jansenj/netbox-docker
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Compare commits

base: jansenj:0.9.0
Branches Tags
jansenj:release jansenj:renovate/sentry-sdk-2.x jansenj:develop
jansenj:3.3.0 jansenj:3.2.1 jansenj:3.2.0 jansenj:3.1.1 jansenj:3.1.0 jansenj:3.0.2 jansenj:3.0.1 jansenj:3.0.0 jansenj:2.9.1 jansenj:2.9.0 jansenj:2.8.0 jansenj:2.7.0 jansenj:2.6.1 jansenj:2.6.0 jansenj:2.5.3 jansenj:2.5.2 jansenj:2.5.1 jansenj:2.5.0 jansenj:2.4.0 jansenj:2.3.0 jansenj:2.2.0 jansenj:2.1.0 jansenj:2.0.0 jansenj:1.6.1 jansenj:1.6.0 jansenj:1.5.1 jansenj:1.5.0 jansenj:1.4.1 jansenj:1.4.0 jansenj:1.3.1 jansenj:1.3.0 jansenj:1.2.0 jansenj:1.1.0 jansenj:1.0.2 jansenj:1.0.1 jansenj:1.0.0 jansenj:0.27.0 jansenj:0.26.2 jansenj:0.26.1 jansenj:0.26.0 jansenj:0.25.0 jansenj:0.24.1 jansenj:0.24.0 jansenj:0.23.0 jansenj:0.22.0 jansenj:0.21.1 jansenj:0.21.0 jansenj:0.20.0 jansenj:0.19.4 jansenj:0.19.3 jansenj:0.19.2 jansenj:0.19.1 jansenj:0.19.0 jansenj:0.18.2 jansenj:0.18.1 jansenj:0.18.0 jansenj:0.17.1 jansenj:0.17.0 jansenj:0.16.0 jansenj:0.15.0 jansenj:0.14.0 jansenj:0.13.1 jansenj:0.13.0 jansenj:0.12.0 jansenj:0.11.0 jansenj:0.10.0 jansenj:0.9.0 jansenj:0.8.0 jansenj:0.7.0 jansenj:0.6.0 jansenj:0.5.1 jansenj:0.5.0 jansenj:0.4.0 jansenj:0.3.1
...
compare: jansenj:0.19.0
Branches Tags
jansenj:release jansenj:renovate/sentry-sdk-2.x jansenj:develop
jansenj:3.3.0 jansenj:3.2.1 jansenj:3.2.0 jansenj:3.1.1 jansenj:3.1.0 jansenj:3.0.2 jansenj:3.0.1 jansenj:3.0.0 jansenj:2.9.1 jansenj:2.9.0 jansenj:2.8.0 jansenj:2.7.0 jansenj:2.6.1 jansenj:2.6.0 jansenj:2.5.3 jansenj:2.5.2 jansenj:2.5.1 jansenj:2.5.0 jansenj:2.4.0 jansenj:2.3.0 jansenj:2.2.0 jansenj:2.1.0 jansenj:2.0.0 jansenj:1.6.1 jansenj:1.6.0 jansenj:1.5.1 jansenj:1.5.0 jansenj:1.4.1 jansenj:1.4.0 jansenj:1.3.1 jansenj:1.3.0 jansenj:1.2.0 jansenj:1.1.0 jansenj:1.0.2 jansenj:1.0.1 jansenj:1.0.0 jansenj:0.27.0 jansenj:0.26.2 jansenj:0.26.1 jansenj:0.26.0 jansenj:0.25.0 jansenj:0.24.1 jansenj:0.24.0 jansenj:0.23.0 jansenj:0.22.0 jansenj:0.21.1 jansenj:0.21.0 jansenj:0.20.0 jansenj:0.19.4 jansenj:0.19.3 jansenj:0.19.2 jansenj:0.19.1 jansenj:0.19.0 jansenj:0.18.2 jansenj:0.18.1 jansenj:0.18.0 jansenj:0.17.1 jansenj:0.17.0 jansenj:0.16.0 jansenj:0.15.0 jansenj:0.14.0 jansenj:0.13.1 jansenj:0.13.0 jansenj:0.12.0 jansenj:0.11.0 jansenj:0.10.0 jansenj:0.9.0 jansenj:0.8.0 jansenj:0.7.0 jansenj:0.6.0 jansenj:0.5.1 jansenj:0.5.0 jansenj:0.4.0 jansenj:0.3.1

90 Commits
0.9.0 ... 0.19.0

Author SHA1 Message Date
Christian Mäder
de1e5edd02 Prepare Version 0.19.0 2019-10-15 11:48:25 +02:00
Christian Mäder
ef989284c2 Merge pull request #159 from netbox-community/multistage-build 
Refactor to multistage builds
 2019-10-15 11:47:09 +02:00
Christian Mäder
e060f86b9a Corrections for shellcheck warnings 2019-10-15 10:03:39 +02:00
Christian Mäder
0a38220497 Update purpose text in build.sh 2019-10-15 01:00:21 +02:00
Christian Mäder
fb60841047 Only test 'latest' in PRs 
Because it's the only tag being built
 2019-10-15 00:56:37 +02:00
Christian Mäder
0f4a872082 More tests 2019-10-15 00:47:19 +02:00
Christian Mäder
26b1f59d66 Improve formating and fix typo 2019-10-15 00:40:48 +02:00
Christian Mäder
064908397e Improved Build Job descriptions 2019-10-15 00:34:15 +02:00
Christian Mäder
42642c94c3 Only push on 'main' branch 2019-10-15 00:34:15 +02:00
Christian Mäder
123fd981e9 Fix build 
The Docker Hub build system runs on Ubuntu Xenial containers.
Xenial's git is 2.7.4, which does not know the `-P` flag yet.
 2019-10-15 00:34:15 +02:00
Christian Mäder
20109c3392 Checkout the repository with git 
This changes the build process even further. Instead
f using `wget` to fetch the current code, `git` is used.
This allows for faster switching between branches,
because only the differences between them have to be
fetched from the server.

But the main advantage is that the build cache can
finally be used as designed by Docker. Repetitive
builds are very fast now. This is also true between
branches and tags, as long as the `requirements.txt`
file doesn't change.
 2019-10-15 00:34:15 +02:00
Christian Mäder
f3b9c34e3b externalize netbox download with wget 2019-10-15 00:34:15 +02:00
Christian Mäder
ab4b8720d1 Fix caching in build.sh 2019-10-15 00:34:15 +02:00
Christian Mäder
052b53aa5c Fix apt-get detection 2019-10-15 00:34:15 +02:00
Christian Mäder
fadac8c5c3 Only build the master branch to speed up the test 2019-10-15 00:34:15 +02:00
Christian Mäder
d0c9dfe2e5 Try to get PR builds working 2019-10-15 00:34:15 +02:00
Christian Mäder
d0ebb34432 Refactor to multistage builds 
This commit introduces a huge change in the build process.

What changed:

- Dockerfile.ldap was integrated into Dockerfile as a seperate
  [build stage][multistage-build].
- All the build scripts were refactored according to this.
- The `docker-compose.yml` file was adjusted likewise.
- The main build script, `/build.sh`, now always builds all
  targets (formerly called variants).
- The minimal requirements for Docker and docker-compose
  have increased.
- The build on hub.docker.com must be adjusted.

This change should also fix #156 permanently.

[multistage-build]: https://docs.docker.com/develop/develop-images/multistage-build/
 2019-10-15 00:34:15 +02:00
Christian Mäder
c148d3ceb9 Prepare Version 0.18.2 2019-10-14 09:20:22 +02:00
Christian Mäder
42826ae133 Fix #165 2019-10-14 09:17:32 +02:00
Christian Mäder
19728fa3e6 prepare 0.18.1 2019-10-13 14:03:56 +02:00
Christian Mäder
e1f054b6b5 Merge branch 'fix-160' 2019-10-13 14:03:34 +02:00
Christian Mäder
79d349133e fix typo 2019-10-13 14:03:22 +02:00
Christian Mäder
cb8007e41d Adds a hyperlink for the #netbox-docker channel 2019-10-12 15:16:17 +02:00
Christian Mäder
b790796f9b Prepare Version 0.18.0 2019-10-12 14:56:03 +02:00
Christian Mäder
20c234a96e Introduce $SKIP_SUPERUSER 
This adds a new variable to skip the creation of the superuser.
That is useful for LDAP and for production environments.

Fixes #160
 2019-10-12 14:49:40 +02:00
Christian Mäder
5ae5977717 Merge branch 'axarriola-master' 2019-10-12 14:27:11 +02:00
Christian Mäder
e894cdaa06 Reformat initializers and add some IPv6 examples 2019-10-12 14:23:41 +02:00
Christian Mäder
5defc38294 Add missing break 2019-10-12 14:23:11 +02:00
Christian Mäder
61c0a9b519 Merge branch 'master' of https://github.com/axarriola/netbox-docker into axarriola-master 2019-10-12 14:02:35 +02:00
Alvaro Arriola
992a8f1d5f More typos. Tested all changes. 2019-10-11 18:08:22 +02:00
Alvaro Arriola
2d25907cba Fixing typos. 2019-10-11 17:30:38 +02:00
Alvaro Arriola
8a40c6e0a3 Merge branch 'master' of https://github.com/netbox-community/netbox-docker 2019-10-11 17:06:18 +02:00
Christian Mäder
ed8e339bfe Merge pull request #162 from netbox-community/cleanup 
Remove debug statement
 2019-10-11 16:32:07 +02:00
Christian Mäder
4b1514f8d3 Remove debug statement 2019-10-11 16:31:56 +02:00
Christian Mäder
2044f685cf Merge pull request #161 from netbox-community/fix-platform-initializer 
Updating the initializer platform examples
 2019-10-11 16:15:19 +02:00
Christian Mäder
86de0d850b Updating the initializer platform examples 
rpc client was removed from netbox
 2019-10-11 16:15:03 +02:00
Alvaro Arriola
4e1ac2392d Added newline and breaks. 2019-10-11 15:46:32 +02:00
Christian Mäder
723d4744a4 Merge branch 'master' of https://github.com/axarriola/netbox-docker into axarriola-master 2019-10-11 14:31:29 +02:00
Alvaro Arriola
821d6c8672 Fixed further requirements. 2019-10-10 17:35:06 +02:00
Alvaro Arriola
0b5214d247 Fixed aesthetics. 2019-10-10 16:52:29 +02:00
Christian Mäder
aca448d180 Merge branch 'bootc-helm-chart' 2019-10-09 12:42:01 +02:00
Christian Mäder
6051092a59 Move large parts of the documentation in the README to the wiki 2019-10-09 12:40:40 +02:00
Christian Mäder
03b52f9074 Merge branch 'helm-chart' of https://github.com/bootc/netbox-docker into bootc-helm-chart 2019-10-09 12:40:29 +02:00
Christian Mäder
ce9158eb07 Update README.md 2019-07-30 13:45:08 +02:00
Christian Mäder
74000645dc Make patch version 2019-07-30 13:36:22 +02:00
Christian Mäder
ef0755b9cf Merge pull request #149 from takumin/fix_attribute_error 
fix AttributeError for ruamel.yaml
 2019-07-30 13:34:48 +02:00
takumin
7f22d21d5d fix AttributeError for ruamel.yaml 2019-07-30 20:09:02 +09:00
Christian Mäder
e349c239fe Release 0.17.0 2019-07-30 10:47:56 +02:00
Christian Mäder
28ba0e56e7 Merge pull request #144 from ScanPlusGmbH/update-base-image 
Update base image
 2019-07-30 10:44:44 +02:00
Christian Mäder
b0287e344e Merge pull request #148 from LBegnaud/master 
adjusts users and groups startup scripts to accomdate non-uniqueness
 2019-07-30 10:44:03 +02:00
Les Begnaud
e6e7647f32 adjusts users and groups startup scripts to accomdate non-uniqueness 2019-07-26 14:13:15 -05:00
Chris Boot
3e1f688f78 Add a link to my Helm chart 
I've written and will continue to maintain a Helm chart to aid in
deploying NetBox on Kubernetes. This adds a link to the README file so
that people who may be interested in it can find it.
 2019-07-20 16:51:51 -03:00
Tobias Genannt
135d29e06f Update base image 
This updates the base image to Alpine 3.10 with Python 3.7
 2019-07-05 08:22:25 +02:00
Alvaro Arriola
4cb5b9f20d Added more startup_scripts and initializers examples. 2019-07-04 14:10:56 +02:00
Christian Mäder
5a4e9d7a14 Merge branch 'miso231-patch-1' 2019-07-02 21:33:54 +02:00
Christian Mäder
89b9c22252 Merge branch 'patch-1' of https://github.com/miso231/netbox-docker into miso231-patch-1 2019-07-02 21:33:36 +02:00
Christian Mäder
dc3db2d9fd %s/digitalocean/netbox-community/gi 
Thank you Digitalocean for sponsoring Netbox!
And thank you for letting it grow up and move out ;)
 2019-07-02 21:32:58 +02:00
Michal Petko
0270fc2dca Retype REDIS_PORT to int 2019-07-01 17:29:58 +02:00
Christian Mäder
aed5126279 Provides necessary changes for v2.6 compatibility 
Fixes #139
 2019-06-21 22:48:23 +02:00
Christian Mäder
9c45e4d5e1 Prepare Version 0.14.0 2019-06-12 17:56:52 +02:00
Christian Mäder
dfd30f5eae Explain caching strategy in Dockerfile comments 2019-06-12 17:53:35 +02:00
Christian Mäder
a5537b18a4 Merge branch 'improved_build_speed' of https://github.com/rje6459/netbox-docker 2019-06-12 17:45:40 +02:00
Christian Mäder
9601cb1e54 Merge branch 'master' into improved_build_speed 2019-06-12 17:28:52 +02:00
Christian Mäder
54ac5dc2ab Merge branch 'mryauch-master' 2019-06-12 17:18:48 +02:00
Robert Ellegate
a086c2fc22 Changing REF_URL to use HEAD/TAG agnostic API 
Per [dicsuccion](https://github.com/netbox-community/netbox-docker/pull/137#issuecomment-495667921) with @cimnine, changing the API endpoint to one that retains functionality of previous URL while supporting both HEADS and TAGS
 2019-05-28 10:45:10 -04:00
Robert Ellegate
e33a2d2c0a Adding REF to GitHub repo HEAD for cache busting 
After installing requirements, check if  HEAD has changed and bust cache for RUN instruction for wget  archive
 2019-05-23 11:20:39 -04:00
Christian Mäder
821fb5f36e Caching of requirements.txt 
After [a discussion][1] with rje6459 on the networktocode Slack
in the #netbox-docker channel we've come up with a small improvement
to those that regularly have to build netbox docker locally.

