From 5317c7e08209a596110a770b87621419a991d637 Mon Sep 17 00:00:00 2001
From: jgstroud <accounts@bsclimbing.com>
Date: Sat, 3 Jul 2021 00:34:16 -0500
Subject: [PATCH] Add a zerotier VPN container (#191)

Co-authored-by: Jon Stroud <jon.stroud@keysight.com>
Former-commit-id: ecd8ee37e98e24669032f0ed3729edcd68c4edcd
---
 zerotier-one/20-zerotier.sh | 10 ++++++++++
 zerotier-one/README.md      | 25 +++++++++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100755 zerotier-one/20-zerotier.sh
 create mode 100644 zerotier-one/README.md

diff --git a/zerotier-one/20-zerotier.sh b/zerotier-one/20-zerotier.sh
new file mode 100755
index 0000000..d917ac7
--- /dev/null
+++ b/zerotier-one/20-zerotier.sh
@@ -0,0 +1,10 @@
+#!/bin/sh
+CONTAINER=zerotier-one
+# Starts a wireguard container that is deleted after it is stopped.
+# All configs stored in /mnt/data/wireguard
+if podman container exists ${CONTAINER}; then
+  podman start ${CONTAINER}
+else
+  podman run --device=/dev/net/tun --net=host --cap-add=NET_ADMIN --cap-add=SYS_ADMIN --cap-add=CAP_SYS_RAWIO -v /mnt/data/zerotier-one:/var/lib/zerotier-one --name zerotier-one -d bltavares/zerotier
+fi
+
diff --git a/zerotier-one/README.md b/zerotier-one/README.md
new file mode 100644
index 0000000..3f96b5e
--- /dev/null
+++ b/zerotier-one/README.md
@@ -0,0 +1,25 @@
+# Run ZeroTier VPN on your UDM
+
+## Install
+1. Copy 20-zerotier.sh to /mnt/data/on_boot.d
+2. Create directories for persistent Zerotier configuration
+
+   ```
+   mkdir -p /mnt/data/zerotier-one
+   ```
+3. Start the zeriotier container
+   ```
+   podman run -d \
+   --name zerotier-one \
+   --device=/dev/net/tun \
+   --net=host \
+   --cap-add=NET_ADMIN \
+   --cap-add=SYS_ADMIN \
+   --cap-add=CAP_SYS_RAWIO \
+   -v /mnt/data/zerotier-one:/var/lib/zerotier-one \
+   bltavares/zerotier
+   ```
+4. Join your zerotier network
+   ```
+   podman exec zerotier-one zerotier-cli join <your network id>
+   ```