Bug Report

ZeroUI version:
latest

Current behavior:
Cannot read properties of undefined (reading 'ipRangeStart')

Expected behavior:
should be no problem to manage a network without ip assignments, ie, managing ips with kea-dhcp bridged to zerotier

Steps to reproduce:
create a new network, remove ip ranges and try to login/logout

Currently, installing dependencies and compiling the project takes a lot of time. There are different things to improve: project build tools, pre-commit checks, CI builds and the new release creation process.

Some things to consider yarn upgrade/replacement, husky upgrade/replacement, standard-version upgrade/replacement (e.g. repo with semantic-release), react-scripts upgrade/replacement (vite build tool looks good), react upgrade/replacement (preact?), workspace frontend/backend management improvement.

Any suggestion is welcome.

Bug Report

ZeroUI version: latest

When I have the ui behind nginx reverse proxy and I enable basic auth, it just keeps asking for the credentials every request.

We have more than 1000 members and when loading the network page it loads every members making the browser unresponsive.

Bug Report

ZeroUI version:

latest

Current behavior:

When using a standard docker volume everything works fine, but if I use a host-path (i.e. /data/my_docker_data) volume for the zerotier controller, the zero-ui crashes and exits with the error below. This is fairly bizarre, I've used Docker for several years and never experienced this, I've ensured the Host directory has the correct permissions and ownership (matching exactly the same as when utilising a docker-volume), another note, I don't experience this issue ZTBCUI's controller:

zu-main exited with code 1
zu-main     | node:internal/errors:691
zu-main     |   const ex = new Error(msg);
zu-main     |              ^
zu-main     |
zu-main     | Error: socket hang up
zu-main     |     at connResetException (node:internal/errors:691:14)
zu-main     |     at Socket.socketOnEnd (node:_http_client:471:23)
zu-main     |     at Socket.emit (node:events:406:35)
zu-main     |     at endReadableNT (node:internal/streams/readable:1348:12)
zu-main     |     at processTicksAndRejections (node:internal/process/task_queues:83:21) {
zu-main     |   code: 'ECONNRESET',
zu-main     |   config: {
zu-main     |     url: 'status',
zu-main     |     method: 'get',
zu-main     |     headers: {
zu-main     |       Accept: 'application/json, text/plain, */*',
zu-main     |       'X-ZT1-Auth': 'edi9jjcrk2j2l9thozezbf71',
zu-main     |       'User-Agent': 'axios/0.21.1'

Running the following docker compose:

version: "3.9"

services:

  zerotier:
    image: dec0dos/zerotier-controller:latest
    container_name: zu-controller

    restart: unless-stopped
    volumes:
      - '/data/controller/:/var/lib/zerotier-one'
      #- controller_data:/var/lib/zerotier-one
    expose:
      - "9993/tcp"
    ports:
      - "9993:9993/udp"


  zero-ui:
    image: dec0dos/zero-ui:latest
    container_name: zu-main
    # build:
    #   context: .
    #   dockerfile: ./docker/zero-ui/Dockerfile
    restart: unless-stopped
    depends_on:
      - zerotier
    volumes:
      - '/data/controller/:/var/lib/zerotier-one'
      #- controller_data:/var/lib/zerotier-one
      - /cntrs/data/zero-ui/zero-ui:/app/backend/data
    environment:
      - ZU_CONTROLLER_ENDPOINT=http://zerotier:9993/
      - ZU_SECURE_HEADERS=false
      - ZU_DEFAULT_USERNAME=admin
      - ZU_DEFAULT_PASSWORD=zero-ui
    expose:
      - "4000"
    labels:
      - traefik.enable=true
      - traefik.http.routers.zt_https.rule=Host(`zt.prjx.uk`)
      - traefik.http.routers.zt_https.entrypoints=websecure
      - traefik.http.routers.zt_https.tls=true
      - traefik.http.services.zt_https.loadbalancer.server.port=4000
    expose:
      - "4000"


volumes:
  zero-ui_data:
  controller_data:
  caddy_data:

Expected behavior:

When using a docker-volume, it does not generate this error and the UI works as expected.

Steps to reproduce:

Use the above docker-compose.yml .. Not you can remove the Traefik config... the issue still occurs.

Currently, the description box and the network name boxes are too small to accommodate anything more than a few words in a single line. Makes the appearance cluttered, hence it would be nice if these occupy atleast 60% of the page width.

Allow changing the order of the members by clicking on the column headers.

