finish initial version of zerotier recipe

.gitignore

@@ -19,3 +19,4 @@ bin/*
 Berksfile.lock
 .zero-knife.rb
 Policyfile.lock.json
+.chef/

.kitchen.yml

@@ -19,16 +19,20 @@ platforms:
   - name: centos-7.3
     driver:
       provider: vmware_workstation
+  - name: fedora-25
+    driver:
+      provider: vmware_workstation
+  - name: debian-8.7
+    driver:
+      provider: vmware_workstation
 
 suites:
   - name: default
     run_list:
-      - recipe[chef-zerotier::install]
-      - recipe[chef-zerotier::ohai_plugin]
+      - recipe[zerotier::install]
+      - recipe[zerotier::ohai_plugin]
+      - recipe[zerotier::join_networks]
     #verifier:
     #  inspec_tests:
     #    - test/smoke/install
     attributes:
-      ohai:
-        plugin_path: /tmp/kitchen/ohai/plugins
-

README.md

@@ -1,4 +1,67 @@
-# chef-zerotier
+ZeroTier Cookbook
+==================
 
-TODO: Enter the cookbook description here.
+This is a [Chef](https://www.chef.io/) cookbook to manage [ZeroTier](https://www.zerotier.com) networks on your Chef nodes.
 
+Supported Platforms
+---------------------
+* Debian
+* Ubuntu
+* CentOS
+* RHEL
+* Amazon
+
+Recipes
+---------------------
+`zerotier::default`
+
+Default recipe.  Calls `zerotier::install`
+
+`zerotier::install` 
+
+Install's ZeroTier One on your system via the native package management system.
+
+`zerotier::ohai_plugin` 
+
+Installs the Ohai plugin for ZeroTier.  This is required by the provided LWRP `zerotier_network`.
+
+`zerotier::join_networks`
+
+Shortcut to automatically join networks stored in attributes (See example in the Attributes section below)
+
+Attributes
+---------------------
+`node['zerotier']['version']` 
+
+Version of ZeroTier to install.  Empty by default and defaults to the latest version available.
+
+`node['zerotier']['central_url']`
+
+URL to the instance of the ZeroTier Central controller. Defaults to https://my.zerotier.com.  Will be useful in the future when Central is distributable to our enterprise customers.
+
+`node['zerotier']['public_autojoin']`
+
+List of *public* networks to automatically join when using the `zerotier::join_networks` recipe.  These networks do not require any interaction with the network controller.
+
+`node['zerotier']['private_autojoin']`
+
+List of *private* networks to automatically join when using the `zerotier::join_networks` recipe.  Joining a private network requires an API Access Token generated at https://my.zerotier.com.  Each member of the list is a hash as follows:
+
+```
+{
+	:network_id => "your_network_id",
+    :auth_token => "your_auth_token",  # API access token generated at https://my.zerotier.com
+    :central_url => "URL_to_central_instance" # Not required.  Defaults to https://my.zerotier.com
+}
+```
+
+LWRP
+---------------------
+The ZeroTier recpie provides the `zerotier_network` lwrp
+
+Attributes:
+
+- network_id - Network ID to join. defaults to the name attribute.
+- node_name - Name of the node to put in https://my.zerotier.com (only applicable when joining a private network)
+- auth_token - API access token generated in your account at https://my.zerotier.com. Required if you wish to automatically authorize the node to join the network.
+- central_url - URL to the instance of ZeroTier Central.  Defaults to https://my.zerotier.com.

attributes/default.rb

@@ -1,16 +1,23 @@
 
+# Not set by default.
+# default['zerotier']['version']
+#
 
+default['zerotier']['central_url'] = 'https://my.zerotier.com'
 
-default['zt']['central_url'] = 'https://my.zerotier.com'
-default['zt']['api_url'] = URI.join(node['zt']['central_url'], '/api/')
-
-# Public networks to autojoin.  Does not require api_key
-default['zt']['public_autojoin'] = []
+# Public networks to autojoin.
+default['zerotier']['public_autojoin'] = []
 
 # Private networks to autojoin.  Requires ZeroTier Central API api key.
 #
 # Packed in the following format:
 #
-#    [{:network_id => "", :api_key => "key"},...]
+#    [{
+#       :network_id => "", 
+#       :auth_token => "key",
+#       :central_url => "http://my.zerotier.com" // optional.  Defaults to https://my.zerotier.com
+#     },
+#     ...
+#    ]
 #
-default['zt']['private_autojoin'] = []
+default['zerotier']['private_autojoin'] = []

files/default/zerotier_ohai.rb

@@ -2,10 +2,35 @@
 Ohai.plugin(:ZeroTier) do
     provides 'zerotier'
 
