Documentation in CLI, indicate what commands require a running node.

cmd/zerotier/cli/cert.go

@@ -28,6 +28,8 @@ func Cert(basePath string, authTokenGenerator func() string, args []string, json
 
 	switch args[0] {
 
+	case "list":
+
 	case "newsid":
 		if len(args) > 2 {
 			Help()

cmd/zerotier/cli/help.go

@@ -39,20 +39,20 @@ Common Operations:
 
   status                                 Show node status and configuration
 
-  set [option] [value]                 - Get or set node configuration
+· set [option] [value]                 - Get or set node configuration
     port <port>                          Primary P2P port
     secondaryport <port/0>               Secondary P2P port (0 to disable)
     blacklist cidr <IP/bits> <boolean>   Toggle physical path blacklisting
     blacklist if <prefix> <boolean>      Toggle interface prefix blacklisting
     portmap <boolean>                    Toggle use of uPnP or NAT-PMP
 
-  peer list                              List VL1 peers
-  peer <address> [command] [option]    - Peer management commands
+· peer list                              List VL1 peers
+· peer <address> [command] [option]    - Peer management commands
     show                                 Show peer details (default)
     try <endpoint> [...]                 Try peer at explicit endpoint
 
-  network list                           List VL2 networks
-  network <network> [command] [option] - Network management commands
+· network list                           List VL2 networks
+· network <network> [command] [option] - Network management commands
     show                                 Show network details (default)
     set [option] [value]               - Get or set network options
       manageips <boolean>                Is IP management allowed?
@@ -61,23 +61,23 @@ Common Operations:
       globalroutes <boolean>             Can global IP space routes be set?
       defaultroute <boolean>             Can default route be overridden?
 
-  join [-options] <network>              Join a virtual network
+· join [-options] <network>              Join a virtual network
     -a <token>                           Token to submit to controller
     -c <identity | fingerprint>          Controller identity or fingerprint
-  leave <network>                        Leave a virtual network
+· leave <network>                        Leave a virtual network
 
 Advanced Operations:
 
   service                                Start node (seldom used from CLI)
 
-  controller <command> [option]        - Local controller management commands
-    list                                 List networks run by local controller
-    new                                  Create a new network
-    set <network> [setting] [value]      Show or modify network settings
-    members <network>                    List members of a network
-    member <network> [setting] [value]   Show or modify member level settings
-    auth <address>                       Authorize a peer
-    deauth <address>                     Deauthorize a peer
+· controller <command> [option]        - Local controller management commands
+·   list                                 List networks run by local controller
+·   new                                  Create a new network
+·   set <network> [setting] [value]      Show or modify network settings
+·   members <network>                    List members of a network
+·   member <network> [setting] [value]   Show or modify member level settings
+·   auth <address>                       Authorize a peer
+·   deauth <address>                     Deauthorize a peer
 
   identity <command> [args]            - Identity management
     new [c25519 | p384]                  Create identity (default: c25519)
@@ -93,18 +93,20 @@ Advanced Operations:
     show <locator>                       Show contents of a locator
 
   cert <command> [args]                - Certificate management
-    list                                 List certificates in local node store
-    show [serial]                        List or show details of a certificate
+·   list                                 List certificates in local node store
+·   show [serial]                        List or show details of a certificate
     newsid <secret out>                  Create a new subject unique ID
     newcsr <subject> <secret> <csr out>  Create a subject CSR
     sign <csr> <identity> <cert out>     Sign a CSR to create a certificate
-    verify <cert>                        Verify a certificate
-    import <cert> [trust,[trust]]        Import certificate into this node
+·   verify <cert>                        Verify a certificate
+·   import <cert> [trust,[trust]]        Import certificate into this node
       rootca                             Certificate is a root CA (trust flag)
       ztrootset                          ZeroTier root node set (trust flag)
-    restore                              Re-import default certificates
-    export <serial> [path]               Export a certificate from this node
-    delete <serial|ALL>                  Delete certificate from this node
+·   restore                              Re-import default certificates
+·   export <serial> [path]               Export a certificate from this node
+·   delete <serial|ALL>                  Delete certificate from this node
+
+· Command requires a running node and access to a local API token.
 