It fetches the "requirements.txt" from the desired branch before
downloading netbox itself.

[1]: https://networktocode.slack.com/archives/CD23LP8BC/p1558537080023200
 2019-05-22 18:05:54 +02:00
Matthew Yauch
7362e275b0 Add AUTH_LDAP_GROUP_TYPE env variable support 
Dynamically imports the correct class/subclass from django_auth_ldap.config based on the AUTH_LDAP_GROUP_TYPE environment variable.
 2019-05-09 07:47:28 -07:00
Christian Mäder
6c3db3deff Update django to 2.2 2019-05-09 09:57:01 +02:00
Christian Mäder
2f8ea89d54 Prepare Version 0.13.0 2019-05-08 12:00:57 +02:00
Christian Mäder
7008c03bcb Merge branch 'mryauch-mryauch-patch-1' 2019-05-08 11:57:50 +02:00
Christian Mäder
8f39034014 Merge branch 'mryauch-patch-1' of https://github.com/mryauch/netbox-docker into mryauch-mryauch-patch-1 2019-05-08 11:57:43 +02:00
Christian Mäder
98833e20c8 Prepare Version 0.12.0 2019-05-08 11:43:29 +02:00
Christian Mäder
a5e51dfb47 Merge branch 'ajknv-master' 2019-05-08 11:38:31 +02:00
Christian Mäder
936d868582 Merge branch 'master' of https://github.com/ajknv/netbox-docker into ajknv-master 2019-05-08 11:38:22 +02:00
Matthew Yauch
96924736df Updated README.md to reflect AUTH_LDAP_BIND_PASSWORD secret support 2019-05-01 08:14:26 -07:00
Matthew Yauch
5107fb7c6b AUTH_LDAP_BIND_PASSWORD secret file support 2019-04-30 14:24:22 -07:00
Christian Mäder
9eef398a9d prepare next version 2019-03-27 14:23:28 +01:00
Christian Mäder
e83db27b91 Merge pull request #131 from Bialogs/selinux 
Add shared (z) container volume SELinux labels to the volumes created…
 2019-03-27 14:19:18 +01:00
Christian Mäder
4419646732 Merge branch 'ScanPlusGmbH-short-tag' 2019-03-27 12:01:06 +01:00
Christian Mäder
286bfa0248 reorganized tagging 2019-03-27 12:00:32 +01:00
Christian Mäder
e768cb5b87 Merge branch 'short-tag' of https://github.com/ScanPlusGmbH/netbox-docker into ScanPlusGmbH-short-tag 2019-03-27 08:13:58 +01:00
Kyle Fagan
e45773c29f Add shared (z) container volume SELinux labels to the volumes created by docker-compose. 2019-03-25 16:22:37 -04:00
Tobias Genannt
220370ed76 Add short version tag 
Adds a short version tag in the form of v$MAJOR.$MINOR. This tags
creates the possibillity to follow patch releases automatically with the
scheduled import option in Openshift and Kubernetes.
 2019-03-22 08:28:41 +01:00
Christian Mäder
b49e6fac14 Update README.md 
Fix the link to the configuration file, since it's core was "outsourced" some time ago.
 2019-03-19 20:33:31 +01:00
Alexander Kinneer
5beb3093db Add support for using SSL connections to Redis. 2019-03-19 11:35:45 -05:00
Christian Mäder
df16a431ca Prepare Version 0.10.0 
0.9.0 was already tagged without a version increment
 2019-03-19 17:14:08 +01:00
Christian Mäder
585e411cde Prepare Version 0.9.0 2019-03-19 17:12:40 +01:00
Christian Mäder
e17baea76c Merge pull request #128 from ScanPlusGmbH/optimze-startup 
Make startup scripts optional
 2019-03-19 17:12:15 +01:00
Tobias Genannt
8c95f32b0c Make startup scripts optional 
To optimize the application boot time the startup scripts can now be
disabled by an ENV variable. The default when the variable is not set,
is to run the startup scripts. This means that the default behaviour is
not changed from earlier releases.
 2019-03-11 12:31:41 +01:00
56 changed files with 1382 additions and 711 deletions
Expand all files Collapse all files