Bug Report

ZeroUI version:
latest

Current behavior:

I modify a network then press to return to main page but get a white screen

Expected behavior:

should return to list of networks (home page)

Steps to reproduce:

was messing around in the networks page, possibly I entered some bad data for the ip range not sure

Related code:

not sure
possibly this as found a 500 internal server error

Node.js v17.1.0
undefined
/app/backend/app.js:72
  res.status(500).json({ error: "500 Internal server error" });
      ^

TypeError: res.status is not a function
    at /app/backend/app.js:72:7
    at Layer.handle [as handle_request] (/app/backend/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/app/backend/node_modules/express/lib/router/index.js:317:13)
    at /app/backend/node_modules/express/lib/router/index.js:284:7
    at Function.process_params (/app/backend/node_modules/express/lib/router/index.js:335:12)
    at next (/app/backend/node_modules/express/lib/router/index.js:275:10)
    at compression (/app/backend/node_modules/compression/index.js:220:5)
    at Layer.handle [as handle_request] (/app/backend/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/app/backend/node_modules/express/lib/router/index.js:317:13)
    at /app/backend/node_modules/express/lib/router/index.js:284:7

Other information:

Bug Report

ZeroUI version: docker image 1.4.1

Docker image 1.4.1

Current behavior:
Zero-tier docker container is running on the same machine (Synology NAS), when trying to start the ZeroUI image (1.4.1) pulled from docker hub, it won’t start and complaining about /var/lib/zerotier not found.

Expected behavior:
Zero-tier should read the settings of server and configuration from the environment variables during start up.

Steps to reproduce:
Pull docker image from synology docker app and start container.

Related code:

insert short code snippets here

Other information:

Bug Report

ZeroUI version:

v1.5.1

latest

Current behavior:

When I used Docker Compose to deploy Zero-UI on Ubuntu this afternoon, the whiteboard appeared when I opened the page of the app using the Edge browser, as shown in the figure.When opened with Chrome and Firefox, it is normal. The problem only appeared after the V1.5.1 update, which started showing up around noon today

Expected behavior:

I hope the later module can be compatible with Microsoft Edge browser, this browser is the default browser of Windows, it is quite useful, I hope it can be compatible with this browser, after all, the mainstream browsers now are Firefox, Edge, Chrome.
Some people mentioned this issue in the discussion group, mainly because the latest version of the browser compatibility issues, so I will raise an issue here

Steps to reproduce:

I'm using Ubuntu to load the latest docker, Docker Compose, Then use the installation method mentioned in the document To download Docker-compose. Yml,To disable Caddy proxy and HTTPS, remove the http-proxy from Docker-compose. set ZU_SECURE_HEADERS to false and change zero-ui port expose to ports.

Then deploy it into Docker as follows. When accessed on Edge browser, whiteboard appears. V1.5.1 released on the morning of August 26, 2022, has this problem when Docker is deployed.

Now, I'm using the Settings page on Chrome or Firefox, setting things up, and yesterday it was all accessible on the Edge browser

Hey I'm installing through docker following the setup instructions. I've edited the compose.yaml changing the example.com to my ip and disabling https

After docker-compose up -d --no-build the terminal returns these errors

Creating network "root_default" with the default driver
Creating volume "root_zero-ui_data" with default driver
Creating volume "root_controller_data" with default driver
Creating volume "root_caddy_data" with default driver
Creating zu-controller ...
Creating zu-controller ... error

ERROR: for zu-controller  Cannot start service zerotier: driver failed programming external connectivity on endpoint zu-controller (8e792f9d4bd21d82d8a2d9c8a0641ee6711ca31b7bb06be15230343d481d9e8a): Error starting userland proxy: listen udp4 0.0.0.0:9993: bind: address already in use

ERROR: for zerotier  Cannot start service zerotier: driver failed programming external connectivity on endpoint zu-controller (8e792f9d4bd21d82d8a2d9c8a0641ee6711ca31b7bb06be15230343d481d9e8a): Error starting userland proxy: listen udp4 0.0.0.0:9993: bind: address already in use
ERROR: Encountered errors while bringing up the project.

Any help would be appreciated, thanks!

Right till now the UI has been made to suit devices with large screens, it is very difficult to navigate through on a mobile device.

Some UI changes like making member details as a collapsible card, tabs for various options like network details, members , flow rules (instead of collapsible cards) would make it better suited for mobile devices.

