forked from mirror/netbox-docker
Compare commits
25 Commits
octopus-re
...
develop
| Author | SHA1 | Date | |
|---|---|---|---|
|
e4315245b0 | ||
|
d4e94017b4 | ||
|
21cf7b498d | ||
|
|
2bbb2d16e1 | ||
|
|
9d04f2a7a5 | ||
|
|
b29f7fd446 | ||
|
|
6a3ba4409e | ||
|
|
570bb311e2 | ||
|
|
5e492c63c6 | ||
|
|
26b15f9ff1 | ||
|
|
3c8449fbec | ||
|
|
c51747a163 | ||
|
75fa7e7e99 | ||
|
|
9de583553d | ||
|
|
daa8b40c34 | ||
|
|
af6306db25 | ||
|
|
730743139e | ||
|
|
94e242179a | ||
|
|
8c691f1308 | ||
|
|
b74688309a | ||
|
|
60e9cfd458 | ||
|
1d69e6f233 | ||
|
918952a2a5 | ||
|
c22996d7d7 | ||
|
9169fc7684 |
@@ -221,9 +221,9 @@ if 'GRAPHQL_ENABLED' in environ:
|
||||
# authenticated to NetBox indefinitely.
|
||||
LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL)
|
||||
|
||||
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
|
||||
# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
|
||||
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL)
|
||||
# When enabled, only authenticated users are permitted to access any part of NetBox.
|
||||
# Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes).
|
||||
LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'True', _AS_BOOL)
|
||||
|
||||
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
|
||||
# re-authenticate. (Default: 1209600 [14 days])
|
||||
@@ -286,12 +286,23 @@ if 'RACK_ELEVATION_DEFAULT_UNIT_WIDTH' in environ:
|
||||
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT)
|
||||
|
||||
# Remote authentication support
|
||||
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
||||
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
||||
REMOTE_AUTH_AUTO_CREATE_GROUPS = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_GROUPS', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST)
|
||||
REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST)
|
||||
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
|
||||
# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # dicts can't be configured via environment variables. See extra.py instead.
|
||||
REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_GROUP_HEADER = _environ_get_and_map('REMOTE_AUTH_GROUP_HEADER', 'HTTP_REMOTE_USER_GROUP')
|
||||
REMOTE_AUTH_GROUP_SEPARATOR = _environ_get_and_map('REMOTE_AUTH_GROUP_SEPARATOR', '|')
|
||||
REMOTE_AUTH_GROUP_SYNC_ENABLED = _environ_get_and_map('REMOTE_AUTH_GROUP_SYNC_ENABLED', 'False', _AS_BOOL)
|
||||
REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER')
|
||||
REMOTE_AUTH_USER_EMAIL = environ.get('REMOTE_AUTH_USER_EMAIL', 'HTTP_REMOTE_USER_EMAIL')
|
||||
REMOTE_AUTH_USER_FIRST_NAME = environ.get('REMOTE_AUTH_USER_FIRST_NAME', 'HTTP_REMOTE_USER_FIRST_NAME')
|
||||
REMOTE_AUTH_USER_LAST_NAME = environ.get('REMOTE_AUTH_USER_LAST_NAME', 'HTTP_REMOTE_USER_LAST_NAME')
|
||||
REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUPS', '', _AS_LIST)
|
||||
REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST)
|
||||
REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST)
|
||||
REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST)