1
.dockerignore
View File

@ -2,3 +2,4 @@
.travis.yml
build*
*.env
.git

1
.gitignore vendored
View File

@ -1 +1,2 @@
*.sql.gz
.netbox

41
DOCKER_HUB.md
View File

@ -12,28 +12,25 @@ Repository Links: Enable for Base Image
Build Rules:
- Source Type: Branch
Source: master
Docker Tag: branches-main
Docker Tag: branches
Dockerfile location: Dockerfile
Build Context: /
Autobuild: on
Build Caching: on
- Source Type: Branch
Source: master
Docker Tag: branches-ldap
Dockerfile location: Dockerfile.ldap
- Source Type: Branch
Source: master
Docker Tag: prerelease-main
Docker Tag: prerelease
Dockerfile location: Dockerfile
Build Context: /
Autobuild: on
Build Caching: on
- Source Type: Branch
Source: master
Docker Tag: prerelease-ldap
Dockerfile location: Dockerfile.ldap
- Source Type: Branch
Source: master
Docker Tag: release-main
Docker Tag: release
Dockerfile location: Dockerfile
- Source Type: Branch
Source: master
Docker Tag: release-ldap
Dockerfile location: Dockerfile.ldap
Build Context: /
Autobuild: on
Build Caching: on
Build Environment Variables:
# Create an app on Github and use it's OATH credentials here
- Key: GITHUB_OAUTH_CLIENT_ID
@ -42,6 +39,7 @@ Build Environment Variables:
Value: <secret>
Build Triggers:
- Name: Cron Trigger
Trigger URL: <generated>
# Use this trigger in combination with e.g. https://cron-job.org in order to regularly schedule builds
```
@ -51,16 +49,15 @@ The build system of cloud.docker.com is not made for this kind of project.
But we found a way to make it work, and this is how:
1. The docker hub build system [allows to overwrite the scripts that get executed
for `build`, `test` and `push`](overwrite). See `hooks/*`.
2. Shared functionality of the scripts `build`, `test` and `push` is extracted to `hooks/common`.
3. The `build` script runs `run_build()` from `hooks/common`.
This triggers either `build-branches.sh`, `build-latest.sh` or directly `build.sh`.
for `build`, `test` and `push`](overwrite). See `/hooks/*`.
2. Shared functionality of the scripts `build`, `test` and `push` is extracted to `/hooks/common`.
3. The `build` script runs `run_build()` from `/hooks/common`.
This triggers either `/build-branches.sh`, `/build-latest.sh` or directly `/build.sh`.
4. The `test` script just invokes `docker-compose` commands.
5. The `push` script runs `run_build()` from `hooks/common` with a `--push-only` flag.
This causes the `build.sh` script to not re-build the Docker image, but just the just built image.
The _Docker Tag_ configuration setting is misused to select the type (_release_, _prerelease_, _branches_) of the build as well as the variant (_main_, _ldap_).
The _Dockerfile location_ configuration setting is completely ignored by the build scripts.
The _Docker Tag_ configuration setting (`$DOCKER_TAG`) is only used to select the type (_release_, _prerelease_, _branches_) of the build in `hooks/common`.
Because it has a different meaning in all the other build scripts, it is `unset` after it has served it's purpose.
[overwrite]: https://docs.docker.com/docker-hub/builds/advanced/#override-build-test-or-push-commands

80
Dockerfile
View File

@ -1,4 +1,5 @@
FROM python:3.6-alpine3.9
ARG FROM=python:3.7-alpine
FROM ${FROM} as builder
RUN apk add --no-cache \
bash \
@ -7,42 +8,60 @@ RUN apk add --no-cache \
cyrus-sasl-dev \
graphviz \
jpeg-dev \
libevent-dev \
libffi-dev \
libxml2-dev \
libxslt-dev \
openldap-dev \
postgresql-dev \
ttf-ubuntu-font-family \
wget
postgresql-dev
RUN pip install \
WORKDIR /install
RUN pip install --install-option="--prefix=/install" \
# gunicorn is used for launching netbox
gunicorn \
greenlet \
eventlet \
# napalm is used for gathering information from network devices
napalm \
# ruamel is used in startup_scripts
ruamel.yaml \
# pinning django to the version required by netbox
# adding it here, to install the correct version of
# django-rq
'Django>=2.1.5,<2.2' \
# django-rq is used for webhooks
django-rq
'ruamel.yaml>=0.15,<0.16' \
# django_auth_ldap is required for ldap
django_auth_ldap
ARG NETBOX_PATH
COPY ${NETBOX_PATH}/requirements.txt /
RUN pip install --install-option="--prefix=/install" -r /requirements.txt
###
# Main stage
###
ARG FROM
FROM ${FROM} as main
RUN apk add --no-cache \
bash \
ca-certificates \
graphviz \
libevent \
libffi \
libjpeg-turbo \
libressl \
libxslt \
postgresql-libs \
ttf-ubuntu-font-family
WORKDIR /opt
ARG BRANCH=master
ARG URL=https://github.com/digitalocean/netbox/archive/$BRANCH.tar.gz
RUN wget -q -O - "${URL}" | tar xz \
&& mv netbox* netbox
COPY --from=builder /install /usr/local
WORKDIR /opt/netbox
RUN pip install -r requirements.txt
ARG NETBOX_PATH
COPY ${NETBOX_PATH} /opt/netbox
COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py
COPY configuration/gunicorn_config.py /etc/netbox/config/
COPY docker/nginx.conf /etc/netbox-nginx/nginx.conf
COPY docker/docker-entrypoint.sh docker-entrypoint.sh
COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh
COPY startup_scripts/ /opt/netbox/startup_scripts/
COPY initializers/ /opt/netbox/initializers/
COPY configuration/configuration.py /etc/netbox/config/configuration.py
@ -53,7 +72,22 @@ ENTRYPOINT [ "/opt/netbox/docker-entrypoint.sh" ]
CMD ["gunicorn", "-c /etc/netbox/config/gunicorn_config.py", "netbox.wsgi"]
LABEL SRC_URL="$URL"
LABEL NETBOX_DOCKER_PROJECT_VERSION="custom build" \
NETBOX_BRANCH="custom build" \
ORIGINAL_DOCKER_TAG="custom build" \
NETBOX_GIT_COMMIT="not built from git" \
NETBOX_GIT_URL="not built from git"
ARG NETBOX_DOCKER_PROJECT_VERSION=snapshot
LABEL NETBOX_DOCKER_PROJECT_VERSION="$NETBOX_DOCKER_PROJECT_VERSION"
#####
## LDAP specific configuration
#####
FROM main as ldap
RUN apk add --no-cache \
libsasl \
libldap \
util-linux
COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py
COPY configuration/ldap_config.py /etc/netbox/config/ldap_config.py

9
Dockerfile.ldap
View File

@ -1,9 +0,0 @@
ARG DOCKER_ORG=netboxcommunity
ARG DOCKER_REPO=netbox
ARG FROM_TAG=latest
FROM $DOCKER_ORG/$DOCKER_REPO:$FROM_TAG
RUN pip install django_auth_ldap
COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py
COPY configuration/ldap_config.py /etc/netbox/config/ldap_config.py

359
README.md
View File

@ -1,29 +1,30 @@
# netbox-docker
[The Github repository](netbox-docker-github) houses the components needed to build Netbox as a Docker container.
Images are built using this code are released to [Docker Hub][netbox-dockerhub] every night.
Images are built using this code and are released to [Docker Hub][netbox-dockerhub] once a day.
Questions? Before opening an issue on Github, please join the [Network To Code][ntc-slack] Slack and ask for help in our `#netbox-docker` channel.
Do you have any questions? Before opening an issue on Github, please join the [Network To Code][ntc-slack] Slack and ask for help in our [`#netbox-docker`][netbox-docker-slack] channel.
[netbox-dockerhub]: https://hub.docker.com/r/netboxcommunity/netbox/tags/
[netbox-docker-github]: https://github.com/netbox-community/netbox-docker/
[netbox-docker-github]: https://github.com/netbox-community/netbox-docker/
[ntc-slack]: http://slack.networktocode.com/
[netbox-docker-slack]: https://slack.com/app_redirect?channel=netbox-docker&team=T09LQ7E9E
## Quickstart
To get Netbox up and running:
```
$ git clone -b master https://github.com/netbox-community/netbox-docker.git
$ cd netbox-docker
$ docker-compose pull
$ docker-compose up -d
```bash
git clone -b master https://github.com/netbox-community/netbox-docker.git
cd netbox-docker
docker-compose pull
docker-compose up -d
```
The application will be available after a few minutes.
Use `docker-compose port nginx 8080` to find out where to connect to.
```
```bash
$ echo "http://$(docker-compose port nginx 8080)/"
http://0.0.0.0:32768/
@ -48,177 +49,17 @@ Default credentials:
This project relies only on *Docker* and *docker-compose* meeting this requirements:
* The *Docker version* must be at least `1.13.0`.
* The *docker-compose version* must be at least `1.10.0`.
* The *Docker version* must be at least `17.05`.
* The *docker-compose version* must be at least `1.17.0`.
To ensure this, compare the output of `docker --version` and `docker-compose --version` with the requirements above.
## Configuration
## Reference Documentation
You can configure the app using environment variables.
These are defined in `netbox.env`.
Read [Environment Variables in Compose][compose-env] to understand about the various possibilities to overwrite these variables.
(The easiest solution being simply adjusting that file.)
Please refer [to the wiki][wiki] for further information on how to use this Netbox Docker image properly.
It covers advanced topics such as using secret files, deployment to Kubernetes as well as NAPALM and LDAP configuration.
To find all possible variables, have a look at the [configuration.docker.py][docker-config] and [docker-entrypoint.sh][entrypoint] files.
Generally, the environment variables are called the same as their respective Netbox configuration variables.
Variables which are arrays are usually composed by putting all the values into the same environment variables with the values separated by a whitespace ("` `").
For example defining `ALLOWED_HOSTS=localhost ::1 127.0.0.1` would allows access to Netbox through `http://localhost:8080`, `http://[::1]:8080` and `http://127.0.0.1:8080`.
[compose-env]: https://docs.docker.com/compose/environment-variables/
### Production
The default settings are optimized for (local) development environments.
You should therefore adjust the configuration for production setups, at least the following variables:
* `ALLOWED_HOSTS`: Add all URLs that lead to your Netbox instance, space separated. E.g. `ALLOWED_HOSTS=netbox.mycorp.com server042.mycorp.com 2a02:123::42 10.0.0.42 localhost ::1 127.0.0.1` (It's good advice to always allow localhost connections for easy debugging, i.e. `localhost ::1 127.0.0.1`.)
* `DB_*`: Use your own persistent database. Don't use the default passwords!
* `EMAIL_*`: Use your own mailserver.
* `MAX_PAGE_SIZE`: Use the recommended default of 1000.
* `SUPERUSER_*`: Only define those variables during the initial setup, and drop them once the DB is set up. Don't use the default passwords!
* `REDIS_*`: Use your own persistent redis. Don't use the default passwords!
### Running on Docker Swarm / Kubernetes / OpenShift
You may run this image in a cluster such as Docker Swarm, Kubernetes or OpenShift, but this is advanced level.
In this case, we encourage you to statically configure Netbox by starting from [Netbox's example config file][default-config], and mounting it into your container in the directory `/etc/netbox/config/` using the mechanism provided by your container platform (i.e. [Docker Swarm configs][swarm-config], [Kubernetes ConfigMap][k8s-config], [OpenShift ConfigMaps][openshift-config]).
But if you rather continue to configure your application through environment variables, you may continue to use [the built-in configuration file][docker-config].
We discourage storing secrets in environment variables, as environment variable are passed on to all sub-processes and may leak easily into other systems, e.g. error collecting tools that often collect all environment variables whenever an error occurs.
Therefore we *strongly advise* to make use of the secrets mechanism provided by your container platform (i.e. [Docker Swarm secrets][swarm-secrets], [Kubernetes secrets][k8s-secrets], [OpenShift secrets][openshift-secrets]).
[The configuration file][docker-config] and [the entrypoint script][entrypoint] try to load the following secrets from the respective files.
If a secret is defined by an environment variable and in the respective file at the same time, then the value from the environment variable is used.
* `SUPERUSER_PASSWORD`: `/run/secrets/superuser_password`
* `SUPERUSER_API_TOKEN`: `/run/secrets/superuser_api_token`
* `DB_PASSWORD`: `/run/secrets/db_password`
* `SECRET_KEY`: `/run/secrets/secret_key`
* `EMAIL_PASSWORD`: `/run/secrets/email_password`
* `NAPALM_PASSWORD`: `/run/secrets/napalm_password`
* `REDIS_PASSWORD`: `/run/secrets/redis_password`
Please also consider [the advice about running Netbox in production](#production) above!
[docker-config]: https://github.com/netbox-community/netbox-docker/blob/master/docker/configuration.docker.py
[default-config]: https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py
[entrypoint]: https://github.com/netbox-community/netbox-docker/blob/master/docker/docker-entrypoint.sh
[swarm-config]: https://docs.docker.com/engine/swarm/configs/
[swarm-secrets]: https://docs.docker.com/engine/swarm/secrets/
[openshift-config]: https://docs.openshift.org/latest/dev_guide/configmaps.html
[openshift-secrets]: https://docs.openshift.org/latest/dev_guide/secrets.html
[k8s-secrets]: https://kubernetes.io/docs/concepts/configuration/secret/
[k8s-config]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/
### NAPALM Configuration
Since v2.1.0 NAPALM has been tightly integrated into Netbox.
NAPALM allows Netbox to fetch live data from devices and return it to a requester via its REST API.
To learn more about what NAPALM is and how it works, please see the documentation from the [libary itself][napalm-doc] or the documentation from [Netbox][netbox-napalm-doc] on how it is integrated.
