Accessing ZTNET via ZeroTier Network
By default, the ZTNET web interface is not accessible via ZeroTier network IPs when running in Docker. This is due to Docker's isolated bridge network preventing routing between the ZeroTier virtual network and the container network.
This guide provides solutions to access your ZTNET web interface (port 3000) using ZeroTier-assigned IP addresses.
Choose your installation type:
Docker Installation
Option 1: Host Network Mode
This solution configures the ZeroTier container to use the host's network stack directly.
Step 1: Modify docker-compose.yml
Edit your docker-compose.yml file and update the zerotier service. Remove networks and ports sections, and add network_mode: "host":
zerotier:
image: zyclonite/zerotier:1.14.2
hostname: zerotier
container_name: zerotier
restart: unless-stopped
network_mode: "host" # Add this line
volumes:
- zerotier:/var/lib/zerotier-one
cap_add:
- NET_ADMIN
- SYS_ADMIN
devices:
- /dev/net/tun:/dev/net/tun
# Remove 'networks' section - incompatible with host mode
# Remove 'ports' section - not needed with host mode
environment:
- ZT_OVERRIDE_LOCAL_CONF=true
- ZT_ALLOW_MANAGEMENT_FROM=0.0.0.0/0
Step 2: Update ZTNET Environment Variables
In the ztnet service section, update the ZT_ADDR to point to your host machine's IP, and update NEXTAUTH_URL to use your ZeroTier-assigned IP:
ztnet:
# ... other configuration
environment:
- ZT_ADDR=http://192.168.1.100:9993 # Replace with your host IP
- NEXTAUTH_URL=http://10.147.20.1:3000 # Replace with your ZeroTier-assigned IP
# ... other environment variables
The NEXTAUTH_URL should be set to the ZeroTier IP address you'll use to access ZTNET. You can find this IP after the host joins the ZeroTier network.
Step 3: Restart Containers
docker-compose down
docker-compose up -d
Step 4: Join ZeroTier Network
On the server hosting ZTNET, join the ZeroTier controller to your network:
docker exec zerotier zerotier-cli join <network-id>
Then log in to ZTNET web interface, authorize the new member, and note the assigned IP address.
Option 2: Host-Based ZeroTier Installation
This solution runs ZeroTier directly on your host system instead of in a container.
You cannot run ZeroTier on the host and in Docker simultaneously, as both use port 9993.
Step 1: Comment Out ZeroTier Service
In your docker-compose.yml, comment out or remove the entire zerotier service.
Step 2: Install ZeroTier on Host
Install ZeroTier One on your host system:
curl -s https://install.zerotier.com | sudo bash
Step 3: Configure Management Access
Edit /var/lib/zerotier-one/local.conf to allow remote management:
{
"settings": {
"allowManagementFrom": ["0.0.0.0/0"]
}
}
The 0.0.0.0/0 setting allows management from any IP. For production environments, consider restricting this to specific IP ranges.
Step 4: Restart ZeroTier
sudo systemctl restart zerotier-one
Step 5: Update ZTNET Configuration
In your docker-compose.yml, update the ztnet service:
ztnet:
# ... other configuration
environment:
- ZT_ADDR=http://192.168.1.100:9993 # Replace with your host IP
- NEXTAUTH_URL=http://10.147.20.1:3000 # Replace with your ZeroTier-assigned IP
# ... other environment variables
Step 6: Join ZeroTier Network
On the server hosting ZTNET, join the ZeroTier controller to your network:
sudo zerotier-cli join <network-id>
Then log in to ZTNET web interface, authorize the new member, and note the assigned IP address.
Step 7: Restart ZTNET
docker-compose restart ztnet
Standalone Installation
If you installed ZTNET directly on your host (not using Docker), the setup is simpler since ZeroTier is already running on the same system and the installer has already configured the necessary settings.
Step 1: Join ZeroTier Network
On the server hosting ZTNET, join the ZeroTier controller to your network:
sudo zerotier-cli join <network-id>
Then log in to ZTNET web interface, authorize the new member, and note the assigned IP address.
Step 2: Update ZTNET Configuration
Update your .env file with the ZeroTier-assigned IP:
NEXTAUTH_URL=http://10.147.20.1:3000 # Replace with your ZeroTier-assigned IP
Step 3: Restart ZTNET
sudo systemctl restart ztnet
Verification
To verify the setup is working:
- Join your ZeroTier container/host to your ZeroTier network
- Authorize the member in ZTNET
- Access ZTNET using the ZeroTier-assigned IP:
http://<zerotier-ip>:3000