From 5ff292ba5f2fdae32be1fc7204419ce3930e699b Mon Sep 17 00:00:00 2001 From: Vincent Catros Date: Mon, 20 Jun 2022 14:10:37 +0200 Subject: [PATCH 001/318] AUTH_LDAP_BIND_AS_AUTHENTICATING_USER is now loaded from environment --- configuration/ldap/ldap_config.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 3071b4581..132996b1e 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -31,9 +31,12 @@ def _import_group_type(group_type_name): ldap.OPT_REFERRALS: 0 } -# Set the DN and password for the NetBox service account. -AUTH_LDAP_BIND_DN = environ.get('AUTH_LDAP_BIND_DN', '') -AUTH_LDAP_BIND_PASSWORD = _read_secret('auth_ldap_bind_password', environ.get('AUTH_LDAP_BIND_PASSWORD', '')) +AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = environ.get('AUTH_LDAP_BIND_AS_AUTHENTICATING_USER', 'True').lower() == 'true' + +# Set the DN and password for the NetBox service account if needed. +if not AUTH_LDAP_BIND_AS_AUTHENTICATING_USER: + AUTH_LDAP_BIND_DN = environ.get('AUTH_LDAP_BIND_DN', '') + AUTH_LDAP_BIND_PASSWORD = _read_secret('auth_ldap_bind_password', environ.get('AUTH_LDAP_BIND_PASSWORD', '')) # Set a string template that describes any user’s distinguished name based on the username. AUTH_LDAP_USER_DN_TEMPLATE = environ.get('AUTH_LDAP_USER_DN_TEMPLATE', None) From 53dcdc7bfcc869b0e881eca7e0784f8bc408c92e Mon Sep 17 00:00:00 2001 From: Michal Tyminski Date: Thu, 1 Sep 2022 10:03:19 -0700 Subject: [PATCH 002/318] add JOBRESULT_RETENTION to configuration.py Netbox v3.2.1 introduces new enhancement to retain old script and report results for configured lifetime. --- configuration/configuration.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index c8ddd14c2..a18e71e63 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -113,6 +113,9 @@ def _read_secret(secret_name, default = None): # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) CHANGELOG_RETENTION = int(environ.get('CHANGELOG_RETENTION', 90)) +# Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely. (Default: 90) +JOBRESULT_RETENTION = int(environ.get('JOBRESULT_RETENTION', 90)) + # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be # allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or # CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers From 7f285af7b4c7545e6a6406b53d133c540a08e3fb Mon Sep 17 00:00:00 2001 From: Vincent Catros Date: Fri, 9 Sep 2022 16:11:21 +0200 Subject: [PATCH 003/318] AUTH_LDAP_BIND_AS_AUTHENTICATING_USER defaults to false --- configuration/ldap/ldap_config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 132996b1e..7fb62d71f 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -31,7 +31,7 @@ def _import_group_type(group_type_name): ldap.OPT_REFERRALS: 0 } -AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = environ.get('AUTH_LDAP_BIND_AS_AUTHENTICATING_USER', 'True').lower() == 'true' +AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = environ.get('AUTH_LDAP_BIND_AS_AUTHENTICATING_USER', 'False').lower() == 'true' # Set the DN and password for the NetBox service account if needed. if not AUTH_LDAP_BIND_AS_AUTHENTICATING_USER: From cd5015642e9c13b1b2b9e57057b7510aa21dee30 Mon Sep 17 00:00:00 2001 From: Delta / Subo /Stefan Date: Fri, 23 Sep 2022 14:33:49 +0200 Subject: [PATCH 004/318] Fix for random volume Redis Cache fixes: https://github.com/netbox-community/netbox-docker/issues/851 --- docker-compose.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 029d87e7c..c20f7e979 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,6 +55,8 @@ services: - -c # this is to evaluate the $REDIS_PASSWORD from the env - redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis-cache.env + volumes: + - netbox-redis-cache-data:/data volumes: netbox-media-files: @@ -63,3 +65,5 @@ volumes: driver: local netbox-redis-data: driver: local + netbox-redis-cache-data: + driver: local From 4f45df571fe3d763715aa189f21429e2670893e4 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 6 Oct 2022 16:58:57 +0000 Subject: [PATCH 005/318] Update dependency psycopg2 to v2.9.4 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 7aec75858..f8b720eae 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.1 napalm==4.0.0 -psycopg2==2.9.3 +psycopg2==2.9.4 social-auth-core[openidconnect]==4.3.0 From d96e8f1dfd3593d76f8e5de8ccac723fd87e3127 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 8 Oct 2022 17:08:39 +0200 Subject: [PATCH 006/318] Improve Help for build.sh --- build.sh | 213 ++++++++++++++++++++++++++++++++----------------------- 1 file changed, 123 insertions(+), 90 deletions(-) diff --git a/build.sh b/build.sh index 169568e03..f892e8b2a 100755 --- a/build.sh +++ b/build.sh @@ -6,96 +6,129 @@ echo "▶️ $0 $*" set -e if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then - echo "Usage: ${0} [--push]" - echo " branch The branch or tag to build. Required." - echo " --push Pushes the built Docker image to the registry." - echo "" - echo "You can use the following ENV variables to customize the build:" - echo " SRC_ORG Which fork of netbox to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})." - echo " Default: netbox-community" - echo " SRC_REPO The name of the repository to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO})." - echo " Default: netbox" - echo " URL Where to fetch the code from." - echo " Must be a git repository. Can be private." - echo " Default: https://github.com/\${SRC_ORG}/\${SRC_REPO}.git" - echo " NETBOX_PATH The path where netbox will be checkout out." - echo " Must not be outside of the netbox-docker repository (because of Docker)!" - echo " Default: .netbox" - echo " SKIP_GIT If defined, git is not invoked and \${NETBOX_PATH} will not be altered." - echo " This may be useful, if you are manually managing the NETBOX_PATH." - echo " Default: undefined" - echo " TAG The version part of the docker tag." - echo " Default:" - echo " When =master: latest" - echo " When =develop: snapshot" - echo " Else: same as " - echo " IMAGE_NAMES The names used for the image including the registry" - echo " Used for tagging the image." - echo " Default: docker.io/netboxcommunity/netbox" - echo " Example: 'docker.io/netboxcommunity/netbox quay.io/netboxcommunity/netbox'" - echo " DOCKER_TAG The name of the tag which is applied to the image." - echo " Useful for pushing into another registry than hub.docker.com." - echo " Default: \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:\${TAG}" - echo " DOCKER_SHORT_TAG The name of the short tag which is applied to the" - echo " image. This is used to tag all patch releases to their" - echo " containing version e.g. v2.5.1 -> v2.5" - echo " Default: \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:." - echo " DOCKERFILE The name of Dockerfile to use." - echo " Default: Dockerfile" - echo " DOCKER_FROM The base image to use." - echo " Default: 'ubuntu:22.04'" - echo " BUILDX_PLATFORMS" - echo " Specifies the platform(s) to build the image for." - echo " Example: 'linux/amd64,linux/arm64'" - echo " Default: 'linux/amd64'" - echo " BUILDX_BUILDER_NAME" - echo " If defined, the image build will be assigned to the given builder." - echo " If you specify this variable, make sure that the builder exists." - echo " If this value is not defined, a new builx builder with the directory name of the" - echo " current directory (i.e. '$(basename "${PWD}")') is created." - echo " Example: 'clever_lovelace'" - echo " Default: undefined" - echo " BUILDX_REMOVE_BUILDER" - echo " If defined (and only if BUILDX_BUILDER_NAME is undefined)," - echo " then the buildx builder created by this script will be removed after use." - echo " This is useful if you build NetBox Docker on an automated system that does" - echo " not manage the builders for you." - echo " Example: 'on'" - echo " Default: undefined" - echo " HTTP_PROXY The proxy to use for http requests." - echo " Example: http://proxy.domain.tld:3128" - echo " Default: undefined" - echo " NO_PROXY Comma-separated list of domain extensions proxy should not be used for." - echo " Example: .domain1.tld,.domain2.tld" - echo " Default: undefined" - echo " DEBUG If defined, the script does not stop when certain checks are unsatisfied." - echo " Default: undefined" - echo " DRY_RUN Prints all build statements instead of running them." - echo " Default: undefined" - echo " GH_ACTION If defined, special 'echo' statements are enabled that set the" - echo " following environment variables in Github Actions:" - echo " - FINAL_DOCKER_TAG: The final value of the DOCKER_TAG env variable" - echo " Default: undefined" - echo "" - echo "Examples:" - echo " ${0} master" - echo " This will fetch the latest 'master' branch, build a Docker Image and tag it" - echo " 'netboxcommunity/netbox:latest'." - echo " ${0} develop" - echo " This will fetch the latest 'develop' branch, build a Docker Image and tag it" - echo " 'netboxcommunity/netbox:snapshot'." - echo " ${0} v2.6.6" - echo " This will fetch the 'v2.6.6' tag, build a Docker Image and tag it" - echo " 'netboxcommunity/netbox:v2.6.6' and 'netboxcommunity/netbox:v2.6'." - echo " ${0} develop-2.7" - echo " This will fetch the 'develop-2.7' branch, build a Docker Image and tag it" - echo " 'netboxcommunity/netbox:develop-2.7'." - echo " SRC_ORG=cimnine ${0} feature-x" - echo " This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git," - echo " build a Docker Image and tag it 'netboxcommunity/netbox:feature-x'." - echo " SRC_ORG=cimnine DOCKER_ORG=cimnine ${0} feature-x" - echo " This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git," - echo " build a Docker Image and tag it 'cimnine/netbox:feature-x'." + _BOLD=$(tput bold) + _GREEN=$(tput setaf 2) + _CYAN=$(tput setaf 6) + _CLEAR=$(tput sgr0) + + cat < [--push] + +branch The branch or tag to build. Required. +--push Pushes the built container image to the registry. + +${_BOLD}You can use the following ENV variables to customize the build:${_CLEAR} + +SRC_ORG Which fork of netbox to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO}). + ${_GREEN}Default:${_CLEAR} netbox-community + +SRC_REPO The name of the repository to use (i.e. github.com/\${SRC_ORG}/\${SRC_REPO}). + ${_GREEN}Default:${_CLEAR} netbox + +URL Where to fetch the code from. + Must be a git repository. Can be private. + ${_GREEN}Default:${_CLEAR} https://github.com/\${SRC_ORG}/\${SRC_REPO}.git + +NETBOX_PATH The path where netbox will be checkout out. + Must not be outside of the netbox-docker repository (because of Docker)! + ${_GREEN}Default:${_CLEAR} .netbox + +SKIP_GIT If defined, git is not invoked and \${NETBOX_PATH} will not be altered. + This may be useful, if you are manually managing the NETBOX_PATH. + ${_GREEN}Default:${_CLEAR} undefined + +TAG The version part of the image tag. + ${_GREEN}Default:${_CLEAR} + When =master: latest + When =develop: snapshot + Else: same as + +IMAGE_NAMES The names used for the image including the registry + Used for tagging the image. + ${_GREEN}Default:${_CLEAR} docker.io/netboxcommunity/netbox + ${_CYAN}Example:${_CLEAR} 'docker.io/netboxcommunity/netbox quay.io/netboxcommunity/netbox' + +DOCKER_TAG The name of the tag which is applied to the image. + Useful for pushing into another registry than hub.docker.com. + ${_GREEN}Default:${_CLEAR} \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:\${TAG} + +DOCKER_SHORT_TAG The name of the short tag which is applied to the + image. This is used to tag all patch releases to their + containing version e.g. v2.5.1 -> v2.5 + ${_GREEN}Default:${_CLEAR} \${DOCKER_REGISTRY}/\${DOCKER_ORG}/\${DOCKER_REPO}:. + +DOCKERFILE The name of Dockerfile to use. + ${_GREEN}Default:${_CLEAR} Dockerfile + +DOCKER_FROM The base image to use. + ${_GREEN}Default:${_CLEAR} 'ubuntu:22.04' + +BUILDX_PLATFORMS + Specifies the platform(s) to build the image for. + ${_CYAN}Example:${_CLEAR} 'linux/amd64,linux/arm64' + ${_GREEN}Default:${_CLEAR} 'linux/amd64' + +BUILDX_BUILDER_NAME + If defined, the image build will be assigned to the given builder. + If you specify this variable, make sure that the builder exists. + If this value is not defined, a new builx builder with the directory name of the + current directory (i.e. '$(basename "${PWD}")') is created." + ${_CYAN}Example:${_CLEAR} 'clever_lovelace' + ${_GREEN}Default:${_CLEAR} undefined + +BUILDX_REMOVE_BUILDER + If defined (and only if BUILDX_BUILDER_NAME is undefined), + then the buildx builder created by this script will be removed after use. + This is useful if you build NetBox Docker on an automated system that does + not manage the builders for you. + ${_CYAN}Example:${_CLEAR} 