To enable this functionality, simply complete the following lines in `netbox.env` (or appropriate secrets mechanism) :
* `NAPALM_USERNAME`: A common username that can be utilized for connecting to network devices in your environment.
* `NAPALM_PASSWORD`: The password to use in combintation with the username to connect to network devices.
* `NAPALM_TIMEOUT`: A value to use for when an attempt to connect to a device will timeout if no response has been recieved.
However, if you don't need this functionality, leave these blank.
[napalm-doc]: http://napalm.readthedocs.io/en/latest/index.html
[netbox-napalm-doc]: https://netbox.readthedocs.io/en/latest/configuration/optional-settings/#napalm_username
### Customizable Reporting
Netbox includes [customized reporting][netbox-reports-doc] that allows the user to write Python code and determine the validity of the data within Netbox.
The `REPORTS_ROOT` variable is setup as a mapped directory within this Docker container to `/reports/` and includes the example directly from the documentation for `devices.py`.
However, it has been renamed to `devices.py.example` which prevents Netbox from recognizing it as a valid report.
This was done to avoid unnessary issues from being opened when the default does not work for someone's expectations.
To re-enable this default report, simply rename `devices.py.example` to `devices.py` and browse within the WebUI to `/extras/reports/`.
You can also dynamically add any other report to this same directory and Netbox will be able to see it without restarting the container.
[netbox-reports-doc]: https://netbox.readthedocs.io/en/stable/additional-features/reports/
### Custom Initialization Code (e.g. Automatically Setting Up Custom Fields)
When using `docker-compose`, all the python scripts present in `/opt/netbox/startup_scripts` will automatically be executed after the application boots in the context of `./manage.py`.
That mechanism can be used for many things, e.g. to create Netbox custom fields:
```python
# docker/startup_scripts/load_custom_fields.py
from django.contrib.contenttypes.models import ContentType
from extras.models import CF_TYPE_TEXT, CustomField
from dcim.models import Device
from dcim.models import DeviceType
device = ContentType.objects.get_for_model(Device)
device_type = ContentType.objects.get_for_model(DeviceType)
my_custom_field, created = CustomField.objects.get_or_create(
type=CF_TYPE_TEXT,
name='my_custom_field',
description='My own custom field'
)
if created:
my_custom_field.obj_type.add(device)
my_custom_field.obj_type.add(device_type)
```
#### Initializers
Initializers are built-in startup scripts for defining Netbox custom fields, groups, users and many other resources.
All you need to do is to mount you own `initializers` folder ([see `docker-compose.yml`][netbox-docker-compose]).
Look at the [`initializers` folder][netbox-docker-initializers] to learn how the files must look like.
Here's an example for defining a custom field:
```yaml
# initializers/custom_fields.yml
text_field:
type: text
label: Custom Text
description: Enter text in a text field.
required: false
filter_logic: loose
weight: 0
on_objects:
- dcim.models.Device
- dcim.models.Rack
- ipam.models.IPAddress
- ipam.models.Prefix
- tenancy.models.Tenant
- virtualization.models.VirtualMachine
```
[netbox-docker-initializers]: https://github.com/netbox-community/netbox-docker/tree/master/initializers
[netbox-docker-compose]: https://github.com/netbox-community/netbox-docker/blob/master/docker-compose.yml
##### Available Groups for User/Group initializers
To get an up-to-date list about all the available permissions, run the following command.
```bash
# Make sure the 'netbox' container is already running! If unsure, run `docker-compose up -d`
echo "from django.contrib.auth.models import Permission\nfor p in Permission.objects.all():\n print(p.codename);" | docker-compose exec -T netbox ./manage.py shell
```
#### Custom Docker Image
You can also build your own Netbox Docker image containing your own startup scripts, custom fields, users and groups
like this:
```
ARG VERSION=latest
FROM netboxcommunity/netbox:$VERSION
COPY startup_scripts/ /opt/netbox/startup_scripts/
COPY initializers/ /opt/netbox/initializers/
```
[wiki]: https://github.com/netbox-community/netbox-docker/wiki/
## Netbox Version
@ -227,170 +68,34 @@ To use this feature, set the environment-variable `VERSION` before launching `do
`VERSION` may be set to the name of
[any tag of the `netboxcommunity/netbox` Docker image on Docker Hub][netbox-dockerhub].
```
$ export VERSION=v2.2.6
$ docker-compose pull netbox
$ docker-compose up -d
```bash
export VERSION=v2.6.6
docker-compose pull netbox
docker-compose up -d
```
You can also build a specific version of the Netbox image. This time, `VERSION` indicates any valid
[Git Reference][git-ref] declared on [the 'digitalocean/netbox' Github repository][netbox-github].
Most commonly you will specify a tag or branch name.
You can also build a specific version of the Netbox Docker image yourself.
`VERSION` can be any valid [git ref][git-ref] in that case.
```bash
export VERSION=v2.6.6
./build.sh $VERSION
docker-compose up -d
```
$ export VERSION=develop
$ docker-compose build --no-cache netbox
$ docker-compose up -d
```
Hint: If you're building a specific version by tag name, the `--no-cache` argument is not strictly necessary.
This can increase the build speed if you're just adjusting the config, for example.
[git-ref]: https://git-scm.com/book/en/v2/Git-Internals-Git-References
[netbox-github]: https://github.com/digitalocean/netbox/releases
[netbox-github]: https://github.com/netbox-community/netbox/releases
### LDAP enabled variant
The images tagged with "-ldap" contain anything necessary to authenticate against an LDAP or Active Directory server.
The default configuration `ldap_config.py` is prepared for use with an Active Directory server.
Custom values can be injected using environment variables, similar to the main configuration mechanisms.
## Troubleshooting
This section is a collection of some common issues and how to resolve them.
If your issue is not here, look through [the existing issues][issues] and eventually create a new issue.
[issues]: (https://github.com/netbox-community/netbox-docker/issues)
### Docker Compose basics
* You can see all running containers belonging to this project using `docker-compose ps`.
* You can see the logs by running `docker-compose logs -f`.
Running `docker-compose logs -f netbox` will just show the logs for netbox.
* You can stop everything using `docker-compose stop`.
* You can clean up everything using `docker-compose down -v --remove-orphans`. **This will also remove any related data.**
* You can enter the shell of the running Netbox container using `docker-compose exec netbox /bin/bash`. Now you have access to `./manage.py`, e.g. to reset a password.
* To access the database run `docker-compose exec postgres sh -c 'psql -U $POSTGRES_USER $POSTGRES_DB'`
* To create a database backup run `docker-compose exec postgres sh -c 'pg_dump -cU $POSTGRES_USER $POSTGRES_DB' | gzip > db_dump.sql.gz`
* To restore that database backup run `gunzip -c db_dump.sql.gz | docker exec -i $(docker-compose ps -q postgres) sh -c 'psql -U $POSTGRES_USER $POSTGRES_DB'`.
### Nginx doesn't start
As a first step, stop your docker-compose setup.
Then locate the `netbox-nginx-config` volume and remove it:
```bash
# Stop your local netbox-docker installation
$ docker-compose down
# Find the volume
$ docker volume ls | grep netbox-nginx-config
local netbox-docker_netbox-nginx-config
# Remove the volume
$ docker volume rm netbox-docker_netbox-nginx-config
netbox-docker_netbox-nginx-config
```
Now start everything up again.
If this didn't help, try to see if there's anything in the logs indicating why nginx doesn't start:
```bash
$ docker-compose logs -f nginx
```
### Getting a "Bad Request (400)"
> When connecting to the Netbox instance, I get a "Bad Request (400)" error.
This usually happens when the `ALLOWED_HOSTS` variable is not set correctly.
### How to upgrade
> How do I update to a newer version of netbox?
It should be sufficient to pull the latest image from Docker Hub, stopping the container and starting it up again:
```bash
docker-compose pull netbox
docker-compose stop netbox netbox-worker
docker-compose rm -f netbox netbox-worker
docker-compose up -d netbox netbox-worker
```
### Webhooks don't work
First make sure that the webhooks feature is enabled in your Netbox configuration and that a redis host is defined.
Check `netbox.env` if the following variables are defined:
```
WEBHOOKS_ENABLED=true
REDIS_HOST=redis
```
Then make sure that the `redis` container and at least one `netbox-worker` are running.
```
# check the container status
$ docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------
netbox-docker_netbox-worker_1 /opt/netbox/docker-entrypo ... Up
netbox-docker_netbox_1 /opt/netbox/docker-entrypo ... Up
netbox-docker_nginx_1 nginx -c /etc/netbox-nginx ... Up 80/tcp, 0.0.0.0:32776->8080/tcp
netbox-docker_postgres_1 docker-entrypoint.sh postgres Up 5432/tcp
netbox-docker_redis_1 docker-entrypoint.sh redis ... Up 6379/tcp
# connect to redis and send PING command:
$ docker-compose run --rm -T redis sh -c 'redis-cli -h redis -a $REDIS_PASSWORD ping'
Warning: Using a password with '-a' option on the command line interface may not be safe.
PONG
```
If `redis` and the `netbox-worker` are not available, make sure you have updated your `docker-compose.yml` file!
Everything's up and running? Then check the log of `netbox-worker` and/or `redis`:
```bash
docker-compose logs -f netbox-worker
docker-compose logs -f redis
```
Still no clue? You can connect to the `redis` container and have it report any command that is currently executed on the server:
```bash
docker-compose run --rm -T redis sh -c 'redis-cli -h redis -a $REDIS_PASSWORD monitor'
# Hit CTRL-C a few times to leave
```
If you don't see anything happening after you triggered a webhook, double-check the configuration of the `netbox` and the `netbox-worker` containers and also check the configuration of your webhook in the admin interface of Netbox.
### Breaking Changes
## Breaking Changes
From time to time it might become necessary to re-engineer the structure of this setup.
Things like the `docker-compose.yml` file or your Kubernetes or OpenShift configurations have to be adjusted as a consequence.
Since April 2018 each image built from this repo contains a `NETBOX_DOCKER_PROJECT_VERSION` label.
You can check the label of your local image by running `docker inspect netboxcommunity/netbox:v2.3.1 --format "{{json .ContainerConfig.Labels}}"`.
Compare the version with the list below to check whether a breaking change was introduced with that version.
The following is a list of breaking changes of the `netbox-docker` project:
Please read [the release notes][releases] carefully when updating to a new image version.
* 0.9.0: Upgrade to at least 2.1.5
* 0.8.0: Alpine linux was upgraded to 3.9 [#126][126]
* 0.7.0: The value of the `MAX_PAGE_SIZE` environment variable was changed to `1000`, which is the default of Netbox.
* 0.6.0: The naming of the default startup_scripts were changed.
If you overwrite them, you may need to adjust these scripts.
* 0.5.0: Alpine was updated to 3.8, `*.env` moved to `/env` folder
* 0.4.0: In order to use Netbox webhooks you need to add Redis and a netbox-worker to your docker-compose.yml.
* 0.3.0: Field `filterable: <boolean` was replaced with field `filter_logic: loose/exact/disabled`. It will default to `CF_FILTER_LOOSE=loose` when not defined.
* 0.2.0: Re-organized paths: `/etc/netbox -> /etc/netbox/config` and `/etc/reports -> /etc/netbox/reports`. Fixes [#54][54].
* 0.1.0: Introduction of the `NETBOX_DOCKER_PROJECT_VERSION`. (Not a breaking change per se.)
[54]: https://github.com/netbox-community/netbox-docker/issues/54
[126]: https://github.com/netbox-community/netbox-docker/pull/126
[releases]: https://github.com/netbox-community/netbox-docker/releases
## Rebuilding & Publishing images
@ -407,8 +112,8 @@ New Docker images are built and published every 24h on the [Docker Build Infrast
To run the tests coming with Netbox, use the `docker-compose.yml` file as such:
```
$ docker-compose run netbox ./manage.py test
```bash
docker-compose run netbox ./manage.py test
```
## About

2
VERSION
View File

@ -1 +1 @@
0.8.0
0.19.0

81
build-all.sh
View File

@ -12,73 +12,40 @@ BUILDS=("${BUILD:-"${ALL_BUILDS[@]}"}")
echo "⚙️ Configured builds: ${BUILDS[*]}"
VARIANTS=("main" "ldap")
if [ -n "${DEBUG}" ]; then
export DEBUG
fi
ERROR=0
# Don't build if not on `master` and don't build if on a pull request,
# but build when DEBUG is not empty
for VARIANT in "${VARIANTS[@]}"; do
export VARIANT
# Checking which VARIANT to build
if [ "${VARIANT}" == "main" ]; then
DOCKERFILE="${DOCKERFILE_PATH-Dockerfile}"
else
DOCKERFILE="${DOCKERFILE_PATH-Dockerfile}.${VARIANT}"
# Fail fast
if [ ! -f "${DOCKERFILE}" ]; then
echo "🚨 The Dockerfile '${DOCKERFILE}' for variant '${VARIANT}' doesn't exist."
ERROR=1
for BUILD in "${BUILDS[@]}"; do
echo "🛠 Building '$BUILD' from '$DOCKERFILE'"
case $BUILD in
release)
# build the latest release
# shellcheck disable=SC2068
./build-latest.sh $@ || ERROR=1
;;
prerelease)
