Mascali
/
netbox-docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #493 from netbox-community/develop 

Release 1.2.0
This commit is contained in:
Tobias Genannt 2021-04-27 09:47:38 +02:00 committed by GitHub
parent cb5ffa0354 60428d5639
commit 676ca798cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
34 changed files with 305 additions and 207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/push.yml vendored
View File

@ -14,6 +14,9 @@ jobs:
name: Checks syntax of our code
steps:
- uses: actions/checkout@v2
with:
# Full git history is needed to get a proper list of changed files within `super-linter`
fetch-depth: 0
- uses: actions/setup-python@v2
- name: Lint Code Base
uses: github/super-linter@v3
@ -39,7 +42,7 @@ jobs:
build_cmd:
- ./build-latest.sh
- PRERELEASE=true ./build-latest.sh
- ./build-next.sh
- ./build.sh feature
- ./build.sh develop
docker_from:
- '' # use the default of the build script

2
.github/workflows/release.yml vendored
View File

@ -14,7 +14,7 @@ jobs:
build_cmd:
- ./build-latest.sh
- PRERELEASE=true ./build-latest.sh
- ./build-next.sh
- ./build.sh feature
- ./build.sh develop
fail-fast: false
runs-on: ubuntu-latest

3
.gitignore vendored
View File

@ -7,6 +7,9 @@ configuration/*
!configuration/configuration.py
!configuration/extra.py
configuration/ldap/*
!configuration/ldap/extra.py
!configuration/ldap/ldap_config.py
!configuration/logging.py
!configuration/plugins.py
prometheus.yml
super-linter.log

7
README.md
View File

@ -134,8 +134,7 @@ It runs NetBox's own unit tests and ensures that all initializers work:
IMAGE=netboxcommunity/netbox:latest ./test.sh
```
## About
## Support
This repository is currently maintained and funded by [nxt][nxt].
[nxt]: https://nxt.engineering/en/
This repository is currently maintained by the community.
Please consider sponsoring the maintainers of this project.

2
VERSION
View File

@ -1 +1 @@
1.1.0
1.2.0

39
build-next.sh
View File

@ -1,39 +0,0 @@
#!/bin/bash
# Builds develop, develop-* and master branches of NetBox
echo "▶️ $0 $*"
###
# Checking for the presence of GITHUB_OAUTH_CLIENT_ID
# and GITHUB_OAUTH_CLIENT_SECRET
###
if [ -n "${GITHUB_OAUTH_CLIENT_ID}" ] && [ -n "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then
echo "🗝 Performing authenticated Github API calls."
GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}"
else
echo "🕶 Performing unauthenticated Github API calls. This might result in lower Github rate limits!"
GITHUB_OAUTH_PARAMS=""
fi
###
# Calling Github to get the all branches
###
ORIGINAL_GITHUB_REPO="${SRC_ORG-netbox-community}/${SRC_REPO-netbox}"
GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}"
URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/branches?${GITHUB_OAUTH_PARAMS}"
# Composing the JQ commans to extract the most recent version number
JQ_NEXT='map(.name) | .[] | scan("^[^v].+") | match("^(develop-).*") | .string'
CURL="curl -sS"
# Querying the Github API to fetch all branches
NEXT=$($CURL "${URL_RELEASES}" | jq -r "$JQ_NEXT")
if [ -n "$NEXT" ]; then
# shellcheck disable=SC2068
./build.sh "${NEXT}" $@
else
echo "No branch matching 'develop-*' found"
echo "::set-output name=skipped::true"
fi

28
configuration/ldap/extra.py Normal file
View File

