wip

2024-11-01 15:33:25 -04:00
parent 0d4a54664d
commit 0ff841bc5b
11 changed files with 149 additions and 62 deletions
--- a/nixos/proxmox/zerotier.ts
+++ b/nixos/proxmox/zerotier.ts
@@ -1,6 +1,9 @@
 const BASE_URL = "http://localhost:9993";
-const token = await Deno.readTextFile("/var/lib/zerotier-one/authtoken.secret");
+const token = Deno.env.get("ZT_TOKEN");
 async function main() {
+  if (!token) {
+    throw new Error("Token is empty");
+  }
  const nodeId = (await get("/status")).address;
  // check if networks exist
  const networks = await getNetworks();
@@ -11,18 +14,71 @@ async function main() {
    const network = await createNetwork(nodeId);
    networkId = network.nwid;
  }
+  switch (Deno.args[0]) {
+    case "join": {
+      console.log(
+        `Node should join the network ${networkId} Once joined, fill in the node address below`,
+      );
+      const nodeAddress = prompt("Node address")?.trim();
+      if (!nodeAddress) {
+        console.log("Node address is required");
+        return;
+      }

-  console.log(
-    `Node should join the network ${networkId} Once joined, fill in the node address below`,
-  );
-  const nodeAddress = prompt("Node address")?.trim();
-  if (!nodeAddress) {
-    console.log("Node address is required");
-    return;
+      await authorizeNode(networkId, nodeAddress);
+      console.log("Node authorized");
+      return;
+    }
+    case "configNetwork": {
+      const data = await post(`/controller/network/${networkId}`, {
+        name: "k3sNetwork",
+        "ipAssignmentPools": [{
+          "ipRangeStart": "10.222.0.0",
+          "ipRangeEnd": "10.222.0.254",
+        }],
+        "routes": [
+          { "target": "10.222.0.0/23", "via": null },
+          { "target": "10.42.0.0/16", "via": null },
+          // { "target": "10.42.0.0/24", "via": "10.222.0.52" },
+          // { "target": "10.42.1.0/24", "via": "10.222.0.63" },
+          // { "target": "10.42.2.0/24", "via": "10.222.0.62" },
+        ],
+        "rules": [
+          {
+            "etherType": 2048,
+            "not": true,
+            "or": false,
+            "type": "MATCH_ETHERTYPE",
+          },
+          {
+            "etherType": 2054,
+            "not": true,
+            "or": false,
+            "type": "MATCH_ETHERTYPE",
+          },
+          {
+            "etherType": 34525,
+            "not": true,
+            "or": false,
+            "type": "MATCH_ETHERTYPE",
+          },
+          { "type": "ACTION_DROP" },
+          { "type": "ACTION_ACCEPT" },
+        ],
+        "v4AssignMode": "zt",
+        "private": true,
+      });
+      break;
+    }
+
+    case "getNetwork": {
+      const data = await get(`/controller/network/${networkId}`) as string[];
+      console.log(JSON.stringify(data, null, 2));
+      break;
+    }
+    default:
+      throw new Error("unknown option");
  }
-
-  await authorizeNode(networkId, nodeAddress);
-  console.log("Node authorized");
 }

 async function getNetworks() {
@@ -78,9 +134,13 @@ async function _getNetwork(id: string) {

 async function authorizeNode(networkId: string, nodeId: string) {
  try {
-    const data = await post(`/controller/network/${networkId}/member/${nodeId}`, {
-      authorized: true,
-    });
+    const data = await post(
+      `/controller/network/${networkId}/member/${nodeId}`,
+      {
+        authorized: true,
+        activeBridge: true,
+      },
+    );
    return data;
  } catch (e) {
    console.error("ERROR", e);