# build the latest pre-release
# shellcheck disable=SC2068
PRERELEASE=true ./build-latest.sh $@ || ERROR=1
;;
branches)
# build all branches
# shellcheck disable=SC2068
./build-branches.sh $@ || ERROR=1
;;
*)
echo "🚨 Unrecognized build '$BUILD'."
if [ -z "$DEBUG" ]; then
continue
exit 1
else
echo "⚠️ Would skip this, but DEBUG is enabled."
echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
fi
fi
fi
for BUILD in "${BUILDS[@]}"; do
echo "🛠 Building '$BUILD' from '$DOCKERFILE'"
case $BUILD in
release)
# build the latest release
# shellcheck disable=SC2068
./build-latest.sh $@ || ERROR=1
;;
prerelease)
# build the latest pre-release
# shellcheck disable=SC2068
PRERELEASE=true ./build-latest.sh $@ || ERROR=1
;;
branches)
# build all branches
# shellcheck disable=SC2068
./build-branches.sh $@ || ERROR=1
;;
special)
# special build
# shellcheck disable=SC2068
#SRC_ORG=lampwins TAG=webhooks-backend ./build.sh "feature/webhooks-backend" $@ || ERROR=1
echo "✅ No special builds today."
;;
*)
echo "🚨 Unrecognized build '$BUILD'."
if [ -z "$DEBUG" ]; then
exit 1
else
echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
fi
;;
esac
done
;;
esac
done
exit $ERROR

23
build-branches.sh
View File

@ -3,6 +3,10 @@
echo "▶️ $0 $*"
###
# Checking for the presence of GITHUB_OAUTH_CLIENT_ID
# and GITHUB_OAUTH_CLIENT_SECRET
###
if [ -n "${GITHUB_OAUTH_CLIENT_ID}" ] && [ -n "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then
echo "🗝 Performing authenticated Github API calls."
GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}"
@ -11,18 +15,33 @@ else
GITHUB_OAUTH_PARAMS=""
fi
ORIGINAL_GITHUB_REPO="${SRC_ORG-digitalocean}/${SRC_REPO-netbox}"
###
# Calling Github to get the all branches
###
ORIGINAL_GITHUB_REPO="${SRC_ORG-netbox-community}/${SRC_REPO-netbox}"
GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}"
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/branches?${GITHUB_OAUTH_PARAMS}"
# Composing the JQ commans to extract the most recent version number
JQ_BRANCHES='map(.name) | .[] | scan("^[^v].+") | match("^(master|develop).*") | .string'
CURL="curl -sS"
BRANCHES=$($CURL "${URL_RELEASES}" | jq -r 'map(.name) | .[] | scan("^[^v].+") | match("^(master|develop).*") | .string')
# Querying the Github API to fetch all branches
BRANCHES=$($CURL "${URL_RELEASES}" | jq -r "$JQ_BRANCHES")
###
# Building each branch
###
# keeping track whether an error occured
ERROR=0
# calling build.sh for each branch
for BRANCH in $BRANCHES; do
# shellcheck disable=SC2068
./build.sh "${BRANCH}" $@ || ERROR=1
done
# returning whether an error occured
exit $ERROR

67
build-latest.sh
View File

@ -3,6 +3,10 @@
echo "▶️ $0 $*"
###
# Checking for the presence of GITHUB_OAUTH_CLIENT_ID
# and GITHUB_OAUTH_CLIENT_SECRET
###
if [ -n "${GITHUB_OAUTH_CLIENT_ID}" ] && [ -n "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then
echo "🗝 Performing authenticated Github API calls."
GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}"
@ -11,17 +15,38 @@ else
GITHUB_OAUTH_PARAMS=""
fi
ORIGINAL_GITHUB_REPO="digitalocean/netbox"
###
# Checking if PRERELEASE is either unset, 'true' or 'false'
###
if [ -n "${PRERELEASE}" ] &&
{ [ "${PRERELEASE}" != "true" ] && [ "${PRERELEASE}" != "false" ]; }; then
if [ -z "${DEBUG}" ]; then
echo "⚠️ PRERELEASE must be either unset, 'true' or 'false', but was '${PRERELEASE}'!"
exit 1
else
echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
fi
fi
###
# Calling Github to get the latest version
###
ORIGINAL_GITHUB_REPO="netbox-community/netbox"
GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}"
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases?${GITHUB_OAUTH_PARAMS}"
# Composing the JQ commans to extract the most recent version number
JQ_LATEST="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==${PRERELEASE-false}) | .tag_name"
CURL="curl -sS"
# Querying the Github API to fetch the most recent version number
VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_LATEST}")
###
# Check if the prerelease version is actually higher than stable version
###
if [ "${PRERELEASE}" == "true" ]; then
JQ_STABLE="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==false) | .tag_name"
STABLE_VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_STABLE}")
@ -35,9 +60,11 @@ if [ "${PRERELEASE}" == "true" ]; then
# shellcheck disable=SC2003
MINOR_UNSTABLE=$(expr match "${VERSION}" 'v[0-9]\+\.\([0-9]\+\)')
if ( [ "$MAJOR_STABLE" -eq "$MAJOR_UNSTABLE" ] && [ "$MINOR_STABLE" -ge "$MINOR_UNSTABLE" ] ) \
|| [ "$MAJOR_STABLE" -gt "$MAJOR_UNSTABLE" ]; then
echo "❎ Latest unstable version ('$VERSION') is not higher than the latest stable version ('$STABLE_VERSION')."
if { [ "${MAJOR_STABLE}" -eq "${MAJOR_UNSTABLE}" ] \
&& [ "${MINOR_STABLE}" -ge "${MINOR_UNSTABLE}" ];
} || [ "${MAJOR_STABLE}" -gt "${MAJOR_UNSTABLE}" ]; then
echo "❎ Latest unstable version '${VERSION}' is not higher than the latest stable version '$STABLE_VERSION'."
if [ -z "$DEBUG" ]; then
exit 0
else
@ -46,32 +73,6 @@ if [ "${PRERELEASE}" == "true" ]; then
fi
fi
# Check if that version is not already available on docker hub:
ORIGINAL_DOCKERHUB_REPO="${DOCKER_ORG-netboxcommunity}/${DOCKER_REPO-netbox}"
DOCKERHUB_REPO="${DOCKERHUB_REPO-$ORIGINAL_DOCKERHUB_REPO}"
URL_DOCKERHUB_TOKEN="https://auth.docker.io/token?service=registry.docker.io&scope=repository:${DOCKERHUB_REPO}:pull"
BEARER_TOKEN="$($CURL "${URL_DOCKERHUB_TOKEN}" | jq -r .token)"
URL_DOCKERHUB_TAG="https://registry.hub.docker.com/v2/${DOCKERHUB_REPO}/tags/list"
AUTHORIZATION_HEADER="Authorization: Bearer ${BEARER_TOKEN}"
if [ -z "$VARIANT" ] || [ "$VARIANT" == "main" ]; then
DOCKER_TAG="${VERSION}"
else
DOCKER_TAG="${VERSION}-${VARIANT}"
fi
ALREADY_BUILT="$($CURL -H "${AUTHORIZATION_HEADER}" "${URL_DOCKERHUB_TAG}" | jq -e ".tags | any(.==\"${DOCKER_TAG}\")")"
if [ -n "$DEBUG" ] || [ "$ALREADY_BUILT" == "false" ]; then
if [ -n "$DEBUG" ]; then
echo "⚠️ Would not build, because ${DOCKER_TAG} already exists on https://hub.docker.com/r/${DOCKERHUB_REPO}, but DEBUG is enabled."
fi
# shellcheck disable=SC2068
./build.sh "${VERSION}" $@
exit $?
else
echo "${DOCKER_TAG} already exists on https://hub.docker.com/r/${DOCKERHUB_REPO}"
exit 0
fi
# shellcheck disable=SC2068
./build.sh "${VERSION}" $@
exit $?

343
build.sh
View File

@ -1,5 +1,5 @@
#!/bin/bash
# Builds the Dockerfile[.variant] and injects tgz'ed Netbox code from Github
# Clones the Netbox repository with git from Github and builds the Dockerfile
echo "▶️ $0 $*"
@ -8,63 +8,78 @@ set -e
if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
echo "Usage: ${0} <branch> [--push|--push-only]"
echo " branch The branch or tag to build. Required."
echo " --push Pushes built the Docker image to the registry."
echo " --push-only Does not build. Only pushes the Docker image to the registry."
echo " --push Pushes the built Docker image to the registry."
echo " --push-only Only pushes the Docker image to the registry, but does not build it."
echo ""
echo "You can use the following ENV variables to customize the build:"
echo " DEBUG If defined, the script does not stop when certain checks are unsatisfied."
echo " DRY_RUN Prints all build statements instead of running them."
echo " DOCKER_OPTS Add parameters to Docker."
echo " Default:"
echo " When <TAG> starts with 'v': \"\""
echo " Else: \"--no-cache\""
echo " BRANCH The branch to build."
echo " Also used for tagging the image."
echo " TAG The version part of the docker tag."
echo " Default:"
echo " When <BRANCH>=master: latest"
echo " When <BRANCH>=develop: snapshot"
echo " Else: same as <BRANCH>"
echo " DOCKER_ORG The Docker registry (i.e. hub.docker.com/r/<DOCKER_ORG>/<DOCKER_REPO>) "
echo " Also used for tagging the image."
echo " Default: netboxcommunity"
echo " DOCKER_REPO The Docker registry (i.e. hub.docker.com/r/<DOCKER_ORG>/<DOCKER_REPO>) "
echo " Also used for tagging the image."
echo " Default: netbox"
echo " DOCKER_TAG The name of the tag which is applied to the image."
echo " Useful for pushing into another registry than hub.docker.com."
echo " Default: <DOCKER_ORG>/<DOCKER_REPO>:<BRANCH>"
echo " SRC_ORG Which fork of netbox to use (i.e. github.com/<SRC_ORG>/<SRC_REPO>)."
echo " Default: digitalocean"
echo " SRC_REPO The name of the netbox for to use (i.e. github.com/<SRC_ORG>/<SRC_REPO>)."
echo " Default: netbox"
echo " URL Where to fetch the package from."
echo " Must be a tar.gz file of the source code."
echo " Default: https://github.com/<SRC_ORG>/<SRC_REPO>/archive/\$BRANCH.tar.gz"
echo " VARIANT The variant to build."
echo " The value will be used as a suffix to the \$TAG and for the Dockerfile"
echo " selection. The TAG being build must exist for the base variant and"
echo " corresponding Dockerfile must start with the following lines:"
echo " ARG DOCKER_ORG=netboxcommunity"
echo " ARG DOCKER_REPO=netbox"
echo " ARG FROM_TAG=latest"
echo " FROM \$DOCKER_ORG/\$DOCKER_REPO:\$FROM_TAG"
echo " Example: VARIANT=ldap will result in the tag 'latest-ldap' and the"
echo " Dockerfile './Dockerfile.ldap' being used."
echo " Exception: VARIANT=main will use the './Dockerfile' Dockerfile"
echo " Default: main"
echo " HTTP_PROXY The proxy to use for http requests."
echo " Example: http://proxy.domain.tld:3128"
echo " Default: empty"
echo " HTTPS_PROXY The proxy to use for https requests."
echo " Example: http://proxy.domain.tld:3128"
echo " Default: empty"
echo " FTP_PROXY The proxy to use for ftp requests."
echo " Example: http://proxy.domain.tld:3128"
echo " Default: empty"
echo " NO_PROXY Comma-separated list of domain extensions proxy should not be used for."
echo " Example: .domain1.tld,.domain2.tld"
echo " Default: empty"
echo " SRC_ORG Which fork of netbox to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})."
echo " Default: netbox-community"
echo " SRC_REPO The name of the repository to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})."
echo " Default: netbox"
echo " URL Where to fetch the code from."
echo " Must be a git repository. Can be private."
echo " Default: https://github.com/\${SRC_ORG}/\${SRC_REPO}.git"
echo " NETBOX_PATH The path where netbox will be checkout out."
echo " Must not be outside of the netbox-docker repository (because of Docker)!"
echo " Default: .netbox"
echo " SKIP_GIT If defined, git is not invoked and \${NETBOX_PATH} will not be altered."
echo " This may be useful, if you are manually managing the NETBOX_PATH."
echo " Default: undefined"
echo " TAG The version part of the docker tag."
echo " Default:"
echo " When \${BRANCH}=master: latest"
echo " When \${BRANCH}=develop: snapshot"
echo " Else: same as \${BRANCH}"
echo " DOCKER_ORG The Docker registry (i.e. hub.docker.com/r/\${DOCKER_ORG}/\${DOCKER_REPO})"
echo " Also used for tagging the image."
echo " Default: netboxcommunity"
echo " DOCKER_REPO The Docker registry (i.e. hub.docker.com/r/\${DOCKER_ORG}/\${DOCKER_REPO})"
echo " Also used for tagging the image."
echo " Default: netbox"
echo " DOCKER_FROM The base image to use."
echo " Default: Whatever is defined as default in the Dockerfile."
echo " DOCKER_TAG The name of the tag which is applied to the image."
echo " Useful for pushing into another registry than hub.docker.com."
echo " Default: \${DOCKER_ORG}/\${DOCKER_REPO}:\${TAG}"
echo " DOCKER_SHORT_TAG The name of the short tag which is applied to the"
echo " image. This is used to tag all patch releases to their"
echo " containing version e.g. v2.5.1 -> v2.5"
echo " Default: \${DOCKER_ORG}/\${DOCKER_REPO}:<MAJOR>.<MINOR>"
echo " DOCKERFILE The name of Dockerfile to use."
echo " Default: Dockerfile"
echo " DOCKER_TARGET A specific target to build."
echo " It's currently not possible to pass multiple targets."
echo " Default: main ldap"
echo " HTTP_PROXY The proxy to use for http requests."
echo " Example: http://proxy.domain.tld:3128"
echo " Default: undefined"
echo " NO_PROXY Comma-separated list of domain extensions proxy should not be used for."
echo " Example: .domain1.tld,.domain2.tld"
echo " Default: undefined"
echo " DEBUG If defined, the script does not stop when certain checks are unsatisfied."
echo " Default: undefined"
echo " DRY_RUN Prints all build statements instead of running them."
echo " Default: undefined"
echo ""
echo "Examples:"
echo " ${0} master"
echo " This will fetch the latest 'master' branch, build a Docker Image and tag it"
echo " 'netboxcommunity/netbox:latest'."
echo " ${0} develop"
echo " This will fetch the latest 'develop' branch, build a Docker Image and tag it"
echo " 'netboxcommunity/netbox:snapshot'."
echo " ${0} v2.6.6"
echo " This will fetch the 'v2.6.6' tag, build a Docker Image and tag it"
echo " 'netboxcommunity/netbox:v2.6.6' and 'netboxcommunity/netbox:v2.6'."
echo " ${0} develop-2.7"
echo " This will fetch the 'develop-2.7' branch, build a Docker Image and tag it"
echo " 'netboxcommunity/netbox:develop-2.7'."
echo " SRC_ORG=cimnine ${0} feature-x"
echo " This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git,"
echo " build a Docker Image and tag it 'netboxcommunity/netbox:feature-x'."
echo " SRC_ORG=cimnine DOCKER_ORG=cimnine ${0} feature-x"
echo " This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git,"
echo " build a Docker Image and tag it 'cimnine/netbox:feature-x'."
if [ "${1}x" == "x" ]; then
exit 1
@ -73,17 +88,73 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then
fi
fi
