When building netbox-docker on Travis, it happened too often that the
build failed because of Github's API rate limits. These apply for all
requests, but if the request is unauthenticated they are applied by IP.
This is bad for netbox-docker, as we build on Travis where the build-
workers are shared with the rest of the world.
This commit adds the possibility to define OAuth credentials as
documented at [1]. Hopefully this leads to more reliable releases of
netbox-docker images.
[1] https://developer.github.com/v3/#increasing-the-unauthenticated-rate-limit-for-oauth-applications
Although it does not provide any additional security, it shows how to
configure Redis with a password and how to use Netbox using a password
protected redis server. Something that might be considered in a classic
production deployment. (But is mostly irrelevant in e.g. a Kubernetes /
OpenShift deployment as the isolation is usually on a network level.)
One container should ideally have one responsibility [1]. Therefore I
implemented the netbox-worker to start in it's own container. This is
possible, because netbox and the worker communicate via redis anyway.
They still use the same image underneath, just the "command" they
execute while starting different.
Or in other words: I see no reason to introduce supervisord, when we
already have docker-compose which can take care of running multiple
processes.
Also, here's another benefit: Now it's possible to view the logs of the
webhook worker independently of the other netbox logs (and vice-versa).
Other changes in this commit:
* I don't see a reason to put a password for Redis in the docker-compose
setup, so I removed it.
* Slightly changed the nginx config, so that the nginx startup command
becomes simpler and any error should be visible in the docker log.
* Some housekeeping in the `Dockerfile`.
* Added some troubleshooting advice regarding webhooks to the README.
I'd like to thank Brady (@bdlamprecht [2]) here who did the harder
work of figuring out what's even required to have webhooks working. [3]
[1]
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications
[2] https://github.com/bdlamprecht
[3] https://github.com/ninech/netbox-docker/pull/90
Christian Mäder
Christian Mäder
nine.ch Bot
Aleksandar Radunovic
Christian Mäder
Tobias Genannt
Brady Lamprecht