Prepare Version 0.13.0

README.md

@@ -104,6 +104,7 @@ If a secret is defined by an environment variable and in the respective file at
 * `EMAIL_PASSWORD`: `/run/secrets/email_password`
 * `NAPALM_PASSWORD`: `/run/secrets/napalm_password`
 * `REDIS_PASSWORD`: `/run/secrets/redis_password`
+* `AUTH_LDAP_BIND_PASSWORD`: `/run/secrets/auth_ldap_bind_password`
 
 Please also consider [the advice about running Netbox in production](#production) above!
 
@@ -374,7 +375,7 @@ docker-compose run --rm -T redis sh -c 'redis-cli -h redis -a $REDIS_PASSWORD mo
 
 If you don't see anything happening after you triggered a webhook, double-check the configuration of the `netbox` and the `netbox-worker` containers and also check the configuration of your webhook in the admin interface of Netbox.
 
-### Breaking Changes
+## Breaking Changes
 
 From time to time it might become necessary to re-engineer the structure of this setup.
 Things like the `docker-compose.yml` file or your Kubernetes or OpenShift configurations have to be adjusted as a consequence.
@@ -384,6 +385,8 @@ Compare the version with the list below to check whether a breaking change was i
 
 The following is a list of breaking changes of the `netbox-docker` project:
 
+* 0.13.0: `AUTH_LDAP_BIND_PASSWORD` can now be extracted into a secrets file. [#133][133]
+* 0.12.0: A new flag `REDIS_SSL=false` was added to the `env/netbox.env` file. [#129][129]
 * 0.11.0: The docker-compose file now marks volumes as shared (`:z`). This should prevent SELinux problems [#131][131]
 * 0.9.0: Upgrade to at least 2.1.5
 * 0.8.0: Alpine linux was upgraded to 3.9 [#126][126]
@@ -399,6 +402,8 @@ The following is a list of breaking changes of the `netbox-docker` project:
 [54]: https://github.com/netbox-community/netbox-docker/issues/54
 [126]: https://github.com/netbox-community/netbox-docker/pull/126
 [131]: https://github.com/netbox-community/netbox-docker/pull/131
+[129]: https://github.com/netbox-community/netbox-docker/pull/129
+[133]: https://github.com/netbox-community/netbox-docker/pull/133
 
 ## Rebuilding & Publishing images
 

VERSION

@@ -1 +1 @@
-0.11.0
+0.13.0

configuration/configuration.py

@@ -146,6 +146,7 @@ REDIS = {
     'PASSWORD': os.environ.get('REDIS_PASSWORD', read_secret('redis_password')),
     'DATABASE': os.environ.get('REDIS_DATABASE', '0'),
     'DEFAULT_TIMEOUT': os.environ.get('REDIS_TIMEOUT', '300'),
+    'SSL': os.environ.get('REDIS_SSL', 'False').lower() == 'true',
 }
 
 # The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of

configuration/ldap_config.py

@@ -3,6 +3,16 @@ import os
 
 from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
 
+# Read secret from file
+def read_secret(secret_name):
+    try:
+        f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8')
+    except EnvironmentError:
+        return ''
+    else:
+        with f:
+            return f.readline().strip()
+
 # Server URI
 AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '')
 
@@ -13,7 +23,7 @@ AUTH_LDAP_CONNECTION_OPTIONS = {
 
 # Set the DN and password for the NetBox service account.
 AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '')
-AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '')
+AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', read_secret('auth_ldap_bind_password'))
 
 # Set a string template that describes any user’s distinguished name based on the username.
 AUTH_LDAP_USER_DN_TEMPLATE = os.environ.get('AUTH_LDAP_USER_DN_TEMPLATE', None)

env/netbox.env

@@ -15,6 +15,7 @@ NAPALM_TIMEOUT=10
 MAX_PAGE_SIZE=1000
 REDIS_HOST=redis
 REDIS_PASSWORD=H733Kdjndks81
+REDIS_SSL=false
 SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj
 SUPERUSER_NAME=admin
 SUPERUSER_EMAIL=admin@example.com