# read the project version and trim it
###
# Determining the build command to use
###
if [ -z "${DRY_RUN}" ]; then
DRY=""
else
echo "⚠️ DRY_RUN MODE ON ⚠️"
DRY="echo"
fi
###
# read the project version from the `VERSION` file and trim it
# see https://stackoverflow.com/a/3232433/172132
###
NETBOX_DOCKER_PROJECT_VERSION="${NETBOX_DOCKER_PROJECT_VERSION-$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' VERSION)}"
###
# variables for fetching the source
SRC_ORG="${SRC_ORG-digitalocean}"
###
SRC_ORG="${SRC_ORG-netbox-community}"
SRC_REPO="${SRC_REPO-netbox}"
BRANCH="${1}"
URL="${URL-https://github.com/${SRC_ORG}/${SRC_REPO}/archive/$BRANCH.tar.gz}"
URL="${URL-https://github.com/${SRC_ORG}/${SRC_REPO}.git}"
###
# fetching the source
###
if [ "${2}" != "--push-only" ] ; then
NETBOX_PATH="${NETBOX_PATH-.netbox}"
echo "🌐 Checking out '${BRANCH}' of netbox from the url '${URL}' into '${NETBOX_PATH}'"
if [ ! -d "${NETBOX_PATH}" ]; then
$DRY git clone -q --depth 10 -b "${BRANCH}" "${URL}" "${NETBOX_PATH}"
fi
(
$DRY cd "${NETBOX_PATH}"
if [ -n "${HTTP_PROXY}" ]; then
git config http.proxy "${HTTP_PROXY}"
fi
$DRY git remote set-url origin "${URL}"
$DRY git fetch -qp --depth 10 origin "${BRANCH}"
$DRY git checkout -qf FETCH_HEAD
$DRY git prune
)
echo "✅ Checked out netbox"
fi
###
# Determining the value for DOCKERFILE
# and checking whether it exists
###
DOCKERFILE="${DOCKERFILE-Dockerfile}"
if [ ! -f "${DOCKERFILE}" ]; then
echo "🚨 The Dockerfile ${DOCKERFILE} doesn't exist."
if [ -z "${DEBUG}" ]; then
exit 1
else
echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
fi
fi
###
# variables for tagging the docker image
###
DOCKER_ORG="${DOCKER_ORG-netboxcommunity}"
DOCKER_REPO="${DOCKER_REPO-netbox}"
case "${BRANCH}" in
@ -94,75 +165,107 @@ case "${BRANCH}" in
*)
TAG="${TAG-$BRANCH}";;
esac
DOCKER_TAG="${DOCKER_TAG-${DOCKER_ORG}/${DOCKER_REPO}:${TAG}}"
# Checking which VARIANT to build
VARIANT="${VARIANT-main}"
if [ "$VARIANT" == "main" ]; then
DOCKERFILE="Dockerfile"
else
DOCKERFILE="Dockerfile.${VARIANT}"
DOCKER_TAG="${DOCKER_TAG}-${VARIANT}"
###
# Determine targets to build
###
DEFAULT_DOCKER_TARGETS=("main" "ldap")
DOCKER_TARGETS=( "${DOCKER_TARGET:-"${DEFAULT_DOCKER_TARGETS[@]}"}")
echo "🏭 Building the following targets:" "${DOCKER_TARGETS[@]}"
# Fail fast
if [ ! -f "${DOCKERFILE}" ]; then
echo "🚨 The Dockerfile ${DOCKERFILE} for variant '${VARIANT}' doesn't exist."
###
# Build each target
###
for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do
echo "🏗 Building the target '${DOCKER_TARGET}'"
if [ -z "$DEBUG" ]; then
exit 1
else
echo "⚠️ Would exit here with code '1', but DEBUG is enabled."
###
# composing the final TARGET_DOCKER_TAG
###
TARGET_DOCKER_TAG="${DOCKER_TAG-${DOCKER_ORG}/${DOCKER_REPO}:${TAG}}"
if [ "${DOCKER_TARGET}" != "main" ]; then
TARGET_DOCKER_TAG="${TARGET_DOCKER_TAG}-${DOCKER_TARGET}"
fi
###
# composing the additional DOCKER_SHORT_TAG,
# i.e. "v2.6.1" becomes "v2.6",
# which is only relevant for version tags
###
if [[ "${TAG}" =~ ^v([0-9]+)\.([0-9]+)\.[0-9]+$ ]]; then
MAJOR=${BASH_REMATCH[1]}
MINOR=${BASH_REMATCH[2]}
DOCKER_SHORT_TAG="${DOCKER_SHORT_TAG-${DOCKER_ORG}/${DOCKER_REPO}:v${MAJOR}.${MINOR}}"
if [ "${DOCKER_TARGET}" != "main" ]; then
DOCKER_SHORT_TAG="${DOCKER_SHORT_TAG}-${DOCKER_TARGET}"
fi
fi
fi
DOCKER_OPTS=("${DOCKER_OPTS[@]}")
###
# Proceeding to buils stage, except if `--push-only` is passed
###
if [ "${2}" != "--push-only" ] ; then
###
# Composing all arguments for `docker build`
###
DOCKER_BUILD_ARGS=(
--pull
--target "${DOCKER_TARGET}"
-f "${DOCKERFILE}"
-t "${TARGET_DOCKER_TAG}"
)
if [ -n "${DOCKER_SHORT_TAG}" ]; then
DOCKER_BUILD_ARGS+=( -t "${DOCKER_SHORT_TAG}" )
fi
# caching is only ok for version tags
case "${TAG}" in
v*) ;;
*) DOCKER_OPTS+=( "--no-cache" ) ;;
esac
# --label
DOCKER_BUILD_ARGS+=(
--label "NETBOX_DOCKER_PROJECT_VERSION=${NETBOX_DOCKER_PROJECT_VERSION}"
--label "NETBOX_BRANCH=${BRANCH}"
--label "ORIGINAL_DOCKER_TAG=${TARGET_DOCKER_TAG}"
)
if [ -d "${NETBOX_PATH}/.git" ]; then
DOCKER_BUILD_ARGS+=(
--label "NETBOX_GIT_COMMIT=$($DRY cd "${NETBOX_PATH}"; $DRY git rev-parse HEAD)"
--label "NETBOX_GIT_URL=$($DRY cd "${NETBOX_PATH}"; $DRY git remote get-url origin)"
)
fi
DOCKER_OPTS+=( "--pull" )
# --build-arg
DOCKER_BUILD_ARGS+=( --build-arg "NETBOX_PATH=${NETBOX_PATH}" )
if [ -n "${DOCKER_FROM}" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "FROM=${DOCKER_FROM}" )
fi
if [ -n "${HTTP_PROXY}" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "http_proxy=${HTTP_PROXY}" )
DOCKER_BUILD_ARGS+=( --build-arg "https_proxy=${HTTPS_PROXY}" )
fi
if [ -n "${NO_PROXY}" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "no_proxy=${NO_PROXY}" )
fi
# Build args
DOCKER_BUILD_ARGS=(
--build-arg "NETBOX_DOCKER_PROJECT_VERSION=${NETBOX_DOCKER_PROJECT_VERSION}"
--build-arg "FROM_TAG=${TAG}"
--build-arg "BRANCH=${BRANCH}"
--build-arg "URL=${URL}"
--build-arg "DOCKER_ORG=${DOCKER_ORG}"
--build-arg "DOCKER_REPO=${DOCKER_REPO}"
)
if [ -n "$HTTP_PROXY" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "http_proxy=${HTTP_PROXY}" )
fi
if [ -n "$HTTPS_PROXY" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "https_proxy=${HTTPS_PROXY}" )
fi
if [ -n "$FTP_PROXY" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "ftp_proxy=${FTP_PROXY}" )
fi
if [ -n "$NO_PROXY" ]; then
DOCKER_BUILD_ARGS+=( --build-arg "no_proxy=${NO_PROXY}" )
fi
###
# Building the docker image
###
echo "🐳 Building the Docker image '${TARGET_DOCKER_TAG}'."
$DRY docker build "${DOCKER_BUILD_ARGS[@]}" .
echo "✅ Finished building the Docker images '${TARGET_DOCKER_TAG}'"
fi
if [ -z "$DRY_RUN" ]; then
DOCKER_CMD="docker"
else
echo "⚠️ DRY_RUN MODE ON ⚠️"
DOCKER_CMD="echo docker"
fi
###
# Pushing the docker images if either `--push` or `--push-only` are passed
###
if [ "${2}" == "--push" ] || [ "${2}" == "--push-only" ] ; then
echo "⏫ Pushing '${TARGET_DOCKER_TAG}"
$DRY docker push "${TARGET_DOCKER_TAG}"
echo "✅ Finished pushing the Docker image '${TARGET_DOCKER_TAG}'."
if [ "${2}" != "--push-only" ] ; then
echo "🐳 Building the Docker image '${DOCKER_TAG}' from the url '${URL}'."
$DOCKER_CMD build -t "${DOCKER_TAG}" "${DOCKER_BUILD_ARGS[@]}" "${DOCKER_OPTS[@]}" -f "${DOCKERFILE}" .
echo "✅ Finished building the Docker images '${DOCKER_TAG}'"
fi
if [ "${2}" == "--push" ] || [ "${2}" == "--push-only" ] ; then
echo "⏫ Pushing '${DOCKER_TAG}"
$DOCKER_CMD push "${DOCKER_TAG}"
echo "✅ Finished pushing the Docker image '${DOCKER_TAG}'."
fi
if [ -n "$DOCKER_SHORT_TAG" ]; then
echo "⏫ Pushing '${DOCKER_SHORT_TAG}'"
$DRY docker push "${DOCKER_SHORT_TAG}"
echo "✅ Finished pushing the Docker image '${DOCKER_SHORT_TAG}'."
fi
fi
done

51
configuration/configuration.py
View File

@ -1,8 +1,9 @@
import os
import re
import socket
# For reference see http://netbox.readthedocs.io/en/latest/configuration/mandatory-settings/
# Based on https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py
# Based on https://github.com/netbox-community/netbox/blob/develop/netbox/netbox/configuration.example.py
# Read secret from file
def read_secret(secret_name):
@ -44,6 +45,17 @@ DATABASE = {
# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SECRET_KEY
SECRET_KEY = os.environ.get('SECRET_KEY', read_secret('secret_key'))
# Redis database settings. The Redis database is used for caching and background processing such as webhooks
REDIS = {
'HOST': os.environ.get('REDIS_HOST', 'localhost'),
'PORT': int(os.environ.get('REDIS_PORT', 6379)),
'PASSWORD': os.environ.get('REDIS_PASSWORD', read_secret('redis_password')),
'DATABASE': os.environ.get('REDIS_DATABASE', '0'),
'CACHE_DATABASE': os.environ.get('REDIS_CACHE_DATABASE', '1'),
'DEFAULT_TIMEOUT': os.environ.get('REDIS_TIMEOUT', '300'),
'SSL': os.environ.get('REDIS_SSL', 'False').lower() == 'true',
}
#########################
# #
# Optional settings #
@ -68,14 +80,18 @@ BANNER_LOGIN = os.environ.get('BANNER_LOGIN', '')
# BASE_PATH = 'netbox/'
BASE_PATH = os.environ.get('BASE_PATH', '')
# Cache timeout in seconds. Set to 0 to dissable caching. Defaults to 900 (15 minutes)
CACHE_TIMEOUT = int(os.environ.get('CACHE_TIMEOUT', 900))
# Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90)
CHANGELOG_RETENTION = int(os.environ.get('CHANGELOG_RETENTION', 90))
# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be
# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or
# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers
CORS_ORIGIN_ALLOW_ALL = os.environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true'
CORS_ORIGIN_WHITELIST = os.environ.get('CORS_ORIGIN_WHITELIST', '').split(' ')
CORS_ORIGIN_REGEX_WHITELIST = [
# r'^(https?://)?(\w+\.)?example\.com$',
]
CORS_ORIGIN_WHITELIST = list(filter(None, os.environ.get('CORS_ORIGIN_WHITELIST', 'https://localhost').split(' ')))
CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r in list(filter(None, os.environ.get('CORS_ORIGIN_REGEX_WHITELIST', '').split(' ')))]
# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal
# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging
@ -97,6 +113,10 @@ EMAIL = {
# set ENFORCE_GLOBAL_UNIQUE to True.
ENFORCE_GLOBAL_UNIQUE = os.environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true'
# Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and
# by anonymous users. List models in the form `<app>.<model>`. Add '*' to this list to exempt all models.
EXEMPT_VIEW_PERMISSIONS = list(filter(None, os.environ.get('EXEMPT_VIEW_PERMISSIONS', '').split(' ')))
# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs:
# https://docs.djangoproject.com/en/1.11/topics/logging/
LOGGING = {}
@ -117,6 +137,9 @@ MAX_PAGE_SIZE = int(os.environ.get('MAX_PAGE_SIZE', 1000))
# the default value of this setting is derived from the installed location.
MEDIA_ROOT = os.environ.get('MEDIA_ROOT', os.path.join(BASE_DIR, 'media'))
# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
METRICS_ENABLED = os.environ.get('METRICS_ENABLED', 'False').lower() == 'true'
# Credentials that NetBox will use to access live devices.
NAPALM_USERNAME = os.environ.get('NAPALM_USERNAME', '')
NAPALM_PASSWORD = os.environ.get('NAPALM_PASSWORD', read_secret('napalm_password'))
@ -134,20 +157,6 @@ PAGINATE_COUNT = int(os.environ.get('PAGINATE_COUNT', 50))
# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to
# prefer IPv4 instead.
PREFER_IPV4 = os.environ.get('PREFER_IPV4', 'False').lower() == 'true'
# The Webhook event backend is disabled by default. Set this to True to enable it. Note that this requires a Redis
# database be configured and accessible by NetBox (see `REDIS` below).
WEBHOOKS_ENABLED = os.environ.get('WEBHOOKS_ENABLED', 'False').lower() == 'true'
# Redis database settings (optional). A Redis database is required only if the webhooks backend is enabled.
REDIS = {
'HOST': os.environ.get('REDIS_HOST', 'localhost'),
'PORT': os.environ.get('REDIS_PORT', 6379),
'PASSWORD': os.environ.get('REDIS_PASSWORD', read_secret('redis_password')),
'DATABASE': os.environ.get('REDIS_DATABASE', '0'),
'DEFAULT_TIMEOUT': os.environ.get('REDIS_TIMEOUT', '300'),
}
# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of
# this setting is derived from the installed location.
REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports')
@ -155,6 +164,10 @@ REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports')
# Time zone (default: UTC)
TIME_ZONE = os.environ.get('TIME_ZONE', 'UTC')
# The Webhook event backend is disabled by default. Set this to True to enable it. Note that this requires a Redis
# database be configured and accessible by NetBox (see `REDIS` below).
WEBHOOKS_ENABLED = os.environ.get('WEBHOOKS_ENABLED', 'False').lower() == 'true'
# Date/time formatting. See the following link for supported formats:
# https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date
DATE_FORMAT = os.environ.get('DATE_FORMAT', 'N j, Y')

25
configuration/ldap_config.py
View File

@ -1,7 +1,26 @@
import ldap
import os
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
from django_auth_ldap.config import LDAPSearch
from importlib import import_module
# Read secret from file
def read_secret(secret_name):
try:
f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8')
except EnvironmentError:
return ''
else:
with f:
return f.readline().strip()
# Import and return the group type based on string name
def import_group_type(group_type_name):
mod = import_module('django_auth_ldap.config')
try:
return getattr(mod, group_type_name)()
except:
return None
# Server URI
AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '')
@ -13,7 +32,7 @@ AUTH_LDAP_CONNECTION_OPTIONS = {
# Set the DN and password for the NetBox service account.
AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '')
AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '')
AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', read_secret('auth_ldap_bind_password'))
# Set a string template that describes any users distinguished name based on the username.
AUTH_LDAP_USER_DN_TEMPLATE = os.environ.get('AUTH_LDAP_USER_DN_TEMPLATE', None)
@ -35,7 +54,7 @@ AUTH_LDAP_GROUP_SEARCH_BASEDN = os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN',
AUTH_LDAP_GROUP_SEARCH_CLASS = os.environ.get('AUTH_LDAP_GROUP_SEARCH_CLASS', 'group')
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(AUTH_LDAP_GROUP_SEARCH_BASEDN, ldap.SCOPE_SUBTREE,