-    def linux_get_interfaces
-        interfaces = Mash.new
+    def linux_get_networks
+        networks = Mash.new
 
-        interfaces
+        so = shell_out('/usr/sbin/zerotier-cli listnetworks')
+        first_line = true
+        so.stdout.lines do |line|
+            if first_line
+                # skip the header line
+                first_line = false
+                next
+            end
+
+            data = line.strip.split(/\s+/)
+
+            cur_network = Mash.new
+            cur_network[:network_name] = data[3]
+            cur_network[:mac] = data[4]
+            cur_network[:status] = data[5]
+            cur_network[:type] = data[6]
+            cur_network[:interface] = data[7]
+            cur_network[:addresses] = []
+
+            data[8].split(',').each do |addr|
+                cur_network[:addresses].push(addr)
+            end
+
+            networks[data[2]] = cur_network
+        end
+        return networks
     end
 
     def linux_get_node_id
@@ -37,8 +62,9 @@ def find_zerotier
     collect_data(:linux) do
         if find_zerotier
             zerotier Mash.new
-            zerotier[:version] = get_version
-            zerotier[:node_id] = linux_get_node_id
+            zerotier[:version]    = get_version
+            zerotier[:node_id]    = linux_get_node_id
+            zerotier[:networks]   = linux_get_networks
         else
             Ohai::Log.warn("Cannot find zerotier-cli")
         end

metadata.rb

@@ -1,22 +1,12 @@
-name 'chef-zerotier'
+name 'zerotier'
 maintainer 'Grant Limberg'
 maintainer_email '[email protected]'
 license 'GPL v3'
 description 'Installs/Configures ZeroTier'
 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
-version '0.1.0'
-
-# The `issues_url` points to the location where issues for this cookbook are
-# tracked.  A `View Issues` link will be displayed on this cookbook's page when
-# uploaded to a Supermarket.
-#
-# issues_url 'https://github.com/<insert_org_here>/chef-zerotier/issues' if respond_to?(:issues_url)
-
-# The `source_url` points to the development reposiory for this cookbook.  A
-# `View Source` link will be displayed on this cookbook's page when uploaded to
-# a Supermarket.
-#
-# source_url 'https://github.com/<insert_org_here>/chef-zerotier' if respond_to?(:source_url)
+version '1.0.0'
+issues_url 'https://github.com/zerotier/chef-zerotier/issues' if respond_to?(:issues_url)
+source_url 'https://github.com/zerotier/chef-zerotier' if respond_to?(:source_url)
 
 %w(redhat centos amazon ubuntu debian).each do |os|
     supports os

providers/network.rb

@@ -0,0 +1,78 @@
+require 'chef/log'
+require "net/http"
+require "net/https"
+require "uri"
+require "json"
+require 'mixlib/shellout'
+
+use_inline_resources
+
+def load_current_resource
+    @current_resource = Chef::Resource::ZerotierNetwork.new(new_resource.network_id)
+    @current_resource.node_name(new_resource.node_name)
+    @current_resource.auth_token(new_resource.auth_token)
+    @current_resource.central_url(new_resource.central_url)
+    @current_resource
+end
+
+def whyrun_supported?
+    true
+end
+
+action :join do
+    if ::File.exists?("/var/lib/zerotier-one/networks.d/#{new_resource.network_id}.conf")
+        Chef::Log.info("Network #{new_resource.network_id} already joined. Skipping.")
+    else
+        converge_by("Joining Network #{new_resource.network_id}") do
+            join = Mixlib::ShellOut.new("/usr/sbin/zerotier-cli join #{new_resource.network_id}")
+            join.run_command
+            raise "Error joining network #{new_resource.network_id}" if join.error?
+
+            if new_resource.auth_token
+                url = URI.parse("#{new_resource.central_url}/api/network/#{new_resource.network_id}/member/#{node['zerotier']['node_id']}/")
+
+                netinfo = {
+                    :networkId => new_resource.network_id,
+                    :nodeId => node['zerotier']['node_id'],
+                    :name => new_resource.node_name,
+                    :config => {
+                        :nwid => new_resource.network_id,
+                        :authorized => true
+                    }
+                }
+
+                response = Net::HTTP.start(url.host, url.port, :use_ssl => url.scheme == 'https') do |http|
+                    post = Net::HTTP::Post.new(url, 'Content-Type' => 'application/json')
+                    post.add_field('Authorization', "Bearer #{new_resource.auth_token}")
+                    post.body = netinfo.to_json
+                    http.request(post)
+                end
+
+                case response
+                when Net::HTTPSuccess
+                    # do nothing
+                else
+                    leave = Mixlib::ShellOut.new("/usr/sbin/zerotier-cli leave #{new_resource.network_id}")
+                    leave.run_command
+                    error = JSON.parse(response.body)
+                    raise "Error #{response.code} authorizing network: #{error['type']}: #{error['message']}"
+                end
+            end
+
+            new_resource.updated_by_last_action(true)
+        end
+    end
+end
+
+action :leave do
+    if ::File.exists?("/var/lib/zerotier-one/networks.d/#{new_resource.network_id}.conf")
+        converge_by("Leaving network #{new_resource.network_id}") do
+            leave = Mixlib::ShellOut.new("/usr/sbin/zerotier-cli leave #{new_resource.network_id}")
+            leave.run_command
+            raise "Error leaving network #{new_resource.network_id}" if leave.error?
+            new_resource.updated_by_last_action(true)
+        end
+    else
+        Chef::Log.warn("Network #{new_resource.network_id} is not joined.  Skipping.")
+    end
+end