 An <address> may be specified as a 10-digit short ZeroTier address, a
 fingerprint containing both an address and a SHA384 hash, or an identity.

cmd/zerotier/cli/network.go

@@ -21,6 +21,33 @@ import (
 	"zerotier/pkg/zerotier"
 )
 
+func listNetworks(basePath, authToken string, jsonOutput bool) int {
+	var networks []zerotier.APINetwork
+	apiGet(basePath, authToken, "/network", &networks)
+
+	if jsonOutput {
+		fmt.Println(jsonDump(networks))
+	} else {
+		fmt.Printf("%-16s %-24s %-17s %-8s <type>  <device>         <managed IP(s)>\n", "<id>", "<name>", "<mac>", "<status>")
+		for _, nw := range networks {
+			t := "PRIVATE"
+			if nw.Config.Type == zerotier.NetworkTypePublic {
+				t = "PUBLIC"
+			}
+			fmt.Printf("%.16x %-24s %-17s %-16s %-7s %-16s ", uint64(nw.ID), nw.Config.Name, nw.Config.MAC.String(), networkStatusStr(nw.Config.Status), t, nw.PortName)
+			for i, ip := range nw.Config.AssignedAddresses {
+				if i > 0 {
+					fmt.Print(",")
+				}
+				fmt.Print(ip.String())
+			}
+			fmt.Print("\n")
+		}
+	}
+
+	return 0
+}
+
 func showNetwork(nwids string, network *zerotier.APINetwork, jsonOutput bool) {
 	if jsonOutput {
 		fmt.Println(jsonDump(&network))
@@ -85,13 +112,17 @@ func showNetwork(nwids string, network *zerotier.APINetwork, jsonOutput bool) {
 }
 
 func Network(basePath string, authTokenGenerator func() string, args []string, jsonOutput bool) int {
-	authToken := authTokenGenerator()
-
 	if len(args) < 1 {
 		Help()
 		return 1
 	}
 
+	authToken := authTokenGenerator()
+
+	if len(args) == 1 && args[0] == "list" {
+		return listNetworks(basePath, authToken, jsonOutput)
+	}
+
 	if len(args[0]) != zerotier.NetworkIDStringLength {
 		fmt.Printf("ERROR: invalid network ID: %s\n", args[0])
 		return 1

cmd/zerotier/cli/networks.go

@@ -1,46 +0,0 @@
-/*
- * Copyright (c)2013-2020 ZeroTier, Inc.
- *
- * Use of this software is governed by the Business Source License included
- * in the LICENSE.TXT file in the project's root directory.
- *
- * Change Date: 2025-01-01
- *
- * On the date above, in accordance with the Business Source License, use
- * of this software will be governed by version 2.0 of the Apache License.
- */
-/****/
-
-package cli
-
-import (
-	"fmt"
-	"zerotier/pkg/zerotier"
-)
-
-func Networks(basePath string, authTokenGenerator func() string, args []string, jsonOutput bool) int {
-	var networks []zerotier.APINetwork
-	apiGet(basePath, authTokenGenerator(), "/network", &networks)
-
-	if jsonOutput {
-		fmt.Println(jsonDump(networks))
-	} else {
-		fmt.Printf("%-16s %-24s %-17s %-8s <type>  <device>         <managed IP(s)>\n", "<id>", "<name>", "<mac>", "<status>")
-		for _, nw := range networks {
-			t := "PRIVATE"
-			if nw.Config.Type == zerotier.NetworkTypePublic {
-				t = "PUBLIC"
-			}
-			fmt.Printf("%.16x %-24s %-17s %-16s %-7s %-16s ", uint64(nw.ID), nw.Config.Name, nw.Config.MAC.String(), networkStatusStr(nw.Config.Status), t, nw.PortName)
-			for i, ip := range nw.Config.AssignedAddresses {
-				if i > 0 {
-					fmt.Print(",")
-				}
-				fmt.Print(ip.String())
-			}
-			fmt.Print("\n")
-		}
-	}
-
-	return 0
-}

