zerotier: support controller mode

* add config_path option since the controller mode needs a persisting path to be used
* add patch to fix a bug in the controller code (https://github.com/zerotier/ZeroTierOne/issues/553)
* disable zerotier by default, as the default settings let it connect to a public network

Signed-off-by: Moritz Warning <moritzwarning@web.de>

net/zerotier/files/zerotier.config

@@ -1,7 +1,17 @@
 
 config zerotier sample_config
-	option enabled 1
-	option interface 'wan' # restart ZT when wan status changed
+	option enabled 0
+
+	# persistent configuration folder (for ZT controller mode)
+	#option config_path '/etc/zerotier'
+
+	# restart ZT when wan status changed
+	option interface 'wan'
+
 	#option port '9993'
-	option secret 'generate' # generate secret on first start
-	list join '8056c2e21c000001' # a public network called Earth
+
+	# Generate secret on first start
+	option secret 'generate'
+
+	# Join a public network called Earth
+	list join '8056c2e21c000001'

net/zerotier/files/zerotier.init

@@ -4,9 +4,8 @@ START=90
 
 USE_PROCD=1
 
-LIST_SEP="
-"
-ZT_COMMAND=/usr/bin/zerotier-one
+PROG=/usr/bin/zerotier-one
+CONFIG_PATH=/var/lib/zerotier-one
 
 section_enabled() {
 	config_get_bool enabled "$1" 'enabled' 0
@@ -15,17 +14,31 @@ section_enabled() {
 
 start_instance() {
 	local cfg="$1"
-	local port secret interface
+	local port secret interface config_path
 	local ARGS=""
 
 	section_enabled "$cfg" || return 1
 
-	mkdir -p /var/lib/zerotier-one/networks.d/
-
+	config_get config_path $cfg 'config_path'
 	config_get_bool port $cfg 'port'
 	config_get secret $cfg 'secret'
 	config_get interface $cfg 'interface'
 
+	# Remove existing link or folder
+	rm -rf $CONFIG_PATH
+
+	# Create link from CONFIG_PATH to config_path
+	if [ -n "$config_path" -a $config_path != $CONFIG_PATH ]; then
+		if [ ! -d "$config_path" ]; then
+			echo "ZeroTier config_path does not exist: $config_path"
+			return
+		fi
+
+		ln -s $config_path $CONFIG_PATH
+	fi
+
+	mkdir -p $CONFIG_PATH/networks.d
+
 	if [ -n "$port" ]; then
 		ARGS="$ARGS -p$port"
 	fi
@@ -42,21 +55,21 @@ start_instance() {
 	fi
 
 	if [ -n "$secret" ]; then
-		echo "$secret" > /var/lib/zerotier-one/identity.secret
-		#make sure there is not previous dentity.public
-		rm -f /var/lib/zerotier-one/identity.public
+		echo "$secret" > $CONFIG_PATH/identity.secret
+		# make sure there is not previous identity.public
+		rm -f $CONFIG_PATH/identity.public
 	fi
 
 	add_join() {
-		#an (empty) config file will cause ZT to join a network
-		touch /var/lib/zerotier-one/networks.d/$1.conf
+		# an (empty) config file will cause ZT to join a network
+		touch $CONFIG_PATH/networks.d/$1.conf
 	}
 
 	config_list_foreach $cfg 'join' add_join
 
 	procd_open_instance
 	procd_add_reload_interface_trigger "$interface"
-	procd_set_param command $ZT_COMMAND $ARGS
+	procd_set_param command $PROG $ARGS $CONFIG_PATH
 	procd_close_instance
 }
 
@@ -68,3 +81,15 @@ start_service() {
 	config_load 'zerotier'
 	config_foreach start_instance 'zerotier'
 }
+
+stop_instance() {
+	local cfg="$1"
+
+	# Remove existing link or folder
+	rm -rf $CONFIG_PATH
+}
+
+stop_service() {
+	config_load 'zerotier'
+	config_foreach stop_instance 'zerotier'
+}