__netbox: added some netbox configuration options

Those who might be useful are added ..
This commit is contained in:
matze 2020-08-21 23:50:24 +02:00
parent a05cb214e1
commit e6e6dbcd00
15 changed files with 200 additions and 20 deletions

View file

@ -29,26 +29,26 @@ DATABASE = {
# to use two separate database IDs.
REDIS = {
'tasks': {
'HOST': 'localhost',
'PORT': 6379,
'HOST': '$REDIS_HOST',
'PORT': $REDIS_PORT,
# Comment out \`HOST\` and \`PORT\` lines and uncomment the following if using Redis Sentinel
# 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
# 'SENTINEL_SERVICE': 'netbox',
'PASSWORD': '',
'DATABASE': 0,
'PASSWORD': '$REDIS_PASSWORD',
'DATABASE': $((REDIS_DBID_OFFSET + 0)),
'DEFAULT_TIMEOUT': 300,
'SSL': False,
'SSL': $REDIS_SSL,
},
'caching': {
'HOST': 'localhost',
'PORT': 6379,
'HOST': '$REDIS_HOST',
'PORT': $REDIS_PORT,
# Comment out \`HOST\` and \`PORT\` lines and uncomment the following if using Redis Sentinel
# 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
# 'SENTINEL_SERVICE': 'netbox',
'PASSWORD': '',
'DATABASE': 1,
'PASSWORD': '$REDIS_PASSWORD',
'DATABASE': $((REDIS_DBID_OFFSET + 1)),
'DEFAULT_TIMEOUT': 300,
'SSL': False,
'SSL': $REDIS_SSL,
}
}
@ -86,7 +86,7 @@ BANNER_LOGIN = ''
# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
# BASE_PATH = 'netbox/'
BASE_PATH = ''
BASE_PATH = '$BASEPATH'
# Cache timeout in seconds. Set to 0 to dissable caching. Defaults to 900 (15 minutes)
CACHE_TIMEOUT = 900
@ -112,14 +112,14 @@ DEBUG = False
# Email settings
EMAIL = {
'SERVER': 'localhost',
'PORT': 25,
'USERNAME': '',
'PASSWORD': '',
'USE_SSL': False,
'USE_TLS': False,
'SERVER': '$SMTP_HOST',
'PORT': $SMTP_PORT,
'USERNAME': '$SMTP_USER',
'PASSWORD': '$SMTP_PASSWORD',
'USE_SSL': $SMTP_USE_SSL,
'USE_TLS': $SMTP_USE_TLS,
'TIMEOUT': 10, # seconds
'FROM_EMAIL': '',
'FROM_EMAIL': '$SMTP_FROM_EMAIL',
}
# Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table
@ -134,12 +134,38 @@ EXEMPT_VIEW_PERMISSIONS = [
# 'ipam.prefix',
]
EOF
if [ "$HTTP_PROXY" != "" ] || [ "$HTTPS_PROXY" != "" ]; then
cat << EOF
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
HTTP_PROXIES = {
EOF
if [ "$HTTP_PROXY" != "" ]; then
cat << EOF
'http': '$HTTP_PROXY',
EOF
fi
if [ "$HTTPS_PROXY" != "" ]; then
cat << EOF
'https': '$HTTPS_PROXY',
EOF
fi
cat << EOF
}
EOF
else
cat << EOF
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
# HTTP_PROXIES = {
# 'http': 'http://10.10.1.10:3128',
# 'https': 'http://10.10.1.10:1080',
# }
EOF
fi
cat << EOF
# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
# NetBox from an internal IP.
INTERNAL_IPS = ('127.0.0.1', '::1')
@ -150,7 +176,7 @@ LOGGING = {}
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
LOGIN_REQUIRED = False
LOGIN_REQUIRED = $LOGIN_REQUIRED
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
# re-authenticate. (Default: 1209600 [14 days])

