2026-02-06 05:54:04 +00:00
20 changed files with 223 additions and 161 deletions
--- a/.flake8
+++ b/.flake8
@ -4,4 +4,4 @@ extend-ignore = E203, W503
 per-file-ignores =
  configuration/*:E131,E251,E266,E302,E305,E501,E722
  startup_scripts/startup_script_utils/__init__.py:F401
-  docker/*:E266,E722,E501
+  docker/*:E266,E722
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@ -23,7 +23,7 @@ jobs:
      packages: read
      statuses: write
    steps:
-      - uses: actions/checkout@v6
+      - uses: actions/checkout@v5
        with:
          # Full git history is needed to get a proper
          # list of changed files within `super-linter`
@ -36,14 +36,12 @@ jobs:
          SUPPRESS_POSSUM: true
          LINTER_RULES_PATH: /
          VALIDATE_ALL_CODEBASE: false
          VALIDATE_BIOME_FORMAT: false
          VALIDATE_CHECKOV: false
          VALIDATE_DOCKERFILE: false
          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
          VALIDATE_GITLEAKS: false
          VALIDATE_JSCPD: false
          VALIDATE_PYTHON_PYLINT: false
          VALIDATE_TRIVY: false
          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
          FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*)
          EDITORCONFIG_FILE_NAME: .editorconfig-checker.json
          DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml
@ -74,7 +72,7 @@ jobs:
    steps:
      - id: git-checkout
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
      - id: buildx-setup
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -32,7 +32,7 @@ jobs:
    steps:
      - id: source-checkout
        name: Checkout
-        uses: actions/checkout@v6
+        uses: actions/checkout@v5
        with:
          ref: ${{ matrix.build.branch }}
      - id: set-netbox-docker-version
--- a/27
+++ b/27
@ -1,7 +1,7 @@
 ARG FROM
 FROM ${FROM} AS builder
-COPY --from=ghcr.io/astral-sh/uv:0.9 /uv /usr/local/bin/
+COPY --from=ghcr.io/astral-sh/uv:0.8 /uv /usr/local/bin/
 RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update -qq \
    && apt-get upgrade \
@ -27,7 +27,7 @@ ARG NETBOX_PATH
 COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt /
 ENV VIRTUAL_ENV=/opt/netbox/venv
 RUN \
-    # Gunicorn is not needed because we use Granian
+    # Gunicorn is not needed because we use Nginx Unit
    sed -i -e '/gunicorn/d' /requirements.txt && \
    # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt
    # we have potential version conflicts and the build will fail.
@ -46,6 +46,8 @@ RUN \
 ARG FROM
 FROM ${FROM} AS main
 COPY docker/unit.list /etc/apt/sources.list.d/unit.list
 ADD --chmod=444 --chown=0:0 https://unit.nginx.org/keys/nginx-keyring.gpg /usr/share/keyrings/nginx-keyring.gpg
