search

ublue-os / bluefin

The next generation Linux workstation, designed for reliability, performance, and sustainability.
https://projectbluefin.io
Apache License 2.0
844 stars 132 forks source link

Add Zerotier One Package/Justfile #1200

Open UnusualNorm opened 2 months ago

UnusualNorm commented 2 months ago

Describe the package

I would really like to see Zerotier support added to the image. In fact, I was planning to make a pull request myself, however I didn't know how you all want that done. There are two ways I see that it could be added. First, I can just add the package to the package list and create a justfile to enable the service. Second, much along the lines of ollama, I could add a justfile which creates a podlet. I really like that second option, however there are some issues/questions I see.

  1. The default directory is /var/lib/zerotier-one, I do not know if you would like that moved somewhere else
  2. Zerotier has an accompanying zerotier-cli which interacts with the zerotier socket. If the above directory is changed, the justfile would probably need to create a proxy script which passes everything into the podlet, or changes the location of the socket through environment variables, if that is even possible. If the directory isn't changed, is there a way to install only the cli, and would it even work? I know the ollama justfile requires you to install the cli through brew, but Zerotier doesn't have a cli-only downlod (as far as I know).
  3. There would be no support for global override, I believe. I have only used this feature once, and did not seem to work through a container, however that could be user error on my end

Image

Ubuntu

m2Giles commented 2 months ago

Pull requests are welcome.

UnusualNorm commented 2 months ago

Pull requests are welcome.

Well, yes, that is what I was planning to do. I just wanted clarification on how you want those issues handled.

  1. Package or container

And if you want it in a container:

  1. Location of data
  2. Cli

I'll write a pr using a podlet and a proxy cli script to see if that's accepted, unless you all have a different way of wanting that handled

m2Giles commented 2 months ago

If needs to run a rootful container, that would give me pause but can be setup in a more secure manner. I run rootful quadlets utilizing unprivileged namespaces.

If it can run as rootless container a quadlet would be awesome to see.

The container approach would then lean itself to a named volume. If rootless you can make a directory in ~/.local/share if rootful /etc or /var/lib would be appropriate.

I would lean against the layered approach unless you have something that it will specifically tie into.

For the cli tool, see if there is a scriptable way to install that. Having a window pop up for accept is not the end of the world.