'on' + ${_GREEN}Default:${_CLEAR} undefined + +HTTP_PROXY The proxy to use for http requests. + ${_CYAN}Example:${_CLEAR} http://proxy.domain.tld:3128 + ${_GREEN}Default:${_CLEAR} undefined + +NO_PROXY Comma-separated list of domain extensions proxy should not be used for. + ${_CYAN}Example:${_CLEAR} .domain1.tld,.domain2.tld + ${_GREEN}Default:${_CLEAR} undefined + +DEBUG If defined, the script does not stop when certain checks are unsatisfied. + ${_GREEN}Default:${_CLEAR} undefined + +DRY_RUN Prints all build statements instead of running them. + ${_GREEN}Default:${_CLEAR} undefined + +GH_ACTION If defined, special 'echo' statements are enabled that set the + following environment variables in Github Actions: + - FINAL_DOCKER_TAG: The final value of the DOCKER_TAG env variable + ${_GREEN}Default:${_CLEAR} undefined + +${_BOLD}Examples:${_CLEAR} + +${0} master + This will fetch the latest 'master' branch, build a Docker Image and tag it + 'netboxcommunity/netbox:latest'. + +${0} develop + This will fetch the latest 'develop' branch, build a Docker Image and tag it + 'netboxcommunity/netbox:snapshot'. + +${0} v2.6.6 + This will fetch the 'v2.6.6' tag, build a Docker Image and tag it + 'netboxcommunity/netbox:v2.6.6' and 'netboxcommunity/netbox:v2.6'. + +${0} develop-2.7 + This will fetch the 'develop-2.7' branch, build a Docker Image and tag it + 'netboxcommunity/netbox:develop-2.7'. + +SRC_ORG=cimnine ${0} feature-x + This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git, + build a Docker Image and tag it 'netboxcommunity/netbox:feature-x'. + +SRC_ORG=cimnine DOCKER_ORG=cimnine ${0} feature-x + This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git, + build a Docker Image and tag it 'cimnine/netbox:feature-x'. +END_OF_HELP if [ "${1}x" == "x" ]; then exit 1 From 951c12132a89f16fce1dc0ed92d0b0ada11592f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Thu, 6 Oct 2022 22:53:32 +0200 Subject: [PATCH 007/318] Updates the configuration, changes default for dynamic paramters to None --- configuration/configuration.py | 202 +++++++++++++++++++++------------ 1 file changed, 131 insertions(+), 71 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index a18e71e63..85077234a 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -7,12 +7,17 @@ import re from os import environ from os.path import abspath, dirname, join +from typing import Any, Callable -# For reference see https://netbox.readthedocs.io/en/stable/configuration/ -# Based on https://github.com/netbox-community/netbox/blob/master/netbox/netbox/configuration.example.py +# For reference see https://docs.netbox.dev/en/stable/configuration/ +# Based on https://github.com/netbox-community/netbox/blob/develop/netbox/netbox/configuration_example.py + +### +# NetBox-Docker Helper functions +### # Read secret from file -def _read_secret(secret_name, default = None): +def _read_secret(secret_name: str, default: str | None = None) -> str | None: try: f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8') except EnvironmentError: @@ -21,6 +26,25 @@ def _read_secret(secret_name, default = None): with f: return f.readline().strip() +# If the `map_fn` isn't defined, then the value that is read from the environment (or the default value if not found) is returned. +# If the `map_fn` is defined, then `map_fn` is invoked and the value (that was read from the environment or the default value if not found) +# is passed to it as a parameter. The value returned from `map_fn` is then the return value of this function. +# The `map_fn` is not invoked, if the value (that was read from the environment or the default value if not found) is None. +def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: Callable[[str], Any | None] = None) -> Any | None: + env_value = environ.get(variable_name, default) + + if env_value == None: + return env_value + + if not map_fn: + return env_value + + return map_fn(env_value) + +_EQUALS_TRUE = lambda value : value.lower() == 'true' +_AS_INT = lambda value : int(value) +_SPLIT_ON_SPACE = lambda value : list(filter(None, value.split(' '))) + _BASE_DIR = dirname(dirname(abspath(__file__))) ######################### @@ -46,9 +70,9 @@ def _read_secret(secret_name, default = None): 'PORT': environ.get('DB_PORT', ''), # Database port (leave blank for default) 'OPTIONS': {'sslmode': environ.get('DB_SSLMODE', 'prefer')}, # Database connection SSLMODE - 'CONN_MAX_AGE': int(environ.get('DB_CONN_MAX_AGE', '300')), + 'CONN_MAX_AGE': _environ_get_and_map('DB_CONN_MAX_AGE', '300', _AS_INT), # Max database connection age - 'DISABLE_SERVER_SIDE_CURSORS': environ.get('DB_DISABLE_SERVER_SIDE_CURSORS', 'False').lower() == 'true', + 'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _EQUALS_TRUE), # Disable the use of server-side cursors transaction pooling } @@ -58,19 +82,19 @@ def _read_secret(secret_name, default = None): REDIS = { 'tasks': { 'HOST': environ.get('REDIS_HOST', 'localhost'), - 'PORT': int(environ.get('REDIS_PORT', 6379)), + 'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT), 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), - 'DATABASE': int(environ.get('REDIS_DATABASE', 0)), - 'SSL': environ.get('REDIS_SSL', 'False').lower() == 'true', - 'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False').lower() == 'true', + 'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT), + 'SSL': _environ_get_and_map('REDIS_SSL', 'False', _EQUALS_TRUE), + 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False', _EQUALS_TRUE), }, 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), - 'PORT': int(environ.get('REDIS_CACHE_PORT', environ.get('REDIS_PORT', 6379))), + 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), - 'DATABASE': int(environ.get('REDIS_CACHE_DATABASE', 1)), - 'SSL': environ.get('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False')).lower() == 'true', - 'INSECURE_SKIP_TLS_VERIFY': environ.get('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False')).lower() == 'true', + 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), + 'SSL': _environ_get_and_map('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False'), _EQUALS_TRUE), + 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False'), _EQUALS_TRUE), }, } @@ -87,91 +111,106 @@ def _read_secret(secret_name, default = None): # # ######################### -# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of -# application errors (assuming correct email settings are provided). -ADMINS = [ - # ['John Doe', 'jdoe@example.com'], -] +# # Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of +# # application errors (assuming correct email settings are provided). +# ADMINS = [ +# # ['John Doe', 'jdoe@example.com'], +# ] # URL schemes that are allowed within links in NetBox -ALLOWED_URL_SCHEMES = ( +_DEFAULT_ALLOWED_URL_SCHEMES = ( 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp', ) +ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', ' '.join(_DEFAULT_ALLOWED_URL_SCHEMES), _SPLIT_ON_SPACE) # Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same # content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. -BANNER_TOP = environ.get('BANNER_TOP', '') -BANNER_BOTTOM = environ.get('BANNER_BOTTOM', '') +BANNER_TOP = environ.get('BANNER_TOP', None) +BANNER_BOTTOM = environ.get('BANNER_BOTTOM', None) # Text to include on the login page above the login form. HTML is allowed. -BANNER_LOGIN = environ.get('BANNER_LOGIN', '') +BANNER_LOGIN = environ.get('BANNER_LOGIN', None) # Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: # BASE_PATH = 'netbox/' BASE_PATH = environ.get('BASE_PATH', '') # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) -CHANGELOG_RETENTION = int(environ.get('CHANGELOG_RETENTION', 90)) +CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) # Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely. (Default: 90) -JOBRESULT_RETENTION = int(environ.get('JOBRESULT_RETENTION', 90)) +JOBRESULT_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be # allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or # CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers -CORS_ORIGIN_ALLOW_ALL = environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true' -CORS_ORIGIN_WHITELIST = list(filter(None, environ.get('CORS_ORIGIN_WHITELIST', 'https://localhost').split(' '))) -CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r in list(filter(None, environ.get('CORS_ORIGIN_REGEX_WHITELIST', '').split(' ')))] - -# Cross-Site-Request-Forgery-Attack settings. If Netbox is sitting behind a reverse proxy, you might need to set the CSRF_TRUSTED_ORIGINS flag. -# Django 4.0 requires to specify the URL Scheme in this setting. An example environment variable could be specified like: -# CSRF_TRUSTED_ORIGINS=https://demo.netbox.dev http://demo.netbox.dev -CSRF_TRUSTED_ORIGINS = list(filter(None, environ.get('CSRF_TRUSTED_ORIGINS', '').split(' '))) +CORS_ORIGIN_ALLOW_ALL = _environ_get_and_map('CORS_ORIGIN_ALLOW_ALL', 'False', _EQUALS_TRUE) +CORS_ORIGIN_WHITELIST = _environ_get_and_map('CORS_ORIGIN_WHITELIST', 'https://localhost', _SPLIT_ON_SPACE) +CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r in _environ_get_and_map('CORS_ORIGIN_REGEX_WHITELIST', '', _SPLIT_ON_SPACE)] # Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal -# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging -# on a production system. -DEBUG = environ.get('DEBUG', 'False').lower() == 'true' +# sensitive information about your installation. Only enable debugging while performing testing. +# Never enable debugging on a production system. +DEBUG = _environ_get_and_map('DEBUG', 'False', _EQUALS_TRUE) + +# This parameter serves as a safeguard to prevent some potentially dangerous behavior, +# such as generating new database schema migrations. +# Set this to True only if you are actively developing the NetBox code base. +DEVELOPER = _environ_get_and_map('DEBUG', 'False', _EQUALS_TRUE) # Email settings EMAIL = { 'SERVER': environ.get('EMAIL_SERVER', 'localhost'), - 'PORT': int(environ.get('EMAIL_PORT', 25)), + 'PORT': _environ_get_and_map('EMAIL_PORT', 25, _AS_INT), 'USERNAME': environ.get('EMAIL_USERNAME', ''), 'PASSWORD': _read_secret('email_password', environ.get('EMAIL_PASSWORD', '')), - 'USE_SSL': environ.get('EMAIL_USE_SSL', 'False').lower() == 'true', - 'USE_TLS': environ.get('EMAIL_USE_TLS', 'False').lower() == 'true', + 'USE_SSL': _environ_get_and_map('EMAIL_USE_SSL', 'False', _EQUALS_TRUE), + 'USE_TLS': _environ_get_and_map('EMAIL_USE_TLS', 'False', _EQUALS_TRUE), 'SSL_CERTFILE': environ.get('EMAIL_SSL_CERTFILE', ''), 'SSL_KEYFILE': environ.get('EMAIL_SSL_KEYFILE', ''), - 'TIMEOUT': int(environ.get('EMAIL_TIMEOUT', 10)), # seconds + 'TIMEOUT': _environ_get_and_map('EMAIL_TIMEOUT', 10, _AS_INT), # seconds 'FROM_EMAIL': environ.get('EMAIL_FROM', ''), } # Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table # (all prefixes and IP addresses not assigned to a VRF), set ENFORCE_GLOBAL_UNIQUE to True. -ENFORCE_GLOBAL_UNIQUE = environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true' +ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. -EXEMPT_VIEW_PERMISSIONS = list(filter(None, environ.get('EXEMPT_VIEW_PERMISSIONS', '').split(' '))) +EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _SPLIT_ON_SPACE) + +# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks). +# HTTP_PROXIES = { +# 'http': 'http://10.10.1.10:3128', +# 'https': 'http://10.10.1.10:1080', +# } + +# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing +# NetBox from an internal IP. +INTERNAL_IPS = _environ_get_and_map('INTERNAL_IPS', '127.0.0.1 ::1', _SPLIT_ON_SPACE) # Enable GraphQL API. -GRAPHQL_ENABLED = environ.get('GRAPHQL_ENABLED', 'True').lower() == 'true' +GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) -# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: -# https://docs.djangoproject.com/en/stable/topics/logging/ -LOGGING = {} +# # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: +# # https://docs.djangoproject.com/en/stable/topics/logging/ +# LOGGING = {} + +# Automatically reset the lifetime of a valid session upon each authenticated request. Enables users to remain +# authenticated to NetBox indefinitely. +LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _EQUALS_TRUE) # Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users # are permitted to access most data in NetBox (excluding secrets) but not make any changes. -LOGIN_REQUIRED = environ.get('LOGIN_REQUIRED', 'False').lower() == 'true' +LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _EQUALS_TRUE) # The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to # re-authenticate. (Default: 1209600 [14 days]) -LOGIN_TIMEOUT = int(environ.get('LOGIN_TIMEOUT', 1209600)) +LOGIN_TIMEOUT = _environ_get_and_map('LOGIN_TIMEOUT', 1209600, _AS_INT) # Setting this to True will display a "maintenance mode" banner at the top of every page. -MAINTENANCE_MODE = environ.get('MAINTENANCE_MODE', 'False').lower() == 'true' +MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) # Maps provider MAPS_URL = environ.get('MAPS_URL', None) @@ -179,68 +218,89 @@ def _read_secret(secret_name, default = None): # An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. # "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request # all objects by specifying "?limit=0". -MAX_PAGE_SIZE = int(environ.get('MAX_PAGE_SIZE', 1000)) +MAX_PAGE_SIZE = _environ_get_and_map('MAX_PAGE_SIZE', None, _AS_INT) # The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that # the default value of this setting is derived from the installed location. MEDIA_ROOT = environ.get('MEDIA_ROOT', join(_BASE_DIR, 'media')) # Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics' -METRICS_ENABLED = environ.get('METRICS_ENABLED', 'False').lower() == 'true' +METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _EQUALS_TRUE) # Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM. -NAPALM_USERNAME = environ.get('NAPALM_USERNAME', '') -NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', '')) +NAPALM_USERNAME = environ.get('NAPALM_USERNAME', None) +NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None)) # NAPALM timeout (in seconds). (Default: 30) -NAPALM_TIMEOUT = int(environ.get('NAPALM_TIMEOUT', 30)) +NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) -# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must -# be provided as a dictionary. -NAPALM_ARGS = {} +# # NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must +# # be provided as a dictionary. +# NAPALM_ARGS = None # Determine how many objects to display per page within a list. (Default: 50) -PAGINATE_COUNT = int(environ.get('PAGINATE_COUNT', 50)) +PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) -# Enable installed plugins. Add the name of each plugin to the list. -PLUGINS = [] +# # Enable installed plugins. Add the name of each plugin to the list. +# PLUGINS = [] -# Plugins configuration settings. These settings are used by various plugins that the user may have installed. -# Each key in the dictionary is the name of an installed plugin and its value is a dictionary of settings. -PLUGINS_CONFIG = { -} +# # Plugins configuration settings. These settings are used by various plugins that the user may have installed. +# # Each key in the dictionary is the name of an installed plugin and its value is a dictionary of settings. +# PLUGINS_CONFIG = { +# } # When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to # prefer IPv4 instead. -PREFER_IPV4 = environ.get('PREFER_IPV4', 'False').lower() == 'true' +PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) + +# The default value for the amperage field when creating new power feeds. +POWERFEED_DEFAULT_AMPERAGE = _environ_get_and_map('POWERFEED_DEFAULT_AMPERAGE', None, _AS_INT) + +# The default value (percentage) for the max_utilization field when creating new power feeds. +POWERFEED_DEFAULT_MAX_UTILIZATION = _environ_get_and_map('POWERFEED_DEFAULT_MAX_UTILIZATION', None, _AS_INT) + +# The default value for the voltage field when creating new power feeds. +POWERFEED_DEFAULT_VOLTAGE = _environ_get_and_map('POWERFEED_DEFAULT_VOLTAGE', None, _AS_INT) # Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1. -RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = int(environ.get('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', 22)) -RACK_ELEVATION_DEFAULT_UNIT_WIDTH = int(environ.get('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', 220)) +RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', None, _AS_INT) +RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) # Remote authentication support -REMOTE_AUTH_ENABLED = environ.get('REMOTE_AUTH_ENABLED', 'False').lower() == 'true' +REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _EQUALS_TRUE) REMOTE_AUTH_BACKEND = environ.get('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend') REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') -REMOTE_AUTH_AUTO_CREATE_USER = environ.get('REMOTE_AUTH_AUTO_CREATE_USER', 'True').lower() == 'true' -REMOTE_AUTH_DEFAULT_GROUPS = list(filter(None, environ.get('REMOTE_AUTH_DEFAULT_GROUPS', '').split(' '))) +REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'True', _EQUALS_TRUE) +REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _SPLIT_ON_SPACE) +# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the # version check or use the URL below to check for release in the official NetBox repository. -# https://api.github.com/repos/netbox-community/netbox/releases RELEASE_CHECK_URL = environ.get('RELEASE_CHECK_URL', None) +# RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases' # The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of # this setting is derived from the installed location. REPORTS_ROOT = environ.get('REPORTS_ROOT', '/etc/netbox/reports') # Maximum execution time for background tasks, in seconds. -RQ_DEFAULT_TIMEOUT = int(environ.get('RQ_DEFAULT_TIMEOUT', 300)) +RQ_DEFAULT_TIMEOUT = _environ_get_and_map('RQ_DEFAULT_TIMEOUT', 300, _AS_INT) # The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of # this setting is derived from the installed location. SCRIPTS_ROOT = environ.get('SCRIPTS_ROOT', '/etc/netbox/scripts') +# The name to use for the csrf token cookie. +CSRF_COOKIE_NAME = environ.get('CSRF_COOKIE_NAME', 'csrftoken') + +# Cross-Site-Request-Forgery-Attack settings. If Netbox is sitting behind a reverse proxy, you might need to set the CSRF_TRUSTED_ORIGINS flag. +# Django 4.0 requires to specify the URL Scheme in this setting. An example environment variable could be specified like: +# CSRF_TRUSTED_ORIGINS=https://demo.netbox.dev http://demo.netbox.dev +CSRF_TRUSTED_ORIGINS = _environ_get_and_map('CSRF_TRUSTED_ORIGINS', '', _SPLIT_ON_SPACE) + +# The name to use for the session cookie. +SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid') + # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only # database access.) Note that the user as which NetBox runs must have read and write permissions to this path. From 26399e224dddb99485dcc85c3c7ff3eb6372ddc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 7 Oct 2022 22:33:41 +0200 Subject: [PATCH 008/318] Make dynamic configuration parameters actually work --- configuration/configuration.py | 88 +++++++++++++++++++++++----------- env/netbox.env | 4 -- 2 files changed, 60 insertions(+), 32 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 85077234a..5518af6f1 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -7,7 +7,8 @@ import re from os import environ from os.path import abspath, dirname, join -from typing import Any, Callable +from termios import VREPRINT +from typing import Any, Callable, Tuple # For reference see https://docs.netbox.dev/en/stable/configuration/ # Based on https://github.com/netbox-community/netbox/blob/develop/netbox/netbox/configuration_example.py @@ -117,29 +118,33 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # # ['John Doe', 'jdoe@example.com'], # ] -# URL schemes that are allowed within links in NetBox -_DEFAULT_ALLOWED_URL_SCHEMES = ( - 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp', -) -ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', ' '.join(_DEFAULT_ALLOWED_URL_SCHEMES), _SPLIT_ON_SPACE) +_ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', None, _SPLIT_ON_SPACE) +if _ALLOWED_URL_SCHEMES: + ALLOWED_URL_SCHEMES = _ALLOWED_URL_SCHEMES # Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same # content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. -BANNER_TOP = environ.get('BANNER_TOP', None) -BANNER_BOTTOM = environ.get('BANNER_BOTTOM', None) +if 'BANNER_TOP' in environ: + BANNER_TOP = environ.get('BANNER_TOP', None) +if 'BANNER_BOTTOM' in environ: + BANNER_BOTTOM = environ.get('BANNER_BOTTOM', None) # Text to include on the login page above the login form. HTML is allowed. -BANNER_LOGIN = environ.get('BANNER_LOGIN', None) +if 'BANNER_LOGIN' in environ: + BANNER_LOGIN = environ.get('BANNER_LOGIN', None) # Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: # BASE_PATH = 'netbox/' BASE_PATH = environ.get('BASE_PATH', '') # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) -CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) +_CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) +if _CHANGELOG_RETENTION: + CHANGELOG_RETENTION = _CHANGELOG_RETENTION # Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely. (Default: 90) -JOBRESULT_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) +if 'JOBRESULT_RETENTION' in environ: + JOBRESULT_RETENTION = _environ_get_and_map('JOBRESULT_RETENTION', None, _AS_INT) # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be # allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or @@ -156,7 +161,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # This parameter serves as a safeguard to prevent some potentially dangerous behavior, # such as generating new database schema migrations. # Set this to True only if you are actively developing the NetBox code base. -DEVELOPER = _environ_get_and_map('DEBUG', 'False', _EQUALS_TRUE) +DEVELOPER = _environ_get_and_map('DEVELOPER', 'False', _EQUALS_TRUE) # Email settings EMAIL = { @@ -174,7 +179,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table # (all prefixes and IP addresses not assigned to a VRF), set ENFORCE_GLOBAL_UNIQUE to True. -ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) +_ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) +if _ENFORCE_GLOBAL_UNIQUE: + ENFORCE_GLOBAL_UNIQUE = _ENFORCE_GLOBAL_UNIQUE # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. @@ -191,7 +198,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: INTERNAL_IPS = _environ_get_and_map('INTERNAL_IPS', '127.0.0.1 ::1', _SPLIT_ON_SPACE) # Enable GraphQL API. -GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) +_GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) +if _GRAPHQL_ENABLED: + GRAPHQL_ENABLED = _GRAPHQL_ENABLED # # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: # # https://docs.djangoproject.com/en/stable/topics/logging/ @@ -210,15 +219,20 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: LOGIN_TIMEOUT = _environ_get_and_map('LOGIN_TIMEOUT', 1209600, _AS_INT) # Setting this to True will display a "maintenance mode" banner at the top of every page. -MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) +_MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) +if _MAINTENANCE_MODE: + MAINTENANCE_MODE = _MAINTENANCE_MODE # Maps provider -MAPS_URL = environ.get('MAPS_URL', None) +if 'MAPS_URL' in environ: + MAPS_URL = environ.get('MAPS_URL', None) # An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. # "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request # all objects by specifying "?limit=0". -MAX_PAGE_SIZE = _environ_get_and_map('MAX_PAGE_SIZE', None, _AS_INT) +_MAX_PAGE_SIZE = _environ_get_and_map('MAX_PAGE_SIZE', None, _AS_INT) +if _MAX_PAGE_SIZE: + MAX_PAGE_SIZE = _MAX_PAGE_SIZE # The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that # the default value of this setting is derived from the installed location. @@ -228,18 +242,24 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _EQUALS_TRUE) # Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM. -NAPALM_USERNAME = environ.get('NAPALM_USERNAME', None) -NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None)) +if 'NAPALM_USERNAME' in environ: + NAPALM_USERNAME = environ.get('NAPALM_USERNAME', None) +if 'NAPALM_PASSWORD' in environ: + NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None)) # NAPALM timeout (in seconds). (Default: 30) -NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) +_NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) +if _NAPALM_TIMEOUT: + NAPALM_TIMEOUT = _NAPALM_TIMEOUT # # NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must # # be provided as a dictionary. # NAPALM_ARGS = None # Determine how many objects to display per page within a list. (Default: 50) -PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) +_PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) +if _PAGINATE_COUNT: + PAGINATE_COUNT = _PAGINATE_COUNT # # Enable installed plugins. Add the name of each plugin to the list. # PLUGINS = [] @@ -251,20 +271,32 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to # prefer IPv4 instead. -PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) +_PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) +if _PREFER_IPV4: + PREFER_IPV = _PREFER_IPV4 # The default value for the amperage field when creating new power feeds. -POWERFEED_DEFAULT_AMPERAGE = _environ_get_and_map('POWERFEED_DEFAULT_AMPERAGE', None, _AS_INT) +_POWERFEED_DEFAULT_AMPERAGE = _environ_get_and_map('POWERFEED_DEFAULT_AMPERAGE', None, _AS_INT) +if _POWERFEED_DEFAULT_AMPERAGE: + POWERFEED_DEFAULT_AMPERAGE = _POWERFEED_DEFAULT_AMPERAGE # The default value (percentage) for the max_utilization field when creating new power feeds. -POWERFEED_DEFAULT_MAX_UTILIZATION = _environ_get_and_map('POWERFEED_DEFAULT_MAX_UTILIZATION', None, _AS_INT) +_POWERFEED_DEFAULT_MAX_UTILIZATION = _environ_get_and_map('POWERFEED_DEFAULT_MAX_UTILIZATION', None, _AS_INT) +if _POWERFEED_DEFAULT_MAX_UTILIZATION: + POWERFEED_DEFAULT_MAX_UTILIZATION = _POWERFEED_DEFAULT_MAX_UTILIZATION # The default value for the voltage field when creating new power feeds. -POWERFEED_DEFAULT_VOLTAGE = _environ_get_and_map('POWERFEED_DEFAULT_VOLTAGE', None, _AS_INT) +_POWERFEED_DEFAULT_VOLTAGE = _environ_get_and_map('POWERFEED_DEFAULT_VOLTAGE', None, _AS_INT) +if _POWERFEED_DEFAULT_VOLTAGE: + POWERFEED_DEFAULT_VOLTAGE = _POWERFEED_DEFAULT_VOLTAGE # Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1. -RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', None, _AS_INT) -RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) +_RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', None, _AS_INT) +if _RACK_ELEVATION_DEFAULT_UNIT_HEIGHT: + RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _RACK_ELEVATION_DEFAULT_UNIT_HEIGHT +_RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) +if _RACK_ELEVATION_DEFAULT_UNIT_WIDTH: + RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _RACK_ELEVATION_DEFAULT_UNIT_WIDTH # Remote authentication support REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _EQUALS_TRUE) @@ -304,7 +336,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only # database access.) Note that the user as which NetBox runs must have read and write permissions to this path. -SESSION_FILE_PATH = environ.get('SESSIONS_ROOT', None) +SESSION_FILE_PATH = environ.get('SESSION_FILE_PATH', environ.get('SESSIONS_ROOT', None)) # Time zone (default: UTC) TIME_ZONE = environ.get('TIME_ZONE', 'UTC') diff --git a/env/netbox.env b/env/netbox.env index b2f647ef5..a4a9d4abc 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -16,12 +16,8 @@ EMAIL_USE_SSL=false EMAIL_USE_TLS=false GRAPHQL_ENABLED=true HOUSEKEEPING_INTERVAL=86400 -MAX_PAGE_SIZE=1000 MEDIA_ROOT=/opt/netbox/netbox/media METRICS_ENABLED=false -NAPALM_PASSWORD= -NAPALM_TIMEOUT=10 -NAPALM_USERNAME= REDIS_CACHE_DATABASE=1 REDIS_CACHE_HOST=redis-cache REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY=false From 41ff541225a633a60cf1ed6746e61de92ef9fe62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 8 Oct 2022 16:34:02 +0200 Subject: [PATCH 009/318] Simplified test for existance of dynamic parameters --- configuration/configuration.py | 70 ++++++++++++++-------------------- 1 file changed, 28 insertions(+), 42 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 5518af6f1..dd73607f9 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -118,9 +118,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # # ['John Doe', 'jdoe@example.com'], # ] -_ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', None, _SPLIT_ON_SPACE) -if _ALLOWED_URL_SCHEMES: - ALLOWED_URL_SCHEMES = _ALLOWED_URL_SCHEMES +if 'ALLOWED_URL_SCHEMES' in environ: + ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', None, _SPLIT_ON_SPACE) # Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same # content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. @@ -138,9 +137,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: BASE_PATH = environ.get('BASE_PATH', '') # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) -_CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) -if _CHANGELOG_RETENTION: - CHANGELOG_RETENTION = _CHANGELOG_RETENTION +if 'CHANGELOG_RETENTION' in environ: + CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) # Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely. (Default: 90) if 'JOBRESULT_RETENTION' in environ: @@ -179,9 +177,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table # (all prefixes and IP addresses not assigned to a VRF), set ENFORCE_GLOBAL_UNIQUE to True. -_ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) -if _ENFORCE_GLOBAL_UNIQUE: - ENFORCE_GLOBAL_UNIQUE = _ENFORCE_GLOBAL_UNIQUE +if 'ENFORCE_GLOBAL_UNIQUE' in environ: + ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. @@ -198,9 +195,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: INTERNAL_IPS = _environ_get_and_map('INTERNAL_IPS', '127.0.0.1 ::1', _SPLIT_ON_SPACE) # Enable GraphQL API. -_GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) -if _GRAPHQL_ENABLED: - GRAPHQL_ENABLED = _GRAPHQL_ENABLED +if 'GRAPHQL_ENABLED' in environ: + GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) # # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: # # https://docs.djangoproject.com/en/stable/topics/logging/ @@ -219,9 +215,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: LOGIN_TIMEOUT = _environ_get_and_map('LOGIN_TIMEOUT', 1209600, _AS_INT) # Setting this to True will display a "maintenance mode" banner at the top of every page. -_MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) -if _MAINTENANCE_MODE: - MAINTENANCE_MODE = _MAINTENANCE_MODE +if 'MAINTENANCE_MODE' in environ: + MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) # Maps provider if 'MAPS_URL' in environ: @@ -230,9 +225,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. # "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request # all objects by specifying "?limit=0". -_MAX_PAGE_SIZE = _environ_get_and_map('MAX_PAGE_SIZE', None, _AS_INT) -if _MAX_PAGE_SIZE: - MAX_PAGE_SIZE = _MAX_PAGE_SIZE +if 'MAX_PAGE_SIZE' in environ: + MAX_PAGE_SIZE = _environ_get_and_map('MAX_PAGE_SIZE', None, _AS_INT) # The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that # the default value of this setting is derived from the installed location. @@ -248,18 +242,16 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None)) # NAPALM timeout (in seconds). (Default: 30) -_NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) -if _NAPALM_TIMEOUT: - NAPALM_TIMEOUT = _NAPALM_TIMEOUT +if 'NAPALM_TIMEOUT' in environ: + NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) # # NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must # # be provided as a dictionary. # NAPALM_ARGS = None # Determine how many objects to display per page within a list. (Default: 50) -_PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) -if _PAGINATE_COUNT: - PAGINATE_COUNT = _PAGINATE_COUNT +if 'PAGINATE_COUNT' in environ: + PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) # # Enable installed plugins. Add the name of each plugin to the list. # PLUGINS = [] @@ -271,32 +263,26 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to # prefer IPv4 instead. -_PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) -if _PREFER_IPV4: - PREFER_IPV = _PREFER_IPV4 +if 'PREFER_IPV4' in environ: + PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) # The default value for the amperage field when creating new power feeds. -_POWERFEED_DEFAULT_AMPERAGE = _environ_get_and_map('POWERFEED_DEFAULT_AMPERAGE', None, _AS_INT) -if _POWERFEED_DEFAULT_AMPERAGE: - POWERFEED_DEFAULT_AMPERAGE = _POWERFEED_DEFAULT_AMPERAGE +if 'POWERFEED_DEFAULT_AMPERAGE' in environ: + POWERFEED_DEFAULT_AMPERAGE = _environ_get_and_map('POWERFEED_DEFAULT_AMPERAGE', None, _AS_INT) # The default value (percentage) for the max_utilization field when creating new power feeds. -_POWERFEED_DEFAULT_MAX_UTILIZATION = _environ_get_and_map('POWERFEED_DEFAULT_MAX_UTILIZATION', None, _AS_INT) -if _POWERFEED_DEFAULT_MAX_UTILIZATION: - POWERFEED_DEFAULT_MAX_UTILIZATION = _POWERFEED_DEFAULT_MAX_UTILIZATION +if 'POWERFEED_DEFAULT_MAX_UTILIZATION' in environ: + POWERFEED_DEFAULT_MAX_UTILIZATION = _environ_get_and_map('POWERFEED_DEFAULT_MAX_UTILIZATION', None, _AS_INT) # The default value for the voltage field when creating new power feeds. -_POWERFEED_DEFAULT_VOLTAGE = _environ_get_and_map('POWERFEED_DEFAULT_VOLTAGE', None, _AS_INT) -if _POWERFEED_DEFAULT_VOLTAGE: - POWERFEED_DEFAULT_VOLTAGE = _POWERFEED_DEFAULT_VOLTAGE +if 'POWERFEED_DEFAULT_VOLTAGE' in environ: + POWERFEED_DEFAULT_VOLTAGE = _environ_get_and_map('POWERFEED_DEFAULT_VOLTAGE', None, _AS_INT) # Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1. -_RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', None, _AS_INT) -if _RACK_ELEVATION_DEFAULT_UNIT_HEIGHT: - RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _RACK_ELEVATION_DEFAULT_UNIT_HEIGHT -_RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) -if _RACK_ELEVATION_DEFAULT_UNIT_WIDTH: - RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _RACK_ELEVATION_DEFAULT_UNIT_WIDTH +if 'RACK_ELEVATION_DEFAULT_UNIT_HEIGHT' in environ: + RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_HEIGHT', None, _AS_INT) +if 'RACK_ELEVATION_DEFAULT_UNIT_WIDTH' in environ: + RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) # Remote authentication support REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _EQUALS_TRUE) From b8b1c8fc6324d62e737c6512be46a33bc782cf35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Thu, 13 Oct 2022 18:13:08 +0200 Subject: [PATCH 010/318] Rename conversion lambdas --- configuration/configuration.py | 56 +++++++++++++++++----------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index dd73607f9..deb743869 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -42,9 +42,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: return map_fn(env_value) -_EQUALS_TRUE = lambda value : value.lower() == 'true' +_AS_BOOL = lambda value : value.lower() == 'true' _AS_INT = lambda value : int(value) -_SPLIT_ON_SPACE = lambda value : list(filter(None, value.split(' '))) +_AS_LIST = lambda value : list(filter(None, value.split(' '))) _BASE_DIR = dirname(dirname(abspath(__file__))) @@ -73,7 +73,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Database connection SSLMODE 'CONN_MAX_AGE': _environ_get_and_map('DB_CONN_MAX_AGE', '300', _AS_INT), # Max database connection age - 'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _EQUALS_TRUE), + 'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _AS_BOOL), # Disable the use of server-side cursors transaction pooling } @@ -86,16 +86,16 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT), 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), 'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT), - 'SSL': _environ_get_and_map('REDIS_SSL', 'False', _EQUALS_TRUE), - 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False', _EQUALS_TRUE), + 'SSL': _environ_get_and_map('REDIS_SSL', 'False', _AS_BOOL), + 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False', _AS_BOOL), }, 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), - 'SSL': _environ_get_and_map('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False'), _EQUALS_TRUE), - 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False'), _EQUALS_TRUE), + 'SSL': _environ_get_and_map('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False'), _AS_BOOL), + 'INSECURE_SKIP_TLS_VERIFY': _environ_get_and_map('REDIS_CACHE_INSECURE_SKIP_TLS_VERIFY', environ.get('REDIS_INSECURE_SKIP_TLS_VERIFY', 'False'), _AS_BOOL), }, } @@ -119,7 +119,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # ] if 'ALLOWED_URL_SCHEMES' in environ: - ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', None, _SPLIT_ON_SPACE) + ALLOWED_URL_SCHEMES = _environ_get_and_map('ALLOWED_URL_SCHEMES', None, _AS_LIST) # Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same # content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. @@ -147,19 +147,19 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be # allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or # CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers -CORS_ORIGIN_ALLOW_ALL = _environ_get_and_map('CORS_ORIGIN_ALLOW_ALL', 'False', _EQUALS_TRUE) -CORS_ORIGIN_WHITELIST = _environ_get_and_map('CORS_ORIGIN_WHITELIST', 'https://localhost', _SPLIT_ON_SPACE) -CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r in _environ_get_and_map('CORS_ORIGIN_REGEX_WHITELIST', '', _SPLIT_ON_SPACE)] +CORS_ORIGIN_ALLOW_ALL = _environ_get_and_map('CORS_ORIGIN_ALLOW_ALL', 'False', _AS_BOOL) +CORS_ORIGIN_WHITELIST = _environ_get_and_map('CORS_ORIGIN_WHITELIST', 'https://localhost', _AS_LIST) +CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r in _environ_get_and_map('CORS_ORIGIN_REGEX_WHITELIST', '', _AS_LIST)] # Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal # sensitive information about your installation. Only enable debugging while performing testing. # Never enable debugging on a production system. -DEBUG = _environ_get_and_map('DEBUG', 'False', _EQUALS_TRUE) +DEBUG = _environ_get_and_map('DEBUG', 'False', _AS_BOOL) # This parameter serves as a safeguard to prevent some potentially dangerous behavior, # such as generating new database schema migrations. # Set this to True only if you are actively developing the NetBox code base. -DEVELOPER = _environ_get_and_map('DEVELOPER', 'False', _EQUALS_TRUE) +DEVELOPER = _environ_get_and_map('DEVELOPER', 'False', _AS_BOOL) # Email settings EMAIL = { @@ -167,8 +167,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'PORT': _environ_get_and_map('EMAIL_PORT', 25, _AS_INT), 'USERNAME': environ.get('EMAIL_USERNAME', ''), 'PASSWORD': _read_secret('email_password', environ.get('EMAIL_PASSWORD', '')), - 'USE_SSL': _environ_get_and_map('EMAIL_USE_SSL', 'False', _EQUALS_TRUE), - 'USE_TLS': _environ_get_and_map('EMAIL_USE_TLS', 'False', _EQUALS_TRUE), + 'USE_SSL': _environ_get_and_map('EMAIL_USE_SSL', 'False', _AS_BOOL), + 'USE_TLS': _environ_get_and_map('EMAIL_USE_TLS', 'False', _AS_BOOL), 'SSL_CERTFILE': environ.get('EMAIL_SSL_CERTFILE', ''), 'SSL_KEYFILE': environ.get('EMAIL_SSL_KEYFILE', ''), 'TIMEOUT': _environ_get_and_map('EMAIL_TIMEOUT', 10, _AS_INT), # seconds @@ -178,11 +178,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table # (all prefixes and IP addresses not assigned to a VRF), set ENFORCE_GLOBAL_UNIQUE to True. if 'ENFORCE_GLOBAL_UNIQUE' in environ: - ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _EQUALS_TRUE) + ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _AS_BOOL) # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. -EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _SPLIT_ON_SPACE) +EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST) # HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks). # HTTP_PROXIES = { @@ -192,11 +192,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing # NetBox from an internal IP. -INTERNAL_IPS = _environ_get_and_map('INTERNAL_IPS', '127.0.0.1 ::1', _SPLIT_ON_SPACE) +INTERNAL_IPS = _environ_get_and_map('INTERNAL_IPS', '127.0.0.1 ::1', _AS_LIST) # Enable GraphQL API. if 'GRAPHQL_ENABLED' in environ: - GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _EQUALS_TRUE) + GRAPHQL_ENABLED = _environ_get_and_map('GRAPHQL_ENABLED', None, _AS_BOOL) # # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: # # https://docs.djangoproject.com/en/stable/topics/logging/ @@ -204,11 +204,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Automatically reset the lifetime of a valid session upon each authenticated request. Enables users to remain # authenticated to NetBox indefinitely. -LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _EQUALS_TRUE) +LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL) # Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users # are permitted to access most data in NetBox (excluding secrets) but not make any changes. -LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _EQUALS_TRUE) +LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL) # The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to # re-authenticate. (Default: 1209600 [14 days]) @@ -216,7 +216,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Setting this to True will display a "maintenance mode" banner at the top of every page. if 'MAINTENANCE_MODE' in environ: - MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _EQUALS_TRUE) + MAINTENANCE_MODE = _environ_get_and_map('MAINTENANCE_MODE', None, _AS_BOOL) # Maps provider if 'MAPS_URL' in environ: @@ -233,7 +233,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: MEDIA_ROOT = environ.get('MEDIA_ROOT', join(_BASE_DIR, 'media')) # Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics' -METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _EQUALS_TRUE) +METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _AS_BOOL) # Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM. if 'NAPALM_USERNAME' in environ: @@ -264,7 +264,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to # prefer IPv4 instead. if 'PREFER_IPV4' in environ: - PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _EQUALS_TRUE) + PREFER_IPV4 = _environ_get_and_map('PREFER_IPV4', None, _AS_BOOL) # The default value for the amperage field when creating new power feeds. if 'POWERFEED_DEFAULT_AMPERAGE' in environ: @@ -285,11 +285,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) # Remote authentication support -REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _EQUALS_TRUE) +REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) REMOTE_AUTH_BACKEND = environ.get('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend') REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') -REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'True', _EQUALS_TRUE) -REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _SPLIT_ON_SPACE) +REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'True', _AS_BOOL) +REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST) # REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the @@ -314,7 +314,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Cross-Site-Request-Forgery-Attack settings. If Netbox is sitting behind a reverse proxy, you might need to set the CSRF_TRUSTED_ORIGINS flag. # Django 4.0 requires to specify the URL Scheme in this setting. An example environment variable could be specified like: # CSRF_TRUSTED_ORIGINS=https://demo.netbox.dev http://demo.netbox.dev -CSRF_TRUSTED_ORIGINS = _environ_get_and_map('CSRF_TRUSTED_ORIGINS', '', _SPLIT_ON_SPACE) +CSRF_TRUSTED_ORIGINS = _environ_get_and_map('CSRF_TRUSTED_ORIGINS', '', _AS_LIST) # The name to use for the session cookie. SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid') From df8f406432da53db22b3e2cf8678c2e88f3ac50c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 15 Oct 2022 10:20:32 +0200 Subject: [PATCH 011/318] Remove unnecessary import --- configuration/configuration.py | 1 - 1 file changed, 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index deb743869..8d19fd94a 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -7,7 +7,6 @@ import re from os import environ from os.path import abspath, dirname, join -from termios import VREPRINT from typing import Any, Callable, Tuple # For reference see https://docs.netbox.dev/en/stable/configuration/ From 35a94cb7e58e9876badbdd19d7ec6236c76d35f6 Mon Sep 17 00:00:00 2001 From: Ryan Merolle Date: Sat, 22 Oct 2022 09:40:03 -0400 Subject: [PATCH 012/318] Update docker-compose.yml Address housekeeping tracebacks & remove whitespace --- docker-compose.yml | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c20f7e979..780c7329d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,9 +6,13 @@ services: - postgres - redis - redis-cache - - netbox-worker env_file: env/netbox.env user: 'unit:root' + healthcheck: + start_period: 60s + timeout: 3s + interval: 15s + test: "curl -f http://localhost:8080/api/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - ./reports:/etc/netbox/reports:z,ro @@ -17,19 +21,29 @@ services: netbox-worker: <<: *netbox depends_on: - - redis - - postgres + netbox: + condition: service_healthy command: - /opt/netbox/venv/bin/python - /opt/netbox/netbox/manage.py - rqworker + healthcheck: + start_period: 20s + timeout: 3s + interval: 15s + test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" netbox-housekeeping: <<: *netbox depends_on: - - redis - - postgres + netbox: + condition: service_healthy command: - /opt/netbox/housekeeping.sh + healthcheck: + start_period: 20s + timeout: 3s + interval: 15s + test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" # postgres postgres: @@ -56,7 +70,7 @@ services: - redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis-cache.env volumes: - - netbox-redis-cache-data:/data + - netbox-redis-cache-data:/data volumes: netbox-media-files: @@ -66,4 +80,4 @@ volumes: netbox-redis-data: driver: local netbox-redis-cache-data: - driver: local + driver: local From c5f91ad359c68de0b493ac64628f2960bf322f31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=A4der?= Date: Tue, 25 Oct 2022 17:38:03 +0200 Subject: [PATCH 013/318] Preparation for 2.3.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index ccbccc3dc..276cbf9e2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.2.0 +2.3.0 diff --git a/docker-compose.yml b/docker-compose.yml index c20f7e979..3d50c77ef 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: netboxcommunity/netbox:${VERSION-v3.3-2.2.0} + image: netboxcommunity/netbox:${VERSION-v3.3-2.3.0} depends_on: - postgres - redis From 7d871778ebf2f38f02ee7df29844bfbdbdc7beb0 Mon Sep 17 00:00:00 2001 From: movelg <43134135+movelg@users.noreply.github.com> Date: Fri, 11 Nov 2022 08:40:29 +0100 Subject: [PATCH 014/318] Don't use bash internal variable name --- docker/housekeeping.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/housekeeping.sh b/docker/housekeeping.sh index cfe06b199..47a4a3df4 100755 --- a/docker/housekeeping.sh +++ b/docker/housekeeping.sh @@ -1,8 +1,8 @@ #!/bin/bash -SECONDS=${HOUSEKEEPING_INTERVAL:=86400} -echo "Interval set to ${SECONDS} seconds" +SLEEP_SECONDS=${HOUSEKEEPING_INTERVAL:=86400} +echo "Interval set to ${SLEEP_SECONDS} seconds" while true; do date /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py housekeeping - sleep "${SECONDS}s" + sleep "${SLEEP_SECONDS}s" done From dd01e3c2275dfa0f8d85c14a777606d176028bb3 Mon Sep 17 00:00:00 2001 From: Wellyas Date: Mon, 31 Oct 2022 16:00:18 +0100 Subject: [PATCH 015/318] Enable SAML & OPENIDCONNECT for social-auth-core --- Dockerfile | 8 ++++++++ requirements-container.txt | 3 ++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 2bc5dff5a..21c58ddd4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,6 +13,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \ libpq-dev \ libsasl2-dev \ libssl-dev \ + libxml2-dev \ + libxml2-dev \ + libxmlsec1 \ + libxmlsec1-dev \ + libxmlsec1-openssl \ + libxslt-dev \ + pkg-config \ python3-dev \ python3-pip \ python3-venv \ @@ -46,6 +53,7 @@ RUN export DEBIAN_FRONTEND=noninteractive \ curl \ libldap-common \ libpq5 \ + libxmlsec1-openssl \ openssl \ python3 \ python3-distutils \ diff --git a/requirements-container.txt b/requirements-container.txt index f8b720eae..0d16b2697 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,5 @@ django-auth-ldap==4.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.1 napalm==4.0.0 psycopg2==2.9.4 -social-auth-core[openidconnect]==4.3.0 +python3-saml==1.14.0 +social-auth-core[all]==4.3.0 From a4f494db14edc792712fb473efd80480d5fce5e5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 11 Nov 2022 14:24:44 +0000 Subject: [PATCH 016/318] Update postgres Docker tag to v15 --- docker-compose.test.yml | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 3e4686e32..2f6b24cb7 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -17,7 +17,7 @@ services: - ./scripts:/etc/netbox/scripts:z,ro - netbox-media-files:/opt/netbox/netbox/media:z postgres: - image: postgres:14-alpine + image: postgres:15-alpine env_file: env/postgres.env redis: image: redis:7-alpine diff --git a/docker-compose.yml b/docker-compose.yml index 3d50c77ef..043705d72 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -33,7 +33,7 @@ services: # postgres postgres: - image: postgres:14-alpine + image: postgres:15-alpine env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data From 6020f4503add335a709a4a702006b8b801debb36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=A4der?