 RUN export DEBIAN_FRONTEND=noninteractive \
    && apt-get update -qq \
    && apt-get upgrade \
@ -62,6 +64,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \
      openssl \
      python3 \
      tini \
      unit-python3.12=1.34.2-1~noble \
      unit=1.34.2-1~noble \
    && rm -rf /var/lib/apt/lists/*
 # Copy the modified 'requirements*.txt' files, to have the files actually used during installation
@ -76,23 +80,22 @@ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py
 COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py
 COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh
 COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh
 COPY docker/super_user.py /opt/netbox/super_user.py
 COPY configuration/ /etc/netbox/config/
-COPY docker/granian.py /opt/netbox/netbox/netbox/granian.py
+COPY docker/nginx-unit.json /etc/unit/
 COPY VERSION /opt/netbox/VERSION
 WORKDIR /opt/netbox/netbox
 # Must set permissions for '/opt/netbox/netbox/media' directory
 # to g+w so that pictures can be uploaded to netbox.
-RUN useradd --home-dir /opt/netbox/ --no-create-home --no-user-group --system --shell /bin/false --uid 999 --gid 0 netbox \
+RUN mkdir -p static media /opt/unit/state/ /opt/unit/tmp/ \
-    && mkdir -p static media local \
+      && chown -R unit:root /opt/unit/ media reports scripts \
-    && chown -R netbox:root media reports scripts \
+      && chmod -R g+w /opt/unit/ media reports scripts \
-    && chmod -R g+w media reports scripts \
+      && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \
-    && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \
+          --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \
-        --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \
+      && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \
-    && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \
+      && mkdir /opt/netbox/netbox/local \
-    && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml
+      && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml
 ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH VIRTUAL_ENV=/opt/netbox/venv UV_NO_CACHE=1
 ENTRYPOINT [ "/usr/bin/tini", "--" ]
--- a/README.md
+++ b/README.md
@ -39,9 +39,12 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star
 ```bash
 git clone -b release https://github.com/netbox-community/netbox-docker.git
 cd netbox-docker
-# Copy the example override file
+tee docker-compose.override.yml <<EOF
-cp docker-compose.override.yml.example docker-compose.override.yml
+services:
-# Read and edit the file to your liking
+  netbox:
    ports:
      - 8000:8080
 EOF
 docker compose pull
 docker compose up
 ```
--- a/2
+++ b/2
@ -1 +1 @@
-4.0.0
+3.4.1
--- a/configuration/configuration.py
+++ b/configuration/configuration.py
@ -116,11 +116,6 @@ REDIS = {
 # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
 SECRET_KEY = _read_secret('secret_key', environ.get('SECRET_KEY', ''))
 API_TOKEN_PEPPERS = {}
 if api_token_pepper := _read_secret('api_token_pepper_1', environ.get('API_TOKEN_PEPPER_1', '')):
    API_TOKEN_PEPPERS.update({1: api_token_pepper})
 #########################
 #                       #
@ -310,12 +305,6 @@ REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUP
 REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST)
 REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST)
 REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST)
 # SSO Configuration
 SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY')
 SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET = _read_secret('okta_openidconnect_secret', environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET', ''))
 SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL')
 SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY')
 SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = _read_secret('google_oauth2_secret', environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', ''))
 # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
 # version check or use the URL below to check for release in the official NetBox repository.
--- a/configuration/extra.py
+++ b/configuration/extra.py
@ -33,20 +33,13 @@
 ## By default uploaded media is stored on the local filesystem. Using Django-storages is also supported. Provide the
-## class path of the storage driver and any configuration options in STORAGES. For example:
+## class path of the storage driver in STORAGE_BACKEND and any configuration options in STORAGE_CONFIG. For example:
-# STORAGES = {
+# STORAGE_BACKEND = 'storages.backends.s3boto3.S3Boto3Storage'
-#     'default': {
+# STORAGE_CONFIG = {
-#         'BACKEND': 'storages.backends.s3boto3.S3Boto3Storage',
+#     'AWS_ACCESS_KEY_ID': 'Key ID',
-#         'OPTIONS': {
+#     'AWS_SECRET_ACCESS_KEY': 'Secret',
-#             'access_key': 'Key ID',
+#     'AWS_STORAGE_BUCKET_NAME': 'netbox',
-#             'secret_key': 'Secret',
+#     'AWS_S3_REGION_NAME': 'eu-west-1',
 #             'bucket_name': 'netbox',
 #             'region_name': 'us-west-1',
 #         }
 #     },
 #     'staticfiles': {
 #         'BACKEND': 'django.contrib.staticfiles.storage.StaticFilesStorage',
 #     }
 # }
--- a/docker-compose.override.yml.example
+++ b/docker-compose.override.yml.example
@ -2,6 +2,9 @@ services:
  netbox:
    ports:
      - "8000:8080"
