Compare commits
55 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
3f5f4ff8bb | ||
|
59922f3423 | ||
|
d0f72b5fd3 | ||
|
838a56c96f | ||
|
6ee26d62e8 | ||
|
542300056c | ||
|
3c7f90cab8 | ||
|
2a15689e5f | ||
|
9c6b063408 | ||
|
3134057f87 | ||
|
56bda20a67 | ||
|
51372eed32 | ||
|
e33ff85b08 | ||
|
279873d20e | ||
|
681876681d | ||
|
29e66a0a01 | ||
|
5d9aa096fd | ||
|
84132e4b59 | ||
|
da4c1a54a9 | ||
|
53418e7d19 | ||
|
368d1bca75 | ||
|
bb9a7fe542 | ||
|
15da2f0642 | ||
|
ee2d1dea17 | ||
|
402ea6e8d4 | ||
|
8017bb72b9 | ||
|
33d5230859 | ||
|
f0b3a0701c | ||
|
1a2957238c | ||
|
ac496a16ee | ||
|
e4315245b0 | ||
|
d4e94017b4 | ||
|
21cf7b498d | ||
|
2bbb2d16e1 | ||
|
9d04f2a7a5 | ||
|
b29f7fd446 | ||
|
6a3ba4409e | ||
|
570bb311e2 | ||
|
5e492c63c6 | ||
|
26b15f9ff1 | ||
|
3c8449fbec | ||
|
c51747a163 | ||
|
75fa7e7e99 | ||
|
9de583553d | ||
|
daa8b40c34 | ||
|
af6306db25 | ||
|
730743139e | ||
|
94e242179a | ||
|
8c691f1308 | ||
|
b74688309a | ||
|
60e9cfd458 | ||
|
1d69e6f233 | ||
|
918952a2a5 | ||
|
c22996d7d7 | ||
|
9169fc7684 |
@ -63,17 +63,16 @@ RUN export DEBIAN_FRONTEND=noninteractive \
|
|||||||
openssh-client \
|
openssh-client \
|
||||||
openssl \
|
openssl \
|
||||||
python3 \
|
python3 \
|
||||||
python3-distutils \
|
|
||||||
tini \
|
tini \
|
||||||
&& curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \
|
&& curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \
|
||||||
https://unit.nginx.org/keys/nginx-keyring.gpg \
|
https://unit.nginx.org/keys/nginx-keyring.gpg \
|
||||||
&& echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \
|
&& echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \
|
||||||
> /etc/apt/sources.list.d/unit.list \
|
> /etc/apt/sources.list.d/unit.list \
|
||||||
&& apt-get update -qq \
|
&& apt-get update -qq \
|
||||||
&& apt-get install \
|
&& apt-get install \
|
||||||
--yes -qq --no-install-recommends \
|
--yes -qq --no-install-recommends \
|
||||||
unit=1.32.0-1~mantic \
|
unit=1.32.1-1~mantic \
|
||||||
unit-python3.11=1.32.0-1~mantic \
|
unit-python3.12=1.32.1-1~mantic \
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
COPY --from=builder /opt/netbox/venv /opt/netbox/venv
|
COPY --from=builder /opt/netbox/venv /opt/netbox/venv
|
||||||
|
4
build.sh
4
build.sh
@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use.
|
|||||||
${_GREEN}Default:${_CLEAR} Dockerfile
|
${_GREEN}Default:${_CLEAR} Dockerfile
|
||||||
|
|
||||||
DOCKER_FROM The base image to use.
|
DOCKER_FROM The base image to use.
|
||||||
${_GREEN}Default:${_CLEAR} 'ubuntu:23.10'
|
${_GREEN}Default:${_CLEAR} 'ubuntu:24.04'
|
||||||
|
|
||||||
BUILDX_PLATFORMS
|
BUILDX_PLATFORMS
|
||||||
Specifies the platform(s) to build the image for.
|
Specifies the platform(s) to build the image for.
