From 9b2e08dd09b88e94b459a84764d47590531a5ef9 Mon Sep 17 00:00:00 2001 From: Travis LaDuke Date: Mon, 26 Jun 2017 11:27:07 -0700 Subject: Update README.md We've had multiple questions in the community chat regarding posting new network and getting the curl syntax correct. --- controller/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/controller/README.md b/controller/README.md index db8d0153..b21b3058 100644 --- a/controller/README.md +++ b/controller/README.md @@ -69,6 +69,12 @@ By making queries to this path you can create, configure, and delete networks. D When POSTing new networks take care that their IDs are not in use, otherwise you may overwrite an existing one. To create a new network with a random unused ID, POST to `/controller/network/##########______`. The #'s are the controller's 10-digit ZeroTier address and they're followed by six underscores. Check the `nwid` field of the returned JSON object for your network's newly allocated ID. Subsequent POSTs to this network must refer to its actual path. +Example: + +`curl -X POST --header "X-ZT1-Auth: secret" -d '{"name":"my network"}' http://localhost:9993/controller/network/305f406058______` + +**Network object format:** + | Field | Type | Description | Writable | | --------------------- | ------------- | ------------------------------------------------- | -------- | | id | string | 16-digit network ID | no | -- cgit v1.2.3 From dd83c680e5a13ca970cf6c38f88d43119340fd05 Mon Sep 17 00:00:00 2001 From: Dave Cottlehuber Date: Fri, 30 Jun 2017 13:10:34 +0000 Subject: build: all BSDs expect gmake here --- make-bsd.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/make-bsd.mk b/make-bsd.mk index 39c6cef1..800c0c2a 100644 --- a/make-bsd.mk +++ b/make-bsd.mk @@ -142,7 +142,7 @@ clean: rm -rf *.o node/*.o controller/*.o osdep/*.o service/*.o ext/http-parser/*.o build-* zerotier-one zerotier-idtool zerotier-selftest zerotier-cli ZeroTierOneInstaller-* $(OBJS) debug: FORCE - make -j 4 ZT_DEBUG=1 + gmake -j 4 ZT_DEBUG=1 install: one rm -f /usr/local/sbin/zerotier-one -- cgit v1.2.3 From a274e774ee9299f168f6bf387a1182ae81bff045 Mon Sep 17 00:00:00 2001 From: Monty A Date: Fri, 7 Jul 2017 10:11:21 +0100 Subject: Clarification on how to use JSON API with secret Makes it clear on how to use the authtoken.secret file when making requests. --- controller/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/controller/README.md b/controller/README.md index db8d0153..d70ffd2a 100644 --- a/controller/README.md +++ b/controller/README.md @@ -33,7 +33,7 @@ ZeroTier network controllers can easily be run in Docker or other container syst The controller API is hosted via the same JSON API endpoint that ZeroTier One uses for local control (usually at 127.0.0.1 port 9993). All controller options are routed under the `/controller` base path. -The controller microservice does not implement any fine-grained access control (authentication is via authtoken.secret just like the regular JSON API) or other complex mangement features. It just takes network and network member configurations and reponds to controller queries. We have an enterprise product called [ZeroTier Central](https://my.zerotier.com/) that we host as a service (and that companies can license to self-host) that does this. +The controller microservice does not implement any fine-grained access control (authentication is via authtoken.secret, simply append the value from authtoken.secret file, into a new querystring parameter named "auth" - for example `/controller/network?auth=6hdmozf8k5ds39kabcdefabc`) or other complex mangement features. It just takes network and network member configurations and reponds to controller queries. We have an enterprise product called [ZeroTier Central](https://my.zerotier.com/) that we host as a service (and that companies can license to self-host) that does this. All working network IDs on a controller must begin with the controller's ZeroTier address. The API will *allow* "foreign" networks to be added but the controller will have no way of doing anything with them since nobody will know to query it. (In the future we might support secondaries, which would make this relevant.) -- cgit v1.2.3