Compare commits
55 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
3f5f4ff8bb | ||
|
59922f3423 | ||
|
d0f72b5fd3 | ||
|
838a56c96f | ||
|
6ee26d62e8 | ||
|
542300056c | ||
|
3c7f90cab8 | ||
|
2a15689e5f | ||
|
9c6b063408 | ||
|
3134057f87 | ||
|
56bda20a67 | ||
|
51372eed32 | ||
|
e33ff85b08 | ||
|
279873d20e | ||
|
681876681d | ||
|
29e66a0a01 | ||
|
5d9aa096fd | ||
|
84132e4b59 | ||
|
da4c1a54a9 | ||
|
53418e7d19 | ||
|
368d1bca75 | ||
|
bb9a7fe542 | ||
|
15da2f0642 | ||
|
ee2d1dea17 | ||
|
402ea6e8d4 | ||
|
8017bb72b9 | ||
|
33d5230859 | ||
|
f0b3a0701c | ||
|
1a2957238c | ||
|
ac496a16ee | ||
|
e4315245b0 | ||
|
d4e94017b4 | ||
|
21cf7b498d | ||
|
2bbb2d16e1 | ||
|
9d04f2a7a5 | ||
|
b29f7fd446 | ||
|
6a3ba4409e | ||
|
570bb311e2 | ||
|
5e492c63c6 | ||
|
26b15f9ff1 | ||
|
3c8449fbec | ||
|
c51747a163 | ||
|
75fa7e7e99 | ||
|
9de583553d | ||
|
daa8b40c34 | ||
|
af6306db25 | ||
|
730743139e | ||
|
94e242179a | ||
|
8c691f1308 | ||
|
b74688309a | ||
|
60e9cfd458 | ||
|
1d69e6f233 | ||
|
918952a2a5 | ||
|
c22996d7d7 | ||
|
9169fc7684 |
31
.github/workflows/build_image.yaml
vendored
31
.github/workflows/build_image.yaml
vendored
@ -1,31 +0,0 @@
|
||||
name: ci
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'release'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
#-
|
||||
# name: Set up QEMU
|
||||
# uses: docker/setup-qemu-action@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
-
|
||||
name: Login to Docker Hub
|
||||
uses: SeptBlast/docker-login@v1.1.2
|
||||
with:
|
||||
login-server: harbor.fisherhome.xyz
|
||||
username: ${{ secrets.HARBOR_USERNAME }}
|
||||
password: ${{ secrets.HARBOR_PASSWORD }}
|
||||
|
||||
- uses: actions/checkout@v3
|
||||
- name: Build and push
|
||||
run: |
|
||||
docker login --username ${{ secrets.HARBOR_USERNAME }} --password ${{ secrets.HARBOR_PASSWORD }} harbor.fisherhome.xyz
|
||||
docker build --no-cache ./ -t harbor.fisherhome.xyz/library/netbox:latest
|
||||
docker push harbor.fisherhome.xyz/library/netbox:latest
|
@ -63,17 +63,16 @@ RUN export DEBIAN_FRONTEND=noninteractive \
|
||||
openssh-client \
|
||||
openssl \
|
||||
python3 \
|
||||
python3-distutils \
|
||||
tini \
|
||||
&& curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \
|
||||
&& curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \
|
||||
https://unit.nginx.org/keys/nginx-keyring.gpg \
|
||||
&& echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \
|
||||
&& echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \
|
||||
> /etc/apt/sources.list.d/unit.list \
|
||||
&& apt-get update -qq \
|
||||
&& apt-get install \
|
||||
--yes -qq --no-install-recommends \
|
||||
unit=1.32.0-1~mantic \
|
||||
unit-python3.11=1.32.0-1~mantic \
|
||||
unit=1.32.1-1~mantic \
|
||||
unit-python3.12=1.32.1-1~mantic \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY --from=builder /opt/netbox/venv /opt/netbox/venv
|
||||
|
@ -1,9 +0,0 @@
|
||||
FROM netboxcommunity/netbox:latest
|
||||
|
||||
COPY ./plugin_requirements.txt /opt/netbox/
|
||||
RUN /opt/netbox/venv/bin/pip install --no-warn-script-location -r /opt/netbox/plugin_requirements.txt
|
||||
|
||||
# These lines are only required if your plugin has its own static files.
|
||||
COPY configuration/configuration.py /etc/netbox/config/configuration.py
|
||||
COPY configuration/plugins.py /etc/netbox/config/plugins.py
|
||||
RUN SECRET_KEY="dummydummydummydummydummydummydummydummydummydummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input
|
4
build.sh
4
build.sh
@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use.
