2.4 KiB
2.4 KiB
ZeroTier Configuration with NixOS in Clan
This guide provides detailed instructions for configuring
ZeroTier VPN within Clan. Follow the
outlined steps to set up a machine as a VPN controller (<CONTROLLER>
) and to
include a new machine into the VPN.
1. Setting Up the VPN Controller
The VPN controller is initially essential for providing configuration to new peers. Post the address allocation, the controller's continuous operation is not crucial.
Instructions:
- Designate a Machine: Label a machine as the VPN controller in the clan,
referred to as
<CONTROLLER>
henceforth in this guide. - Add Configuration: Input the below configuration to the NixOS
configuration of the controller machine:
clan.networking.zerotier.controller = { enable = true; public = true; };
- Update the Controller Machine: Execute the following:
Your machine is now operational as the VPN controller.$ clan machines update <CONTROLLER>
2. Integrating a New Machine to the VPN
To introduce a new machine to the VPN, adhere to the following steps:
Instructions:
- Update Configuration: On the new machine, incorporate the below to its
configuration, substituting
<CONTROLLER>
with the controller machine name:{ config, ... }: { clan.networking.zerotier.networkId = builtins.readFile (config.clanCore.clanDir + "/machines/<CONTROLLER>/facts/zerotier-network-id"); }
- Update the New Machine: Execute:
Replace$ clan machines update <NEW_MACHINE>
<NEW_MACHINE>
with the designated new machine name. - Retrieve the ZeroTier ID: On the
new_machine
, execute:
Example Output:$ sudo zerotier-cli info
200 info d2c71971db 1.12.1 OFFLINE
, whered2c71971db
is the ZeroTier ID. - Authorize the New Machine on Controller: On the controller machine,
execute:
Substitute$ sudo zerotier-members allow <ID>
<ID>
with the ZeroTier ID obtained previously. - Verify Connection: On the
new_machine
, re-execute:
The status should now be "ONLINE" e.g.,$ sudo zerotier-cli info
200 info 47303517ef 1.12.1 ONLINE
.
Congratulations! The new machine is now part of the VPN, and the ZeroTier configuration on NixOS within the Clan project is complete.