|
||||||
@ -219,7 +219,7 @@ fi
|
|||||||
# Determining the value for DOCKER_FROM
|
# Determining the value for DOCKER_FROM
|
||||||
###
|
###
|
||||||
if [ -z "$DOCKER_FROM" ]; then
|
if [ -z "$DOCKER_FROM" ]; then
|
||||||
DOCKER_FROM="docker.io/ubuntu:23.10"
|
DOCKER_FROM="docker.io/ubuntu:24.04"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
###
|
###
|
||||||
|
@ -200,10 +200,10 @@ if 'CENSUS_REPORTING_ENABLED' in environ:
|
|||||||
EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST)
|
EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST)
|
||||||
|
|
||||||
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
|
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
|
||||||
# HTTP_PROXIES = {
|
HTTP_PROXIES = {
|
||||||
# 'http': 'http://10.10.1.10:3128',
|
'http': environ.get('HTTP_PROXY', None),
|
||||||
# 'https': 'http://10.10.1.10:1080',
|
'https': environ.get('HTTPS_PROXY', None),
|
||||||
# }
|
}
|
||||||
|
|
||||||
# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
|
# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
|
||||||
# NetBox from an internal IP.
|
# NetBox from an internal IP.
|
||||||
@ -221,9 +221,9 @@ if 'GRAPHQL_ENABLED' in environ:
|
|||||||
# authenticated to NetBox indefinitely.
|
# authenticated to NetBox indefinitely.
|
||||||
LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL)
|
LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL)
|
||||||
|
|
||||||
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
|
# When enabled, only authenticated users are permitted to access any part of NetBox.
|
||||||
# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
|
# Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes).
|
||||||
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL)
|
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'True', _AS_BOOL)
|
||||||
|
|
||||||
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
|
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
|
||||||
# re-authenticate. (Default: 1209600 [14 days])
|
# re-authenticate. (Default: 1209600 [14 days])
|
||||||
@ -286,12 +286,23 @@ if 'RACK_ELEVATION_DEFAULT_UNIT_WIDTH' in environ:
|
|||||||
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT)
|
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT)
|
||||||
|
|
||||||
# Remote authentication support
|
# Remote authentication support
|
||||||
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
REMOTE_AUTH_AUTO_CREATE_GROUPS = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_GROUPS', 'False', _AS_BOOL)
|
||||||
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
|
||||||
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
|
||||||
REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL)
|
REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL)
|
||||||
|
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
||||||
REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST)
|
REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST)
|
||||||
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
|
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # dicts can't be configured via environment variables. See extra.py instead.
|
||||||
|
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
||||||
|
REMOTE_AUTH_GROUP_HEADER = _environ_get_and_map('REMOTE_AUTH_GROUP_HEADER', 'HTTP_REMOTE_USER_GROUP')
|
||||||
|
REMOTE_AUTH_GROUP_SEPARATOR = _environ_get_and_map('REMOTE_AUTH_GROUP_SEPARATOR', '|')
|
||||||
|
REMOTE_AUTH_GROUP_SYNC_ENABLED = _environ_get_and_map('REMOTE_AUTH_GROUP_SYNC_ENABLED', 'False', _AS_BOOL)
|
||||||
|
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
||||||
|
REMOTE_AUTH_USER_EMAIL = environ.get('REMOTE_AUTH_USER_EMAIL', 'HTTP_REMOTE_USER_EMAIL')
|
||||||
|
REMOTE_AUTH_USER_FIRST_NAME = environ.get('REMOTE_AUTH_USER_FIRST_NAME', 'HTTP_REMOTE_USER_FIRST_NAME')
|
||||||
|
REMOTE_AUTH_USER_LAST_NAME = environ.get('REMOTE_AUTH_USER_LAST_NAME', 'HTTP_REMOTE_USER_LAST_NAME')
|
||||||
|
REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUPS', '', _AS_LIST)
|
||||||
|
REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST)
|
||||||
|
REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST)
|
||||||
|
REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST)