Feature Request

It would be great if zero-ui would expose the IPv6 configuration options, as available in the controller. From the controller docs:

Auto-Assign Modes:

Auto assign modes (v4AssignMode and v6AssignMode) contain objects that map assignment modes to booleans.

For IPv4 the only valid setting is zt which, if true, causes IPv4 addresses to be auto-assigned from ipAssignmentPools to members that do not have an IPv4 assignment. Note that active bridges are exempt and will not get auto-assigned IPs since this can interfere with bridging. (You can still manually assign one if you want.)

IPv6 includes this option and two others: 6plane and rfc4193. These assign private IPv6 addresses to each member based on a deterministic assignment scheme that allows members to emulate IPv6 NDP to skip multicast for better performance and scalability. The rfc4193 mode gives every member a /128 on a /88 network, while 6plane gives every member a /80 within a /40 network but uses NDP emulation to route all IPs under that /80 to its owner. The 6plane mode is great for use cases like Docker since it allows every member to assign IPv6 addresses within its /80 that just work instantly and globally across the network.

Describe Preferred Solution

Just expose checkboxes in the UI (just like on ZT-central), that allow checking of one of the three assignment modes.

Note that you can actually already add IPv6 ranges in zero-ui, just put them in Auto-Assign Pools (it's does accept IPv6 as well). It's just not used right now, because zt, 6plane and rfc4193 are all set to false in the controller.

ZT-central uses different UI elements for IPv6 + IPv4 Address Pools, but I think that's not actually required - it can both live in the same UI element, as the controller stores it combined anyway.

Describe Alternatives

I'm currently managing the IPv6 assignment modes manually (without zero-ui), but having this in the project would be great 👍

Additional Context

This is how it looks on ZT-central:

If the feature request is approved, would you be willing to submit a PR?
Zero experience with React, not much time right now. Maybe in the future.

Bug Report

ZeroUI version: latest

Current behavior:

When the controller is joined to a network, it is always showing in the UI as OFFLINE on that network

Bug Report

ZeroUI version:

latest

Current behavior:

The password hashing algorithm seems to be producing a random hash on every execution.
This causes the auth verifyHash to missmatch with the hash stored in db.json.
Please see the attached screenshot that logs the stored password and the hash computed for the entered password.

Bug Report

ZeroUI version: latest

Leafs peers that are connected to the controller by relay and not direct show as offline

The function getNetworksData() in backend/services/network.js always got 404 from controller.

Feature Request

Describe the Feature Request

as https://hub.docker.com/r/dec0dos/zerotier-controller is quite outdated, perhaps its easier to just refer to latest zyclonite/zerotier
Describe Preferred Solution
refer to in
https://github.com/dec0dOS/zero-ui/blob/main/docker-compose.yml#L5
to zyclonite/zerotier

I need to embed zero-ui into a folder on existing website (serving as reverse proxy).
For this I need all URLs in the frontend relative or to be able to specify base URL for zero-ui.

Is it possile to add such feature?

Instead of just showing if the client is online or not, it would be nice to have a last seen time for the client, which helps to diagnose certain issues such as power failure or hardware failure from a remote site (just as it shows in zerotier central manager).

Feature Request

Describe the Feature Request
When migrating from the hosted zerotier controller, it would be nice be able to add the already existing networks to the selfhosted controller.

Describe Preferred Solution
To my knowledge of how zerotier works, i thought this would be possible by just joining the selfhosted controller to the zerotier network. This could be then done by either the cli in the pod or the UI. But so far i didn't manage to get the UI to show the network if the controller is joined. Or maybe my thinking process is flaud.

Does anyone have any experience with migrating from the hosted zerotier controller?

If the feature request is approved, would you be willing to submit a PR?
Yes

Many clients are being shown offline when they are actually online

zerotier-cli peers
shows the intended clients as online. Same client on ztncui is also shown as online.

Bug Report

ZeroUI version:

v1.5.0

Managed Route only works for the first rule. Same as #96.
Any keyword we can investigate this?

Change bearer token auth keyword to match ZeroTier Central API changes.

More info:
https://announce.zerotier.com/en/changes-to-the-zerotier-central-api-and-token-access?role=s_nYwBCvnz7226%3Bs_qVQyvTSA5408

Bug Report

ZeroUI version:

v1.5.0

latest

Current behavior:

If a node is connected to one network and I add that node id to another network without connecting the node, it will display as online with the information from the network it is actually connected to.

Expected behavior:

A node that has never connected to a network should not show as online under that network page.

