From dbf80595fdfe64f77076db236b42b7423ef761f1 Mon Sep 17 00:00:00 2001
From: DavHau <d.hauer.it@gmail.com>
Date: Thu, 5 Oct 2023 17:03:01 +0200
Subject: [PATCH] zerotier: fix: find free port without collissions

---
 nixosModules/clanCore/zerotier/generate-network.py | 13 +++++++------
 pkgs/clan-cli/clan_cli/secrets/generate.py         |  2 --
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/nixosModules/clanCore/zerotier/generate-network.py b/nixosModules/clanCore/zerotier/generate-network.py
index fb2a64fbc..60626a018 100644
--- a/nixosModules/clanCore/zerotier/generate-network.py
+++ b/nixosModules/clanCore/zerotier/generate-network.py
@@ -1,4 +1,5 @@
 import argparse
+import contextlib
 import json
 import socket
 import subprocess
@@ -33,11 +34,11 @@ def try_connect_port(port: int) -> bool:
     return result == 0
 
 
-def find_free_port(port_range: range) -> Optional[int]:
-    for port in port_range:
-        if try_bind_port(port):
-            return port
-    return None
+def find_free_port() -> Optional[int]:
+    """Find an unused localhost port from 1024-65535 and return it."""
+    with contextlib.closing(socket.socket(type=socket.SOCK_STREAM)) as sock:
+        sock.bind(("127.0.0.1", 0))
+        return sock.getsockname()[1]
 
 
 class ZerotierController:
@@ -82,7 +83,7 @@ class ZerotierController:
 @contextmanager
 def zerotier_controller() -> Iterator[ZerotierController]:
     # This check could be racy but it's unlikely in practice
-    controller_port = find_free_port(range(10000, 65535))
+    controller_port = find_free_port()
     if controller_port is None:
         raise ClanError("cannot find a free port for zerotier controller")
 
diff --git a/pkgs/clan-cli/clan_cli/secrets/generate.py b/pkgs/clan-cli/clan_cli/secrets/generate.py
index c83f5592c..bb6ced9c7 100644
--- a/pkgs/clan-cli/clan_cli/secrets/generate.py
+++ b/pkgs/clan-cli/clan_cli/secrets/generate.py
@@ -23,8 +23,6 @@ def generate_secrets(machine: Machine) -> None:
     )
 
     if proc.returncode != 0:
-        log.error("stdout: %s", proc.stdout)
-        log.error("stderr: %s", proc.stderr)
         raise ClanError("failed to generate secrets")
     else:
         print("successfully generated secrets")