"(objectClass=" + AUTH_LDAP_GROUP_SEARCH_CLASS + ")")
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
AUTH_LDAP_GROUP_TYPE = import_group_type(os.environ.get('AUTH_LDAP_GROUP_TYPE', 'GroupOfNamesType'))
# Define a group required to login.
AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '')

20
docker-compose.yml
View File

@ -1,10 +1,6 @@
version: '3'
version: '3.4'
services:
netbox: &netbox
build:
context: .
args:
- BRANCH=${VERSION-master}
image: netboxcommunity/netbox:${VERSION-latest}
depends_on:
- postgres
@ -12,13 +8,13 @@ services:
- netbox-worker
env_file: env/netbox.env
volumes:
- ./startup_scripts:/opt/netbox/startup_scripts:ro
- ./initializers:/opt/netbox/initializers:ro
- ./configuration:/etc/netbox/config:ro
- ./reports:/etc/netbox/reports:ro
- netbox-nginx-config:/etc/netbox-nginx/
- netbox-static-files:/opt/netbox/netbox/static
- netbox-media-files:/opt/netbox/netbox/media
- ./startup_scripts:/opt/netbox/startup_scripts:z,ro
- ./initializers:/opt/netbox/initializers:z,ro
- ./configuration:/etc/netbox/config:z,ro
- ./reports:/etc/netbox/reports:z,ro
- netbox-nginx-config:/etc/netbox-nginx:z
- netbox-static-files:/opt/netbox/netbox/static:z
- netbox-media-files:/opt/netbox/netbox/media:z
netbox-worker:
<<: *netbox
depends_on:

63
docker/docker-entrypoint.sh
View File

@ -7,31 +7,31 @@ while ! ./manage.py migrate 2>&1; do
sleep 3
done
# create superuser silently
if [ -z ${SUPERUSER_NAME+x} ]; then
SUPERUSER_NAME='admin'
fi
if [ -z ${SUPERUSER_EMAIL+x} ]; then
SUPERUSER_EMAIL='admin@example.com'
fi
if [ -z ${SUPERUSER_PASSWORD+x} ]; then
if [ -f "/run/secrets/superuser_password" ]; then
SUPERUSER_PASSWORD="$(< /run/secrets/superuser_password)"
else
SUPERUSER_PASSWORD='admin'
if [ "$SKIP_SUPERUSER" == "true" ]; then
echo "↩️ Skip creating the superuser"
else
if [ -z ${SUPERUSER_NAME+x} ]; then
SUPERUSER_NAME='admin'
fi
fi
if [ -z ${SUPERUSER_API_TOKEN+x} ]; then
if [ -f "/run/secrets/superuser_api_token" ]; then
SUPERUSER_API_TOKEN="$(< /run/secrets/superuser_api_token)"
else
SUPERUSER_API_TOKEN='0123456789abcdef0123456789abcdef01234567'
if [ -z ${SUPERUSER_EMAIL+x} ]; then
SUPERUSER_EMAIL='admin@example.com'
fi
if [ -z ${SUPERUSER_PASSWORD+x} ]; then
if [ -f "/run/secrets/superuser_password" ]; then
SUPERUSER_PASSWORD="$(< /run/secrets/superuser_password)"
else
SUPERUSER_PASSWORD='admin'
fi
fi
if [ -z ${SUPERUSER_API_TOKEN+x} ]; then
if [ -f "/run/secrets/superuser_api_token" ]; then
SUPERUSER_API_TOKEN="$(< /run/secrets/superuser_api_token)"
else
SUPERUSER_API_TOKEN='0123456789abcdef0123456789abcdef01234567'
fi
fi
fi
echo "💡 Username: ${SUPERUSER_NAME}, E-Mail: ${SUPERUSER_EMAIL}"
./manage.py shell --interface python << END
./manage.py shell --interface python << END
from django.contrib.auth.models import User
from users.models import Token
if not User.objects.filter(username='${SUPERUSER_NAME}'):
@ -39,10 +39,17 @@ if not User.objects.filter(username='${SUPERUSER_NAME}'):
Token.objects.create(user=u, key='${SUPERUSER_API_TOKEN}')
END
for script in /opt/netbox/startup_scripts/*.py; do
echo "⚙️ Executing '$script'"
./manage.py shell --interface python < "${script}"
done
echo "💡 Superuser Username: ${SUPERUSER_NAME}, E-Mail: ${SUPERUSER_EMAIL}"
fi
if [ "$SKIP_STARTUP_SCRIPTS" == "true" ]; then
echo "↩️ Skipping startup scripts"
else
for script in /opt/netbox/startup_scripts/*.py; do
echo "⚙️ Executing '$script'"
./manage.py shell --interface python < "${script}"
done
fi
# copy static files
./manage.py collectstatic --no-input
@ -51,4 +58,6 @@ echo "✅ Initialisation is done."
# launch whatever is passed by docker
# (i.e. the RUN instruction in the Dockerfile)
exec ${@}
#
# shellcheck disable=SC2068
exec $@

6
env/netbox.env vendored
View File

@ -1,3 +1,4 @@
CORS_ORIGIN_ALLOW_ALL=True
DB_NAME=netbox
DB_USER=netbox
DB_PASSWORD=J5brHrAXFLQSif0K
@ -15,7 +16,12 @@ NAPALM_TIMEOUT=10
MAX_PAGE_SIZE=1000
REDIS_HOST=redis
REDIS_PASSWORD=H733Kdjndks81
REDIS_DATABASE=0
REDIS_CACHE_DATABASE=1
REDIS_SSL=false
SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj
SKIP_STARTUP_SCRIPTS=false
SKIP_SUPERUSER=false
SUPERUSER_NAME=admin
SUPERUSER_EMAIL=admin@example.com
SUPERUSER_PASSWORD=admin

1
hooks/build
View File

@ -2,4 +2,5 @@
. hooks/common
# shellcheck disable=SC2119
run_build

50
hooks/common
View File

@ -1,37 +1,19 @@
#!/bin/bash
ensure_jq() {
echo "🛠🛠🛠 Installing JQ via apt-get"
[ -x "$(command -v jq)" ] || ( apt-get update && apt-get install -y jq )
}
ensure_dockerfile_present() {
if [ "${VARIANT}" == "main" ]; then
DOCKERFILE="Dockerfile"
else
DOCKERFILE="Dockerfile.${VARIANT}"
# Fail fast
if [ ! -f "${DOCKERFILE}" ]; then
echo "🚨 The Dockerfile '${DOCKERFILE}' for variant '${VARIANT}' doesn't exist."
if [ -z "$DEBUG" ]; then
exit 1
else
echo "⚠️ Would skip this, but DEBUG is enabled."
fi
fi
if [ "${DOCKERFILE}" != "${DOCKERFILE_PATH}" ]; then
echo "⚠️ The specified Dockerfile '${DOCKERFILE_PATH}' does not match the expected Dockerfile '${DOCKERFILE}'."
echo " This script will use '${DOCKERFILE}' and ignore '${DOCKERFILE_PATH}'."
if [ ! -x "$(command -v jq)" ]; then
if [ -x "$(command -v apt-get)" ]; then
echo "🛠🛠🛠 Installing 'jq' via 'apt-get'"
apt-get update && apt-get install -y jq
else
echo "⚠️⚠️⚠️ apt-get not found, unable to automatically install 'jq'."
fi
fi
}
# Passes args to the scripts
run_build() {
echo "🐳🐳🐳 Building '${BUILD}' images, the '${VARIANT:-main}' variant"
echo "🐳🐳🐳 Building '${BUILD}' images"
case $BUILD in
release)
# build the latest release
@ -48,11 +30,11 @@ run_build() {
# shellcheck disable=SC2068
./build-branches.sh $@
;;
special)
# special build
# shellcheck disable=SC2068
#SRC_ORG=lampwins TAG=webhooks-backend ./build.sh "feature/webhooks-backend" $@
echo "✅ No special builds today."
this) # Pull Requests
# only build the 'master' branch
# (resulting in the 'latest' docker tag)
# and the 'main' target.
DOCKER_TARGET=main ./build.sh master
;;
*)
echo "🚨 Unrecognized build '$BUILD'."
@ -70,13 +52,9 @@ echo "🤖🤖🤖 Preparing build"
export DOCKER_ORG="index.docker.io/netboxcommunity"
export DOCKER_REPO=netbox
export DOCKERHUB_REPO=netboxcommunity/netbox
# mis-using the "${DOCKER_TAG}" variable as "branch to build"
export BUILD="${DOCKER_TAG%-*}"
export VARIANT="${DOCKER_TAG#*-}"
# shellcheck disable=SC2153
export BUILD="${DOCKER_TAG}"
unset DOCKER_TAG
ensure_dockerfile_present
ensure_jq

11
hooks/push
View File

@ -2,4 +2,13 @@
. hooks/common
run_build --push-only
if [ "${SOURCE_BRANCH}" == "main" ] || [ "${DEBUG}" == "true" ]; then
if [ "${SOURCE_BRANCH}" != "main" ]; then
echo "⚠️⚠️⚠️ Would exit, but DEBUG is '${DEBUG}'".
fi
run_build --push-only
else
echo "⚠️⚠️⚠️ Only pushing on 'main' branch, but current branch is '${SOURCE_BRANCH}'"
exit 0
fi

22
hooks/test
View File

@ -2,11 +2,21 @@
. hooks/common
if [ "${VARIANT}" == "main" ] && [ "${BUILD}" == "BRANCHES" ]; then
echo "🐳🐳🐳 Testing"
docker-compose pull --parallel
docker-compose build
docker-compose run netbox ./manage.py test
run_test() {
echo "🐳🐳🐳 Testing '${1}'"
VERSION="${1}" docker-compose run netbox ./manage.py test
docker-compose down -v
echo "🐳🐳🐳 Done testing '${1}'"
}
# test on builds of 'branches'
if [ "${BUILD}" == "branches" ] \
|| [ "${DEBUG}" == "true" ]; then
run_test latest
run_test snapshot
# test on bulds of 'this' (i.e. pull request)
elif [ "${BUILD}" == "this" ]; then
run_test latest
else
echo "🐳🐳🐳 No tests are implemented for build '${BUILD}' with variant '${VARIANT}'."
echo "🐳🐳🐳 No tests are implemented for build '${BUILD}'."
fi

6
initializers/aggregates.yml Normal file
View File

@ -0,0 +1,6 @@
# - prefix: 10.0.0.0/16
# rir: RFC1918
# - prefix: fd00:ccdd::/32
# rir: RFC4193 ULA
# - prefix: 2001:db8::/32
# rir: RFC3849

2
initializers/cluster_types.yml Normal file
View File

@ -0,0 +1,2 @@
# - name: Hyper-V
# slug: hyper-v

5
initializers/clusters.yml Normal file
View File

@ -0,0 +1,5 @@
# - name: cluster1
# type: Hyper-V
# - name: cluster2
# type: Hyper-V
# site: SING 1

8
initializers/dcim_interfaces.yml Normal file
View File

@ -0,0 +1,8 @@
# - device: server01
# enabled: true
# type: Virtual
# name: to-server02
# - device: server02
# enabled: true
# type: Virtual
# name: to-server01

2
initializers/device_types.yml
View File

@ -17,7 +17,7 @@
# custom_fields:
# text_field: Description
# - model: Other
# manufacturer: NoName
# manufacturer: No Name
# slug: other
# custom_fields:
# text_field: Description

26
initializers/ip_addresses.yml Normal file
View File

@ -0,0 +1,26 @@
# - address: 10.1.1.1/24
# device: server01
# interface: to-server02
# status: Active
# vrf: vrf1
# - address: 2001:db8:a000:1::1/64
# device: server01
# interface: to-server02
# status: Active
# vrf: vrf1
# - address: 10.1.1.2/24
# device: server02
# interface: to-server01
# status: Active
# - address: 2001:db8:a000:1::2/64
# device: server02
# interface: to-server01
# status: Active
# - address: 10.1.1.10/24
# description: reserved IP
# status: Reserved
# tenant: tenant1
# - address: 2001:db8:a000:1::10/64
# description: reserved IP
# status: Reserved
# tenant: tenant1

4
initializers/manufacturers.yml
View File

@ -2,5 +2,5 @@
# slug: manufacturer-1
# - name: Manufacturer 2
# slug: manufacturer-2
# - name: NoName
# slug: noname
# - name: No Name
# slug: no-name

6
initializers/platforms.yml
View File

@ -1,19 +1,15 @@
# # Allowed rpc clients are: juniper-junos, cisco-ios, opengear
# - name: Platform 1
# slug: platform-1
# manufacturer: Manufacturer 1
# napalm_driver: driver1
# napalm_args: "{'arg1': 'value1', 'arg2': 'value2'}"
# rpc_client: juniper-junos
# - name: Platform 2
# slug: platform-2
# manufacturer: Manufacturer 2
# napalm_driver: driver2
# napalm_args: "{'arg1': 'value1', 'arg2': 'value2'}"
# rpc_client: opengear
# - name: Platform 3
# slug: platform-3
# manufacturer: NoName
# manufacturer: No Name
# napalm_driver: driver3
# napalm_args: "{'arg1': 'value1', 'arg2': 'value2'}"
# rpc_client: juniper-junos

2
initializers/prefix_vlan_roles.yml Normal file
View File

@ -0,0 +1,2 @@
# - name: Main Management
# slug: main-management

20
initializers/prefixes.yml Normal file
View File

@ -0,0 +1,20 @@
# - description: prefix1
# prefix: 10.1.1.0/24
# site: AMS 1
# status: Active
# tenant: tenant1
# vlan: vlan1
# - description: prefix2
# prefix: 10.1.2.0/24
# site: AMS 2
# status: Active
# tenant: tenant2
# vlan: vlan2
# is_pool: true
# vrf: vrf2
# - description: ipv6 prefix1
# prefix: 2001:db8:a000:1::/64
# site: AMS 2
# status: Active
# tenant: tenant2
# vlan: vlan2

9
initializers/rirs.yml Normal file
View File

@ -0,0 +1,9 @@
# - is_private: true
# name: RFC1918
# slug: rfc1918
# - is_private: true
# name: RFC4193 ULA
# slug: rfc4193-ula
# - is_private: true
# name: RFC3849
# slug: rfc3849

4
initializers/tenant_groups.yml Normal file
View File

@ -0,0 +1,4 @@
# - name: Tenant Group 1
# slug: tenant-group-1
# - name: Tenant Group 2
# slug: tenant-group-2

5
initializers/tenants.yml Normal file
View File

@ -0,0 +1,5 @@
# - name: tenant1
# slug: tenant1
# - name: tenant2
# slug: tenant2
# group: Tenant Group 2

18
initializers/virtual_machines.yml Normal file
View File

@ -0,0 +1,18 @@
# - cluster: cluster1
# comments: VM1
# disk: 200
# memory: 4096
# name: virtual machine 1
# platform: Platform 2
# status: Active
# tenant: tenant1
# vcpus: 8
# - cluster: cluster1
# comments: VM2
# disk: 100
# memory: 2048
# name: virtual machine 2
# platform: Platform 2
# status: Active
# tenant: tenant1
# vcpus: 8

12
initializers/virtualization_interfaces.yml Normal file
View File

@ -0,0 +1,12 @@
# - description: Network Interface 1
# enabled: true
# mac_address: 00:77:77:77:77:77
# mtu: 1500
# name: Network Interface 1
# virtual_machine: virtual machine 1
# - description: Network Interface 2
# enabled: true
# mac_address: 00:55:55:55:55:55
# mtu: 1500
# name: Network Interface 2
# virtual_machine: virtual machine 1

6
initializers/vlan_groups.yml Normal file
View File

@ -0,0 +1,6 @@
# - name: VLAN group 1
# site: AMS 1
# slug: vlan-group-1
# - name: VLAN group 2
# site: AMS 1
# slug: vlan-group-2

11
initializers/vlans.yml Normal file
View File

@ -0,0 +1,11 @@
# - name: vlan1
# site: AMS 1
# status: Active
# vid: 5
# role: Main Management
# description: VLAN 5 for MGMT
# - group: VLAN group 2
# name: vlan2
# site: AMS 1
# status: Active
# vid: 1300

8
initializers/vrfs.yml Normal file
View File

@ -0,0 +1,8 @@
# - enforce_unique: true
# name: vrf1
# tenant: tenant1
# description: main VRF
# - enforce_unique: true
# name: vrf2
# rd: "6500:6500"
# tenant: tenant2

4
startup_scripts/000_users.py
View File

@ -29,6 +29,6 @@ with file.open('r') as stream:
if user_permissions:
user.user_permissions.clear()
for permission_codename in user_details.get('permissions', []):
permission = Permission.objects.get(codename=permission_codename)
user.user_permissions.add(permission)
for permission in Permission.objects.filter(codename=permission_codename):
user.user_permissions.add(permission)
user.save()

5
startup_scripts/010_groups.py
View File

@ -27,7 +27,6 @@ with file.open('r') as stream:
group_permissions = group_details.get('permissions', [])
if group_permissions:
group.permissions.clear()
print("Permissions:", group.permissions.all())
for permission_codename in group_details.get('permissions', []):
permission = Permission.objects.get(codename=permission_codename)
group.permissions.add(permission)