|
||||||
|
|
||||||
# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
|
# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
|
||||||
# version check or use the URL below to check for release in the official NetBox repository.
|
# version check or use the URL below to check for release in the official NetBox repository.
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
services:
|
services:
|
||||||
netbox: &netbox
|
netbox: &netbox
|
||||||
image: ${IMAGE-netboxcommunity/netbox:latest}
|
image: ${IMAGE-docker.io/netboxcommunity/netbox:latest}
|
||||||
depends_on:
|
depends_on:
|
||||||
postgres:
|
postgres:
|
||||||
condition: service_healthy
|
condition: service_healthy
|
||||||
@ -13,10 +13,10 @@ services:
|
|||||||
volumes:
|
volumes:
|
||||||
- ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro
|
- ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
test: curl -f http://localhost:8080/login/ || exit 1
|
||||||
start_period: ${NETBOX_START_PERIOD-120s}
|
start_period: ${NETBOX_START_PERIOD-120s}
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "curl -f http://localhost:8080/api/ || exit 1"
|
|
||||||
netbox-worker:
|
netbox-worker:
|
||||||
<<: *netbox
|
<<: *netbox
|
||||||
command:
|
command:
|
||||||
@ -24,42 +24,47 @@ services:
|
|||||||
- /opt/netbox/netbox/manage.py
|
- /opt/netbox/netbox/manage.py
|
||||||
- rqworker
|
- rqworker
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||||
start_period: 40s
|
start_period: 40s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
|
||||||
netbox-housekeeping:
|
netbox-housekeeping:
|
||||||
<<: *netbox
|
<<: *netbox
|
||||||
command:
|
command:
|
||||||
- /opt/netbox/housekeeping.sh
|
- /opt/netbox/housekeeping.sh
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||||
start_period: 40s
|
start_period: 40s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
|
||||||
postgres:
|
postgres:
|
||||||
image: postgres:16-alpine
|
image: docker.io/postgres:16-alpine
|
||||||
env_file: env/postgres.env
|
env_file: env/postgres.env
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose
|
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose
|
||||||
interval: 10s
|
start_period: 20s
|
||||||
|
interval: 1s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
retries: 5
|
retries: 5
|
||||||
|
|
||||||
redis: &redis
|
redis: &redis
|
||||||
image: redis:7-alpine
|
image: docker.io/valkey/valkey:8.0-alpine
|
||||||
command:
|
command:
|
||||||
- sh
|
- sh
|
||||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
- valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||||
env_file: env/redis.env
|
env_file: env/redis.env
|
||||||
healthcheck:
|
healthcheck:
|
||||||
start_period: 20s
|
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||||
|
start_period: 5s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 1s
|
||||||
test: "timeout 2 redis-cli ping"
|
retries: 5
|
||||||
redis-cache:
|
redis-cache:
|
||||||
<<: *redis
|
<<: *redis
|
||||||
env_file: env/redis-cache.env
|
env_file: env/redis-cache.env
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
netbox-media-files:
|
netbox-media-files:
|
||||||
driver: local
|
driver: local
|
||||||
|
@ -8,10 +8,10 @@ services:
|
|||||||
env_file: env/netbox.env
|
env_file: env/netbox.env
|
||||||
user: 'unit:root'
|
user: 'unit:root'
|
||||||
healthcheck:
|
healthcheck:
|
||||||
start_period: 60s
|
test: curl -f http://localhost:8080/login/ || exit 1
|
||||||
|
start_period: 90s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "curl -f http://localhost:8080/login/ || exit 1"
|
|
||||||
volumes:
|
volumes:
|
||||||
- ./configuration:/etc/netbox/config:z,ro
|
- ./configuration:/etc/netbox/config:z,ro
|
||||||
- netbox-media-files:/opt/netbox/netbox/media:rw
