zerotier server迁移

说明

自建内网穿透工作ZeroTier服务端。需要从原服务器迁移到新的主机上,进行以下操作。我使用ubuntu 22,其他debian类服务器应该也可以。原服务器上直接安装服务程序,不使用docker。

旧服务器

1. 停止服务

  • SSH 登录
  • 停止ztncui,zerotier-one服务
sudo systemctl stop ztncui
sudo systemctl stop zerotier-one

2. 拷贝数据目录

  • 在旧服务器上备份以下两个服务的配置与数据目录
sudo cp -a /opt/key-networks/ztncui/etc /path/to/backup_location
sudo cp -a /var/lib/zerotier-one /path/to/backup_location

新服务器

1. 安装ZeroTier-One Controller和ztncui

A 安装zerotier

https://www.zerotier.com/download/#linux

curl -s https://install.zerotier.com | sudo bash
curl -s 'https://raw.githubusercontent.com/zerotier/ZeroTierOne/main/doc/contact%40zerotier.com.gpg' | gpg --import &&
if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | sudo bash; fi

B 安装ztncui。服务器的web控制面板
https://key-networks.com/ztncui/

2. 停止服务

sudo systemctl stop ztncui
sudo systemctl stop zerotier-one

3. 拷贝数据

  • 使用SCP,rsync,WinSCP等工具拷贝

rsync -rva user@old_host:/path/to/backup_location/etc /opt/key-networks/ztncui/

rsync -rva user@old_host:/path/to/backup_location/zerotier-one /var/lib/

4. 设置用户所有权

  • 查看

ls -l /opt/key-networks/ztncui/etc

  • 用户和群组应该是:ztncui
-rw------- 1 ztncui ztncui 148 Jul 26 09:48 default.passw
-rw------- 1 ztncui ztncui 435 Jul 26 09:48 passwd
drwxr-xr-x 2 ztncui ztncui 4096 Jul 26 09:48 storage
drwxr-x--- 2 ztncui ztncui 4096 Jul 26 09:48 tlsd
  • 查看
ls -l /var/lib/zerotier-one
  • 用户和群组应该是:zerotier-one
-rw------- 1 zerotier-one zerotier-one       24 Jul 26 09:54 authtoken.secre
drwx------ 4 zerotier-one zerotier-one     4096 Jul 26 09:54 controller.d
-rw-r--r-- 1 zerotier-one zerotier-one      141 Jul 26 09:54 identity.public
-rw------- 1 zerotier-one zerotier-one      270 Jul 26 09:54 identity.secret
drwxr-xr-x 2 zerotier-one zerotier-one     4096 Jul 26 09:54 networks.d
drwxr-xr-x 2 zerotier-one zerotier-one     4096 Jul 27 12:22 peers.d
-rw-r--r-- 1 zerotier-one zerotier-one      570 Jul 26 09:54 planet
-rwxr-xr-x 1 zerotier-one zerotier-one 10892304 Jul 26 09:54 zerotier-cli
-rwxr-xr-x 1 zerotier-one zerotier-one 10892304 Jul 26 09:54 zerotier-idtool
-rwxr-xr-x 1 zerotier-one zerotier-one 10892304 Jul 26 09:54 zerotier-one
-rw-r--r-- 1 zerotier-one zerotier-one        4 Jul 26 09:58 zerotier-one.pid
-rw-r--r-- 1 zerotier-one zerotier-one        4 Jul 26 09:58 zerotier-one.port
-rw-r--r-- 1 zerotier-one zerotier-one      276 Jul 26 09:54 zerotier-one.te
  • 如果不是的话,执行以下命令设置

sudo chown -R ztncui:ztncui /opt/key-networks/ztncui/etc
sudo chown -R zerotier-one:zerotier-one /var/lib/zerotier-one

5. 设置配置文件,密钥等

  • After ztncui upgrade, migration, or system kernel upgrade (effective after reboot), you need to generate a new secret for the controller and set correct access privileges.
  • 运行以下命令,设置配置文件
sudo sh -c "echo ZT_TOKEN=$(sudo cat /var/lib/zerotier-one/authtoken.secret) > /opt/key-networks/ztncui/.env"
sudo sh -c "echo HTTPS_PORT=3443 >> /opt/key-networks/ztncui/.env"
sudo sh -c "echo NODE_ENV=production >> /opt/key-networks/ztncui/.env"
sudo chmod 400 /opt/key-networks/ztncui/.env
sudo chown ztncui:ztncui /opt/key-networks/ztncui/.env

6. 配置ztncui

  • 打开环境变量
sudo vim /opt/key-networks/ztncui/.env
  • 设置IP地址: HTTPS_HOST=<IP>
    注:我写入IP造成ztncui无法启动,可以不要这一行
  • 保存退出

7. 重启ztncui和zerotier-one

sudo systemctl start ztncui
sudo systemctl start zerotier-one

8. 验证迁移

  • 查看运行状态

sudo systemctl status ztncui
sudo systemctl status zerotier-one

  • 查看运行日志

sudo journalctl -u ztncui -u zerotier-one -f

  • 注意web端运行在3443,调整防火墙

后续收尾

1. 验证zerotier运行正常

2. 旧服务器停用服务

避免两台服务器同时运行,旧服务器上停用服务

sudo systemctl stop ztncui
sudo systemctl stop zerotier-one
sudo systemctl disable ztncui
sudo systemctl disable zerotier-one

3. 旧服务器清除数据

 

sudo rm -rf /var/lib/zerotier-one

  • 清除数据之后,重新启动服务会生成一个新的服务ID

sudo systemctl enable –now zerotier-one

本文引自https://medium.com/@KarolDanisz/full-guide-migrating-zerotier-controller-ztncui-and-data-to-a-new-host-34abcd30d8fb
授权:Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA 4.0).

 

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注

Time limit is exhausted. Please reload CAPTCHA.