    # If you want the Nginx unit status page visible from the
    # outside of the container add the following port mapping:
    # - "8001:8081"
    # healthcheck:
      # Time for which the health check can fail after the container is started.
      # This depends mostly on the performance of your database. On the first start,
@ -16,18 +19,4 @@ services:
      # SUPERUSER_EMAIL: ""
      # SUPERUSER_NAME: ""
      # SUPERUSER_PASSWORD: ""
      # SSO Configuration
      # SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY: "your_okta_client_id"
      # SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL: "https://your-domain.okta.com"
      # SOCIAL_AUTH_GOOGLE_OAUTH2_KEY: "your_google_client_id"
    # secrets:
      # - okta_openidconnect_secret
      # - google_oauth2_secret
 # Uncomment to use Docker secrets for SSO credentials
 # secrets:
 #   okta_openidconnect_secret:
 #     file: ./secrets/okta_secret.txt
 #   google_oauth2_secret:
 #     file: ./secrets/google_secret.txt
--- a/docker-compose.test.yml
+++ b/docker-compose.test.yml
@ -9,7 +9,7 @@ services:
      redis-cache:
        condition: service_healthy
    env_file: env/netbox.env
-    user: "netbox:root"
+    user: "unit:root"
    volumes:
      - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro
    healthcheck:
@ -30,7 +30,7 @@ services:
      interval: 15s
  postgres:
-    image: docker.io/postgres:18-alpine
+    image: docker.io/postgres:17-alpine
    env_file: env/postgres.env
    healthcheck:
      test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose
@ -40,7 +40,7 @@ services:
      retries: 5
  redis: &redis
-    image: docker.io/valkey/valkey:9.0-alpine
+    image: docker.io/valkey/valkey:8.1-alpine
    command:
      - sh
      - -c # this is to evaluate the $REDIS_PASSWORD from the env
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,12 +1,12 @@
 services:
  netbox: &netbox
-    image: docker.io/netboxcommunity/netbox:${VERSION-v4.5-4.0.0}
+    image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.1}
    depends_on:
      - postgres
      - redis
      - redis-cache
    env_file: env/netbox.env
-    user: "netbox:root"
+    user: "unit:root"
    healthcheck:
      test: curl -f http://localhost:8080/login/ || exit 1
      start_period: 90s
@ -34,7 +34,7 @@ services:
  # postgres
  postgres:
-    image: docker.io/postgres:18-alpine
+    image: docker.io/postgres:17-alpine
    healthcheck:
      test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER
      start_period: 20s
@ -43,11 +43,11 @@ services:
      retries: 5
    env_file: env/postgres.env
    volumes:
-      - netbox-postgres:/var/lib/postgresql
+      - netbox-postgres-data:/var/lib/postgresql/data
  # redis
  redis:
-    image: docker.io/valkey/valkey:9.0-alpine
+    image: docker.io/valkey/valkey:8.1-alpine
    command:
      - sh
      - -c # this is to evaluate the $REDIS_PASSWORD from the env
@ -62,7 +62,7 @@ services:
    volumes:
      - netbox-redis-data:/data
  redis-cache:
-    image: docker.io/valkey/valkey:9.0-alpine
+    image: docker.io/valkey/valkey:8.1-alpine
    command:
      - sh
      - -c # this is to evaluate the $REDIS_PASSWORD from the env
@ -75,7 +75,7 @@ services:
 volumes:
  netbox-media-files:
    driver: local
-  netbox-postgres:
+  netbox-postgres-data:
    driver: local
  netbox-redis-cache-data:
    driver: local
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@ -54,10 +54,43 @@ fi
 if [ "$SKIP_SUPERUSER" == "true" ]; then
  echo "↩️ Skip creating the superuser"
 else
-  ./manage.py shell --no-startup --no-imports --interface python \
+  if [ -z ${SUPERUSER_NAME+x} ]; then
-    </opt/netbox/super_user.py
+    SUPERUSER_NAME='admin'
  fi
  if [ -z ${SUPERUSER_EMAIL+x} ]; then
    SUPERUSER_EMAIL='admin@example.com'
  fi
  if [ -f "/run/secrets/superuser_password" ]; then
    SUPERUSER_PASSWORD="$(</run/secrets/superuser_password)"
  elif [ -z ${SUPERUSER_PASSWORD+x} ]; then
    SUPERUSER_PASSWORD='admin'
  fi
  if [ -f "/run/secrets/superuser_api_token" ]; then
    SUPERUSER_API_TOKEN="$(</run/secrets/superuser_api_token)"
  elif [ -z ${SUPERUSER_API_TOKEN+x} ]; then
    SUPERUSER_API_TOKEN='0123456789abcdef0123456789abcdef01234567'
  fi
  ./manage.py shell --interface python <<END
 from users.models import Token, User
 if not User.objects.filter(username='${SUPERUSER_NAME}'):
    u = User.objects.create_superuser('${SUPERUSER_NAME}', '${SUPERUSER_EMAIL}', '${SUPERUSER_PASSWORD}')
    Token.objects.create(user=u, key='${SUPERUSER_API_TOKEN}')
 END
  echo "💡 Superuser Username: ${SUPERUSER_NAME}, E-Mail: ${SUPERUSER_EMAIL}"
 fi
 ./manage.py shell --interface python <<END
 from users.models import Token
 try:
    old_default_token = Token.objects.get(key="0123456789abcdef0123456789abcdef01234567")
    if old_default_token:
        print("⚠️ Warning: You have the old default admin API token in your database. This token is widely known; please remove it. Log in as your superuser and check API Tokens in your user menu.")
 except Token.DoesNotExist:
    pass
 END
 echo "✅ Initialisation is done."