recipes/default.rb

@@ -1,9 +1,7 @@
 #
-# Cookbook:: chef-zerotier
+# Cookbook:: zerotier
 # Recipe:: default
 #
 # Copyright:: 2017, ZeroTier, Inc., All Rights Reserved.
 
-include_recipe 'chef-zerotier::install'
-
-include_recipe 'chef-zerotier::ohai_plugin'
+include_recipe 'zerotier::install'

recipes/install.rb

@@ -1,12 +1,9 @@
 #
-# Cookbook:: .
+# Cookbook:: zerotier
 # Recipe:: install
 #
 # Copyright:: 2017, ZeroTier, Inc., All Rights Reserved.
 
-
-
-
 case node['platform']
 when 'debian', 'ubuntu'
     apt_repository 'zerotier' do
@@ -19,31 +16,33 @@
     yum_repository 'zerotier' do
         description "ZeroTier Repo"
         baseurl 'https://download.zerotier.com/redhat/el/$releasever'
-        gpgcheck false
+        gpgkey 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg'
     end
 when 'amazon'
     yum_repository 'zerotier' do
         description 'ZeroTier Repo'
         baseurl 'https://download.zerotier.com/redhat/amzn1/'
-        gpgcheck false
+        gpgkey 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg'
     end
 when 'fedora'
     yum_repository 'zerotier' do
         description 'ZeroTier Repo'
-        baseurl 'https://download.zerotier.com/redhat/fc/'
-        gpgcheck false
+        baseurl 'https://download.zerotier.com/redhat/fc/22'
+        gpgkey 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/master/doc/contact%40zerotier.com.gpg'
     end
 else
     Chef::Log.fatal("Platform '#{node['platform']}' is not yet supported by this recipe")
 end
 
 package 'zerotier-one' do
-    if node['zt']['version']
-        version node['zt']['version']
+    if node['zerotier']['version']
+        version node['zerotier']['version']
     end
 end
 
 service 'zerotier-one' do
     action [:enable, :start]
     supports :status => true, :restart => true, :start => true,:stop => true
 end
+
+include_recipe 'zerotier::ohai_plugin'

recipes/join_networks.rb

@@ -0,0 +1,23 @@
+#
+# Cookbook:: zerotier
+# Recipe:: join_networks
+#
+# Copyright:: 2017, ZeroTier, Inc., All Rights Reserved.
+
+include_recipe 'zerotier::ohai_plugin'
+
+node['zerotier']['public_autojoin'].each do |nwid|
+    zerotier_network nwid do
+        action :join
+    end
+end
+
+node['zerotier']['private_autojoin'].each do |network|
+    zerotier_network network['network_id'] do
+        only_if { network.key?("auth_token") }
+        action :join
+        auth_token network['auth_token']
+        central_url network.key?("central_url") ? network[:central_url] : "https://my.zerotier.com"
+        node_name node['fqdn']
+    end
+end

recipes/ohai_plugin.rb

@@ -1,9 +1,9 @@
 #
-# Cookbook:: chef-zerotier
+# Cookbook:: zerotier
 # Recipe:: ohai_plugin
 #
 # Copyright:: 2017, ZeroTier, Inc., All Rights Reserved.
 
-include_recipe 'chef-zerotier::install'
-
-ohai_plugin 'zerotier_ohai'
+ohai_plugin 'zerotier_ohai' do
+    compile_time false
+end