= Date: Wed, 23 Nov 2022 14:40:03 +0100 Subject: [PATCH 017/318] Make nginx-unit listen on IPv4 and IPv6 --- docker/nginx-unit.json | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index 87a186ba2..d6ff9cc07 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -1,6 +1,9 @@ { "listeners": { - "*:8080": { + "0.0.0.0:8080": { + "pass": "routes" + }, + "[::]:8080": { "pass": "routes" } }, From 1779ba790d3a3af2d716a61e90b02c5aed26bb46 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 30 Nov 2022 09:51:36 +0100 Subject: [PATCH 018/318] Removed warning for initializer scripts --- docker/docker-entrypoint.sh | 9 --------- 1 file changed, 9 deletions(-) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 6afa1eab9..ff495e640 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -80,15 +80,6 @@ END echo "💡 Superuser Username: ${SUPERUSER_NAME}, E-Mail: ${SUPERUSER_EMAIL}" fi -# Print warning if startup scripts (and initializers) would've been run # Remove for next release -if [ "$SKIP_STARTUP_SCRIPTS" == "true" ]; then - # Nothing to do - echo "" # Empty block not allowed -else - echo "⚠️⚠️⚠️ WARNING: The initializers have been moved to a plugin. See release notes." - echo "⚠️⚠️⚠️ Set environment variable 'SKIP_STARTUP_SCRIPTS' to 'true' to remove this warning." -fi - echo "✅ Initialisation is done." # Launch whatever is passed by docker From 9441be459c0fe4c84aa12e38acb14333989f7ba6 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 30 Nov 2022 09:52:07 +0100 Subject: [PATCH 019/318] Improved testing After the initializer scripts were removed, we didn't test the actual compose setup anymore. This adds new tests to run the database migrations. --- docker-compose.test.yml | 16 +++++++++++----- test.sh | 14 ++++++++++++-- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 2f6b24cb7..b8444f07b 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -3,12 +3,13 @@ services: netbox: image: ${IMAGE-netboxcommunity/netbox:latest} depends_on: - - postgres - - redis - - redis-cache + postgres: + condition: service_healthy + redis: + condition: service_started + redis-cache: + condition: service_started env_file: env/netbox.env - environment: - SKIP_STARTUP_SCRIPTS: ${SKIP_STARTUP_SCRIPTS-false} user: 'unit:root' volumes: - ./configuration:/etc/netbox/config:z,ro @@ -19,6 +20,11 @@ services: postgres: image: postgres:15-alpine env_file: env/postgres.env + healthcheck: + test: ["CMD-SHELL", "pg_isready"] + interval: 10s + timeout: 5s + retries: 5 redis: image: redis:7-alpine command: diff --git a/test.sh b/test.sh index ca36a8f20..31b4d87a6 100755 --- a/test.sh +++ b/test.sh @@ -35,10 +35,14 @@ if [ -z "${IMAGE}" ]; then fi # The docker compose command to use -doco="docker-compose --file docker-compose.test.yml --project-name netbox_docker_test_${1}" +doco="docker compose --file docker-compose.test.yml --project-name netbox_docker_test" test_setup() { echo "🏗 Setup up test environment" + $doco up --detach --quiet-pull --wait --force-recreate --renew-anon-volumes --no-start + $doco start postgres + $doco start redis + $doco start redis-cache } test_netbox_unit_tests() { @@ -46,9 +50,14 @@ test_netbox_unit_tests() { $doco run --rm netbox /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py test } +test_compose_db_setup() { + echo "⏱ Running NetBox DB migrations" + $doco run --rm netbox /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py migrate +} + test_cleanup() { echo "💣 Cleaning Up" - $doco down -v + $doco down --volumes } echo "🐳🐳🐳 Start testing '${IMAGE}'" @@ -58,5 +67,6 @@ trap test_cleanup EXIT ERR test_setup test_netbox_unit_tests +test_compose_db_setup echo "🐳🐳🐳 Done testing '${IMAGE}'" From aa3357817a765d09c22799bb972a408ae5586425 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 30 Nov 2022 10:03:27 +0100 Subject: [PATCH 020/318] Disable Gitleaks --- .github/workflows/push.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3dc25bab1..acd08d42b 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -31,6 +31,7 @@ jobs: LINTER_RULES_PATH: / VALIDATE_ALL_CODEBASE: false VALIDATE_DOCKERFILE: false + VALIDATE_GITLEAKS: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .ecrc DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml From 6d465e6f813bc8e29c846f313487a086cfa50428 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 30 Nov 2022 14:36:53 +0100 Subject: [PATCH 021/318] Optimize psycopg2 dependency We have beeing installing psycopg2 for a while now. This updates to the latest version. Because psycopg2-binary is a direct dependency of Netbox both versions were installled. Now we remove the pre-compiled version from the dependency file. --- Dockerfile | 3 ++- requirements-container.txt | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 21c58ddd4..fcf01b003 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,7 +31,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / -RUN /opt/netbox/venv/bin/pip install \ +RUN sed -i -e '/psycopg2-binary/d' requirements.txt && \ + /opt/netbox/venv/bin/pip install \ -r /requirements.txt \ -r /requirements-container.txt diff --git a/requirements-container.txt b/requirements-container.txt index 0d16b2697..96f3aa301 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.1 napalm==4.0.0 -psycopg2==2.9.4 +psycopg2==2.9.5 python3-saml==1.14.0 social-auth-core[all]==4.3.0 From bdb4396275f3f622f7f3de3a9e0506f9705e7075 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 1 Dec 2022 08:17:25 +0100 Subject: [PATCH 022/318] Added settings for CA certificates for LDAP --- configuration/ldap/ldap_config.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 7fb62d71f..8aa3ecb2b 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -49,6 +49,16 @@ def _import_group_type(group_type_name): # ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) LDAP_IGNORE_CERT_ERRORS = environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').lower() == 'true' +# Include this setting if you want to validate the LDAP server certificates against a CA certificate directory on your server +# Note that this is a NetBox-specific setting which sets: +# ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, LDAP_CA_CERT_DIR) +LDAP_CA_CERT_DIR = environ.get('LDAP_CA_CERT_DIR', None) + +# Include this setting if you want to validate the LDAP server certificates against your own CA. +# Note that this is a NetBox-specific setting which sets: +# ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, LDAP_CA_CERT_FILE) +LDAP_CA_CERT_FILE = environ.get('LDAP_CA_CERT_FILE', None) + AUTH_LDAP_USER_SEARCH_BASEDN = environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', '') AUTH_LDAP_USER_SEARCH_ATTR = environ.get('AUTH_LDAP_USER_SEARCH_ATTR', 'sAMAccountName') AUTH_LDAP_USER_SEARCH = LDAPSearch( From 238f95c5ce7f21ca764b08052babe8cd629eec1f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 15 Dec 2022 12:57:51 +0100 Subject: [PATCH 023/318] Preparation for 2.4.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 276cbf9e2..197c4d5c2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3.0 +2.4.0 diff --git a/docker-compose.yml b/docker-compose.yml index 6619283aa..d3e823465 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: netboxcommunity/netbox:${VERSION-v3.3-2.3.0} + image: netboxcommunity/netbox:${VERSION-v3.4-2.4.0} depends_on: - postgres - redis From f2bb1198ddb43ca77472fd980d3a2c3bc77c2101 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 23 Dec 2022 05:15:28 +0000 Subject: [PATCH 024/318] Update dependency django-storages to v1.13.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 96f3aa301..9572d177d 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.1.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.1 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.5 python3-saml==1.14.0 From 89ad7588f0ddda2aabe490614ea9804225ad76db Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 27 Dec 2022 23:54:03 +0000 Subject: [PATCH 025/318] Update dependency python3-saml to v1.15.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 9572d177d..f1ccb53df 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,5 +2,5 @@ django-auth-ldap==4.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.5 -python3-saml==1.14.0 +python3-saml==1.15.0 social-auth-core[all]==4.3.0 From 73f479d5db39868928697ab92680b244ff8923f2 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Jan 2023 14:41:26 +0100 Subject: [PATCH 026/318] Ensure that '*' or 'localhost' is always in ALLOWED_HOSTS --- configuration/configuration.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 8d19fd94a..db35c1b6a 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -58,6 +58,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # # Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local'] ALLOWED_HOSTS = environ.get('ALLOWED_HOSTS', '*').split(' ') +# ensure that '*' or 'localhost' is always in ALLOWED_HOSTS +if '*' not in ALLOWED_HOSTS and 'localhost' not in ALLOWED_HOSTS: + ALLOWED_HOSTS.append('localhost') # PostgreSQL database configuration. See the Django documentation for a complete list of available parameters: # https://docs.djangoproject.com/en/stable/ref/settings/#databases From b6faad36cb19e5d1f9dbf67f99e47cee9b211620 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Jan 2023 14:58:41 +0100 Subject: [PATCH 027/318] Added start_period to docker-compose example --- docker-compose.override.yml.example | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index f08d6c017..e2cf62a09 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -3,3 +3,11 @@ services: netbox: ports: - 8000:8080 + healthcheck: + # Time for which the health check can fail after the container is started. + # This depends mostly on the performance of your database. On the first start, + # when all tables need to be created the start_period should be higher than on + # subsequent starts. For the first start after major version upgrades of Netbox + # the start_period might also need to be set higher. + # Default value in our docker-compose.yml is 60s + start_period: 90s From 8f2820626c3a0eda295b407d4866d65ccd3b460c Mon Sep 17 00:00:00 2001 From: Kadar Anwar <11323060+kmanwar89@users.noreply.github.com> Date: Tue, 3 Jan 2023 09:06:46 -0500 Subject: [PATCH 028/318] Fix syntax of docker compose commands Docker compose's syntax changed as of Compose v2 (source: https://docs.docker.com/compose/reference/). Replaced references of "docker-compose" with "docker compose" to align with this change. --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 18496a883..ac44d61db 100644 --- a/README.md +++ b/README.md @@ -40,8 +40,8 @@ services: ports: - 8000:8080 EOF -docker-compose pull -docker-compose up +docker compose pull +docker compose up ``` The whole application will be available after a few minutes. @@ -123,7 +123,7 @@ This project relies only on _Docker_ and _docker-compose_ meeting these requirem * The _containerd version_ must be at least `1.5.6`. * The _docker-compose version_ must be at least `1.28.0`. -To check the version installed on your system run `docker --version` and `docker-compose --version`. +To check the version installed on your system run `docker --version` and `docker compose version`. ## Updating From 0c1b69ded02d1ce3e463287ce4f18eb35fbe6650 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Jan 2023 16:45:09 +0100 Subject: [PATCH 029/318] Update docker-compose.override.yml.example MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Christian Mäder --- docker-compose.override.yml.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index e2cf62a09..1b936f682 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -7,7 +7,7 @@ services: # Time for which the health check can fail after the container is started. # This depends mostly on the performance of your database. On the first start, # when all tables need to be created the start_period should be higher than on - # subsequent starts. For the first start after major version upgrades of Netbox + # subsequent starts. For the first start after major version upgrades of NetBox # the start_period might also need to be set higher. # Default value in our docker-compose.yml is 60s start_period: 90s From 7e0a8fee82d064874784ba707971f2aeea3d5a7a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Jan 2023 16:48:00 +0100 Subject: [PATCH 030/318] Improved comment --- configuration/configuration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index db35c1b6a..cff152fbf 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -58,7 +58,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # # Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local'] ALLOWED_HOSTS = environ.get('ALLOWED_HOSTS', '*').split(' ') -# ensure that '*' or 'localhost' is always in ALLOWED_HOSTS +# ensure that '*' or 'localhost' is always in ALLOWED_HOSTS (needed for health checks) if '*' not in ALLOWED_HOSTS and 'localhost' not in ALLOWED_HOSTS: ALLOWED_HOSTS.append('localhost') From 41d80d66b1506cd82415f2e25e42fbb868539a8f Mon Sep 17 00:00:00 2001 From: "Sean M. Collins" Date: Tue, 27 Dec 2022 20:00:59 +0000 Subject: [PATCH 031/318] Prepend docker.io to image URLs This is to make podman happy, since newer versions of podman have set short-name-mode to enforcing https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md --- docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index d3e823465..a8f3b54e4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: netboxcommunity/netbox:${VERSION-v3.4-2.4.