varkey/init-do.sh

## init-do.sh
#!/bin/bash

ZT_SUBNET="<zerotier ip address subnet>"
ZT_NETWORK="<zerotier network address>"

# Install upnpd
export DEBIAN_FRONTEND=noninteractive
apt-get -yq update && apt-get -yq install miniupnpd htop iptables-persistent

# Install ZeroTier
curl -s 'https://raw.githubusercontent.com/zerotier/download.zerotier.com/master/htdocs/contact%40zerotier.com.gpg' | gpg --import && \
if z=$(curl -s 'https://install.zerotier.com/' | gpg); then echo "$z" | sudo bash; fi
sleep 10
/usr/sbin/zerotier-cli join ${ZT_NETWORK} && sleep 10

# Configure upnpd
UUID=$(uuidgen)
ZT_INTERFACE=$(ip address show | grep zt[a-z0-9]*: | awk -F': ' '{print $2}')
EXT_IP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)
cat <<EOF > /etc/miniupnpd/miniupnpd.conf
ext_ifname=eth0
listening_ip=${ZT_INTERFACE}
http_port=0
enable_natpmp=yes
enable_upnp=yes
min_lifetime=120
max_lifetime=86400
bitrate_up=1000000
bitrate_down=10000000
secure_mode=no
system_uptime=yes
notify_interval=60
clean_ruleset_interval=600
uuid=${UUID}
serial=12345678
model_number=1
allow 1024-65535 ${ZT_SUBNET} 1024-65535
deny 0-65535 0.0.0.0/0 0-65535
EOF

cat <<EOF > /etc/default/miniupnpd
START_DAEMON=1
MiniUPnPd_EXTERNAL_INTERFACE=eth0
MiniUPnPd_LISTENING_IP=${ZT_INTERFACE}
MiniUPnPd_OTHER_OPTIONS="-S -N -f /etc/miniupnpd/miniupnpd.conf"
MiniUPnPd_ip6tables_enable=no
EOF

sed -i -e "s/^EXTIP.*/EXTIP=${EXT_IP}/" /etc/init.d/miniupnpd

mkdir /etc/systemd/system/zerotier-one.service.d
cat <<EOF > /etc/systemd/system/zerotier-one.service.d/override.conf
[Unit]
Before=miniupnpd.service
EOF

# Enable IP forwarding and NAT
sleep 10
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf && sysctl -p
cat <<EOF > /etc/iptables/rules.v4
*nat
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
EOF

reboot
	#!/bin/bash

	ZT_SUBNET="<zerotier ip address subnet>"
	ZT_NETWORK="<zerotier network address>"

	# Install upnpd
	export DEBIAN_FRONTEND=noninteractive
	apt-get -yq update && apt-get -yq install miniupnpd htop iptables-persistent

	# Install ZeroTier
	curl -s 'https://raw.githubusercontent.com/zerotier/download.zerotier.com/master/htdocs/contact%40zerotier.com.gpg' \| gpg --import && \
	if z=$(curl -s 'https://install.zerotier.com/' \| gpg); then echo "$z" \| sudo bash; fi
	sleep 10
	/usr/sbin/zerotier-cli join ${ZT_NETWORK} && sleep 10

	# Configure upnpd
	UUID=$(uuidgen)
	ZT_INTERFACE=$(ip address show \| grep zt[a-z0-9]*: \| awk -F': ' '{print $2}')
	EXT_IP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address)
	cat <<EOF > /etc/miniupnpd/miniupnpd.conf
	ext_ifname=eth0
	listening_ip=${ZT_INTERFACE}
	http_port=0
	enable_natpmp=yes
	enable_upnp=yes
	min_lifetime=120
	max_lifetime=86400
	bitrate_up=1000000
	bitrate_down=10000000
	secure_mode=no
	system_uptime=yes
	notify_interval=60
	clean_ruleset_interval=600
	uuid=${UUID}
	serial=12345678
	model_number=1
	allow 1024-65535 ${ZT_SUBNET} 1024-65535
	deny 0-65535 0.0.0.0/0 0-65535
	EOF

	cat <<EOF > /etc/default/miniupnpd
	START_DAEMON=1
	MiniUPnPd_EXTERNAL_INTERFACE=eth0
	MiniUPnPd_LISTENING_IP=${ZT_INTERFACE}
	MiniUPnPd_OTHER_OPTIONS="-S -N -f /etc/miniupnpd/miniupnpd.conf"
	MiniUPnPd_ip6tables_enable=no
	EOF

	sed -i -e "s/^EXTIP.*/EXTIP=${EXT_IP}/" /etc/init.d/miniupnpd

	mkdir /etc/systemd/system/zerotier-one.service.d
	cat <<EOF > /etc/systemd/system/zerotier-one.service.d/override.conf
	[Unit]
	Before=miniupnpd.service
	EOF

	# Enable IP forwarding and NAT
	sleep 10
	echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf && sysctl -p
	cat <<EOF > /etc/iptables/rules.v4
	*nat
	-A POSTROUTING -o eth0 -j MASQUERADE
	COMMIT
	EOF

	reboot