@ -0,0 +1,28 @@
####
## This file contains extra configuration options that can't be configured
## directly through environment variables.
## All vairables set here overwrite any existing found in ldap_config.py
####
# # This Python script inherits all the imports from ldap_config.py
# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py
# # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin.
# AUTH_LDAP_REQUIRE_GROUP = (
# LDAPGroupQuery("cn=netbox-user-ro,ou=groups,dc=example,dc=com")
# | LDAPGroupQuery("cn=netbox-user-rw,ou=groups,dc=example,dc=com")
# | LDAPGroupQuery("cn=netbox-user-admin,ou=groups,dc=example,dc=com")
# )
# # Sets LDAP Flag groups variables with example.
# AUTH_LDAP_USER_FLAGS_BY_GROUP = {
# "is_staff": (
# LDAPGroupQuery("cn=netbox-user-ro,ou=groups,dc=example,dc=com")
# | LDAPGroupQuery("cn=netbox-user-rw,ou=groups,dc=example,dc=com")
# | LDAPGroupQuery("cn=netbox-user-admin,ou=groups,dc=example,dc=com")
# ),
# "is_superuser": "cn=netbox-user-admin,ou=groups,dc=example,dc=com",
# }
# # Sets LDAP Mirror groups variables with example groups
# AUTH_LDAP_MIRROR_GROUPS = ["netbox-user-ro", "netbox-user-rw", "netbox-user-admin"]

55
configuration/logging.py Normal file
View File

@ -0,0 +1,55 @@
# # Remove first comment(#) on each line to implement this working logging example.
# # Add LOGLEVEL environment variable to netbox if you use this example & want a different log level.
# from os import environ
# # Set LOGLEVEL in netbox.env or docker-compose.overide.yml to override a logging level of INFO.
# LOGLEVEL = environ.get('LOGLEVEL', 'INFO')
# LOGGING = {
# 'version': 1,
# 'disable_existing_loggers': False,
# 'formatters': {
# 'verbose': {
# 'format': '{levelname} {asctime} {module} {process:d} {thread:d} {message}',
# 'style': '{',
# },
# 'simple': {
# 'format': '{levelname} {message}',
# 'style': '{',
# },
# },
# 'filters': {
# 'require_debug_false': {
# '()': 'django.utils.log.RequireDebugFalse',
# },
# },
# 'handlers': {
# 'console': {
# 'level': LOGLEVEL,
# 'filters': ['require_debug_false'],
# 'class': 'logging.StreamHandler',
# 'formatter': 'simple'
# },
# 'mail_admins': {
# 'level': 'ERROR',
# 'class': 'django.utils.log.AdminEmailHandler',
# 'filters': ['require_debug_false']
# }
# },
# 'loggers': {
# 'django': {
# 'handlers': ['console'],
# 'propagate': True,
# },
# 'django.request': {
# 'handlers': ['mail_admins'],
# 'level': 'ERROR',
# 'propagate': False,
# },
# 'django_auth_ldap': {
# 'handlers': ['console',],
# 'level': LOGLEVEL,
# }
# }
# }

13
configuration/plugins.py Normal file
View File

@ -0,0 +1,13 @@
# Add your plugins and plugin settings here.
# Of course uncomment this file out.
# To learn how to build images with your required plugins
# See https://github.com/netbox-community/netbox-docker/wiki/Using-Netbox-Plugins
# PLUGINS = ["netbox_bgp"]
# PLUGINS_CONFIG = {
# "netbox_bgp": {
# ADD YOUR SETTINGS HERE
# }
# }

5
docker-compose.override.yml.example Normal file
View File

@ -0,0 +1,5 @@
version: '3.4'
services:
netbox:
ports:
- 8000:8080

2
docker-compose.yml
View File

@ -16,8 +16,6 @@ services:
- ./reports:/etc/netbox/reports:z,ro
- ./scripts:/etc/netbox/scripts:z,ro
- netbox-media-files:/opt/netbox/netbox/media:z
ports:
- "8080"
netbox-worker:
<<: *netbox
depends_on:

4
docker/docker-entrypoint.sh
View File

@ -68,6 +68,4 @@ echo "✅ Initialisation is done."
# Launch whatever is passed by docker
# (i.e. the RUN instruction in the Dockerfile)
#
# shellcheck disable=SC2068
exec $@
exec "$@"

8
initializers/custom_links.yml
View File

@ -10,12 +10,12 @@
## Examples:
# - name: link_to_repo
# text: 'Link to Netbox Docker'
# url: 'https://github.com/netbox-community/netbox-docker'
# link_text: 'Link to Netbox Docker'
# link_url: 'https://github.com/netbox-community/netbox-docker'
# new_window: False
# content_type: device
# - name: link_to_localhost
# text: 'Link to localhost'
# url: 'http://localhost'
# link_text: 'Link to localhost'
# link_url: 'http://localhost'
# new_window: True
# content_type: device

9
initializers/devices.yml
View File

@ -42,3 +42,12 @@
# position: 3
# custom_field_data:
# text_field: Description
# - name: server04
# device_role: server
# device_type: Other
# site: SING 1
# location: cage 101
# face: front
# position: 3
# custom_field_data:
# text_field: Description

32
initializers/groups.yml
View File

