From 556195cd64f33fbbc9244022c8a99af5284ffbb9 Mon Sep 17 00:00:00 2001
From: Josh Jacobs <josh@joshjacobs.net>
Date: Fri, 13 Aug 2021 12:31:24 +0100
Subject: [PATCH] feat: support multiple zt network joins feat: add ZT_BRIDGE
 to control bridge functionality

---
 docker-compose.yml |  3 ++-
 entrypoint.sh      | 38 +++++++++++++++++++++++++-------------
 2 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 55aeaca..091b1cc 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
     volumes:
       - zt_config:/var/lib/zerotier-one
     environment:
-      - ZT_NETWORK=NETWORK_ID_HERE
+      - ZT_NETWORKS=NETWORK_ID_1 NETWORK_ID_2 NETWORK_ID_3
+      - ZT_BRIDGE=true
 volumes:
   zt_config:
\ No newline at end of file
diff --git a/entrypoint.sh b/entrypoint.sh
index 2c24fda..03ef326 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -14,24 +14,36 @@ do
   sleep 1
 done
 
-#echo "joining networks: $ZT_NETWORK"
+# Set IPTables to allow NATting
+sysctl -w net.ipv4.ip_forward=1 > /dev/null
 
-echo "joining $ZT_NETWORK"
+echo "joining networks: $ZT_NETWORKS"
 
-while ! zerotier-cli join "$ZT_NETWORK"
-do 
-    echo "joining $ZT_NETWORK failed; trying again in 1s"
+for n in $ZT_NETWORKS
+do
+  echo "joining $n"
+
+  while ! zerotier-cli join "$n"
+  do 
+    echo "joining $n failed; trying again in 1s"
     sleep 1
+  done
+
+  if [ "$ZT_BRIDGE" = "true" ]
+  then
+    echo "iptables on $(zerotier-cli get $n portDeviceName)"
+    PHY_IFACE=eth0; ZT_IFACE=$(zerotier-cli get $n portDeviceName)
+
+    iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
+    iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
+    iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT
+  fi
 done
+
+# Give ZT a second realise it's online
+sleep 10
+
 # Print Client Info
 echo "$(zerotier-cli info)"
 
-# Set IPTables to allow NATting
-sysctl -w net.ipv4.ip_forward=1 > /dev/null
-PHY_IFACE=eth0; ZT_IFACE=$(ls /sys/class/net | grep ^zt)
-
-iptables -t nat -A POSTROUTING -o $PHY_IFACE -j MASQUERADE
-iptables -A FORWARD -i $PHY_IFACE -o $ZT_IFACE -m state --state RELATED,ESTABLISHED -j ACCEPT
-iptables -A FORWARD -i $ZT_IFACE -o $PHY_IFACE -j ACCEPT
-
 sleep infinity
\ No newline at end of file