TL;DR intro

For a better experience, deploy your container in another host instead your zerotier current host. So, you will have a real experience connecting remotely.

This lab was done in a Ubuntu 20.04 with docker installed.

To deploy your container with an active zerotier network that will automatically join your zerotier network, follow these steps:

  1. clone the repo that contain zerotier image builder and compose
git clone https://github.com/guedes84/zerotier-docker.git
  1. after clone, set the fields with your own confs:
  • set your zerotier network ID:
read -p "Zerotier ID: " ZEROTID &&
sed -ri 's,"ZEROTIER=.*","ZEROTIER='$ZEROTID'",' zerotier-docker/docker-compose.yml
  • set your url to be proxied by zerotier container:
read -p "URL to proxy: " URLP &&
sed -ri 's,change-proxy,'$URLP',' zerotier-docker/default-nginx
  • set the url port to you test the access in the end of lab:
read -p "Port to access proxy page: " PPORT &&
sed -ri 's,change-port,'$PPORT',' zerotier-docker/default-nginx

remember that this port need to be free in the system!

  1. Build the Ubuntu 20.04 image with a clean zerotier instalation and create the container:
docker build -f zerotier-docker/Dockerfile -t ubuntu-20.04:zerotier . ;
docker-compose -f zerotier-docker/docker-compose.yml up -d;
docker cp zerotier-docker/default-nginx zerotier:/etc/nginx/sites-available/default;
docker exec -it zerotier bash -c "service nginx restart; zerotier-cli join $ZEROTID"
  1. now get you zerotier ip from container:
docker exec -it zerotier bash -c "ip -4 -o addr show | grep -Eo \"ztksey.*inet .[0-9.]{1,}\" | awk '{print \$3}'"
  1. Now access in your remote host the reverse proxy page in this address defined above http://ip-zerotier-from-container:port

Troubleshootings

You may run into various problems while deploy theses steps, then lets try reduce theses scenes with some tips:

The most recent docker version allow normal users run docker commands, but if you are using a old version, maybe you need add this user to the docker group:

sudo gpasswd --add your-user docker

To reproduce this tutorial, you will need some softwares on your server:

sudo apt install git docker ca-certificates curl gnupg lsb-release

We decide choose host network to provides a easily access to the resources of docker container by host default ip. In another cases you will need adjust some blockers like NAT, iptables, ingoing and outgoing flows and etc.

--network host (on docker-compose)

The OS choosed is Ubuntu because it is the better option to configure. Redhat system need a subscription to be updated and for to get packages. The most recently Centos (upstream) have less documentations on the web and aren’t supported by Docker(https://biturl.top/NFvQny) . Docker for Ubuntu is the only system that support all architectures.

This Dockerfile provides the most of solutions to the commons troubles, we suggest to you do not change it:

- Additionals packages to zerotier
- Perms and simbolic links to zerotier
- Original entrypoint of zerotier github

If you cannot build the image on your destiny host, you can build the image in your personal pc and upload it:

docker save "the-image-ID" > zerotier-img-saved
scp zerotier-img-saved some-user@destiny-host:/tmp
docker load < /tmp/zerotier-img-saved