Although it does not provide any additional security, it shows how to
configure Redis with a password and how to use Netbox using a password
protected redis server. Something that might be considered in a classic
production deployment. (But is mostly irrelevant in e.g. a Kubernetes /
OpenShift deployment as the isolation is usually on a network level.)
One container should ideally have one responsibility [1]. Therefore I
implemented the netbox-worker to start in it's own container. This is
possible, because netbox and the worker communicate via redis anyway.
They still use the same image underneath, just the "command" they
execute while starting different.
Or in other words: I see no reason to introduce supervisord, when we
already have docker-compose which can take care of running multiple
processes.
Also, here's another benefit: Now it's possible to view the logs of the
webhook worker independently of the other netbox logs (and vice-versa).
Other changes in this commit:
* I don't see a reason to put a password for Redis in the docker-compose
setup, so I removed it.
* Slightly changed the nginx config, so that the nginx startup command
becomes simpler and any error should be visible in the docker log.
* Some housekeeping in the `Dockerfile`.
* Added some troubleshooting advice regarding webhooks to the README.
I'd like to thank Brady (@bdlamprecht [2]) here who did the harder
work of figuring out what's even required to have webhooks working. [3]
[1]
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications
[2] https://github.com/bdlamprecht
[3] https://github.com/ninech/netbox-docker/pull/90
This changes the default configuration to be better prepared for
usage with container management platforms, such as Docker Swarm,
Kubernetes or OpenShift.
Closes#27.
`nginx.netboxdocker.docker` and `netboxdocker.docker` are required
if our ['reception'][1] thing is used to access the container.
Fixes#21
[1]: https://github.com/ninech/reception