Steps to reproduce:

1.) Add a node to a network
2.) Connect the node to that network
3.) Create a new network
4.) Add the node id to that network but do not connect node to network
5.) Node shows online despite never connecting

Is it possible to add the function of sorting by name/ip/mac in the name/ip/mac column?

When the api.get.status() call fails in zt-address.js you get a unhandled promise rejection error w/o a stacktrace.

Adding try/catch + log will give a bit more info:

const api = require("../utils/controller-api");

module.exports = async function () {
  try {
    const res = await api.get("status");
    return res.data.address;
  }
  catch (err) {
    console.error(err);
  }
};

LDAP as an authentication backend / SAML would be great. Roles could be user (only view) , admin (add or delete networks they create) and su-admin (manage any network on the controller). Such features would be great for people who have more than one user per controller.

When using DISABLE_AUTH, the log out button should be disabled / greyed out. Accidentally clicking on logout breaks my reverse proxy, I have to manually restart NGINx.

Feature Request

Describe the Feature Request

Thanks, the ui are great, will you plan to adding IPv6 support?

Moving to ES6 modules should fix some problems with incompatible dependencies that support only the ES6 import.
More info: https://gist.github.com/sindresorhus/a39789f98801d908bbc7ff3ecc99d99c

If I configure it with HTTPS, regardless of whether I tell caddy to use a self-signer or not, it pumps out a SSL_ERROR_INTERNAL_ERROR_ALERT.

If I configure it with HTTP, regardless of whether or not I set the secure headers environment variable, everything gets erroneously upgraded to HTTPS, making zero-ui unusable.

Feature Request

Describe the Feature Request
when there are a large number of nodes, it is difficult to search, it would be good to have a search field and filters, as in zerotier central.

Members

Networks

Feature Request

Can we have an option to disable auth? Would be helpful in scenarios where the site will already be secured behind AD/OAuth.

Bug Report

ZeroUI version:

1.4.1(docker container)

Current behavior:

zero-ui add more rule in Managed Routes , but any node can not find route ,run route -n find only one default route rule.

Other information:

shell $ route -n |grep zt
192.168.192.0   0.0.0.0         255.255.255.0   U     0      0        0 zt6olxlqux
shell $

Feature Request

Describe the Feature Request
Implement support for SSO like the official controller can do using SAML

Describe Preferred Solution

If the api's in the app is documented somewhere, give me a hint and I can also start looking

Describe Alternatives

Related Code

Additional Context

If the feature request is approved, would you be willing to submit a PR?
Can help

Bug Report

ZeroUI version:

3.3, latest

Current behavior:

Following the instructions exactly as written, on ubuntu 20.04 results in:

sudo docker-compose up -d --no-build
Pulling zerotier    ... done
Pulling https-proxy ... done
ERROR: Service 'zero-ui' needs to be built, but --no-build was passed.

Eliminating the flag fails as well:

sudo  docker-compose up -d
Building zero-ui
ERROR: Cannot locate specified Dockerfile: ./docker/zero-ui/Dockerfile

Expected behavior:

Should work, start the docker container.

Steps to reproduce:

Fresh install of Ubuntu 20.04, follow the steps in the readme.

Feature Request

Describe the Feature Request

The possibility to host zero-ui without a container-solution like Podman or Docker, like ztncui has. This would allow hosting of controllers even on very tiny NAT-vps like the https://natvps.net "NAT256" offerings. The update-process could then work with apt/rpm packages like ztncui does here: https://github.com/key-networks/ztncui/blob/master/build/build.sh or just a bash-script that pulls the changes from the latest git-release.

Bug Report

ZeroUI version:

latest

Current behavior:

After adding, "auth"ing and deleting a network member from the controller, the network member is not able to rejoin the same network, the connection attempt to the network is not shown in the members section, the "auth" box cannot be checked because the member cannot be seen.

Expected behavior:

The rejoining member should be visible on the controller as not authorized and the authorization should be possible.

Steps to reproduce:

see above. Let a client attempt to join a network, authenticate the member, remove the network member from the controller, delete the network on the client. Try to join from the client again. The status will be "access_denied" and the member will not be visible in the members section of the network.

I've been using zero-ui as a self-hosted service, without docker. I want to change the password of ZT_DEFAULT_PASSWORD. After changing the password I couldn't login anymore. I noticed that in data/db.json there is an entry of my username with a hashed password; I'm not sure if this hashed password might contain the old password?

Thanks!

