1. server 端安装

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# 安装docker
dnf config-manager --add-repo=https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
dnf install dnf-plugin-releasever-adapter --repo alinux3-plus
dnf install docker-ce --nobest
systemctl start docker
systemctl enable docker

# 安装zerotier

## 设置server ip
export ServerIP='XXX.XXX.XXX.XXX'
export ZeroTierLanID='xxxxxxxxxxxxxxxx'
export ZUIPasswd='myPassword'

## 安装ztncui
mkdir -p /root/zerotier/
cd /root/zerotier/
docker pull keynetworks/ztncui:1.2.16

cat >/root/zerotier/denv<<EOF
NODE_ENV=production
HTTPS_PORT=3443
ZTNCUI_PASSWD=${ZUIPasswd}
MYDOMAIN=ztncui.docker.test
MYADDR=${ServerIP}
EOF

cat >/root/zerotier/run.sh<<EOF
docker run -d -p9993:9993/udp -p3443:3443 -p3180:3180 \
    -v /root/zerotier/ztncui:/opt/key-networks/ztncui/etc \
    -v /root/zerotier/zt1:/var/lib/zerotier-one \
    --env-file ./denv \
    --name ztncui \
    --restart=always \
    keynetworks/ztncui:1.2.16
EOF

chmod +x run.sh
./run.sh
docker ps
docker logs -f ztncui
docker stop ztncui

## 编译自己的planet节点
dnf install git
dnf install wget gcc gcc-c++ json-devel unzip
# git clone https://github.com/zerotier/ZeroTierOne.git
cd /usr/local/src/
rz -be
unzip ZeroTierOne-1.12.2.zip 
cd /usr/local/src/ZeroTierOne-1.12.2/attic/world/
vim /usr/local/src/ZeroTierOne-1.12.2/attic/world/mkworld.cpp

# 获取Identity
export IdentityID=`cat /root/zerotier/zt1/identity.public`
## 注释掉默认的节点,新增自己的节点
#        // Peterydd
#        roots.push_back(World::Root());
#        roots.back().identity = Identity("${IdentityID}");
#        roots.back().stableEndpoints.push_back(InetAddress("${ServerIP}/9993"));

rm mkworld previous.c25519 current.c25519 world.bin
source ./build.sh 
./mkworld 
echo $?
mv world.bin planet
# 替换默认的planet
cp planet /root/zerotier/zt1/

# 本地保存一份
cd /usr/local/src/ZeroTierOne-1.12.2/attic/world/
sz -be planet

# 重启ztncui
cd /root/zerotier/
docker start ztncui
docker logs -f ztncui

client 端安装

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# debian安装zerotier
apt search zerotier-one
# apt-get install zerotier-one
wget http://download.zerotier.com/debian/bullseye/pool/main/z/zerotier-one/zerotier-one_1.12.2_amd64.deb
dpkg -i zerotier-one_1.12.2_amd64.deb
systemctl status zerotier-one.service

# ubuntu安装zerotier
apt search zerotier-one
# apt-get install zerotier-one
wget http://download.zerotier.com/debian/jammy/pool/main/z/zerotier-one/zerotier-one_1.12.2_amd64.deb
dpkg -i zerotier-one_1.12.2_amd64.deb
systemctl status zerotier-one.service

# centos安装zerotier
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
yum clean all && yum makecache

cd /usr/local/src/
curl -o zerotier-one-1.14.2-1.el7.x86_64.rpm http://download.zerotier.com/redhat/el/7Client/zerotier-one-1.14.2-1.el7.x86_64.rpm
rpm -Uvh zerotier-one-1.14.2-1.el7.x86_64.rpm
systemctl enable --now zerotier-one.service
systemctl status zerotier-one.service
journalctl -xfu zerotier-one

## 替换planet
systemctl stop zerotier-one.service
cd /var/lib/zerotier-one
rm -rf planet peers.d
rz -be
#planet
chown zerotier-one:zerotier-one planet
systemctl start zerotier-one.service
systemctl status zerotier-one.service
journalctl -xfu zerotier-one
## 加入内网
zerotier-cli info
zerotier-cli listpeers
zerotier-cli listnetworks
zerotier-cli join ${ZeroTierLanID}

路由转发

1
2
3
4
5
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf
sysctl -p
iptables -A FORWARD -i ztflxxwjyb -j ACCEPT
iptables -A FORWARD -o ztflxxwjyb -j ACCEPT
iptables -t nat -A POSTROUTING ! -o lo -j MASQUERADE