 # Launch whatever is passed by docker
--- a/docker/granian.py
+++ b/docker/granian.py
@ -1,13 +0,0 @@
 from granian.utils.proxies import wrap_wsgi_with_proxy_headers
 from netbox.wsgi import application
 application = wrap_wsgi_with_proxy_headers(
    application,
    trusted_hosts=[
        "10.0.0.0/8",
        "172.16.0.0/12",
        "192.168.0.0/16",
        "fc00::/7",
        "fe80::/10",
    ],
 )
--- a/docker/launch-netbox.sh
+++ b/docker/launch-netbox.sh
@ -1,21 +1,57 @@
 #!/bin/bash
-exec granian \
+UNIT_CONFIG="${UNIT_CONFIG-/etc/unit/nginx-unit.json}"
-  --host "::" \
+# Also used in "nginx-unit.json"
-  --port "8080" \
+UNIT_SOCKET="/opt/unit/unit.sock"
-  --interface "wsgi" \
+
-  --no-ws \
+load_configuration() {
-  --workers "${GRANIAN_WORKERS:-4}" \
+  MAX_WAIT=10
-  --respawn-failed-workers \
+  WAIT_COUNT=0
-  --backpressure "${GRANIAN_BACKPRESSURE:-${GRANIAN_WORKERS:-4}}" \
+  while [ ! -S $UNIT_SOCKET ]; do
-  --loop "uvloop" \
+    if [ $WAIT_COUNT -ge $MAX_WAIT ]; then
-  --log \
+      echo "⚠️ No control socket found; configuration will not be loaded."
-  --log-level "info" \
+      return 1
-  --access-log \
+    fi
-  --working-dir "/opt/netbox/netbox/" \
+
-  --static-path-route "/static" \
+    WAIT_COUNT=$((WAIT_COUNT + 1))
-  --static-path-mount "/opt/netbox/netbox/static/" \
+    echo "⏳ Waiting for control socket to be created... (${WAIT_COUNT}/${MAX_WAIT})"
-  --static-path-dir-to-file index.html \
+
-  --pid-file "/tmp/granian.pid" \
+    sleep 1
-  "${GRANIAN_EXTRA_ARGS[@]}" \
+  done
-  "netbox.granian:application"
+
  # even when the control socket exists, it does not mean unit has finished initialisation
  # this curl call will get a reply once unit is fully launched
  curl --silent --output /dev/null --request GET --unix-socket $UNIT_SOCKET http://localhost/
  echo "⚙️ Applying configuration from $UNIT_CONFIG"
  RESP_CODE=$(
    curl \
      --silent \
      --output /dev/null \
      --write-out '%{http_code}' \
      --request PUT \
      --data-binary "@${UNIT_CONFIG}" \
      --unix-socket $UNIT_SOCKET \
      http://localhost/config
  )
  if [ "$RESP_CODE" != "200" ]; then
    echo "⚠️ Could no load Unit configuration"
    kill "$(cat /opt/unit/unit.pid)"
    return 1
  fi
  echo "✅ Unit configuration loaded successfully"
 }
 load_configuration &
 exec unitd \
  --no-daemon \
  --control unix:$UNIT_SOCKET \
  --pid /opt/unit/unit.pid \
  --log /dev/stdout \
  --statedir /opt/unit/state/ \
  --tmpdir /opt/unit/tmp/ \
  --user unit \
  --group root
--- a/docker/nginx-unit.json
+++ b/docker/nginx-unit.json
@ -0,0 +1,82 @@
 {
  "listeners": {
    "0.0.0.0:8080": {
      "pass": "routes/main",
      "forwarded": {
        "client_ip": "X-Forwarded-For",
        "protocol": "X-Forwarded-Proto",
        "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]
      }
    },
    "0.0.0.0:8081": {
      "pass": "routes/status",
      "forwarded": {
        "client_ip": "X-Forwarded-For",
        "protocol": "X-Forwarded-Proto",
        "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]
      }
    },
    "[::]:8080": {
      "pass": "routes/main",
      "forwarded": {
        "client_ip": "X-Forwarded-For",
        "protocol": "X-Forwarded-Proto",
        "source": ["fc00::/7", "fe80::/10"]
      }
    },
    "[::]:8081": {
      "pass": "routes/status",
      "forwarded": {
        "client_ip": "X-Forwarded-For",
        "protocol": "X-Forwarded-Proto",
        "source": ["fc00::/7", "fe80::/10"]
      }
    }
  },
  "routes": {
    "main": [
      {
        "match": {
          "uri": "/static/*"
        },
        "action": {
          "share": "/opt/netbox/netbox${uri}"
        }
      },
      {
        "action": {
          "pass": "applications/netbox"
        }
      }
    ],
    "status": [
      {
        "match": {
          "uri": "/status/*"
        },
        "action": {