@ -1,35 +1,9 @@
## To list all permissions, run:
##
## docker-compose run --rm --entrypoint /bin/bash netbox
## $ ./manage.py migrate
## $ ./manage.py shell
## > from django.contrib.auth.models import Permission
## > print('\n'.join([p.codename for p in Permission.objects.all()]))
##
## Permission lists support wildcards. See the examples below.
##
## Examples:
# applications:
# users:
# - technical_user
# - technical_user
# readers:
# users:
# - reader
# - reader
# writers:
# users:
# - writer
# permissions:
# - delete_device
# - delete_virtualmachine
# - add_*
# - change_*
# vm_managers:
# permissions:
# - '*_virtualmachine'
# device_managers:
# permissions:
# - '*device*'
# creators:
# permissions:
# - add_*
# - writer

0
initializers/rack_groups.yml → initializers/locations.yml
View File

48
initializers/object_permissions.yml Normal file
View File

@ -0,0 +1,48 @@
# all.ro:
# actions:
# - view
# description: 'Read Only for All Objects'
# enabled: true
# groups:
# - applications
# - readers
# object_types: all
# users:
# - jdoe
# all.rw:
# actions:
# - add
# - change
# - delete
# - view
# description: 'Read/Write for All Objects'
# enabled: true
# groups:
# - writers
# object_types: all
# network_team.rw:
# actions:
# - add
# - change
# - delete
# - view
# description: "Network Team Permissions"
# enabled: true
# object_types:
# circuits:
# - circuit
# - circuittermination
# - circuittype
# - provider
# dcim: all
# ipam:
# - aggregate
# - ipaddress
# - prefix
# - rir
# - role
# - routetarget
# - service
# - vlan
# - vlangroup
# - vrf

2
initializers/power_panels.yml
View File

@ -2,4 +2,4 @@
# site: AMS 1
# - name: power panel SING 1
# site: SING 1
# rack_group: cage 101
# location: cage 101

2
initializers/racks.yml
View File

@ -32,7 +32,7 @@
# text_field: Description
# - site: SING 1
# name: rack-03
# group: cage 101
# location: cage 101
# role: Role 3
# type: 4-post-cabinet
# width: 19

25
initializers/users.yml
View File

@ -1,23 +1,14 @@
## To list all permissions, run:
##
## docker-compose run --rm --entrypoint /bin/bash netbox
## $ ./manage.py migrate
## $ ./manage.py shell
## > from django.contrib.auth.models import Permission
## > print('\n'.join([p.codename for p in Permission.objects.all()]))
##
## Permission lists support wildcards. See the examples below.
##
## Examples:
# technical_user:
# api_token: 0123456789technicaluser789abcdef01234567 # must be looooong!
# reader:
# password: reader
# writer:
# password: writer
# permissions:
# - delete_device
# - delete_virtualmachine
# - add_*
# - change_*
# jdoe:
# first_name: John
# last_name: Doe
# api_token: 0123456789jdoe789abcdef01234567jdoe
# is_active: True
# is_superuser: False
# is_staff: False
# email: john.doe@example.com

22
initializers/vlan_groups.yml
View File

@ -1,6 +1,24 @@
# - name: VLAN group 1
# site: AMS 1
# scope_type: dcim.region
# scope: Amsterdam
# slug: vlan-group-1
# - name: VLAN group 2
# site: AMS 1
# scope_type: dcim.site
# scope: AMS 1
# slug: vlan-group-2
# - name: VLAN group 3
# scope_type: dcim.location
# scope: cage 101
# slug: vlan-group-3
# - name: VLAN group 4
# scope_type: dcim.rack
# scope: rack-01
# slug: vlan-group-4
# - name: VLAN group 5
# scope_type: virtualization.cluster
# scope: cluster1
# slug: vlan-group-5
# - name: VLAN group 6
# scope_type: virtualization.clustergroup
# scope: Group 1
# slug: vlan-group-6

4
requirements-container.txt
View File

@ -1,4 +1,4 @@
napalm==3.2.0
ruamel.yaml==0.16.13
django-auth-ldap==2.3.0
ruamel.yaml==0.17.4
django-auth-ldap==2.4.0
django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.11.1

5
startup_scripts/000_users.py
View File

@ -1,7 +1,7 @@
import sys
from django.contrib.auth.models import User
from startup_script_utils import load_yaml, set_permissions
from startup_script_utils import load_yaml
from users.models import Token
users = load_yaml("/opt/netbox/initializers/users.yml")
@ -19,6 +19,3 @@ for username, user_details in users.items():
if user_details.get("api_token", 0):
Token.objects.create(user=user, key=user_details["api_token"])
yaml_permissions = user_details.get("permissions", [])
set_permissions(user.user_permissions, yaml_permissions)

14
startup_scripts/010_groups.py
View File

@ -1,23 +1,23 @@
import sys
from django.contrib.auth.models import Group, User
from startup_script_utils import load_yaml, set_permissions
from startup_script_utils import load_yaml
from users.models import AdminGroup, AdminUser