|
||||
${_GREEN}Default:${_CLEAR} Dockerfile
|
||||
|
||||
DOCKER_FROM The base image to use.
|
||||
${_GREEN}Default:${_CLEAR} 'ubuntu:23.10'
|
||||
${_GREEN}Default:${_CLEAR} 'ubuntu:24.04'
|
||||
|
||||
BUILDX_PLATFORMS
|
||||
Specifies the platform(s) to build the image for.
|
||||
@ -219,7 +219,7 @@ fi
|
||||
# Determining the value for DOCKER_FROM
|
||||
###
|
||||
if [ -z "$DOCKER_FROM" ]; then
|
||||
DOCKER_FROM="docker.io/ubuntu:23.10"
|
||||
DOCKER_FROM="docker.io/ubuntu:24.04"
|
||||
fi
|
||||
|
||||
###
|
||||
|
@ -200,10 +200,10 @@ if 'CENSUS_REPORTING_ENABLED' in environ:
|
||||
EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST)
|
||||
|
||||
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
|
||||
# HTTP_PROXIES = {
|
||||
# 'http': 'http://10.10.1.10:3128',
|
||||
# 'https': 'http://10.10.1.10:1080',
|
||||
# }
|
||||
HTTP_PROXIES = {
|
||||
'http': environ.get('HTTP_PROXY', None),
|
||||
'https': environ.get('HTTPS_PROXY', None),
|
||||
}
|
||||
|
||||
# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
|
||||
# NetBox from an internal IP.
|
||||
@ -221,9 +221,9 @@ if 'GRAPHQL_ENABLED' in environ:
|
||||
# authenticated to NetBox indefinitely.
|
||||
LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL)
|
||||
|
||||
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
|
||||
# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
|
||||
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL)
|
||||
# When enabled, only authenticated users are permitted to access any part of NetBox.
|
||||
# Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes).
|
||||
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'True', _AS_BOOL)
|
||||
|
||||
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
|
||||
# re-authenticate. (Default: 1209600 [14 days])
|
||||
@ -286,12 +286,23 @@ if 'RACK_ELEVATION_DEFAULT_UNIT_WIDTH' in environ:
|
||||
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT)
|
||||
|
||||
# Remote authentication support
|
||||
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
||||
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
||||
REMOTE_AUTH_AUTO_CREATE_GROUPS = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_GROUPS', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
||||
REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST)
|
||||
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
|
||||
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # dicts can't be configured via environment variables. See extra.py instead.
|
||||
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_GROUP_HEADER = _environ_get_and_map('REMOTE_AUTH_GROUP_HEADER', 'HTTP_REMOTE_USER_GROUP')
|
||||
REMOTE_AUTH_GROUP_SEPARATOR = _environ_get_and_map('REMOTE_AUTH_GROUP_SEPARATOR', '|')
|
||||
REMOTE_AUTH_GROUP_SYNC_ENABLED = _environ_get_and_map('REMOTE_AUTH_GROUP_SYNC_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
||||
REMOTE_AUTH_USER_EMAIL = environ.get('REMOTE_AUTH_USER_EMAIL', 'HTTP_REMOTE_USER_EMAIL')
|
||||
REMOTE_AUTH_USER_FIRST_NAME = environ.get('REMOTE_AUTH_USER_FIRST_NAME', 'HTTP_REMOTE_USER_FIRST_NAME')
|
||||
REMOTE_AUTH_USER_LAST_NAME = environ.get('REMOTE_AUTH_USER_LAST_NAME', 'HTTP_REMOTE_USER_LAST_NAME')
|
||||
REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUPS', '', _AS_LIST)
|
||||
REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST)
|
||||
REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST)
|
||||
REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST)