|
||||
|
||||
# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
|
||||
# version check or use the URL below to check for release in the official NetBox repository.
|
||||
|
||||
@@ -1,73 +0,0 @@
|
||||
services:
|
||||
netbox:
|
||||
networks:
|
||||
- caddy
|
||||
- netbox
|
||||
ports:
|
||||
- 8000:8080
|
||||
environment:
|
||||
- "DB_HOST=${PG_HOST}"
|
||||
configs:
|
||||
- source: configuration.py
|
||||
target: /etc/netbox/config/configuration.py
|
||||
- source: ldap_config.py
|
||||
target: /etc/netbox/config/ldap/ldap_config.py
|
||||
secrets:
|
||||
- source: netbox.superuser.pwd
|
||||
target: superuser_password
|
||||
- source: netbox.db.pwd
|
||||
target: db_password
|
||||
- source: netbox.secretkey
|
||||
target: secret_key
|
||||
- source: netbox.redis.pwd
|
||||
target: redis_password
|
||||
- source: netbox.redis.pwd
|
||||
target: redis_cache_password
|
||||
|
||||
netbox-worker:
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- netbox
|
||||
netbox-housekeeping:
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- netbox
|
||||
redis:
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- redis-password
|
||||
networks:
|
||||
- netbox
|
||||
redis-cache:
|
||||
restart: unless-stopped
|
||||
secrets:
|
||||
- redis-password
|
||||
networks:
|
||||
- netbox
|
||||
|
||||
secrets:
|
||||
netbox.superuser.pwd:
|
||||
external: true
|
||||
netbox.db.pwd:
|
||||
external: true
|
||||
netbox.secretkey:
|
||||
external: true
|
||||
netbox.redis.pwd:
|
||||
external: true
|
||||
redis-password:
|
||||
name: netbox.redis.pwd
|
||||
external: true
|
||||
environment: "REDIS_PASSWORD"
|
||||
|
||||
networks:
|
||||
caddy:
|
||||
external: true
|
||||
netbox:
|
||||
|
||||
configs:
|
||||
configuration.py:
|
||||
external: true
|
||||
name: netbox-configuration.py-v0
|
||||
ldap_config.py:
|
||||
external: true
|
||||
name: netbox-ldap_config.py-v0
|
||||
@@ -1,6 +1,6 @@
|
||||
services:
|
||||
netbox: &netbox
|
||||
image: ${IMAGE-netboxcommunity/netbox:latest}
|
||||
image: ${IMAGE-docker.io/netboxcommunity/netbox:latest}
|
||||
depends_on:
|
||||
postgres:
|
||||
condition: service_healthy
|
||||
@@ -13,10 +13,10 @@ services:
|
||||
volumes:
|
||||
- ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro
|
||||
healthcheck:
|
||||
test: curl -f http://localhost:8080/login/ || exit 1
|
||||
start_period: ${NETBOX_START_PERIOD-120s}
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "curl -f http://localhost:8080/api/ || exit 1"
|
||||
netbox-worker:
|
||||
<<: *netbox
|
||||
command:
|
||||
@@ -24,42 +24,47 @@ services:
|
||||
- /opt/netbox/netbox/manage.py
|
||||
- rqworker
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||
start_period: 40s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
||||
netbox-housekeeping:
|
||||
<<: *netbox
|
||||
command:
|
||||
- /opt/netbox/housekeeping.sh
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||
start_period: 40s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
||||
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
image: docker.io/postgres:16-alpine
|
||||
env_file: env/postgres.env
|
||||
healthcheck:
|
||||
test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose
|
||||
interval: 10s
|
||||
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose
|
||||
start_period: 20s
|
||||
interval: 1s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
redis: &redis
|
||||
image: redis:7-alpine
|
||||
image: docker.io/valkey/valkey:7.2-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
env_file: env/redis.env
|
||||
healthcheck:
|
||||
start_period: 20s
|
||||
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||
start_period: 5s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "timeout 2 redis-cli ping"
|
||||
interval: 1s
|
||||
retries: 5
|
||||
redis-cache:
|
||||
<<: *redis
|
||||
env_file: env/redis-cache.env
|
||||
|
||||
volumes:
|
||||
netbox-media-files:
|
||||
driver: local
|
||||
|
||||
@@ -2,70 +2,84 @@ services:
|
||||
netbox: &netbox
|
||||
image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.1}
|
||||
depends_on:
|
||||
# - postgres
|
||||
- postgres
|
||||
- redis
|
||||
- redis-cache
|
||||
env_file:
|
||||
- env/netbox.env
|
||||
env_file: env/netbox.env
|
||||
user: 'unit:root'
|
||||
healthcheck:
|
||||
start_period: 60s
|
||||
test: curl -f http://localhost:8080/login/ || exit 1
|
||||