groups = load_yaml("/opt/netbox/initializers/groups.yml")
if groups is None:
sys.exit()
for groupname, group_details in groups.items():
group, created = Group.objects.get_or_create(name=groupname)
group, created = AdminGroup.objects.get_or_create(name=groupname)
if created:
print("👥 Created group", groupname)
for username in group_details.get("users", []):
user = User.objects.get(username=username)
user = AdminUser.objects.get(username=username)
if user:
user.groups.add(group)
group.user_set.add(user)
print(" 👤 Assigned user %s to group %s" % (username, AdminGroup.name))
yaml_permissions = group_details.get("permissions", [])
set_permissions(group.permissions, yaml_permissions)
group.save()

60
startup_scripts/015_object_permissions.py Normal file
View File

@ -0,0 +1,60 @@
import sys
from django.contrib.contenttypes.models import ContentType
from startup_script_utils import load_yaml
from users.models import AdminGroup, AdminUser, ObjectPermission
object_permissions = load_yaml("/opt/netbox/initializers/object_permissions.yml")
if object_permissions is None:
sys.exit()
for permission_name, permission_details in object_permissions.items():
object_permission, created = ObjectPermission.objects.get_or_create(
name=permission_name,
description=permission_details["description"],
enabled=permission_details["enabled"],
actions=permission_details["actions"],
)
if permission_details.get("object_types", 0):
object_types = permission_details["object_types"]
if object_types == "all":
object_permission.object_types.set(ContentType.objects.all())
else:
for app_label, models in object_types.items():
if models == "all":
app_models = ContentType.objects.filter(app_label=app_label)
for app_model in app_models:
object_permission.object_types.add(app_model.id)
else:
# There is
for model in models:
object_permission.object_types.add(
ContentType.objects.get(app_label=app_label, model=model)
)
print("🔓 Created object permission", object_permission.name)
if permission_details.get("groups", 0):
for groupname in permission_details["groups"]:
group = AdminGroup.objects.filter(name=groupname).first()
if group:
object_permission.groups.add(group)
print(" 👥 Assigned group %s object permission of %s" % (groupname, groupname))
if permission_details.get("users", 0):
for username in permission_details["users"]:
user = AdminUser.objects.filter(username=username).first()
if user:
object_permission.users.add(user)
print(" 👤 Assigned user %s object permission of %s" % (username, groupname))
object_permission.save()

8
startup_scripts/075_rack_groups.py → startup_scripts/075_locations.py
View File

@ -1,9 +1,9 @@
import sys
from dcim.models import RackGroup, Site
from dcim.models import Location, Site
from startup_script_utils import load_yaml
rack_groups = load_yaml("/opt/netbox/initializers/rack_groups.yml")
rack_groups = load_yaml("/opt/netbox/initializers/locations.yml")
if rack_groups is None:
sys.exit()
@ -17,7 +17,7 @@ for params in rack_groups:
query = {field: params.pop(assoc)}
params[assoc] = model.objects.get(**query)
rack_group, created = RackGroup.objects.get_or_create(**params)
location, created = Location.objects.get_or_create(**params)
if created:
print("🎨 Created rack group", rack_group.name)
print("🎨 Created location", location.name)

4
startup_scripts/080_racks.py
View File

@ -1,6 +1,6 @@
import sys
from dcim.models import Rack, RackGroup, RackRole, Site
from dcim.models import Location, Rack, RackRole, Site
from startup_script_utils import load_yaml, pop_custom_fields, set_custom_fields_values
from tenancy.models import Tenant
@ -14,7 +14,7 @@ required_assocs = {"site": (Site, "name")}
optional_assocs = {
"role": (RackRole, "name"),
"tenant": (Tenant, "name"),
"group": (RackGroup, "name"),
"location": (Location, "name"),
}
for params in racks:

3
startup_scripts/140_devices.py
View File

@ -1,6 +1,6 @@
import sys
from dcim.models import Device, DeviceRole, DeviceType, Platform, Rack, Site
from dcim.models import Device, DeviceRole, DeviceType, Location, Platform, Rack, Site
from startup_script_utils import load_yaml, pop_custom_fields, set_custom_fields_values
from tenancy.models import Tenant
from virtualization.models import Cluster
@ -21,6 +21,7 @@ optional_assocs = {
"platform": (Platform, "name"),
"rack": (Rack, "name"),
"cluster": (Cluster, "name"),
"location": (Location, "name"),
}
for params in devices:

51
startup_scripts/145_devices.py
View File

@ -1,51 +0,0 @@
