Commit Graph

66 Commits

Author SHA1 Message Date
Tobias Genannt
f183603bc0 Fix #653: Add missing __dir__ to configuration.py 2021-11-30 11:19:49 +01:00
Tobias Genannt
5679ab435f Use user name instead of userid
Nginx unit needs the user and group parameter as names.
2021-09-24 08:16:07 +02:00
Tobias Genannt
1d040ad64d
Merge pull request #546 from tobiasge/drop-privileges
Drops privileges to user 101 and group 0
2021-09-17 10:53:08 +02:00
Tobias Genannt
8703749292
Merge pull request #571 from tobiasge/house
Added container for Netbox housekeeping command
2021-09-17 10:52:28 +02:00
Tobias Genannt
2926d1a11d
Quote variable
Co-authored-by: Christian Mäder <cimnine@users.noreply.github.com>
2021-09-07 09:47:38 +02:00
Tobias Genannt
58debafa8a Added container for Netbox housekeeping command
Adds an additional container in which the new "housekeeping" command from
Netbox v3.0.0 is run.
2021-09-03 12:48:30 +02:00
Mike Kazantsev
fc4b78f74a Print last line of django db connection error while waiting for db to start
Fixes #562
2021-09-02 20:22:03 +05:00
Tobias Genannt
9142aaf78e django-cacheops has been removed from Netbox 3.0.0 2021-08-21 18:22:24 +02:00
Tobias Genannt
03a1793208 Drops privileges to user 101 and group 0
When the container is started as root the default was to drop privileges to "unit:unit". This caused some problems with temporary files. Now the privileges are drop to "101:0".
When the container is started as a normal user unit prints a warning that changing the user and group is not possible. This warning is safe to ignore.
2021-07-30 21:42:05 +02:00
Tobias Genannt
4d320f34d5 Optimise migrations on startup
The migrations are only started if there are some that have not been
applied. Additionally the maintenace task needed after an update are
now run after the migrations
2021-05-05 11:42:25 +02:00
Erick Turnquist
6e7d5a6f59 Fix quoting of exec argument in the entrypoint script 2021-04-15 17:36:14 -04:00
Christian Mäder
95976f4cf4 Don't load main config twice
Before, the main_config (e.g. 'configuration.py' or 'ldap_config.py') were loaded twice.
The first load was hard-coded and correct.
The second load was during the discovery phase for dynamic configurations.
This has now been fixed. During the discovery for dynamic configurations,
the main_config file is now excluded.

Thanks @tobiasge for discovering this bug.
2021-02-23 22:50:16 +01:00
Christian Mäder
04ac3d5f4b Format shell scripts with shfmt 2021-02-08 18:56:30 +01:00
Christian Mäder
c6df6a040a Fix shellcheck complaint 2021-02-08 18:56:30 +01:00
Christian Mäder
493fc60401 Use black as formatter for python files 2021-02-08 18:24:29 +01:00
Christian Mäder
0d25aff744 Add editorconfig 2021-02-08 18:24:29 +01:00
Robin Schneider
ee40e339c8
NetBox should always be referred to as NetBox
Fix all instances of "Netbox".

```Shell
git ls-files -z . | xargs --null -I '{}' find './{}' -type f -print0 | xargs --null sed --in-place --regexp-extended 's#Netbox#NetBox#g;'
```

Ref: https://netbox.readthedocs.io/en/stable/development/style-guide/#branding
2021-02-04 21:48:08 +01:00
Tobias Genannt
a21d146b60 Is greater than or equal to is "-ge" and not "-gte". 2021-01-31 16:39:45 +01:00
Tobias Genannt
d273391773 Gunicorn is replaced with nginx-unit
We now serve Netbox with an nginx-unit instance instead of Gunicorn.
This allows us to get rid of the extra Nginx container because Unit is
also serving the static files. The static files are now collected at container
buildtime instead of every startup.
2021-01-15 09:22:22 +01:00
Christian Mäder
80bfd98000
Merge pull request #354 from comphilip/release
Fix ldap configuration in /etc/netbox/config/ldap/*.py not loaded
2020-10-27 16:11:55 +01:00
comphilip
7694fd320a
use extend method for simplification.
Co-authored-by: Christian Mäder <cimnine@users.noreply.github.com>
2020-10-27 21:12:26 +08:00
comphilip
a3c21ae0ac
Fix ldap configuration in /etc/netbox/config/ldap/*.py not loaded 2020-10-27 19:27:51 +08:00
Christian Mäder
a5aa1bfd3b Revert changes to 'gunicorn_config.py' 2020-10-27 09:31:47 +01:00
Christian Mäder
f46d8a7782 Adds Prometheus/Grafana monitoring infrastructure 2020-10-26 15:22:52 +01:00
Christian Mäder
58050e5287 Merge core functionality into configuration.py
Which is the file `docker/configuration.docker.py` in our repo.
The common code is then imported by `docker/ldap_config.docker.py`.
2020-10-26 14:43:11 +01:00
Christian Mäder
ec3fd8a790 Revert accidential change to _read_secret order 2020-10-20 21:36:40 +02:00
Christian Mäder
75554ef5b4 Consistency in namespace name 2020-10-20 21:29:08 +02:00
Christian Mäder
16b567939c Dot character has special meaning in module names
Therefore we esacpe it using the underscore character.
2020-10-20 20:51:43 +02:00
Christian Mäder
811618b359 Lower gunicorn default loglevel 2020-10-20 20:46:43 +02:00
Christian Mäder
43c05d816d Dynamically load configuration files 2020-10-20 20:46:43 +02:00
eemil
6bada6660a Prefer secret to env variable if both are configured 2020-10-20 19:20:29 +02:00
Christian Mäder
5624ecc65e Remove the 'X-Forwarded-Proto' line from the nginx config
The reason is that in the default configuration nginx is only serving 'http' traffic.
So if an upstream proxy sets the 'X-Forwarded-Proto' header, because it is terminating
TLS, then nginx will overwrite it to 'http'. This will cause django to think the page
is served via 'http' and it will not create 'https://...' URLs.

