考虑随时能连接家里的笔记本,了解了Netbird软件,想折腾以下,结果因为使用了443端口,域名需要进行备案才给使用,无奈只能折腾netbird修改端口,折腾了三天,还没搞定,阶段代码如下:
#!/bin/bash
# install_netbird_with_self_host.sh
source getting-started-with-zitadel.sh
set -e
function delete_files() {
local ext_name=$1
# 参数验证
if [ -z "$ext_name" ]; then
write_log "错误: 文件扩展名参数不能为空" "ERROR"
return 1
fi
# 检查是否存在匹配的文件
if ls *.$ext_name 1>/dev/null 2>&1; then
write_log "删除所有 .$ext_name 文件" "INFO"
rm -f *.$ext_name
return 0
else
write_log "未找到 .$ext_name 文件" "INFO"
return 0
fi
}
function clean_up() {
if [ -f "docker-compose.yml" ]; then
docker compose down --volumes
rm -rf docker-compose.yml
fi
delete_files env
delete_files conf
delete_files yml
delete_files json
if [ -f "Caddyfile" ]; then
rm -rf Caddyfile
fi
if [ -d "machinekey" ]; then
rm -rf machinekey
fi
}
function write_log() {
local message=$1
local level=$2
local timestamp=$(date +%Y-%m-%d\ %H:%M:%S)
echo "$timestamp $level $message"
}
function initial_environment() {
write_log "Initializing environment" "INFO"
clean_up
# return 0
CADDY_SECURE_DOMAIN=""
ZITADEL_EXTERNALSECURE="true"
ZITADEL_TLS_MODE="disabled"
ZITADEL_MASTERKEY="$(openssl rand -base64 32 | head -c 32)"
NETBIRD_PORT=18443
NETBIRD_HTTP_PROTOCOL="http"
NETBIRD_RELAY_PROTO="rel"
TURN_USER="self"
TURN_PASSWORD=$(openssl rand -base64 32 | sed 's/=//g')
NETBIRD_RELAY_AUTH_SECRET=$(openssl rand -base64 32 | sed 's/=//g')
TURN_MIN_PORT=49152
TURN_MAX_PORT=65535
TURN_EXTERNAL_IP_CONFIG=$(get_turn_external_ip)
NETBIRD_DOMAIN=use-ip
if ! check_nb_domain "$NETBIRD_DOMAIN"; then
NETBIRD_DOMAIN=$(read_nb_domain)
fi
# NETBIRD_HTTP_PROTOCOL="https"
if [ "$NETBIRD_DOMAIN" == "use-ip" ]; then
# NETBIRD_DOMAIN=$(get_main_ip_address)
NETBIRD_DOMAIN=$(curl ipinfo.io/ip)
else
ZITADEL_EXTERNALSECURE="true"
ZITADEL_TLS_MODE="external"
NETBIRD_PORT=443
CADDY_SECURE_DOMAIN=", $NETBIRD_DOMAIN:$NETBIRD_PORT"
NETBIRD_HTTP_PROTOCOL="https"
NETBIRD_RELAY_PROTO="rels"
fi
ZITADEL_EXTERNALSECURE="false"
NETBIRD_HTTP_PROTOCOL="https"
ZITADEL_TLS_MODE="external"
NETBIRD_RELAY_PROTO="rels"
if [[ "$OSTYPE" == "darwin"* ]]; then
ZIDATE_TOKEN_EXPIRATION_DATE=$(date -u -v+30M "+%Y-%m-%dT%H:%M:%SZ")
else
ZIDATE_TOKEN_EXPIRATION_DATE=$(date -u -d "+30 minutes" "+%Y-%m-%dT%H:%M:%SZ")
fi
check_jq
mkdir -p /tmp/netbird
renderManagementJson > /tmp/netbird/management.json
DOCKER_COMPOSE_COMMAND=$(check_docker_compose)
if [ -f zitadel.env ]; then
echo "Generated files already exist, if you want to reinitialize the environment, please remove them first."
echo "You can use the following commands:"
echo " $DOCKER_COMPOSE_COMMAND down --volumes # to remove all containers and volumes"
echo " rm -f docker-compose.yml Caddyfile zitadel.env dashboard.env machinekey/zitadel-admin-sa.token turnserver.conf management.json relay.env"
echo "Be aware that this will remove all data from the database, and you will have to reconfigure the dashboard."
exit 1
fi
if [[ $ZITADEL_DATABASE == "cockroach" ]]; then
echo "Use CockroachDB as Zitadel database."
ZDB=$(renderDockerComposeCockroachDB)
ZITADEL_DB_ENV=$(renderZitadelCockroachDBEnv)
else
echo "Use Postgres as default Zitadel database."
echo "For using CockroachDB please the environment variable 'export ZITADEL_DATABASE=cockroach'."
# POSTGRES_ROOT_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
POSTGRES_ROOT_PASSWORD="postgres"
# POSTGRES_ZITADEL_PASSWORD="$(openssl rand -base64 32 | sed 's/=//g')@"
POSTGRES_ZITADEL_PASSWORD="zitadel"
ZDB=$(renderDockerComposePostgres)
ZITADEL_DB_ENV=$(renderZitadelPostgresEnv)
renderPostgresEnv >zdb.env
fi
echo Rendering initial files...
renderDockerCompose >docker-compose.yml
renderCaddyfile >Caddyfile
renderZitadelEnv >zitadel.env
echo "" >dashboard.env
echo "" >turnserver.conf
echo "" >management.json
echo "" >relay.env
mkdir -p machinekey
chmod 777 machinekey
init_crdb
write_log "Initial database" "INFO"
$DOCKER_COMPOSE_COMMAND up -d zdb
write_log "Reset root password" "INFO"
# wait for zdb to be ready
while ! docker exec -it n2-zdb-1 pg_isready -U root -d postgres; do
write_log "Waiting for zdb to be ready" "INFO"
sleep 1
done
write_log "Reset root password" "INFO"
docker exec -it n2-zdb-1 psql -U root -d postgres -c "ALTER USER root WITH PASSWORD 'postgres';"
# docker exec -it n2-zdb-1 psql -U root -d postgres -c "ALTER USER zitadel WITH PASSWORD 'zitadel';"
echo -e "\nStarting Zitadel IDP for user management\n\n"
$DOCKER_COMPOSE_COMMAND up -d caddy zitadel
init_zitadel
echo -e "\nRendering NetBird files...\n"
renderTurnServerConf >turnserver.conf
renderManagementJson >management.json
renderDashboardEnv >dashboard.env
renderRelayEnv >relay.env
echo -e "\nStarting NetBird services\n"
$DOCKER_COMPOSE_COMMAND up -d
echo -e "\nDone!\n"
echo "You can access the NetBird dashboard at $NETBIRD_HTTP_PROTOCOL://$NETBIRD_DOMAIN:$NETBIRD_PORT"
echo "Login with the following credentials:"
echo "Username: $ZITADEL_ADMIN_USERNAME" | tee .env
echo "Password: $ZITADEL_ADMIN_PASSWORD" | tee -a .env
}
initial_environment
to be continue!!!