1、下载ztnet官方docker-compose配置,并进行更改
https://ztnet.network/installation/docker-compose
https://liuzhicong.cn/index.php/guide/78.html2、手动定义docker网络
docker network create zerotier_net --driver=bridge --subnet=10.254.1.0/24
docker network list
3、zerotier与ztnet与postgres一起部署
docker-compose.yaml的具体配置如下:
services:
zerotier:
image: zyclonite/zerotier:1.14.0
hostname: zerotiercd
container_name: zerotier
restart: unless-stopped
volumes:
- ./data/zerotier:/var/lib/zerotier-one
cap_add:
- NET_ADMIN
- SYS_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- "9993:9993" #对外提供http的api使用
- "9993:9993/udp"
environment:
- ZT_OVERRIDE_LOCAL_CONF=true
- ZT_ALLOW_MANAGEMENT_FROM=0.0.0.0/0 # 限制管理controller的子网,为了更安全可以填写上面创建的 10.254.1.0/24
ztnet:
image: sinamics/ztnet:latest
container_name: ztnet
working_dir: /app
volumes:
- ./data/zerotier:/var/lib/zerotier-one
restart: unless-stopped
ports:
- 3000:3000 # 管理端界面,不建议对外放开该管理界面,尽量使用vpn进行管理
environment:
POSTGRES_HOST: postgres
POSTGRES_PORT: 5432
POSTGRES_USER: ztnet
POSTGRES_PASSWORD: Ztnet@2025.
POSTGRES_DB: ztnet
NEXTAUTH_URL: "http://192.168.58.18:3000" # 这里填写外网控制,如果经过反向代理,则填写域名,如果没有,则填写http://ip:3000
NEXTAUTH_SECRET: "random_secret"
NEXTAUTH_URL_INTERNAL: "http://ztnet:3000"
postgres:
image: postgres:15.2-alpine
container_name: postgres
restart: unless-stopped
environment:
- TZ=Asia/Shanghai
- POSTGRES_PASSWORD=xxxxxxxx
- POSTGRES_USER=postgres
volumes:
- ./data/postgresql:/var/lib/postgresql/data
networks:
default:
name: zerotier_net
external: true
4、使用外部已经存在postgresql
(1)创建数据库
我这里使用的是与其他项目共用一个基于docker容器部署的postgresql为例:
#创建用户
docker exec -it postgres psql -U postgres -c "create user ztnet with password 'Ztnet@2025.'"
#删除数据库
docker exec -it postgres psql -U postgres -c "drop database ztnet"
#创建数据库ztnet
docker exec -it postgres psql -U postgres -c "create database ztnet with encoding='utf-8' owner=ztnet"
#查看所有数据库
docker exec -it postgres psql -U postgres -c "\l"
#查看指定数据库中的所有表
docker exec -it postgres psql -U postgres -d ztnet -c "\dt"
#删除数据库ztnet下所有的表
docker exec -it postgres psql -U postgres -d ztnet -c "SELECT 'DROP TABLE IF EXISTS \"' || tablename || '\" CASCADE;' FROM pg_tables WHERE schemaname = 'public';"
(2)docker-compose配置
docker-compose.yaml的具体配置如下:
services:
zerotier:
image: zyclonite/zerotier:1.14.0
hostname: zerotiercd
container_name: zerotier
restart: unless-stopped
volumes:
- ./data/zerotier:/var/lib/zerotier-one
cap_add:
- NET_ADMIN
- SYS_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
ports:
- "9993:9993"
- "9993:9993/udp"
environment:
- ZT_OVERRIDE_LOCAL_CONF=true
- ZT_ALLOW_MANAGEMENT_FROM=0.0.0.0/0
ztnet:
image: sinamics/ztnet:latest
container_name: ztnet
working_dir: /app
volumes:
- ./data/zerotier:/var/lib/zerotier-one
restart: unless-stopped
extra_hosts:
- "host.docker.internal:host-gateway"
ports:
- 3000:3000
environment:
POSTGRES_HOST: host.docker.internal
POSTGRES_PORT: 5432
POSTGRES_USER: ztnet
POSTGRES_PASSWORD: Ztnet@2025.
POSTGRES_DB: ztnet
NEXTAUTH_URL: "http://p2p.xxx.com"
NEXTAUTH_SECRET: "random_secret"
NEXTAUTH_URL_INTERNAL: "http://ztnet:3000"
networks:
default:
name: zerotier_net
external: true5、运行docker-compose
docker-compose -f zerotier-compose.yaml up -d6、客户端使用
下载地址:https://www.zerotier.com/download/
安装后,需要确保ZeroTierOne的服务是启动的,尽量不要使用图形界面,需要使用命令行进行配置。执行下面的命令需要以【以管理员身份运行】command或者powershell。
#查看windows下的服务是否启动
sc query ZeroTierOneService
#如果不是Running状态,可以启动或重启
net start ZeroTierOneService创建客户端配置文件
Windows客户端下:C:\ProgramData\ZeroTier\One\local.conf)
Linux客户端:/var/lib/zerotier/local.conf
{
"settings": {
"port": 0,
"allowManagementFrom": ["127.0.0.1"],
"controllerServer": "xxxxxxx:9993",
"primaryPort": 0,
"interfacePrefixBlacklist": []
},
"networks": {
"3d939c887b574d50": {
"authorized": true,
"activeBridge": false
}
}
}
重启服务并加入创建的网络
net stop ZeroTierOneService && net start ZeroTierOneService
#加入网络
"C:\Program Files (x86)\ZeroTier\One\zerotier-cli.bat" join 6c9be40237396a64
#查看自己的信息(包括网络id)
"C:\Program Files (x86)\ZeroTier\One\zerotier-cli.bat" info一些url的api
rlgv576b0o31wlke9cz7u6gk
curl -H "X-ZT1-Auth: rlgv576b0o31wlke9cz7u6gk" http://localhost:9993/status
//查看网络id为5e7a1f9226590243的成员
curl -H "X-ZT1-Auth: rlgv576b0o31wlke9cz7u6gk" \
http://localhost:9993/controller/network/5e7a1f9226590243/member
//创建网络
curl -X POST -H "X-ZT1-Auth: rlgv576b0o31wlke9cz7u6gk" \
-H "Content-Type: application/json" \
-d '{"name":"tdjnet","private":false}' \
http://localhost:9993/controller/network
//设置网络
curl -X POST -H "X-ZT1-Auth: rlgv576b0o31wlke9cz7u6gk" \
-H "Content-Type: application/json" \
-d '{
"ipAssignmentPools": [
{"ipRangeStart": "10.144.1.1", "ipRangeEnd": "10.144.1.254"}
],
"routes": [
{"target": "10.144.0.0/16", "via": null}
],
"v4AssignMode": "zt",
"private": false
}' \
http://localhost:9993/controller/network/5e7a1f9226590243
//授权
curl -X POST -H "X-ZT1-Auth: berd8i2eshrlxlp5jg4txpoj" \
-H "Content-Type: application/json" \
-d '{"authorized": true}' \
http://localhost:9993/controller/network/3d939c887b574d50/member/d015cf2b2e