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.4.0} depends_on: - postgres - redis @@ -47,14 +47,14 @@ services: # postgres postgres: - image: postgres:15-alpine + image: docker.io/postgres:15-alpine env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data # redis redis: - image: redis:7-alpine + image: docker.io/redis:7-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From bd07a7a5a2f9810a3b14122c0f01010495505cd3 Mon Sep 17 00:00:00 2001 From: Christian Harendt <22472485+christianharendt@users.noreply.github.com> Date: Fri, 27 Jan 2023 15:02:11 +0100 Subject: [PATCH 032/318] Add redis username parameter --- configuration/configuration.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index cff152fbf..d3cfe2bd3 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -86,6 +86,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'tasks': { 'HOST': environ.get('REDIS_HOST', 'localhost'), 'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT), + 'USERNAME': environ.get('REDIS_USERNAME', ''), 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), 'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT), 'SSL': _environ_get_and_map('REDIS_SSL', 'False', _AS_BOOL), @@ -94,6 +95,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), + 'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', ''), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), 'SSL': _environ_get_and_map('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False'), _AS_BOOL), From ff373bd60da9267f446006efbbb63f6076c73d07 Mon Sep 17 00:00:00 2001 From: Christian Harendt <22472485+christianharendt@users.noreply.github.com> Date: Fri, 27 Jan 2023 15:05:17 +0100 Subject: [PATCH 033/318] Update configuration.py --- configuration/configuration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3cfe2bd3..18bfd0147 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -95,7 +95,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), - 'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', ''), + 'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', '')), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), 'SSL': _environ_get_and_map('REDIS_CACHE_SSL', environ.get('REDIS_SSL', 'False'), _AS_BOOL), From f2b0375d5b892828f19f203ea4b47decce34a466 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 28 Jan 2023 12:00:40 +0100 Subject: [PATCH 034/318] Using GITHUB_TOKEN for API --- .github/workflows/push.yml | 1 + .github/workflows/release.yml | 1 + build-latest.sh | 36 +++++++++++++++++------------------ 3 files changed, 20 insertions(+), 18 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index acd08d42b..2bf855b1b 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -55,6 +55,7 @@ jobs: fail-fast: false env: GH_ACTION: enable + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAMES: docker.io/netboxcommunity/netbox runs-on: ubuntu-latest name: Builds new NetBox Docker Images diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3b622ea22..86733e3e4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,6 +25,7 @@ jobs: name: Builds new NetBox Docker Images env: GH_ACTION: enable + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAMES: docker.io/netboxcommunity/netbox quay.io/netboxcommunity/netbox ghcr.io/netbox-community/netbox steps: - id: source-checkout diff --git a/build-latest.sh b/build-latest.sh index bcafda40e..00abe97b1 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -11,16 +11,20 @@ if ! command -v jq; then exit 1 fi +CURL_ARGS=( + --silent +) + ### -# Checking for the presence of GITHUB_OAUTH_CLIENT_ID -# and GITHUB_OAUTH_CLIENT_SECRET +# Checking for the presence of GITHUB_TOKEN ### -if [ -n "${GITHUB_OAUTH_CLIENT_ID}" ] && [ -n "${GITHUB_OAUTH_CLIENT_SECRET}" ]; then +if [ -n "${GITHUB_TOKEN}" ]; then echo "🗝 Performing authenticated Github API calls." - GITHUB_OAUTH_PARAMS="client_id=${GITHUB_OAUTH_CLIENT_ID}&client_secret=${GITHUB_OAUTH_CLIENT_SECRET}" + CURL_ARGS+=( + --header "Authorization: Bearer ${GITHUB_TOKEN}" + ) else echo "🕶 Performing unauthenticated Github API calls. This might result in lower Github rate limits!" - GITHUB_OAUTH_PARAMS="" fi ### @@ -42,31 +46,27 @@ fi ### ORIGINAL_GITHUB_REPO="netbox-community/netbox" GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}" -URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases?${GITHUB_OAUTH_PARAMS}" +URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases" # Composing the JQ commans to extract the most recent version number JQ_LATEST="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==${PRERELEASE-false}) | .tag_name" -CURL="curl -sS" +CURL="curl" # Querying the Github API to fetch the most recent version number -VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_LATEST}") +VERSION=$($CURL "${CURL_ARGS[@]}" "${URL_RELEASES}" | jq -r "${JQ_LATEST}" 2>/dev/null) ### # Check if the prerelease version is actually higher than stable version ### if [ "${PRERELEASE}" == "true" ]; then JQ_STABLE="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==false) | .tag_name" - STABLE_VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_STABLE}") - - # shellcheck disable=SC2003 - MAJOR_STABLE=$(expr match "${STABLE_VERSION}" 'v\([0-9]\+\)') - # shellcheck disable=SC2003 - MINOR_STABLE=$(expr match "${STABLE_VERSION}" 'v[0-9]\+\.\([0-9]\+\)') - # shellcheck disable=SC2003 - MAJOR_UNSTABLE=$(expr match "${VERSION}" 'v\([0-9]\+\)') - # shellcheck disable=SC2003 - MINOR_UNSTABLE=$(expr match "${VERSION}" 'v[0-9]\+\.\([0-9]\+\)') + STABLE_VERSION=$($CURL "${CURL_ARGS[@]}" "${URL_RELEASES}" | jq -r "${JQ_STABLE}" 2>/dev/null) + + MAJOR_STABLE=$(expr "${STABLE_VERSION}" : 'v\([0-9]\+\)') + MINOR_STABLE=$(expr "${STABLE_VERSION}" : 'v[0-9]\+\.\([0-9]\+\)') + MAJOR_UNSTABLE=$(expr "${VERSION}" : 'v\([0-9]\+\)') + MINOR_UNSTABLE=$(expr "${VERSION}" : 'v[0-9]\+\.\([0-9]\+\)') if { [ "${MAJOR_STABLE}" -eq "${MAJOR_UNSTABLE}" ] && From eef45c8197d80d5860dc84a03a8aa6a4ab750e65 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 28 Jan 2023 15:42:32 +0100 Subject: [PATCH 035/318] Using new GITHUB_OUTPUT method --- .github/workflows/release.yml | 2 +- build-functions/gh-functions.sh | 11 +++++++++++ build-latest.sh | 6 ++---- build.sh | 6 +++--- 4 files changed, 17 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 86733e3e4..1dd2c3af1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,7 +33,7 @@ jobs: uses: actions/checkout@v3 - id: set-netbox-docker-version name: Get Version of NetBox Docker - run: echo "::set-output name=version::$(cat VERSION)" + run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT" shell: bash - id: qemu-setup name: Set up QEMU diff --git a/build-functions/gh-functions.sh b/build-functions/gh-functions.sh index 4928d0d22..4c04dc05e 100644 --- a/build-functions/gh-functions.sh +++ b/build-functions/gh-functions.sh @@ -19,3 +19,14 @@ gh_env() { echo "${@}" >>"${GITHUB_ENV}" fi } + +### +# Prints the output to the file defined in ${GITHUB_OUTPUT}. +# Only executes if ${GH_ACTION} is defined. +# Example Usage: gh_env "FOO_VAR=bar_value" +### +gh_out() { + if [ -n "${GH_ACTION}" ]; then + echo "${@}" >>"$GITHUB_OUTPUT" + fi +} diff --git a/build-latest.sh b/build-latest.sh index 00abe97b1..30a0ba6bb 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -1,5 +1,6 @@ #!/bin/bash # Builds the latest released version +source ./build-functions/gh-functions.sh echo "▶️ $0 $*" @@ -75,10 +76,7 @@ if [ "${PRERELEASE}" == "true" ]; then echo "❎ Latest unstable version '${VERSION}' is not higher than the latest stable version '$STABLE_VERSION'." if [ -z "$DEBUG" ]; then - if [ -n "${GH_ACTION}" ]; then - echo "::set-output name=skipped::true" - fi - + gh_out "skipped=true" exit 0 else echo "⚠️ Would exit here with code '0', but DEBUG is enabled." diff --git a/build.sh b/build.sh index f892e8b2a..cc265f92f 100755 --- a/build.sh +++ b/build.sh @@ -170,7 +170,7 @@ if [ "${2}" != "--push-only" ] && [ -z "${SKIP_GIT}" ]; then REMOTE_EXISTS=$(git ls-remote --heads --tags "${URL}" "${NETBOX_BRANCH}" | wc -l) if [ "${REMOTE_EXISTS}" == "0" ]; then echo "❌ Remote branch '${NETBOX_BRANCH}' not found in '${URL}'; Nothing to do" - gh_echo "::set-output name=skipped::true" + gh_out "skipped=true" exit 0 fi echo "🌐 Checking out '${NETBOX_BRANCH}' of NetBox from the url '${URL}' into '${NETBOX_PATH}'" @@ -349,10 +349,10 @@ fi if [ "${SHOULD_BUILD}" != "true" ]; then echo "Build skipped because sources didn't change" - echo "::set-output name=skipped::true" + gh_out "skipped=true" exit 0 # Nothing to do -> exit else - gh_echo "::set-output name=skipped::false" + gh_out "skipped=false" fi gh_echo "::endgroup::" From 3071c500da191ec3c90322f8a2dcc5b85a446065 Mon Sep 17 00:00:00 2001 From: Tim Oliver Rabl Date: Fri, 27 Jan 2023 23:57:56 +0100 Subject: [PATCH 036/318] implement extra LDAP user and group filters as requested in #471 --- configuration/ldap/ldap_config.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 8aa3ecb2b..f5cd50c96 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -61,18 +61,22 @@ def _import_group_type(group_type_name): AUTH_LDAP_USER_SEARCH_BASEDN = environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', '') AUTH_LDAP_USER_SEARCH_ATTR = environ.get('AUTH_LDAP_USER_SEARCH_ATTR', 'sAMAccountName') -AUTH_LDAP_USER_SEARCH = LDAPSearch( - AUTH_LDAP_USER_SEARCH_BASEDN, - ldap.SCOPE_SUBTREE, - "(" + AUTH_LDAP_USER_SEARCH_ATTR + "=%(user)s)" +AUTH_LDAP_USER_SEARCH_FILTER: str = environ.get( + 'AUTH_LDAP_USER_SEARCH_FILTER', f'({AUTH_LDAP_USER_SEARCH_ATTR}=%(user)s)' ) # This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group # heirarchy. + AUTH_LDAP_GROUP_SEARCH_BASEDN = environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', '') AUTH_LDAP_GROUP_SEARCH_CLASS = environ.get('AUTH_LDAP_GROUP_SEARCH_CLASS', 'group') -AUTH_LDAP_GROUP_SEARCH = LDAPSearch(AUTH_LDAP_GROUP_SEARCH_BASEDN, ldap.SCOPE_SUBTREE, - "(objectClass=" + AUTH_LDAP_GROUP_SEARCH_CLASS + ")") + +AUTH_LDAP_GROUP_SEARCH_FILTER: str = environ.get( + 'AUTH_LDAP_GROUP_SEARCH_FILTER', f'(objectclass={AUTH_LDAP_GROUP_SEARCH_CLASS})' +) +AUTH_LDAP_GROUP_SEARCH = LDAPSearch( + AUTH_LDAP_GROUP_SEARCH_BASEDN, ldap.SCOPE_SUBTREE, AUTH_LDAP_GROUP_SEARCH_FILTER +) AUTH_LDAP_GROUP_TYPE = _import_group_type(environ.get('AUTH_LDAP_GROUP_TYPE', 'GroupOfNamesType')) # Define a group required to login. From 6f70b88972823a03d1364e5fdae7e156a5b4646d Mon Sep 17 00:00:00 2001 From: Tim Rabl <47297056+timrabl@users.noreply.github.com> Date: Sat, 28 Jan 2023 00:58:47 +0100 Subject: [PATCH 037/318] squash commits that revert AUTH_LDAP_USER_SEARCH add missing AUTH_LDAP_USER_SEARCH, removed while modifying.... revert AUTH_LDAP_USER_SEARCH variable that was accidentally removed in #931 and change behaviour to requested features in #471 remove duplicate AUTH_LDAP_USER_SEARCH variable now and fix this finally, hopefully --- configuration/ldap/ldap_config.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index f5cd50c96..82fad72a8 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -65,6 +65,10 @@ def _import_group_type(group_type_name): 'AUTH_LDAP_USER_SEARCH_FILTER', f'({AUTH_LDAP_USER_SEARCH_ATTR}=%(user)s)' ) +AUTH_LDAP_USER_SEARCH = LDAPSearch( + AUTH_LDAP_USER_SEARCH_BASEDN, ldap.SCOPE_SUBTREE, AUTH_LDAP_USER_SEARCH_FILTER +) + # This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group # heirarchy. From e60a746eeed53e85eef9941517e8f3f07891433d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 23 Feb 2023 08:37:53 +0100 Subject: [PATCH 038/318] Fixes #947: Rebuild search index when needed This rebuilds the search index when models where updated. --- docker/docker-entrypoint.