|
||||
|
||||
# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
|
||||
# version check or use the URL below to check for release in the official NetBox repository.
|
||||
|
@ -4,7 +4,7 @@
|
||||
# To learn how to build images with your required plugins
|
||||
# See https://github.com/netbox-community/netbox-docker/wiki/Using-Netbox-Plugins
|
||||
|
||||
PLUGINS = ["netbox_bgp","netbox_secrets","netbox_dns"],
|
||||
# PLUGINS = ["netbox_bgp"]
|
||||
|
||||
# PLUGINS_CONFIG = {
|
||||
# "netbox_bgp": {
|
||||
|
@ -1,16 +0,0 @@
|
||||
version: '3.4' # This is NOT the version of NetBox! No need to adjust :)
|
||||
services:
|
||||
netbox:
|
||||
image: netbox:latest-plugins
|
||||
pull_policy: never
|
||||
ports:
|
||||
- 8000:8080
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile-Plugins
|
||||
netbox-worker:
|
||||
image: netbox:latest-plugins
|
||||
pull_policy: never
|
||||
netbox-housekeeping:
|
||||
image: netbox:latest-plugins
|
||||
pull_policy: never
|
@ -1,6 +1,6 @@
|
||||
services:
|
||||
netbox: &netbox
|
||||
image: ${IMAGE-netboxcommunity/netbox:latest}
|
||||
image: ${IMAGE-docker.io/netboxcommunity/netbox:latest}
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
@ -13,10 +13,10 @@ services:
|
||||
volumes:
|
||||
- ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro
|
||||
healthcheck:
|
||||
test: curl -f http://localhost:8080/login/ || exit 1
|
||||
start_period: ${NETBOX_START_PERIOD-120s}
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "curl -f http://localhost:8080/api/ || exit 1"
|
||||
netbox-worker:
|
||||
<<: *netbox
|
||||
command:
|
||||
@ -24,42 +24,47 @@ services:
|
||||
- /opt/netbox/netbox/manage.py
|
||||
- rqworker
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||
start_period: 40s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
||||
netbox-housekeeping:
|
||||
<<: *netbox
|
||||
command:
|
||||
- /opt/netbox/housekeeping.sh
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||
start_period: 40s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
||||
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
image: docker.io/postgres:16-alpine
|
||||
env_file: env/postgres.env
|
||||
healthcheck:
|
||||
test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose
|
||||
interval: 10s
|
||||
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose
|
||||
start_period: 20s
|
||||
interval: 1s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
redis: &redis
|
||||
image: redis:7-alpine
|
||||
image: docker.io/valkey/valkey:8.0-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
env_file: env/redis.env
|
||||
healthcheck:
|
||||
start_period: 20s
|
||||
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||
start_period: 5s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "timeout 2 redis-cli ping"
|
||||
interval: 1s
|
||||
retries: 5
|
||||
redis-cache:
|
||||
<<: *redis
|
||||
env_file: env/redis-cache.env
|
||||
|
||||
volumes:
|
||||
netbox-media-files:
|
||||
driver: local
|
||||
|
@ -8,10 +8,10 @@ services:
|
||||
env_file: env/netbox.env
|
||||
user: 'unit:root'
|
||||
healthcheck:
|
||||
start_period: 60s
|
||||
test: curl -f http://localhost:8080/login/ || exit 1
|
||||
start_period: 90s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "curl -f http://localhost:8080/login/ || exit 1"
|
||||
volumes:
|
||||