|
- netbox-media-files:/opt/netbox/netbox/media:rw
|
||||||
@ -27,10 +27,10 @@ services:
|
|||||||
- /opt/netbox/netbox/manage.py
|
- /opt/netbox/netbox/manage.py
|
||||||
- rqworker
|
- rqworker
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||||
start_period: 20s
|
start_period: 20s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
|
||||||
netbox-housekeeping:
|
netbox-housekeeping:
|
||||||
<<: *netbox
|
<<: *netbox
|
||||||
depends_on:
|
depends_on:
|
||||||
@ -39,34 +39,47 @@ services:
|
|||||||
command:
|
command:
|
||||||
- /opt/netbox/housekeeping.sh
|
- /opt/netbox/housekeeping.sh
|
||||||
healthcheck:
|
healthcheck:
|
||||||
|
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||||
start_period: 20s
|
start_period: 20s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
interval: 15s
|
interval: 15s
|
||||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
|
||||||
|
|
||||||
# postgres
|
# postgres
|
||||||
postgres:
|
postgres:
|
||||||
image: docker.io/postgres:16-alpine
|
image: docker.io/postgres:16-alpine
|
||||||
|
healthcheck:
|
||||||
|
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
|
||||||
|
start_period: 20s
|
||||||
|
timeout: 30s
|
||||||
|
interval: 10s
|
||||||
|
retries: 5
|
||||||
env_file: env/postgres.env
|
env_file: env/postgres.env
|
||||||
volumes:
|
volumes:
|
||||||
- netbox-postgres-data:/var/lib/postgresql/data
|
- netbox-postgres-data:/var/lib/postgresql/data
|
||||||
|
|
||||||
# redis
|
# redis
|
||||||
redis:
|
redis:
|
||||||
image: docker.io/redis:7-alpine
|
image: docker.io/valkey/valkey:8.0-alpine
|
||||||
command:
|
command:
|
||||||
- sh
|
- sh
|
||||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
- valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||||
|
healthcheck: &redis-healthcheck
|
||||||
|
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||||
|
start_period: 5s
|
||||||
|
timeout: 3s
|
||||||
|
interval: 1s
|
||||||
|
retries: 5
|
||||||
env_file: env/redis.env
|
env_file: env/redis.env
|
||||||
volumes:
|
volumes:
|
||||||
- netbox-redis-data:/data
|
- netbox-redis-data:/data
|
||||||
redis-cache:
|
redis-cache:
|
||||||
image: docker.io/redis:7-alpine
|
image: docker.io/valkey/valkey:8.0-alpine
|
||||||
command:
|
command:
|
||||||
- sh
|
- sh
|
||||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||||
- redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
- valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||||
|
healthcheck: *redis-healthcheck
|
||||||
env_file: env/redis-cache.env
|
env_file: env/redis-cache.env
|
||||||
volumes:
|
volumes:
|
||||||
- netbox-redis-cache-data:/data
|
- netbox-redis-cache-data:/data
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
django-auth-ldap==4.8.0
|
django-auth-ldap==4.8.0
|
||||||
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3
|
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4
|
||||||
dulwich==0.22.1
|
dulwich==0.22.1
|
||||||
python3-saml==1.16.0 --no-binary lxml
|
python3-saml==1.16.0 --no-binary lxml,xmlsec
|
||||||
sentry-sdk[django]==2.1.1
|
sentry-sdk[django]==2.12.0
|
||||||
|
@ -4,3 +4,4 @@ LOGGING = {
|
|||||||
}
|
}
|
||||||
|
|
||||||
DEFAULT_PERMISSIONS = {}
|
DEFAULT_PERMISSIONS = {}
|
||||||
|
LOGIN_REQUIRED = False
|
||||||
|
2
test.sh
2
test.sh
@ -84,7 +84,7 @@ test_netbox_web() {
|
|||||||
--retry 5 \
|
--retry 5 \
|
||||||
--retry-delay 0 \
|
--retry-delay 0 \
|
||||||
--retry-max-time 40 \
|
--retry-max-time 40 \
|
||||||
http://127.0.0.1:8000/
|
http://127.0.0.1:8000/login/
|
||||||
)
|
)
|
||||||
if [ "$RESP_CODE" == "200" ]; then
|
if [ "$RESP_CODE" == "200" ]; then
|
||||||
echo "Webservice running"
|
echo "Webservice running"
|
||||||
|
Loading…
Reference in New Issue
Block a user