From 4919715d7442e2e0e1f3f62686c15e82481b750b Mon Sep 17 00:00:00 2001
From: divinehawk <9158262+divinehawk@users.noreply.github.com>
Date: Mon, 9 Feb 2026 23:06:29 -0500
Subject: [PATCH] net/zerotier: add network configuration options
---
.../Zerotier/Api/NetworkController.php | 13 +++++-
.../OPNsense/Zerotier/forms/dialogNetwork.xml | 44 +++++++++++++++++++
.../app/models/OPNsense/Zerotier/Zerotier.xml | 18 +++++++-
.../conf/actions.d/actions_zerotier.conf | 6 +++
.../templates/OPNsense/zerotier/+TARGETS | 1 +
.../OPNsense/zerotier/networks-local.conf | 10 +++++
6 files changed, 90 insertions(+), 2 deletions(-)
create mode 100644 net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/networks-local.conf
diff --git a/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/Api/NetworkController.php b/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/Api/NetworkController.php
index 72c055049..f8667a122 100644
--- a/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/Api/NetworkController.php
+++ b/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/Api/NetworkController.php
@@ -105,6 +105,10 @@ class NetworkController extends ApiMutableModelControllerBase
$mdlZerotier->serializeToConfig();
Config::getInstance()->save();
$result["result"] = "saved";
+ $this->setZerotierNetwork($network->networkId, 'allowManaged', $network->allowManaged);
+ $this->setZerotierNetwork($network->networkId, 'allowGlobal', $network->allowGlobal);
+ $this->setZerotierNetwork($network->networkId, 'allowDefault', $network->allowDefault);
+ $this->setZerotierNetwork($network->networkId, 'allowDNS', $network->allowDNS);
}
}
}
@@ -192,8 +196,10 @@ class NetworkController extends ApiMutableModelControllerBase
private function toggleZerotierNetwork($networkId, $enabled)
{
+ $backend = new Backend();
+ $backend->configdRun("template reload OPNsense/zerotier");
$action = $enabled ? 'join' : 'leave';
- return trim((new Backend())->configdRun("zerotier $action $networkId"));
+ return trim($backend->configdpRun("zerotier", [$action, $networkId]));
}
private function listZerotierNetwork($networkId)
@@ -207,4 +213,9 @@ class NetworkController extends ApiMutableModelControllerBase
}
return gettext("Unable to obtain Zerotier information for network") . " " . $networkId . "! " . gettext("Is the network enabled?");
}
+
+ private function setZerotierNetwork($networkId, $setting, $value)
+ {
+ return trim((new Backend())->configdpRun("zerotier", ["set", $networkId, $setting, $value]));
+ }
}
diff --git a/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/forms/dialogNetwork.xml b/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/forms/dialogNetwork.xml
index c8789ac0d..5ea9c8781 100644
--- a/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/forms/dialogNetwork.xml
+++ b/net/zerotier/src/opnsense/mvc/app/controllers/OPNsense/Zerotier/forms/dialogNetwork.xml
@@ -11,4 +11,48 @@
text
Local Description to help identify this network
+
+ network.allowManaged
+
+ checkbox
+ Allow ZeroTier to set IP Addresses and Routes (local/private ranges only)
+
+ false
+ boolean
+ boolean
+
+
+
+ network.allowGlobal
+
+ checkbox
+ Allow ZeroTier to set Global/Public/Not-Private range IPs and Routes
+
+ false
+ boolean
+ boolean
+
+
+
+ network.allowDefault
+
+ checkbox
+ Allow ZeroTier to set the Default Route on the system
+
+ false
+ boolean
+ boolean
+
+
+
+ network.allowDNS
+
+ checkbox
+ Allow ZeroTier to set DNS servers
+
+ false
+ boolean
+ boolean
+
+
diff --git a/net/zerotier/src/opnsense/mvc/app/models/OPNsense/Zerotier/Zerotier.xml b/net/zerotier/src/opnsense/mvc/app/models/OPNsense/Zerotier/Zerotier.xml
index bbd7750f6..d6c76d817 100644
--- a/net/zerotier/src/opnsense/mvc/app/models/OPNsense/Zerotier/Zerotier.xml
+++ b/net/zerotier/src/opnsense/mvc/app/models/OPNsense/Zerotier/Zerotier.xml
@@ -1,7 +1,7 @@
//OPNsense/zerotier
Zerotier configuration
- 1.3.0
+ 1.3.1
0
@@ -19,6 +19,22 @@
Y
+
+ 1
+ Y
+
+
+ 0
+ Y
+
+
+ 0
+ Y
+
+
+ 0
+ Y
+
diff --git a/net/zerotier/src/opnsense/service/conf/actions.d/actions_zerotier.conf b/net/zerotier/src/opnsense/service/conf/actions.d/actions_zerotier.conf
index 5df6767c1..1fb93b8ce 100644
--- a/net/zerotier/src/opnsense/service/conf/actions.d/actions_zerotier.conf
+++ b/net/zerotier/src/opnsense/service/conf/actions.d/actions_zerotier.conf
@@ -34,6 +34,12 @@ parameters: leave %s
type:script_output
message:Leaving Zerotier Network
+[set]
+command:/usr/local/bin/zerotier-cli
+parameters: set %s %s=%s
+type:script_output
+message:Setting Zerotier Network
+
[info]
command:/usr/local/bin/zerotier-cli info
parameters:
diff --git a/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/+TARGETS b/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/+TARGETS
index 2e49b1251..4a87c683f 100644
--- a/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/+TARGETS
+++ b/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/+TARGETS
@@ -1,2 +1,3 @@
zerotier:/etc/rc.conf.d/zerotier
local.conf:/var/db/zerotier-one/local.conf
+networks-local.conf:/var/db/zerotier-one/networks.d/[OPNsense.zerotier.networks.network.%.networkId].local.conf
diff --git a/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/networks-local.conf b/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/networks-local.conf
new file mode 100644
index 000000000..a754e54cf
--- /dev/null
+++ b/net/zerotier/src/opnsense/service/templates/OPNsense/zerotier/networks-local.conf
@@ -0,0 +1,10 @@
+{% if helpers.exists('OPNsense.zerotier.networks') %}
+{% for network in helpers.toList('OPNsense.zerotier.networks.network') %}
+{% if TARGET_FILTERS['OPNsense.zerotier.networks.network.' ~ loop.index0] or TARGET_FILTERS['OPNsense.zerotier.networks.network'] %}
+allowManaged={{ network.allowManaged }}
+allowGlobal={{ network.allowGlobal }}
+allowDefault={{ network.allowDefault }}
+allowDNS={{ network.allowDNS }}
+{% endif %}
+{% endfor %}
+{% endif %}