Compare commits
15 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 63062a2634 | |||
| 2b628b9826 | |||
| 4053a714f8 | |||
| f1ebd4d246 | |||
| 68e6a62df1 | |||
| 81f8c7386d | |||
| ec1a253bde | |||
| bd1c58c91e | |||
| 05070b3f9f | |||
| ab72ba10c2 | |||
| 4c6ba58ef5 | |||
| 6d74443f21 | |||
| 61414b7be7 | |||
| d8285b05f2 | |||
| 968bb9f10f |
@ -1,4 +1,4 @@
|
||||
FROM python:3.6-alpine3.7
|
||||
FROM python:3.6-alpine3.8
|
||||
|
||||
RUN apk add --no-cache \
|
||||
bash \
|
||||
|
||||
13
README.md
13
README.md
@ -5,8 +5,11 @@
|
||||
This repository houses the components needed to build NetBox as a Docker container.
|
||||
Images built using this code are released to [Docker Hub][netbox-dockerhub] every night.
|
||||
|
||||
Questions? Before opening an issue on Github, please join the [Network To Code][ntc-slack] and ask for help in our `#netbox-docker` channel.
|
||||
|
||||
[travis]: https://travis-ci.org/ninech/netbox-docker
|
||||
[netbox-dockerhub]: https://hub.docker.com/r/ninech/netbox/tags/
|
||||
[ntc-slack]: http://slack.networktocode.com/
|
||||
|
||||
## Quickstart
|
||||
|
||||
@ -185,6 +188,15 @@ text_field:
|
||||
[netbox-docker-initializers]: https://github.com/ninech/netbox-docker/tree/master/initializers
|
||||
[netbox-docker-compose]: https://github.com/ninech/netbox-docker/blob/master/docker-compose.yml
|
||||
|
||||
##### Available Groups for User/Group initializers
|
||||
|
||||
To get an up-to-date list about all the available permissions, run the following command.
|
||||
|
||||
```bash
|
||||
# Make sure the 'netbox' container is already running! If unsure, run `docker-compose up -d`
|
||||
echo "from django.contrib.auth.models import Permission\nfor p in Permission.objects.all():\n print(p.codename);" | docker-compose exec -T netbox ./manage.py shell
|
||||
```
|
||||
|
||||
#### Custom Docker Image
|
||||
|
||||
You can also build your own NetBox Docker image containing your own startup scripts, custom fields, users and groups
|
||||
@ -356,6 +368,7 @@ Compare the version with the list below to check whether a breaking change was i
|
||||
|
||||
The following is a list of breaking changes of the `netbox-docker` project:
|
||||
|
||||
* 0.5.0: Alpine was updated to 3.8, `*.env` moved to `/env` folder
|
||||
* 0.4.0: In order to use Netbox webhooks you need to add Redis and a netbox-worker to your docker-compose.yml.
|
||||
* 0.3.0: Field `filterable: <boolean` was replaced with field `filter_logic: loose/exact/disabled`. It will default to `CF_FILTER_LOOSE=loose` when not defined.
|
||||
* 0.2.0: Re-organized paths: `/etc/netbox -> /etc/netbox/config` and `/etc/reports -> /etc/netbox/reports`. Fixes [#54](https://github.com/ninech/netbox-docker/issues/54).
|
||||
|
||||
@ -3,9 +3,17 @@
|
||||
|
||||
echo "▶️ $0 $*"
|
||||
|
||||
if [ ! -z "${GITHUB_OAUTH_CLIENT_ID}" ] && [ ! -z "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then
|
||||
echo "🗝 Performing authenticated Github API calls."
|
||||
GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}"
|
||||
else
|
||||
echo "🕶 Performing unauthenticated Github API calls. This might result in lower Github rate limits!"
|
||||
GITHUB_OAUTH_PARAMS=""
|
||||
fi
|
||||
|
||||
ORIGINAL_GITHUB_REPO="digitalocean/netbox"
|
||||
GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}"
|
||||
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/branches"
|
||||
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/branches?${GITHUB_OAUTH_PARAMS}"
|
||||
|
||||
CURL="curl -sS"
|
||||
|
||||
|
||||
@ -3,9 +3,17 @@
|
||||
|
||||
echo "▶️ $0 $*"
|
||||
|
||||
if [ ! -z "${GITHUB_OAUTH_CLIENT_ID}" ] && [ ! -z "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then
|
||||
echo "🗝 Performing authenticated Github API calls."
|
||||
GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}"
|
||||
else
|
||||
echo "🕶 Performing unauthenticated Github API calls. This might result in lower Github rate limits!"
