Merge branch 'main' into jh-multithreading-blurb

.github/workflows/ci.yaml

@@ -0,0 +1,56 @@
+name: CI
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+
+jobs:
+  build:
+    name: Build
+    runs-on: gha-runner-x64
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set Node.js 20.x
+      uses: actions/setup-node@v4
+      with:
+        node-version: 20.x
+
+    - name: yarn@4.1.1
+      run: |
+        corepack enable && corepack prepare yarn@4.1.1
+
+    - name: Get yarn cache directory path
+      id: yarn-cache-dir-path
+      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
+    - name: Get yarn cache
+      uses: actions/cache@v4
+      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
+      with:
+        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+        key: ${{ runner.os }}-${{ runner.arch }}-yarn-docs-${{ hashFiles('**/yarn.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-${{ runner.arch }}-yarn-docs-
+
+    - name: Install dependencies
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: install --immutable
+
+    - name: Build
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: build
+      env:
+        NODE_OPTIONS: --openssl-legacy-provider
+
+    - name: Lint
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: lint
+      env:
+        NODE_OPTIONS: --openssl-legacy-provider
+
+

.github/workflows/deploy_dev.yaml

@@ -0,0 +1,64 @@
+name: Deploy to Dev
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    name: Build
+    runs-on: gha-runner-x64
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set Node.js 20.x
+      uses: actions/setup-node@v4
+      with:
+        node-version: 20.x
+
+    - name: yarn@4.1.1
+      run: |
+        corepack enable && corepack prepare yarn@4.1.1
+
+    - name: Get yarn cache directory path
+      id: yarn-cache-dir-path
+      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
+    - name: Get yarn cache
+      uses: actions/cache@v4
+      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
+      with:
+        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+        key: ${{ runner.os }}-${{ runner.arch }}-yarn-docs-${{ hashFiles('**/yarn.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-${{ runner.arch }}-yarn-docs-
+
+    - name: Install dependencies
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: install --immutable
+
+    - name: Build
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: build
+      env:
+        NODE_OPTIONS: --openssl-legacy-provider
+
+    - id: 'auth'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        credentials_json: '${{ secrets.DOCKER_REGISTRY_WRITER }}'
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v2'
+
+    - name: Docker Build
+      run: |
+        gcloud auth configure-docker ${{ secrets.GCLOUD_DOCKER_HOST }}
+        docker build -t ${{ secrets.GCLOUD_DOCKER_HOST }}/${{ secrets.GCLOUD_PROJECT_ID }}/zt-docker/docs-zerotier-com:${{ github.sha }} . --push
+    
+    - name: Deploy docs-dev
+      run: |
+        curl -s -L -X POST -H 'Accept: application/vnd.github+json' -H 'Authorization: Bearer ${{ secrets.DEPLOY_TOKEN }}' -H 'X-GitHub-Api-Version: 2022-11-28' https://api.github.com/repos/zerotier/${{ secrets.INFRA_REPO_NAME }}/dispatches -d '{"event_type": "deploy_docs_dev", "client_payload": {"docker_tag": "${{ github.sha }}", "actor": "${{ github.actor }}"}}'

.github/workflows/deploy_prod.yaml

@@ -0,0 +1,62 @@
+on:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    name: Deploy Release
+    runs-on: gha-runner-x64
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set Node.js 20.x
+      uses: actions/setup-node@v4
+      with:
+        node-version: 20.x
+
+    - name: yarn@4.1.1
+      run: |
+        corepack enable && corepack prepare yarn@4.1.1
+
+    - name: Get yarn cache directory path
+      id: yarn-cache-dir-path
+      run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT
+
+    - name: Get yarn cache
+      uses: actions/cache@v4
+      id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
+      with:
+        path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
+        key: ${{ runner.os }}-${{ runner.arch }}-yarn-docs-${{ hashFiles('**/yarn.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-${{ runner.arch }}-yarn-docs-
+
+    - name: Install dependencies
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: install --immutable
+
+    - name: Build
+      uses: borales/actions-yarn@v5
+      with:
+        cmd: build
+      env:
+        NODE_OPTIONS: --openssl-legacy-provider
+
+    - id: 'auth'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        credentials_json: '${{ secrets.DOCKER_REGISTRY_WRITER }}'
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v2'
+
+    - name: Docker Build
+      run: |
+        gcloud auth configure-docker ${{ secrets.GCLOUD_DOCKER_HOST }}
+        docker build -t ${{ secrets.GCLOUD_DOCKER_HOST }}/${{ secrets.GCLOUD_PROJECT_ID }}/zt-docker/docs-zerotier-com:${{ github.ref_name }} . --push
+    
+    - name: Deploy docs to prod
+      run: |
+        curl -s -L -X POST -H 'Accept: application/vnd.github+json' -H 'Authorization: Bearer ${{ secrets.DEPLOY_TOKEN }}' -H 'X-GitHub-Api-Version: 2022-11-28' https://api.github.com/repos/zerotier/${{ secrets.INFRA_REPO_NAME }}/dispatches -d '{"event_type": "deploy_docs_prod", "client_payload": {"docker_tag": "${{ github.ref_name }}", "actor": "${{ github.actor }}"}}'