Is is possible to have a multi-user signup page in addition to the admin account that included in the docker file?
Just like the zerotier central where you can signup for a user and create some networks, but you can create another with different networks, is that possible or planned to be added?

Thanks.

Hi !

We use ZT to access hosts in a lot of different customers. Today, we "group" this hosts by description but is not easy to find.
A desirable feature is a way to create groups and put the members in this groups, collapsing or expanding and perhaps searching by group or name/description.

Currently, zero-ui hosts its web-interface with root privileges. There should be an option to host its processes without it.
When it comes to container-hosting, ztncui achieved this by giving the web-ui an own user inside the Dockerfile (https://github.com/key-networks/ztncui-aio/blob/79a389244cb1195ec4e01218800a7fb288ae82ff/Dockerfile#L51), then starting the process via https://github.com/tianon/gosu (https://github.com/key-networks/ztncui-aio/blob/79a389244cb1195ec4e01218800a7fb288ae82ff/start_ztncui.sh#L66).

Alternatively, vaultwardens docker-image makes this possible via dockers "-u" command: https://github.com/dani-garcia/vaultwarden/wiki/Hardening-Guide#run-as-a-non-root-user

Feature Request

Describe the Feature Request

Adding version management in the db.json file. That would make database migrations possible.

Describe Alternatives

Migrate to a full-featured database with schema migration. That would increase project complexity, deployment process, and database management for users.

Feature Request

Describe the Feature Request

Not sure if the self-built controller supports these functions

Additional Context

Feature Request

Describe the Feature Request

Add to the integrated Docker image (actually a compose set of images) also a zeronsd image to handle name serving on networks.

This would allow creation of self-contained server with everything needed to run a private network solution.

Describe Preferred Solution

In general I would like better a really integrated solution (a single image to run, not multiple images) and in this case more so because having separate images would mean run multiple instances of zerosnd container as it serves a single network.

Having a single container breaks a little Docker concept, makes it easier to deploy (e.g.: on "smart" NAS) and also makes possible to run multiple instances of a single process (i.e.: zeronsd) without associated overhead of running multiple containers.

The main user interface should (possibly under a checkbox control) launch a zeronsd instance each time a network is created.

Describe Alternatives

It is also possible to keep current structure and have a single container for zerosnd launching multiple instances of daemon under zero-ui conrol, but it seems harder to implement properly.

If the feature request is approved, would you be willing to submit a PR?
Yes, but my time is currently very limited and I will surely need assistance with the UI part as I'm not proficient in javascript.

Bug Report

ZeroUI version:

latest

Current behavior:

yarn installDeps
Usage Error: Couldn't find the node_modules state file - running an install might help (findPackageLocation)

$ yarn run [--inspect] [--inspect-brk] <scriptName> ...   

Expected behavior:

build success.

Steps to reproduce:

Related code:

insert short code snippets here

Other information:

Bug Report

ZeroUI version:

latest

Current behavior:

In the "members" area of a network, the first given "managed IP" cannot be deleted, even if one or more further IPs are in the managed IPs list.

e.g:
172.30.36.203 (first managed IP)
172.30.36.204 (additional IP)
172.30.36.205 (additional IP)

bug: 172.30.36.203 cannot be deleted

Expected behavior:

deletion of first IP possible after at least a second IP is added:

172.30.36.203 (first managed IP)
172.30.36.204 (additional IP)

--> 172.30.36.203 should be allowed to delete, after deletion 172.30.36.204 should not be able to delete.

Steps to reproduce:

add further IPs to a member, try to delete the first IP.

Would be better if a member's real connecting IP and port is displayed in addition to OFFLINE/ONLINE status (like shown in ztncui).

Extremely helpful in diagnosing connectivity and latency issues.

Bug Report

ZeroUI version:

latest

Current behavior:

Attempting to install development environment fails

root@zeroteir:~/zero-ui# yarn install
00h00m00s 0/0: : ERROR: [Errno 2] No such file or directory: 'install'

root@zeroteir:~/zero-ui# ls
CHANGELOG.md  README.md  docker              docs      package.json
LICENSE       backend    docker-compose.yml  frontend  yarn.lock

Steps to reproduce:

git clone https://github.com/dec0dOS/zero-ui.git
cd zero-ui
yarn install

Other information:

I didn't see any information for installation without docker, which I do not intend to use. I have installed zerotier-one on my linux host and proceeded to install zero-ui development environment. Is the development environment intended to install on-top of the docker container? Do instructions for installation on bare-metal environments exist?