Related to #292
2020-06-02 16:06:52 +02:00
Christian Mäder
b118cd5812 Building the Docker image with Github Actions 2019-12-23 18:21:08 +01:00
Christian Mäder
0a9991de96
Merge pull request #186 from netbox-community/non-root
Non root
2019-12-20 14:21:34 +01:00
Christian Mäder
05d32ae705 Massive speedup in executing startup_scripts 2019-12-14 18:16:31 +01:00
Christian Mäder
5e92352b0a set umask in entrypoint 2019-11-26 12:09:26 +01:00
Christian Mäder
79d349133e fix typo 2019-10-13 14:03:22 +02:00
Christian Mäder
20c234a96e Introduce $SKIP_SUPERUSER
This adds a new variable to skip the creation of the superuser.
That is useful for LDAP and for production environments.

Fixes #160
2019-10-12 14:49:40 +02:00
Tobias Genannt
8c95f32b0c Make startup scripts optional
To optimize the application boot time the startup scripts can now be
disabled by an ENV variable. The default when the variable is not set,
is to run the startup scripts. This means that the default behaviour is
not changed from earlier releases.
2019-03-11 12:31:41 +01:00
Christian Mäder
ae9e945851
Remove deprecation warning for netboxcommunity images 2019-02-06 12:38:36 +01:00
Christian Mäder
c7ab15f914
Consistent variable use in build scripts 2019-02-06 12:30:08 +01:00
Christian Mäder
013f81b791
♻️ Make netbox-worker it's own container
One container should ideally have one responsibility [1]. Therefore I
implemented the netbox-worker to start in it's own container. This is
possible, because netbox and the worker communicate via redis anyway.

They still use the same image underneath, just the "command" they
execute while starting different.

Or in other words: I see no reason to introduce supervisord, when we
already have docker-compose which can take care of running multiple
processes.

Also, here's another benefit: Now it's possible to view the logs of the
webhook worker independently of the other netbox logs (and vice-versa).

Other changes in this commit:
* I don't see a reason to put a password for Redis in the docker-compose
  setup, so I removed it.
* Slightly changed the nginx config, so that the nginx startup command
  becomes simpler and any error should be visible in the docker log.
* Some housekeeping in the `Dockerfile`.
* Added some troubleshooting advice regarding webhooks to the README.

I'd like to thank Brady (@bdlamprecht [2]) here who did the harder
work of figuring out what's even required to have webhooks working. [3]

[1] 
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications
[2] https://github.com/bdlamprecht
[3] https://github.com/ninech/netbox-docker/pull/90
2018-08-13 14:04:09 -07:00
Stefan Schlesinger
cb37e3ba92
Update docker-entrypoint.sh
Make netbox-docker function with  v2.4-beta1 again, fixes #84.

> The shell --plain option is deprecated in favor of -i python or --interface python.
> The shell --interface option now accepts python to force use of the “plain” Python interpreter.
https://docs.djangoproject.com/en/2.0/releases/1.10/#deprecated-features-1-10
2018-07-24 10:56:46 +02:00
Christoph Petrausch
2579036b0a Fixed missing " 2018-04-19 11:55:41 +02:00
Christoph Petrausch
f124417f69 Added username and email of superuser 2018-04-19 11:53:55 +02:00
Christoph Petrausch
d9b9a8adda Do not print the admin credentials. All outputs from STDOUT may end up in a central log store. This will compromise the superuser credentials. 2018-04-18 13:39:54 +02:00
Tobias Genannt
b46bd58e0a
Move config to /etc/netbox/config (Fixes #54)
With this the configuration is moved to /etc/netbox/config and the
default reports directory is set to /etc/netbox/reports. This enables
the user to mount reports from a config map or persistent volume in
OpenShift.
2018-04-04 10:13:30 +02:00
Tobias Genannt
2a1b6e42a8 Externalize gunicorn-config
This moves the gunicorn_config.py into /etc/netbox so that it can be
easily mapped through a Openshift config map
2018-03-07 14:57:56 +01:00
Tobias Genannt
6a01a3379d Add django_ldap_auth
In the ldap.Dockerfile the django_ldap_auth module is installed to
enable authentication againt LDAP servers.
2018-02-27 10:09:14 +01:00
Tobias Genannt
ef76e4e8ea Modifications for Openshift
With these modifications the netbox containers can run on Openshift.
The configuration files can be imported from a config map to the
'/etc/netbox' directory and will be loaded from there.
2018-02-22 17:22:04 +01:00