Makefile

@@ -11,6 +11,7 @@ buildx:
 	@echo docker buildx inspect --bootstrap
 
 all:
+	corepack enable && corepack prepare yarn@4.1.1
 	yarn install
 	NODE_OPTIONS=--openssl-legacy-provider yarn lint
 	NODE_OPTIONS=--openssl-legacy-provider yarn build

README.md

@@ -28,13 +28,8 @@ This command generates static content into the `build` directory and can be serv
 
 Commits to main are automatically deployed to https://docs-dev.zerotier.com
 
-To promote to production:
+To promote to production, create a tag & release on GitHub.  Tag/Release names should follow this format: `YYYY-MM-DD-RELEASE_NUMBER`. For example, the 2nd release on August 16, 204 would be `2024-08-16-2`.
 
-```console
-drone build promote zerotier/docs $DRONE_BUILD_NUMBER production
-```
-
-Note:  You'll need the `drone` CLI installed and in the PATH, as well as a couple of environment variables set in order to run the drone CLI.  ZeroTier employees can check out http://drone.ci.lab/account for details.
 
 ## Spelling / Typos
 

custom-words.txt

@@ -104,3 +104,8 @@ zerotier-idtool
 ztdest
 ztsrc
 SonicWall
+Deauthorized
+ndppd
+SNAT
+POSTROUTING
+dialup

docs/api/central/index.md

@@ -6,6 +6,6 @@ description: >
 
 [Central](/central) is our hosted control plane for ZeroTierOne networks.
 
-In addition to the web-based GUI, you can use the [Central API](/central/v1) to view and manage your networks. You will need an [API token](/api/tokens#zerotier-central-token) for access.
+In addition to the web-based GUI, you can use the [Central API](/api/central/ref-v1) to view and manage your networks. You will need an [API token](/api/tokens#zerotier-central-token) for access.
 
 You can write your own client code to connect with Central using our [examples](/api/central/examples) as a starting point, or use an existing integration like our [Terraform provider](/terraform).

docs/api/service/index.md

@@ -6,4 +6,4 @@ description: >
 
 The ZeroTierOne service provides an API which is used by the [ZeroTierOne CLI](/cli) and other clients to manage settings on your local instance of ZeroTier. This administration API is restricted to `localhost` by default, and requires authentication using an [API token](/api/tokens#zerotierone-service-token).
 
-Once you have your local token, you can access [local node, network, and peer information](/service/v1), as well as configuring a [standalone controller](/controller).
+Once you have your local token, you can access [local node, network, and peer information](/api/service/ref-v1), as well as configuring a [standalone controller](/controller).

docs/audit-logs.md

@@ -0,0 +1,20 @@
+---
+title: Audit Logs
+description: Audit logs provide visibility into use of the Central dashboard and API.
+---
+
+:::note
+Audit Logs are a paid feature available to Essential and Commercial subscribers. Details about what we charge for and how to manage your subscription are available on the [pricing](/pricing) guide.
+
+For an overview of current pricing and terms including suggested use cases, please see the [Pricing](https://www.zerotier.com/pricing) page on our website.
+:::
+
+You can view the full history of API requests made through Central to manage your ZeroTier networks using audit logs. We capture logs for the last 30 days of API traffic for every paid Central account, including requests made through both the Central dashboard and our [public API](/api/central).
+
+To access your logs, scroll down to the Organization section of the [Account](https://my.zerotier.com) page and find the link labeled "Organization Audit Log".
+
+![audit-log-link](./images/audit-logs-01.png)
+
+On that page, you can see a list of the recent API requests that impacted any resources (networks, members, account settings) associated with your organization.
+
+![audit-log-detail](./images/audit-logs-02.png)