for permission in Permission.objects.filter(codename=permission_codename):
group.permissions.add(permission)

19
startup_scripts/110_tenant_groups.py Normal file
View File

@ -0,0 +1,19 @@
from tenancy.models import TenantGroup
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/tenant_groups.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
tenant_groups = yaml.load(stream)
if tenant_groups is not None:
for params in tenant_groups:
tenant_group, created = TenantGroup.objects.get_or_create(**params)
if created:
print("🔳 Created Tenant Group", tenant_group.name)

45
startup_scripts/120_tenants.py Normal file
View File

@ -0,0 +1,45 @@
from tenancy.models import Tenant, TenantGroup
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/tenants.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
tenants = yaml.load(stream)
optional_assocs = {
'group': (TenantGroup, 'name')
}
if tenants is not None:
for params in tenants:
custom_fields = params.pop('custom_fields', None)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
tenant, created = Tenant.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=tenant,
value=cf_value
)
tenant.custom_field_values.add(custom_field_value)
print("👩‍💻 Created Tenant", tenant.name)

1
startup_scripts/110_devices.py → startup_scripts/130_devices.py
View File

@ -53,6 +53,7 @@ with file.open('r') as stream:
for rack_face in RACK_FACE_CHOICES:
if params['face'] in rack_face:
params['face'] = rack_face[0]
break
device, created = Device.objects.get_or_create(**params)

19
startup_scripts/140_cluster_types.py Normal file
View File

@ -0,0 +1,19 @@
from virtualization.models import ClusterType
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/cluster_types.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
cluster_types = yaml.load(stream)
if cluster_types is not None:
for params in cluster_types:
cluster_type, created = ClusterType.objects.get_or_create(**params)
if created:
print("🧰 Created Cluster Type", cluster_type.name)

19
startup_scripts/150_rirs.py Normal file
View File

@ -0,0 +1,19 @@
from ipam.models import RIR
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/rirs.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
rirs = yaml.load(stream)
if rirs is not None:
for params in rirs:
rir, created = RIR.objects.get_or_create(**params)
if created:
print("🗺️ Created RIR", rir.name)

46
startup_scripts/160_aggregates.py Normal file
View File

@ -0,0 +1,46 @@
from ipam.models import Aggregate, RIR
from ruamel.yaml import YAML
from extras.models import CustomField, CustomFieldValue
from netaddr import IPNetwork
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/aggregates.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
aggregates = yaml.load(stream)
required_assocs = {
'rir': (RIR, 'name')
}
if aggregates is not None:
for params in aggregates:
custom_fields = params.pop('custom_fields', None)
params['prefix'] = IPNetwork(params['prefix'])
for assoc, details in required_assocs.items():
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
aggregate, created = Aggregate.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=aggregate,
value=cf_value
)
aggregate.custom_field_values.add(custom_field_value)
print("🗞️ Created Aggregate", aggregate.prefix)

57
startup_scripts/170_clusters.py Normal file
View File

@ -0,0 +1,57 @@
from dcim.models import Site
from virtualization.models import Cluster, ClusterType, ClusterGroup
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/clusters.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
clusters = yaml.load(stream)
required_assocs = {
'type': (ClusterType, 'name')
}
optional_assocs = {
'site': (Site, 'name'),
'group': (ClusterGroup, 'name')
}
if clusters is not None:
for params in clusters:
custom_fields = params.pop('custom_fields', None)
for assoc, details in required_assocs.items():
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
cluster, created = Cluster.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=cluster,
value=cf_value
)
cluster.custom_field_values.add(custom_field_value)
print("🗄️ Created cluster", cluster.name)

46
startup_scripts/180_vrfs.py Normal file
View File

@ -0,0 +1,46 @@
from ipam.models import VRF
from tenancy.models import Tenant
from ruamel.yaml import YAML
from extras.models import CustomField, CustomFieldValue
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/vrfs.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
vrfs = yaml.load(stream)
optional_assocs = {
'tenant': (Tenant, 'name')
}
if vrfs is not None:
for params in vrfs:
custom_fields = params.pop('custom_fields', None)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
vrf, created = VRF.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=vrf,
value=cf_value
)
vrf.custom_field_values.add(custom_field_value)
print("📦 Created VRF", vrf.name)

19
startup_scripts/190_prefix_vlan_roles.py Normal file
View File

@ -0,0 +1,19 @@
from ipam.models import Role
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/prefix_vlan_roles.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
roles = yaml.load(stream)
if roles is not None:
for params in roles:
role, created = Role.objects.get_or_create(**params)
if created:
print("⛹️‍ Created Prefix/VLAN Role", role.name)

46
startup_scripts/200_vlan_groups.py Normal file
View File

@ -0,0 +1,46 @@
from dcim.models import Site
from ipam.models import VLANGroup
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/vlan_groups.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
vlan_groups = yaml.load(stream)
optional_assocs = {
'site': (Site, 'name')
}
if vlan_groups is not None:
for params in vlan_groups:
custom_fields = params.pop('custom_fields', None)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
vlan_group, created = VLANGroup.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=vlan_group,
value=cf_value
)
vlan_group.custom_field_values.add(custom_field_value)
print("🏘️ Created VLAN Group", vlan_group.name)

58
startup_scripts/210_vlans.py Normal file
View File

@ -0,0 +1,58 @@
from dcim.models import Site
from ipam.models import VLAN, VLANGroup, Role
from ipam.constants import VLAN_STATUS_CHOICES
from tenancy.models import Tenant, TenantGroup
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/vlans.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
vlans = yaml.load(stream)
optional_assocs = {
'site': (Site, 'name'),
'tenant': (Tenant, 'name'),
'tenant_group': (TenantGroup, 'name'),
'group': (VLANGroup, 'name'),
'role': (Role, 'name')
}
if vlans is not None:
for params in vlans:
custom_fields = params.pop('custom_fields', None)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
if 'status' in params:
for vlan_status in VLAN_STATUS_CHOICES:
if params['status'] in vlan_status:
params['status'] = vlan_status[0]
break
vlan, created = VLAN.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=vlan,
value=cf_value
)
vlan.custom_field_values.add(custom_field_value)
print("🏠 Created VLAN", vlan.name)

61
startup_scripts/220_prefixes.py Normal file
View File

@ -0,0 +1,61 @@
from dcim.models import Site
from ipam.models import Prefix, VLAN, Role, VRF
from ipam.constants import PREFIX_STATUS_CHOICES
from tenancy.models import Tenant, TenantGroup
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from netaddr import IPNetwork
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/prefixes.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
prefixes = yaml.load(stream)
optional_assocs = {
'site': (Site, 'name'),
'tenant': (Tenant, 'name'),
'tenant_group': (TenantGroup, 'name'),
'vlan': (VLAN, 'name'),
'role': (Role, 'name'),
'vrf': (VRF, 'name')
}
if prefixes is not None:
for params in prefixes:
custom_fields = params.pop('custom_fields', None)
params['prefix'] = IPNetwork(params['prefix'])
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
if 'status' in params:
for prefix_status in PREFIX_STATUS_CHOICES:
if params['status'] in prefix_status:
params['status'] = prefix_status[0]
break
prefix, created = Prefix.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=prefix,
value=cf_value
)
prefix.custom_field_values.add(custom_field_value)
print("📌 Created Prefix", prefix.prefix)

66
startup_scripts/230_virtual_machines.py Normal file
View File

@ -0,0 +1,66 @@
from dcim.models import Site, Platform, DeviceRole
from virtualization.models import Cluster, VirtualMachine
from virtualization.constants import VM_STATUS_CHOICES
from tenancy.models import Tenant
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/virtual_machines.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
virtual_machines = yaml.load(stream)
required_assocs = {
'cluster': (Cluster, 'name')
}
optional_assocs = {
'tenant': (Tenant, 'name'),
'platform': (Platform, 'name'),
'role': (DeviceRole, 'name')
}
if virtual_machines is not None:
for params in virtual_machines:
custom_fields = params.pop('custom_fields', None)
for assoc, details in required_assocs.items():
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
if 'status' in params:
for vm_status in VM_STATUS_CHOICES:
if params['status'] in vm_status:
params['status'] = vm_status[0]
break
virtual_machine, created = VirtualMachine.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=virtual_machine,
value=cf_value
)
virtual_machine.custom_field_values.add(custom_field_value)
print("🖥️ Created virtual machine", virtual_machine.name)

45
startup_scripts/240_virtualization_interfaces.py Normal file
View File

@ -0,0 +1,45 @@
from dcim.models import Interface
from virtualization.models import VirtualMachine
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/virtualization_interfaces.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
interfaces = yaml.load(stream)
required_assocs = {
'virtual_machine': (VirtualMachine, 'name')
}
if interfaces is not None:
for params in interfaces:
custom_fields = params.pop('custom_fields', None)
for assoc, details in required_assocs.items():
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
interface, created = Interface.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=interface,
value=cf_value
)
interface.custom_field_values.add(custom_field_value)
print("🧷 Created interface", interface.name, interface.virtual_machine.name)

55
startup_scripts/250_dcim_interfaces.py Normal file
View File

@ -0,0 +1,55 @@
from dcim.models import Interface, Device
from dcim.constants import IFACE_TYPE_CHOICES
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/dcim_interfaces.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
interfaces = yaml.load(stream)
required_assocs = {
'device': (Device, 'name')
}
if interfaces is not None:
for params in interfaces:
custom_fields = params.pop('custom_fields', None)
for assoc, details in required_assocs.items():
model, field = details
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
if 'type' in params:
for outer_list in IFACE_TYPE_CHOICES:
for type_choices in outer_list[1]:
if params['type'] in type_choices:
params['type'] = type_choices[0]
break
else:
continue
break
interface, created = Interface.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=interface,
value=cf_value
)
interface.custom_field_values.add(custom_field_value)
print("🧷 Created interface", interface.name, interface.device.name)

72
startup_scripts/260_ip_addresses.py Normal file
View File

@ -0,0 +1,72 @@
from ipam.models import IPAddress, VRF
from ipam.constants import IPADDRESS_STATUS_CHOICES
from dcim.models import Device, Interface
from virtualization.models import VirtualMachine
from tenancy.models import Tenant
from extras.models import CustomField, CustomFieldValue
from ruamel.yaml import YAML
from netaddr import IPNetwork
from pathlib import Path
import sys
file = Path('/opt/netbox/initializers/ip_addresses.yml')
if not file.is_file():
sys.exit()
with file.open('r') as stream:
yaml = YAML(typ='safe')
ip_addresses = yaml.load(stream)
optional_assocs = {
'tenant': (Tenant, 'name'),
'vrf': (VRF, 'name'),
'interface': (Interface, 'name')
}
if ip_addresses is not None:
for params in ip_addresses:
vm = params.pop('virtual_machine', None)
device = params.pop('device', None)
custom_fields = params.pop('custom_fields', None)
params['address'] = IPNetwork(params['address'])
if vm and device:
print("IP Address can only specify one of the following: virtual_machine or device.")
sys.exit()
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
if assoc == 'interface':
if vm:
vm_id = VirtualMachine.objects.get(name=vm).id
query = { field: params.pop(assoc), "virtual_machine_id": vm_id }
elif device:
dev_id = Device.objects.get(name=device).id
query = { field: params.pop(assoc), "device_id": dev_id }
else:
query = { field: params.pop(assoc) }
params[assoc] = model.objects.get(**query)
if 'status' in params:
for ip_status in IPADDRESS_STATUS_CHOICES:
if params['status'] in ip_status:
params['status'] = ip_status[0]
break
ip_address, created = IPAddress.objects.get_or_create(**params)
if created:
if custom_fields is not None:
for cf_name, cf_value in custom_fields.items():
custom_field = CustomField.objects.get(name=cf_name)
custom_field_value = CustomFieldValue.objects.create(
field=custom_field,
obj=ip_address,
value=cf_value
)
ip_address.custom_field_values.add(custom_field_value)
print("🧬 Created IP Address", ip_address.address)