mwarning / zerotier-openwrt

A OpenWrt package for ZeroTier One - Pull requests are welcome!
695 stars 146 forks source link

Wiki Instructions update for identity.secret #71

Closed Andy589 closed 4 years ago

Andy589 commented 4 years ago

I’ve found that if you don’t run this command after the first reboot a new ZT address is created and needs to be re-auth after every reboot.

uci set zerotier.network.secret="$(cat /var/lib/zerotier-one/identity.secret)"

It took me several weeks of digging through various websites to figure that one out and it may be good to add it to the wiki.

mwarning commented 4 years ago

That should be done automatically: https://github.com/mwarning/zerotier-openwrt/blob/master/zerotier/files/etc/init.d/zerotier#L62

But maybe there is something broken..

ogarcia commented 4 years ago

@Andy589 if you read the wiki it says:

If now we take a look to our config we must have a new option called secret: ... (Sample config) ... The zerotier.openwrt_network.secret is the content of /var/lib/zerotier-one/identity.secret

Anyway just now I add a warning to remember to double check this point :wink:

ogarcia commented 4 years ago

But maybe there is something broken..

Or maybe Andy589 overwritten the config file by error. I cannot reproduce the issue, but anyway with the new note in the wiki I think that can close this ticket.

Andy589 commented 4 years ago

I follow the wiki to the T. I’ve done it on several routers and have the same result every time. For reference I’ve been installing the package on GL iNet routers running openWRT 18.06.

ogarcia commented 4 years ago

@Andy589 seems that GL iNet devices has not a standard OpenWRT firmware, there is a lot of strange bugs with these devices :shrug:

mwarning commented 4 years ago

@Andy589 what OpenWrt release do you use? 18.06.7?

Andy589 commented 4 years ago

Correct, it just seems that they put a “coat of paint” on top of openWRT as the underlying system is still complete and accessible to my knowledge.

OpenWrt 18.06.1 Kernel 4.9.120

mwarning commented 4 years ago

I inspected their zerotier package. It is Zerotier 1.2.8 and the init script uses option secret 'generate' to indicate that the secret need to be generated:

https://github.com/openwrt/packages/blob/35e0b737ab496f5b51e80079b0d8c9b442e223f5/net/zerotier/files/zerotier.init#L48

This approach was rather fragile.