coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(zerotier): add ZeroTier network governance module

Browse Source 
Add comprehensive ZeroTier integration for managing network access:

- Portal networks: manager-created ZeroTier network bindings
- Device registration: user-owned ZeroTier node endpoints
- Approval workflows: request/approve/revoke network access
- Activation sessions: time-limited network authorization
- Kill switch: emergency access revocation
- Reconciliation job: sync portal state with ZeroTier controller

Includes ZeroTier client SDK supporting both Central and self-hosted
controller APIs, with full CRUD operations for networks and members.
This commit is contained in:
Cory Hawkvelt
2026-03-20 21:50:20 +10:30
parent 49e724222f
commit 1789590167
27 changed files with 4862 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
manage.py
+41
View File
@@ -72,6 +72,47 @@ def run_mfa_compliance_job():
print("=" * 60)
@cli.command("run_zerotier_reconciliation")
def run_zerotier_reconciliation():
"""Run the ZeroTier network reconciliation scheduled job.
This command:
- Expires activation sessions past their TTL and deauthorizes ZT members
- Syncs observed ZeroTier membership state into the portal cache
- Reconciles portal membership state against ZT controller state
- Detects and repairs drift between portal and ZT
Usage:
python manage.py run_zerotier_reconciliation
Cron example (every 2 minutes):
*/2 * * * * cd /path/to/app && python manage.py run_zerotier_reconciliation
"""
from datetime import datetime, timezone
from gatehouse_app.jobs.zerotier_reconciliation_job import run_reconciliation
print("=" * 60)
print("ZeroTier Reconciliation Job")
print("=" * 60)
now = datetime.now(timezone.utc)
print(f"Start time: {now.isoformat()}")
print()
result = run_reconciliation()
print()
print("Job Results:")
print(f" Expired activations: {result['expired_activations']}")
print(f" Networks processed: {result['networks_processed']}")
print(f" Errors: {result['errors']}")
print()
print("=" * 60)
print("Job completed successfully")
print("=" * 60)
@cli.command("mfa_compliance_status")
def mfa_compliance_status():
"""Show current MFA compliance status.