- ./configuration:/etc/netbox/config:z,ro
|
||||
- netbox-media-files:/opt/netbox/netbox/media:rw
|
||||
@ -27,10 +27,10 @@ services:
|
||||
- /opt/netbox/netbox/manage.py
|
||||
- rqworker
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||
start_period: 20s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
||||
netbox-housekeeping:
|
||||
<<: *netbox
|
||||
depends_on:
|
||||
@ -39,34 +39,47 @@ services:
|
||||
command:
|
||||
- /opt/netbox/housekeeping.sh
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||
start_period: 20s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
||||
|
||||
# postgres
|
||||
postgres:
|
||||
image: docker.io/postgres:16-alpine
|
||||
healthcheck:
|
||||
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
|
||||
start_period: 20s
|
||||
timeout: 30s
|
||||
interval: 10s
|
||||
retries: 5
|
||||
env_file: env/postgres.env
|
||||
volumes:
|
||||
- netbox-postgres-data:/var/lib/postgresql/data
|
||||
|
||||
# redis
|
||||
redis:
|
||||
image: docker.io/redis:7-alpine
|
||||
image: docker.io/valkey/valkey:8.0-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
healthcheck: &redis-healthcheck
|
||||
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||
start_period: 5s
|
||||
timeout: 3s
|
||||
interval: 1s
|
||||
retries: 5
|
||||
env_file: env/redis.env
|
||||
volumes:
|
||||
- netbox-redis-data:/data
|
||||
redis-cache:
|
||||
image: docker.io/redis:7-alpine
|
||||
image: docker.io/valkey/valkey:8.0-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
healthcheck: *redis-healthcheck
|
||||
env_file: env/redis-cache.env
|
||||
volumes:
|
||||
- netbox-redis-cache-data:/data
|
||||
|
12
env/netbox.env
vendored
12
env/netbox.env
vendored
@ -1,16 +1,16 @@
|
||||
CORS_ORIGIN_ALLOW_ALL=True
|
||||
DB_HOST='10.0.100.171'
|
||||
DB_HOST=postgres
|
||||
DB_NAME=netbox
|
||||
DB_PASSWORD=QHMKWXHkkDzNMaWt22
|
||||
DB_PASSWORD=J5brHrAXFLQSif0K
|
||||
DB_USER=netbox
|
||||
EMAIL_FROM=netbox@fisherhome.xyz
|
||||
EMAIL_FROM=netbox@bar.com
|
||||
EMAIL_PASSWORD=
|
||||
EMAIL_PORT=25
|
||||
EMAIL_SERVER=postfix.lan.fisherhome.xyz
|
||||
EMAIL_SERVER=localhost
|
||||
EMAIL_SSL_CERTFILE=
|
||||
EMAIL_SSL_KEYFILE=
|
||||
EMAIL_TIMEOUT=5
|
||||
EMAIL_USERNAME=
|
||||
EMAIL_USERNAME=netbox
|
||||
# EMAIL_USE_SSL and EMAIL_USE_TLS are mutually exclusive, i.e. they can't both be `true`!
|
||||
EMAIL_USE_SSL=false
|
||||
EMAIL_USE_TLS=false
|
||||
@ -26,7 +26,7 @@ REDIS_CACHE_SSL=false
|
||||
REDIS_DATABASE=0
|
||||
REDIS_HOST=redis
|
||||
REDIS_INSECURE_SKIP_TLS_VERIFY=false
|
||||
REDIS_PASSWORD=FDFD733Kdjndks81
|
||||
REDIS_PASSWORD=H733Kdjndks81
|
||||
REDIS_SSL=false
|
||||
RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases
|
||||
SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X'
|
||||
|
@ -1,2 +0,0 @@
|
||||
netbox-secrets
|
||||
netbox_dns
|
@ -1,5 +1,5 @@
|
||||
django-auth-ldap==4.8.0
|
||||
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3
|
||||
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4
|
||||
dulwich==0.22.1
|
||||
python3-saml==1.16.0 --no-binary lxml
|
||||
sentry-sdk[django]==2.1.1
|
||||
python3-saml==1.16.0 --no-binary lxml,xmlsec
|
||||
sentry-sdk[django]==2.12.0
|
||||
|
@ -4,3 +4,4 @@ LOGGING = {
|
||||
}
|
||||
|
||||
DEFAULT_PERMISSIONS = {}
|
||||
LOGIN_REQUIRED = False
|
||||
|
Loading…
Reference in New Issue
Block a user