker/Dockerfile

@@ -0,0 +1,28 @@
+# Dockerfile for ZeroTier Central Controllers
+FROM centos:8 as builder
+MAINTAINER Grant Limberg <[email protected]>
+
+RUN yum update -y
+RUN yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf -qy module disable postgresql
+RUN yum -y install epel-release && yum -y update && yum clean all && \
+    yum groupinstall -y "Development Tools" && \
+    yum install -y bash cmake wget postgresql10 postgresql10-devel libpqxx-devel clang jemalloc jemalloc-devel hiredis-devel && \
+    wget https://dl.google.com/go/go1.14.4.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.14.4.linux-amd64.tar.gz
+ADD . /ZeroTierOne
+ENV PATH="/usr/local/go/bin:${PATH}"
+RUN cd ZeroTierOne && make clean && make central-controller
+
+FROM centos:8
+RUN yum install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-8-x86_64/pgdg-redhat-repo-latest.noarch.rpm && \
+    dnf -qy module disable postgresql && \
+    yum -y install epel-release && \
+    yum -y update && yum clean all && \
+    yum install -y jemalloc jemalloc-devel postgresql10 hiredis
+
+COPY --from=builder /ZeroTierOne/build/zerotier /usr/local/bin/zerotier
+RUN chmod a+x /usr/local/bin/zerotier
+
+ADD controller/central-docker/main.sh /
+RUN chmod a+x /main.sh
+
+ENTRYPOINT /main.sh

controller/central-docker/README.md

@@ -0,0 +1,3 @@
+# ZeroTier Central Controller Docker Image
+
+Dockerfile & startup script for use with [ZeroTier Central](https://my.zerotier.com).  Not intended for public use.

controller/central-docker/main.sh

@@ -0,0 +1,82 @@
+#!/bin/bash
+
+if [ -z "$ZT_IDENTITY_PATH" ]; then
+    echo '*** FAILED: ZT_IDENTITY_PATH environment variable is not defined'
+    exit 1
+fi
+if [ -z "$ZT_DB_HOST" ]; then
+    echo '*** FAILED: ZT_DB_HOST environment variable not defined'
+    exit 1
+fi
+if [ -z "$ZT_DB_PORT" ]; then
+    echo '*** FAILED: ZT_DB_PORT environment variable not defined'
+    exit 1
+fi
+if [ -z "$ZT_DB_NAME" ]; then
+    echo '*** FAILED: ZT_DB_NAME environment variable not defined'
+    exit 1
+fi
+if [ -z "$ZT_DB_USER" ]; then
+    echo '*** FAILED: ZT_DB_USER environment variable not defined'
+    exit 1
+fi
+if [ -z "$ZT_DB_PASSWORD" ]; then
+    echo '*** FAILED: ZT_DB_PASSWORD environment variable not defined'
+    exit 1
+fi
+
+REDIS=""
+if [ "$ZT_USE_REDIS" == "true" ]; then
+    if [ -z "$ZT_REDIS_HOST" ]; then
+        echo '*** FAILED: ZT_REDIS_HOST environment variable not defined'
+        exit 1
+    fi
+
+    if [ -z "$ZT_REDIS_PORT" ]; then
+        echo '*** FAILED: ZT_REDIS_PORT enivronment variable not defined'
+        exit 1
+    fi
+
+    if [ -z "$ZT_REDIS_CLUSTER_MODE" ]; then
+        echo '*** FAILED: ZT_REDIS_CLUSTER_MODE environment variable not defined'
+        exit 1
+    fi
+
+    REDIS="\"redis\": {
+            \"hostname\": \"${ZT_REDIS_HOST}\",
+            \"port\": ${ZT_REDIS_PORT},
+            \"clusterMode\": ${ZT_REDIS_CLUSTER_MODE},
+            \"password\": \"${ZT_REDIS_PASSWORD}\"
+        }
+    "
+else
+    REDIS="\"redis\": {}"
+fi
+
+mkdir -p /var/lib/zerotier-one
+
+pushd /var/lib/zerotier-one
+ln -s $ZT_IDENTITY_PATH/identity.public identity.public
+ln -s $ZT_IDENTITY_PATH/identity.secret identity.secret
+popd
+
+DEFAULT_PORT=9993
+
+echo "{
+    \"settings\": {
+        \"controllerDbPath\": \"postgres:host=${ZT_DB_HOST} port=${ZT_DB_PORT} dbname=${ZT_DB_NAME} user=${ZT_DB_USER} password=${ZT_DB_PASSWORD} sslmode=prefer sslcert=${DB_CLIENT_CERT} sslkey=${DB_CLIENT_KEY} sslrootcert=${DB_SERVER_CA}\",
+        \"portMappingEnabled\": true,
+        \"softwareUpdate\": \"disable\",
+        \"interfacePrefixBlacklist\": [
+            \"inot\",
+            \"nat64\"
+        ],
+        ${REDIS}
+    }
+}    
+" > /var/lib/zerotier-one/local.conf
+
+export GLIBCXX_FORCE_NEW=1
+export GLIBCPP_FORCE_NEW=1
+export LD_PRELOAD="/usr/lib64/libjemalloc.so"
+exec /usr/local/bin/zerotier -p /var/lib/zerotier-one service

workspace/identity.public

@@ -0,0 +1 @@
+1fdf770508:0:a9abcf61572629da7e6bdb6e906065c6d9715eeab1b3c6d24e87aa1194edc506542e5456c0c27f9aaeec6af93a36958e93d523e72ab3d5813def0b74d1945a8d

workspace/local.conf

@@ -0,0 +1,13 @@
+{
+	"settings": {
+		"primaryPort": 18666,
+		"secondaryPort": 305,
+		"portMapping": true,
+		"logSizeMax": 128,
+		"interfacePrefixBlacklist": [
+			"lo",
+			"utun",
+			"feth"
+		]
+	}
+}