|
||||
GITHUB_OAUTH_PARAMS=""
|
||||
fi
|
||||
|
||||
ORIGINAL_GITHUB_REPO="digitalocean/netbox"
|
||||
GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}"
|
||||
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases"
|
||||
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases?${GITHUB_OAUTH_PARAMS}"
|
||||
|
||||
JQ_LATEST="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==${PRERELEASE-false}) | .tag_name"
|
||||
|
||||
|
||||
@ -146,7 +146,7 @@ WEBHOOKS_ENABLED = os.environ.get('WEBHOOKS_ENABLED', 'False').lower() == 'true'
|
||||
# Redis database settings (optional). A Redis database is required only if the webhooks backend is enabled.
|
||||
REDIS = {
|
||||
'HOST': os.environ.get('REDIS_HOST', 'localhost'),
|
||||
'PORT': os.environ.get('REDIS_PORT', '6379'),
|
||||
'PORT': os.environ.get('REDIS_PORT', 6379),
|
||||
'PASSWORD': os.environ.get('REDIS_PASSWORD', read_secret('redis_password')),
|
||||
'DATABASE': os.environ.get('REDIS_DATABASE', '0'),
|
||||
'DEFAULT_TIMEOUT': os.environ.get('REDIS_TIMEOUT', '300'),
|
||||
|
||||
@ -10,7 +10,7 @@ services:
|
||||
- postgres
|
||||
- redis
|
||||
- netbox-worker
|
||||
env_file: netbox.env
|
||||
env_file: env/netbox.env
|
||||
volumes:
|
||||
- ./startup_scripts:/opt/netbox/startup_scripts:ro
|
||||
- ./initializers:/opt/netbox/initializers:ro
|
||||
@ -40,7 +40,7 @@ services:
|
||||
- netbox-nginx-config:/etc/netbox-nginx/:ro
|
||||
postgres:
|
||||
image: postgres:10.4-alpine
|
||||
env_file: postgres.env
|
||||
env_file: env/postgres.env
|
||||
volumes:
|
||||
- netbox-postgres-data:/var/lib/postgresql/data
|
||||
redis:
|
||||
@ -49,7 +49,7 @@ services:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
env_file: redis.env
|
||||
env_file: env/redis.env
|
||||
volumes:
|
||||
- netbox-redis-data:/data
|
||||
volumes:
|
||||
|
||||
0
netbox.env → env/netbox.env
vendored
0
netbox.env → env/netbox.env
vendored
0
postgres.env → env/postgres.env
vendored
0
postgres.env → env/postgres.env
vendored
0
redis.env → env/redis.env
vendored
0
redis.env → env/redis.env
vendored
@ -7,3 +7,10 @@
|
||||
# writers:
|
||||
# users:
|
||||
# - writer
|
||||
# permissions:
|
||||
# - add_device
|
||||
# - change_device
|
||||
# - delete_device
|
||||
# - add_virtualmachine
|
||||
# - change_virtualmachine
|
||||
# - delete_virtualmachine
|
||||
|
||||
@ -4,3 +4,10 @@
|
||||
# password: reader
|
||||
# writer:
|
||||
# password: writer
|
||||
# permissions:
|
||||
# - add_device
|
||||
# - change_device
|
||||
# - delete_device
|
||||
# - add_virtualmachine
|
||||
# - change_virtualmachine
|
||||
# - delete_virtualmachine
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.contrib.auth.models import Permission, Group, User
|
||||
from users.models import Token
|
||||
|
||||
from ruamel.yaml import YAML
|
||||
@ -18,3 +18,11 @@ with open('/opt/netbox/initializers/users.yml', 'r') as stream:
|
||||
|
||||
if user_details.get('api_token', 0):
|
||||
Token.objects.create(user=user, key=user_details['api_token'])
|
||||
|
||||
user_permissions = user_details.get('permissions', [])
|
||||
if user_permissions:
|
||||
user.user_permissions.clear()
|
||||
for permission_codename in user_details.get('permissions', []):
|
||||
permission = Permission.objects.get(codename=permission_codename)
|
||||
user.user_permissions.add(permission)
|
||||
user.save()
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.contrib.auth.models import Permission, Group, User
|
||||
from ruamel.yaml import YAML
|
||||
|
||||
with open('/opt/netbox/initializers/groups.yml', 'r') as stream:
|
||||
@ -12,8 +12,16 @@ with open('/opt/netbox/initializers/groups.yml', 'r') as stream:
|
||||
if created:
|
||||
print("👥 Created group", groupname)
|
||||
|
||||
for username in group_details['users']:
|
||||
for username in group_details.get('users', []):
|
||||
user = User.objects.get(username=username)
|
||||
|
||||
if user:
|
||||
user.groups.add(group)
|
||||
|
||||
group_permissions = group_details.get('permissions', [])
|
||||
if group_permissions:
|
||||
group.permissions.clear()
|
||||
print("Permissions:", group.permissions.all())
|
||||
for permission_codename in group_details.get('permissions', []):
|
||||
permission = Permission.objects.get(codename=permission_codename)
|
||||
group.permissions.add(permission)
|
||||
|
||||
Reference in New Issue
Block a user