start_period: 90s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "curl -f http://localhost:8080/login/ || exit 1"
|
||||
volumes:
|
||||
# - ./configuration:/etc/netbox/config:z,ro
|
||||
- ./configuration:/etc/netbox/config:z,ro
|
||||
- netbox-media-files:/opt/netbox/netbox/media:rw
|
||||
- netbox-reports-files:/opt/netbox/netbox/reports:rw
|
||||
- netbox-scripts-files:/opt/netbox/netbox/scripts:rw
|
||||
netbox-worker:
|
||||
<<: *netbox
|
||||
depends_on:
|
||||
- netbox
|
||||
netbox:
|
||||
condition: service_healthy
|
||||
command:
|
||||
- /opt/netbox/venv/bin/python
|
||||
- /opt/netbox/netbox/manage.py
|
||||
- rqworker
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q rqworker || exit 1
|
||||
start_period: 20s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q rqworker || exit 1"
|
||||
netbox-housekeeping:
|
||||
<<: *netbox
|
||||
depends_on:
|
||||
- netbox
|
||||
netbox:
|
||||
condition: service_healthy
|
||||
command:
|
||||
- /opt/netbox/housekeeping.sh
|
||||
healthcheck:
|
||||
test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
|
||||
start_period: 20s
|
||||
timeout: 3s
|
||||
interval: 15s
|
||||
test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1"
|
||||
|
||||
# postgres
|
||||
# postgres:
|
||||
# image: docker.io/postgres:16-alpine
|
||||
# env_file: env/postgres.env
|
||||
# volumes:
|
||||
# - netbox-postgres-data:/var/lib/postgresql/data
|
||||
postgres:
|
||||
image: docker.io/postgres:16-alpine
|
||||
healthcheck:
|
||||
test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
|
||||
start_period: 20s
|
||||
timeout: 30s
|
||||
interval: 10s
|
||||
retries: 5
|
||||
env_file: env/postgres.env
|
||||
volumes:
|
||||
- netbox-postgres-data:/var/lib/postgresql/data
|
||||
|
||||
# redis
|
||||
redis:
|
||||
image: docker.io/redis:7-alpine
|
||||
image: docker.io/valkey/valkey:7.2-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
healthcheck: &redis-healthcheck
|
||||
test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]"
|
||||
start_period: 5s
|
||||
timeout: 3s
|
||||
interval: 1s
|
||||
retries: 5
|
||||
env_file: env/redis.env
|
||||
volumes:
|
||||
- netbox-redis-data:/data
|
||||
redis-cache:
|
||||
image: docker.io/redis:7-alpine
|
||||
image: docker.io/valkey/valkey:7.2-alpine
|
||||
command:
|
||||
- sh
|
||||
- -c # this is to evaluate the $REDIS_PASSWORD from the env
|
||||
- redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
- valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose
|
||||
healthcheck: *redis-healthcheck
|
||||
env_file: env/redis-cache.env
|
||||
volumes:
|
||||
- netbox-redis-cache-data:/data
|
||||
@@ -73,8 +87,8 @@ services:
|
||||
volumes:
|
||||
netbox-media-files:
|
||||
driver: local
|
||||
# netbox-postgres-data:
|
||||
# driver: local
|
||||
netbox-postgres-data:
|
||||
driver: local
|
||||
netbox-redis-cache-data:
|
||||
driver: local
|
||||
netbox-redis-data:
|
||||
|
||||
7
env/netbox.env
vendored
7
env/netbox.env
vendored
@@ -1,8 +1,10 @@
|
||||
CORS_ORIGIN_ALLOW_ALL=True
|
||||
DB_HOST=${DB_HOST}
|
||||
DB_HOST=postgres
|
||||
DB_NAME=netbox
|
||||
DB_PASSWORD=J5brHrAXFLQSif0K
|
||||
DB_USER=netbox
|
||||
EMAIL_FROM=netbox@bar.com
|
||||
EMAIL_PASSWORD=
|
||||
EMAIL_PORT=25
|
||||
EMAIL_SERVER=localhost
|
||||
EMAIL_SSL_CERTFILE=
|
||||
@@ -19,11 +21,14 @@ METRICS_ENABLED=false
|
||||
REDIS_CACHE_DATABASE=1
|
||||
REDIS_CACHE_HOST=redis-cache
|
||||
REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY=false
|
||||
REDIS_CACHE_PASSWORD=t4Ph722qJ5QHeQ1qfu36
|
||||
REDIS_CACHE_SSL=false
|
||||
REDIS_DATABASE=0
|
||||
REDIS_HOST=redis
|
||||
REDIS_INSECURE_SKIP_TLS_VERIFY=false
|
||||
REDIS_PASSWORD=H733Kdjndks81
|
||||
REDIS_SSL=false
|
||||
RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases
|
||||
SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X'
|
||||
SKIP_SUPERUSER=true
|
||||
WEBHOOKS_ENABLED=true
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
django-auth-ldap==4.8.0
|
||||
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3
|
||||
dulwich==0.22.1
|
||||
python3-saml==1.16.0 --no-binary lxml
|
||||
sentry-sdk[django]==2.1.1
|
||||
python3-saml==1.16.0 --no-binary lxml,xmlsec
|
||||
sentry-sdk[django]==2.3.1
|
||||
|
||||
@@ -4,3 +4,4 @@ LOGGING = {
|
||||
}
|
||||
|
||||
DEFAULT_PERMISSIONS = {}
|
||||
LOGIN_REQUIRED = False
|
||||
|
||||
Reference in New Issue
Block a user