          "proxy": "http://unix:/opt/unit/unit.sock"
        }
      }
    ]
  },
  "applications": {
    "netbox": {
      "type": "python 3",
      "path": "/opt/netbox/netbox/",
      "module": "netbox.wsgi",
      "home": "/opt/netbox/venv",
      "processes": {
        "max": 4,
        "spare": 1,
        "idle_timeout": 120
      }
    }
  },
  "access_log": "/dev/stdout",
  "settings": {
    "http": {
      "max_body_size": 104857600
    }
  }
 }
--- a/docker/super_user.py
+++ b/docker/super_user.py
@ -1,36 +0,0 @@
 from os import environ
 from django.conf import settings
 from users.choices import TokenVersionChoices
 from users.models import Token, User
 # Read secret from file
 def _read_secret(secret_name: str, default: str | None = None) -> str | None:
    try:
        f = open("/run/secrets/" + secret_name, "r", encoding="utf-8")
    except EnvironmentError:
        return default
    else:
        with f:
            return f.readline().strip()
 su_name = environ.get("SUPERUSER_NAME", "admin")
 su_email = environ.get("SUPERUSER_EMAIL", "admin@example.com")
 su_password = _read_secret("superuser_password", environ.get("SUPERUSER_PASSWORD", "admin"))
 su_api_token = _read_secret(
    "superuser_api_token",
    environ.get("SUPERUSER_API_TOKEN", "0123456789abcdef0123456789abcdef01234567"),
 )
 if not User.objects.filter(username=su_name):
    u = User.objects.create_superuser(su_name, su_email, su_password)
    msg = ""
    if not settings.API_TOKEN_PEPPERS:
        print("⚠️ No API token will be created as API_TOKEN_PEPPERS is not set")
        msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}"
    else:
        t = Token.objects.create(user=u, token=su_api_token, version=TokenVersionChoices.V2)
        msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}, API Token: {t} (use with '{t.get_auth_header_prefix()}<Your token>')"
    print(msg)
--- a/docker/unit.list
+++ b/docker/unit.list
@ -0,0 +1 @@
 deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] http://packages.nginx.org/unit/ubuntu/ noble unit
--- a/env/netbox.env
+++ b/env/netbox.env
@ -1,4 +1,3 @@
 API_TOKEN_PEPPER_1=Qy+F=OTeGskWQ(wTMgjc+NPPlz6YwFXY=KHIIg=wpYXT&e(6u8
 CORS_ORIGIN_ALLOW_ALL=True
 DB_HOST=postgres
 DB_NAME=netbox
@ -15,8 +14,6 @@ EMAIL_USERNAME=netbox
 # EMAIL_USE_SSL and EMAIL_USE_TLS are mutually exclusive, i.e. they can't both be `true`!
 EMAIL_USE_SSL=false
 EMAIL_USE_TLS=false
 GRANIAN_BACKPRESSURE=4
 GRANIAN_WORKERS=4
 GRAPHQL_ENABLED=true
 MEDIA_ROOT=/opt/netbox/netbox/media
 METRICS_ENABLED=false
@ -33,12 +30,4 @@ REDIS_SSL=false
 RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases
 SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X'
 SKIP_SUPERUSER=true
 # SSO Configuration (uncomment and configure as needed)
 # OKTA OpenID Connect
 # SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY=your_okta_client_id
 # SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET=your_okta_client_secret
 # SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL=https://your-domain.okta.com
 # Google OAuth2
 # SOCIAL_AUTH_GOOGLE_OAUTH2_KEY=your_google_client_id
 # SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET=your_google_client_secret
 WEBHOOKS_ENABLED=true
--- a/requirements-container.txt
+++ b/requirements-container.txt
@ -1,7 +1,6 @@
-django-auth-ldap==5.3.0
+django-auth-ldap==5.2.0
-dulwich==1.0.0
+dulwich==0.24.1
 granian[uvloop]==2.7.0
 python3-saml==1.16.0
 --no-binary lxml
 --no-binary xmlsec
-sentry-sdk[django]==2.51.0
+sentry-sdk[django]==2.39.0
--- a/test-configuration/test_config.py
+++ b/test-configuration/test_config.py
@ -10,7 +10,3 @@ PLUGINS = [
 ALLOW_TOKEN_RETRIEVAL = True
 DEFAULT_PERMISSIONS = {}
 API_TOKEN_PEPPERS = {
    1: 'TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE',
 }
		`@ -0,0 +1 @@`
							`deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] http://packages.nginx.org/unit/ubuntu/ noble unit`