View file

@ -58,9 +58,62 @@ ldap-require-group
ldap-superuser-group
Make members of this groups superusers.
redis-host
Redis database hostname. Defaults to ``localhost``.
redis-port
Redis database port. Defaults to ``6379``.
redis-password
Redis password. Defaults to empty password.
redis-dbid-offset
Offset to set the redis database id's. The `tasks` database id is `offset + 0`
and `caching` is `offset + 1`. The offset defaults to ``0``.
smtp-host
Host of the SMTP email server. Defaults to ``localhost``.
smtp-port
Port of the SMTP email server. Defaults to ``25``.
smtp-user
Username to access the SMTP email server. Defaults to empty.
smtp-password
Password to access the SMTP email server. Defaults to empty.
smtp-from-email
Email from which NetBox will be sent of. Defaults to empty.
basepath
Base URL path if accessing netbox within a directory instead of directly the
webroot ``/``. For example, if installed at https://example.com/netbox/, set
the value ``netbox/``.
http-proxy
https-proxy
Proxy which will be used with any HTTP request like webhooks.
BOOLEAN PARAMETERS
------------------
None.
redis-ssl
Enables a secure TLS/SSL connection to the redis database. By default, ssl
is disabled.
smtp-use-tls
Uses TLS to connect to the SMTP email server. `See documentation
<https://docs.djangoproject.com/en/3.1/ref/settings/#email-use-tls`_
for more information.
smtp-use-ssl
Uses implicit TLS with the SMTP email server. `See documentation
<https://docs.djangoproject.com/en/3.1/ref/settings/#email-use-ssl`_
for more information.
login-required
Sets if a login is required to access all sites. By default, anounymous users
can see most data (excluding secrets) but not make any changes.
MESSAGES
--------
@ -91,6 +144,16 @@ EXAMPLES
--ldap-superuser-group "cn=netbox-admin,ou=groups,dc=domain,dc=tld"
NOTES
-----
The configuration of NetBox contains more optional settings than that what can
be set with this type. If you think an important setting is missing or there
is a more good way to inject python code for dynamic configuration variables,
you are welcome to contribute!
- `Possible optional settings
<https://netbox.readthedocs.io/en/stable/configuration/optional-settings/>`
SEE ALSO
--------
- `NetBox documentation <https://netbox.readthedocs.io/en/stable/>`_

View file

@ -23,6 +23,7 @@ case "$os" in
;;
esac
DATABASE_NAME=$(cat "$__object/parameter/database")
export DATABASE_NAME
DATABASE_PASSWORD=$(cat "$__object/parameter/database-password")
@ -67,6 +68,70 @@ if [ -f "$__object/parameter/ldap-superuser-group" ]; then
export LDAP_SUPERUSER_GROUP
fi
# have default values
REDIS_HOST="$(cat "$__object/parameter/redis-host")"
export REDIS_HOST
REDIS_PORT="$(cat "$__object/parameter/redis-port")"
export REDIS_PORT
REDIS_PASSWORD="$(cat "$__object/parameter/redis-password")"
export REDIS_PASSWORD
REDIS_DBID_OFFSET="$(cat "$__object/parameter/redis-dbid-offset")"
export REDIS_DBID_OFFSET
if [ -f "$__object/parameter/redis-ssl" ]; then
REDIS_SSL="True"
else
REDIS_SSL="False"
fi
export REDIS_SSL
SMTP_HOST="$(cat "$__object/parameter/smtp-host")"
export SMTP_HOST
SMTP_PORT="$(cat "$__object/parameter/smtp-port")"
export SMTP_PORT
SMTP_USER="$(cat "$__object/parameter/smtp-user")"
export SMTP_USER
SMTP_PASSWORD="$(cat "$__object/parameter/smtp-password")"
export SMTP_PASSWORD
SMTP_FROM_EMAIL="$(cat "$__object/parameter/smtp-from-email")"
export SMTP_FROM_EMAIL
if [ -f "$__object/parameter/smtp-use-ssl" ]; then
SMTP_USE_SSL="True"
else
SMTP_USE_SSL="False"
fi
export SMTP_USE_SSL
if [ -f "$__object/parameter/smtp-use-tls" ]; then
if [ "$SMTP_USE_SSL" = "True" ]; then
echo "options --smtp-use-ssl and --smtp-use-tls are not compatible"
exit 2
fi
SMTP_USE_TLS="True"
else
SMTP_USE_TLS="False"
fi
export SMTP_USE_TLS
BASEPATH="$(cat "$__object/parameter/basepath")"
export BASEPATH
if [ -f "$__object/parameter/http-proxy" ]; then
HTTP_PROXY=$(cat "$__object/parameter/http-proxy")
export HTTP_PROXY
fi
if [ -f "$__object/parameter/https-proxy" ]; then
HTTPS_PROXY=$(cat "$__object/parameter/https-proxy")
export HTTPS_PROXY
fi
if [ -f "$__object/parameter/login-required" ]; then
LOGIN_REQUIRED="True"
else
LOGIN_REQUIRED="False"
fi
export LOGIN_REQUIRED
# Create system user used to run netbox.
__user netbox --system --home /opt/netbox --create-home

View file

@ -0,0 +1,4 @@
redis-ssl
smtp-use-ssl
smtp-use-tls
login-required

View file

@ -0,0 +1 @@

View file

@ -0,0 +1 @@
0

View file

@ -0,0 +1 @@
localhost

View file

@ -0,0 +1 @@

View file

@ -0,0 +1 @@
6379

View file

@ -0,0 +1 @@

View file

@ -0,0 +1 @@
localhost

View file

@ -0,0 +1 @@

View file

@ -0,0 +1 @@
25

View file

@ -0,0 +1 @@

View file

@ -5,3 +5,15 @@ ldap-user-base
ldap-group-base
ldap-require-group
ldap-superuser-group
redis-host
redis-port
redis-password
redis-dbid-offset
smtp-host
smtp-port
smtp-user
smtp-password
smtp-from-email
basepath
http-proxy
https-proxy