import sys
from dcim.models import Device, DeviceRole, DeviceType, Platform, Rack, Site
from startup_script_utils import load_yaml, pop_custom_fields, set_custom_fields_values
from tenancy.models import Tenant
from virtualization.models import Cluster
devices = load_yaml("/opt/netbox/initializers/devices.yml")
if devices is None:
sys.exit()
required_assocs = {
"device_role": (DeviceRole, "name"),
"device_type": (DeviceType, "model"),
"site": (Site, "name"),
}
optional_assocs = {
"tenant": (Tenant, "name"),
"platform": (Platform, "name"),
"rack": (Rack, "name"),
"cluster": (Cluster, "name"),
}
for params in devices:
custom_field_data = pop_custom_fields(params)
# primary ips are handled later in `270_primary_ips.py`
params.pop("primary_ip4", None)
params.pop("primary_ip6", None)
for assoc, details in required_assocs.items():
model, field = details
query = {field: params.pop(assoc)}
params[assoc] = model.objects.get(**query)
for assoc, details in optional_assocs.items():
if assoc in params:
model, field = details
query = {field: params.pop(assoc)}
params[assoc] = model.objects.get(**query)
device, created = Device.objects.get_or_create(**params)
if created:
set_custom_fields_values(device, custom_field_data)
print("🖥️ Created device", device.name)

21
startup_scripts/200_vlan_groups.py
View File

@ -1,6 +1,6 @@
import sys
from dcim.models import Site
from django.contrib.contenttypes.models import ContentType
from ipam.models import VLANGroup
from startup_script_utils import load_yaml, pop_custom_fields, set_custom_fields_values
@ -9,7 +9,7 @@ vlan_groups = load_yaml("/opt/netbox/initializers/vlan_groups.yml")
if vlan_groups is None:
sys.exit()
optional_assocs = {"site": (Site, "name")}
optional_assocs = {"scope": (None, "name")}
for params in vlan_groups:
custom_field_data = pop_custom_fields(params)
@ -18,9 +18,20 @@ for params in vlan_groups:
if assoc in params:
model, field = details
query = {field: params.pop(assoc)}
params[assoc] = model.objects.get(**query)
# Get model from Contenttype
scope_type = params.pop("scope_type", None)
if not scope_type:
print(f"VLAN Group '{params['name']}': scope_type is missing from VLAN Group")
continue
app_label, model = str(scope_type).split(".")
ct = ContentType.objects.filter(app_label=app_label, model=model).first()
if not ct:
print(
f"VLAN Group '{params['name']}': ContentType for "
+ f"app_label = '{app_label}' and model = '{model}' not found"
)
continue
params["scope_id"] = ct.model_class().objects.get(**query).id
vlan_group, created = VLANGroup.objects.get_or_create(**params)
if created:

2
startup_scripts/280_custom_links.py
View File

@ -23,7 +23,7 @@ for link in custom_links:
if link["content_type_id"] is None:
print(
"⚠️ Unable to create Custom Link '{0}': The content_type '{1}' is unknown".format(
link.name, content_type
link.get("name"), content_type
)
)
continue

4
startup_scripts/330_power_panels.py
View File

@ -1,6 +1,6 @@
import sys
from dcim.models import PowerPanel, RackGroup, Site
from dcim.models import Location, PowerPanel, Site
from startup_script_utils import load_yaml, pop_custom_fields, set_custom_fields_values
power_panels = load_yaml("/opt/netbox/initializers/power_panels.yml")
@ -10,7 +10,7 @@ if power_panels is None:
required_assocs = {"site": (Site, "name")}
optional_assocs = {"rack_group": (RackGroup, "name")}
optional_assocs = {"location": (Location, "name")}
for params in power_panels:
custom_field_data = pop_custom_fields(params)

1
startup_scripts/startup_script_utils/__init__.py
View File

@ -1,3 +1,2 @@
from .custom_fields import pop_custom_fields, set_custom_fields_values
from .load_yaml import load_yaml
from .permissions import set_permissions

22
startup_scripts/startup_script_utils/permissions.py
View File

@ -1,22 +0,0 @@
from django.contrib.auth.models import Permission
def set_permissions(subject, permission_filters):
if subject is None or permission_filters is None:
return
subject.clear()
for permission_filter in permission_filters:
if "*" in permission_filter:
permission_filter_regex = "^" + permission_filter.replace("*", ".*") + "$"
permissions = Permission.objects.filter(codename__iregex=permission_filter_regex)
print(
" ⚿ Granting",
permissions.count(),
"permissions matching '" + permission_filter + "'",
)
else:
permissions = Permission.objects.filter(codename=permission_filter)
print(" ⚿ Granting permission", permission_filter)
for permission in permissions:
subject.add(permission)