cmd/zerotier/cli/peer.go

@@ -13,12 +13,70 @@
 
 package cli
 
+import (
+	"fmt"
+	"strings"
+	"zerotier/pkg/zerotier"
+)
+
+func listPeers(basePath, authToken string, jsonOutput bool, rootsOnly bool) int {
+	var peers []zerotier.Peer
+	apiGet(basePath, authToken, "/peer", &peers)
+
+	if rootsOnly {
+		roots := make([]zerotier.Peer, 0, len(peers))
+		for i := range peers {
+			if peers[i].Root {
+				roots = append(roots, peers[i])
+			}
+		}
+		peers = roots
+	}
+
+	if jsonOutput {
+		fmt.Println(jsonDump(&peers))
+	} else {
+		fmt.Printf("<address>  <ver>   <root> <lat(ms)> <path(s)>\n")
+		for _, peer := range peers {
+			root := ""
+			if peer.Root {
+				root = " *"
+			}
+
+			var paths strings.Builder
+			if len(peer.Paths) > 0 {
+				if paths.Len() > 0 {
+					paths.WriteRune(' ')
+				}
+				paths.WriteString(peer.Paths[0].Endpoint.String())
+			} else {
+				paths.WriteString("(relayed)")
+			}
+
+			fmt.Printf("%.10x %-7s %-6s %-9d %s\n",
+				uint64(peer.Address),
+				fmt.Sprintf("%d.%d.%d", peer.Version[0], peer.Version[1], peer.Version[2]),
+				root,
+				peer.Latency,
+				paths.String())
+		}
+	}
+
+	return 0
+}
+
 func Peer(basePath string, authTokenGenerator func() string, args []string, jsonOutput bool) int {
 	if len(args) < 1 {
 		Help()
 		return 1
 	}
 
+	authToken := authTokenGenerator()
+
+	if len(args) == 1 && args[0] == "list" {
+		return listPeers(basePath, authToken, jsonOutput, false)
+	}
+
 	switch args[0] {
 	}
 

cmd/zerotier/cli/peers.go

@@ -1,67 +0,0 @@
-/*
- * Copyright (c)2013-2020 ZeroTier, Inc.
- *
- * Use of this software is governed by the Business Source License included
- * in the LICENSE.TXT file in the project's root directory.
- *
- * Change Date: 2025-01-01
- *
- * On the date above, in accordance with the Business Source License, use
- * of this software will be governed by version 2.0 of the Apache License.
- */
-/****/
-
-package cli
-
-import (
-	"fmt"
-	"strings"
-
-	"zerotier/pkg/zerotier"
-)
-
-func Peers(basePath string, authTokenGenerator func() string, args []string, jsonOutput bool, rootsOnly bool) int {
-	var peers []zerotier.Peer
-	apiGet(basePath, authTokenGenerator(), "/peer", &peers)
-
-	if rootsOnly {
-		roots := make([]zerotier.Peer, 0, len(peers))
-		for i := range peers {
-			if peers[i].Root {
-				roots = append(roots, peers[i])
-			}
-		}
-		peers = roots
-	}
-
-	if jsonOutput {
-		fmt.Println(jsonDump(&peers))
-	} else {
-		fmt.Printf("<address>  <ver>   <root> <lat(ms)> <path(s)>\n")
-		for _, peer := range peers {
-			root := ""
-			if peer.Root {
-				root = " *"
-			}
-
-			var paths strings.Builder
-			if len(peer.Paths) > 0 {
-				if paths.Len() > 0 {
-					paths.WriteRune(' ')
-				}
-				paths.WriteString(peer.Paths[0].Endpoint.String())
-			} else {
-				paths.WriteString("(relayed)")
-			}
-
-			fmt.Printf("%.10x %-7s %-6s %-9d %s\n",
-				uint64(peer.Address),
-				fmt.Sprintf("%d.%d.%d", peer.Version[0], peer.Version[1], peer.Version[2]),
-				root,
-				peer.Latency,
-				paths.String())
-		}
-	}
-
-	return 0
-}

cmd/zerotier/zerotier.go

@@ -142,15 +142,13 @@ func main() {
 	case "leave":
 		exitCode = cli.Leave(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs)
 	case "networks", "listnetworks":
-		exitCode = cli.Networks(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag)
+		exitCode = cli.Network(basePath, authToken(basePath, *tflag, *tTflag), []string{"list"}, *jflag)
 	case "network":
 		exitCode = cli.Network(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag)
-	case "peers", "listpeers", "lspeers":
-		exitCode = cli.Peers(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag, false)
+	case "peers", "listpeers":
+		exitCode = cli.Peer(basePath, authToken(basePath, *tflag, *tTflag), []string{"list"}, *jflag)
 	case "peer":
 		exitCode = cli.Peer(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag)
-	case "roots":
-		exitCode = cli.Peers(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag, true)
 	case "controller":
 		exitCode = cli.Controller(basePath, authToken(basePath, *tflag, *tTflag), cmdArgs, *jflag)
 	case "set":