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index ff495e640..72d2b3309 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -46,6 +46,8 @@ if ! ./manage.py migrate --check >/dev/null 2>&1; then ./manage.py remove_stale_contenttypes --no-input echo "⚙️ Removing expired user sessions" ./manage.py clearsessions + echo "⚙️ Building search index (lazy)" + ./manage.py reindex --lazy fi # Create Superuser if required From d3a30e1172a611e52b85bc40b5ccd3d8e1f7e0f6 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 7 Oct 2022 08:08:30 +0200 Subject: [PATCH 039/318] Updated to new unit version --- Dockerfile | 6 ++-- build.sh | 2 +- docker-compose.override.yml.example | 5 ++- docker/launch-netbox.sh | 1 + docker/nginx-unit.json | 50 ++++++++++++++++++----------- 5 files changed, 41 insertions(+), 23 deletions(-) diff --git a/Dockerfile b/Dockerfile index fcf01b003..56ba2d314 100644 --- a/Dockerfile +++ b/Dockerfile @@ -66,8 +66,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.27.0-1~jammy \ - unit-python3.10=1.27.0-1~jammy \ + unit=1.29.1-1~jammy \ + unit-python3.10=1.29.1-1~jammy \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv @@ -94,7 +94,7 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input -ENV LANG=C.UTF-8 PATH=/opt/netbox/venv/bin:$PATH +ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH ENTRYPOINT [ "/usr/bin/tini", "--" ] CMD [ "/opt/netbox/docker-entrypoint.sh", "/opt/netbox/launch-netbox.sh" ] diff --git a/build.sh b/build.sh index cc265f92f..3a72aff42 100755 --- a/build.sh +++ b/build.sh @@ -332,7 +332,7 @@ elif [[ "${IMAGE_NAME_TAGS[0]}" = docker.io* ]]; then if ! printf '%s\n' "${IMAGES_LAYERS_OLD[@]}" | grep -q -P "^${BASE_LAST_LAYER}\$"; then SHOULD_BUILD="true" - BUILD_REASON="${BUILD_REASON} debian" + BUILD_REASON="${BUILD_REASON} ubuntu" fi if [ "${NETBOX_GIT_REF}" != "${NETBOX_GIT_REF_OLD}" ]; then SHOULD_BUILD="true" diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index 1b936f682..48365db3d 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -2,7 +2,10 @@ version: '3.4' services: netbox: ports: - - 8000:8080 + - "8000:8080" + # If you want the Nginx unit status page visible from the + # outside of the container add the following port mapping: + # - "8001:8081" healthcheck: # Time for which the health check can fail after the container is started. # This depends mostly on the performance of your database. On the first start, diff --git a/docker/launch-netbox.sh b/docker/launch-netbox.sh index 09efdb5e8..510c5c854 100755 --- a/docker/launch-netbox.sh +++ b/docker/launch-netbox.sh @@ -1,6 +1,7 @@ #!/bin/bash UNIT_CONFIG="${UNIT_CONFIG-/etc/unit/nginx-unit.json}" +# Also used in "nginx-unit.json" UNIT_SOCKET="/opt/unit/unit.sock" load_configuration() { diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index d6ff9cc07..fc33a2c6b 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -1,30 +1,45 @@ { "listeners": { "0.0.0.0:8080": { - "pass": "routes" + "pass": "routes/main" }, "[::]:8080": { - "pass": "routes" + "pass": "routes/main" + }, + "0.0.0.0:8081": { + "pass": "routes/status" + }, + "[::]:8081": { + "pass": "routes/status" } }, - - "routes": [ - { - "match": { - "uri": "/static/*" + "routes": { + "main": [ + { + "match": { + "uri": "/static/*" + }, + "action": { + "share": "/opt/netbox/netbox${uri}" + } }, - "action": { - "share": "/opt/netbox/netbox${uri}" + { + "action": { + "pass": "applications/netbox" + } } - }, - - { - "action": { - "pass": "applications/netbox" + ], + "status": [ + { + "match": { + "uri": "/status/*" + }, + "action": { + "proxy": "http://unix:/opt/unit/unit.sock" + } } - } - ], - + ] + }, "applications": { "netbox": { "type": "python 3", @@ -38,6 +53,5 @@ } } }, - "access_log": "/dev/stdout" } From fb5bacc4b4c2744f1a38616e1dce2d5183f8f4db Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 15 Mar 2023 09:13:09 +0100 Subject: [PATCH 040/318] Replaced curl with Skopeo for in image functions --- build-functions/get-public-image-config.sh | 71 +--------------------- build-latest.sh | 8 --- build.sh | 32 +++++----- 3 files changed, 19 insertions(+), 92 deletions(-) diff --git a/build-functions/get-public-image-config.sh b/build-functions/get-public-image-config.sh index 4f5b6950a..054efd214 100644 --- a/build-functions/get-public-image-config.sh +++ b/build-functions/get-public-image-config.sh @@ -1,82 +1,17 @@ #!/bin/bash -# Retrieves image configuration from public images in DockerHub -# Functions from https://gist.github.com/cirocosta/17ea17be7ac11594cb0f290b0a3ac0d1 -# Optimised for our use case get_image_label() { local label=$1 local image=$2 - local tag=$3 - local token - token=$(_get_token "$image") - local digest - digest=$(_get_digest "$image" "$tag" "$token") - local retval="null" - if [ "$digest" != "null" ]; then - retval=$(_get_image_configuration "$image" "$token" "$digest" "$label") - fi - echo "$retval" + skopeo inspect "docker://$image" | jq -r ".Labels[\"$label\"]" } get_image_layers() { local image=$1 - local tag=$2 - local token - token=$(_get_token "$image") - _get_layers "$image" "$tag" "$token" + skopeo inspect "docker://$image" | jq -r ".Layers" } get_image_last_layer() { local image=$1 - local tag=$2 - local token - token=$(_get_token "$image") - local layers - mapfile -t layers < <(_get_layers "$image" "$tag" "$token") - echo "${layers[-1]}" -} - -_get_image_configuration() { - local image=$1 - local token=$2 - local digest=$3 - local label=$4 - curl \ - --silent \ - --location \ - --header "Authorization: Bearer $token" \ - "https://registry-1.docker.io/v2/$image/blobs/$digest" | - jq -r ".config.Labels.\"$label\"" -} - -_get_token() { - local image=$1 - curl \ - --silent \ - "https://auth.docker.io/token?scope=repository:$image:pull&service=registry.docker.io" | - jq -r '.token' -} - -_get_digest() { - local image=$1 - local tag=$2 - local token=$3 - curl \ - --silent \ - --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ - --header "Authorization: Bearer $token" \ - "https://registry-1.docker.io/v2/$image/manifests/$tag" | - jq -r '.config.digest' -} - -_get_layers() { - local image=$1 - local tag=$2 - local token=$3 - curl \ - --silent \ - --header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ - --header "Authorization: Bearer $token" \ - "https://registry-1.docker.io/v2/$image/manifests/$tag" | - jq -r '.layers[].digest' + skopeo inspect "docker://$image" | jq -r ".Layers | last" } diff --git a/build-latest.sh b/build-latest.sh index 30a0ba6bb..ec4cc246f 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -4,14 +4,6 @@ source ./build-functions/gh-functions.sh echo "▶️ $0 $*" -### -# Check for the jq library needed for parsing JSON -### -if ! command -v jq; then - echo "⚠️ jq command missing from \$PATH!" - exit 1 -fi - CURL_ARGS=( --silent ) diff --git a/build.sh b/build.sh index 3a72aff42..5e633949d 100755 --- a/build.sh +++ b/build.sh @@ -137,6 +137,14 @@ END_OF_HELP fi fi +NEEDED_COMMANDS="curl jq docker skopeo" +for c in $NEEDED_COMMANDS; do + if ! command -v "$c" &>/dev/null; then + echo "⚠️ '$c' is not installed. Can't proceed with build." + exit 1 + fi +done + source ./build-functions/gh-functions.sh IMAGE_NAMES="${IMAGE_NAMES-docker.io/netboxcommunity/netbox}" @@ -215,7 +223,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="ubuntu:22.04" + DOCKER_FROM="docker.io/ubuntu:22.04" fi ### @@ -300,6 +308,7 @@ if [ -n "${TARGET_DOCKER_SHORT_TAG}" ]; then done fi +FINAL_DOCKER_TAG="${IMAGE_NAME_TAGS[0]}" gh_env "FINAL_DOCKER_TAG=${IMAGE_NAME_TAGS[0]}" ### @@ -316,19 +325,13 @@ if [ -z "${GH_ACTION}" ]; then # Asuming non Github builds should always proceed SHOULD_BUILD="true" BUILD_REASON="${BUILD_REASON} interactive" -elif [[ "${IMAGE_NAME_TAGS[0]}" = docker.io* ]]; then +else source ./build-functions/get-public-image-config.sh - IFS=':' read -ra DOCKER_FROM_SPLIT <<<"${DOCKER_FROM}" - if ! [[ ${DOCKER_FROM_SPLIT[0]} =~ .*/.* ]]; then - # Need to use "library/..." for images the have no two part name - DOCKER_FROM_SPLIT[0]="library/${DOCKER_FROM_SPLIT[0]}" - fi - IFS='/' read -ra ORG_REPO <<<"${IMAGE_NAMES[0]}" - echo "Checking labels for '${ORG_REPO[1]}' and '${ORG_REPO[2]}'" - BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM_SPLIT[0]}" "${DOCKER_FROM_SPLIT[1]}") - mapfile -t IMAGES_LAYERS_OLD < <(get_image_layers "${ORG_REPO[1]}"/"${ORG_REPO[2]}" "${TAG}") - NETBOX_GIT_REF_OLD=$(get_image_label netbox.git-ref "${ORG_REPO[1]}"/"${ORG_REPO[2]}" "${TAG}") - GIT_REF_OLD=$(get_image_label org.opencontainers.image.revision "${ORG_REPO[1]}"/"${ORG_REPO[2]}" "${TAG}") + echo "Checking labels for '${FINAL_DOCKER_TAG}'" + BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM}") + mapfile -t IMAGES_LAYERS_OLD < <(get_image_layers "${FINAL_DOCKER_TAG}") + NETBOX_GIT_REF_OLD=$(get_image_label netbox.git-ref "${FINAL_DOCKER_TAG}") + GIT_REF_OLD=$(get_image_label org.opencontainers.image.revision "${FINAL_DOCKER_TAG}") if ! printf '%s\n' "${IMAGES_LAYERS_OLD[@]}" | grep -q -P "^${BASE_LAST_LAYER}\$"; then SHOULD_BUILD="true" @@ -342,9 +345,6 @@ elif [[ "${IMAGE_NAME_TAGS[0]}" = docker.io* ]]; then SHOULD_BUILD="true" BUILD_REASON="${BUILD_REASON} netbox-docker" fi -else - SHOULD_BUILD="true" - BUILD_REASON="${BUILD_REASON} no-check" fi if [ "${SHOULD_BUILD}" != "true" ]; then From cc95a67df0c21cf03b72e0b5b3ced0ebd5fb10b6 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 15 Mar 2023 10:16:50 +0100 Subject: [PATCH 041/318] Fixed Github action badge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index ac44d61db..264577d29 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ [![GitHub release (latest by date)](https://img.shields.io/github/v/release/netbox-community/netbox-docker)][github-release] [![GitHub stars](https://img.shields.io/github/stars/netbox-community/netbox-docker)][github-stargazers] ![GitHub closed pull requests](https://img.shields.io/github/issues-pr-closed-raw/netbox-community/netbox-docker) -![Github release workflow](https://img.shields.io/github/workflow/status/netbox-community/netbox-docker/release) +![Github release workflow](https://img.shields.io/github/actions/workflow/status/netbox-community/netbox-docker/release.yml?branch=release) ![Docker Pulls](https://img.shields.io/docker/pulls/netboxcommunity/netbox) [![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license] From 3e2bf7ec934c6985820572ea1c46d45f1ccf6f55 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 15 Mar 2023 07:45:15 +0100 Subject: [PATCH 042/318] Don't create superuser with default credentials --- README.md | 12 +++++++----- docker-compose.override.yml.example | 11 +++++++++-- docker/docker-entrypoint.sh | 7 +++++++ env/netbox.env | 6 +----- 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index ac44d61db..75d9c32c5 100644 --- a/README.md +++ b/README.md @@ -47,12 +47,14 @@ docker compose up The whole application will be available after a few minutes. Open the URL `http://0.0.0.0:8000/` in a web-browser. You should see the NetBox homepage. -In the top-right corner you can login. -The default credentials are: -* Username: **admin** -* Password: **admin** -* API Token: **0123456789abcdef0123456789abcdef01234567** +To create the first admin user run this command: + +```bash +docker compose exec netbox /opt/netbox/netbox/manage.py createsuperuser +``` + +If you need to restart Netbox from an empty database often, you can also set the `SUPERUSER_*` variables in your `docker-compose.override.yml` as shown in the example. [wiki-getting-started]: https://github.com/netbox-community/netbox-docker/wiki/Getting-Started diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index 48365db3d..bcb6a7150 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -6,11 +6,18 @@ services: # If you want the Nginx unit status page visible from the # outside of the container add the following port mapping: # - "8001:8081" - healthcheck: + # healthcheck: # Time for which the health check can fail after the container is started. # This depends mostly on the performance of your database. On the first start, # when all tables need to be created the start_period should be higher than on # subsequent starts. For the first start after major version upgrades of NetBox # the start_period might also need to be set higher. # Default value in our docker-compose.yml is 60s - start_period: 90s + # start_period: 90s + # environment: + # SKIP_SUPERUSER: "false" + # SUPERUSER_API_TOKEN: "" + # SUPERUSER_EMAIL: "" + # SUPERUSER_NAME: "" + # SUPERUSER_PASSWORD: "" + diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 72d2b3309..c3fb321e8 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -82,6 +82,13 @@ END echo "💡 Superuser Username: ${SUPERUSER_NAME}, E-Mail: ${SUPERUSER_EMAIL}" fi +./manage.py shell --interface python < Date: Wed, 15 Mar 2023 13:01:07 +0100 Subject: [PATCH 043/318] Added check for commands to all scripts --- build-functions/check-commands.sh | 9 +++++++++ build-latest.sh | 4 ++++ build.sh | 9 ++------- 3 files changed, 15 insertions(+), 7 deletions(-) create mode 100644 build-functions/check-commands.sh diff --git a/build-functions/check-commands.sh b/build-functions/check-commands.sh new file mode 100644 index 000000000..e99849040 --- /dev/null +++ b/build-functions/check-commands.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +NEEDED_COMMANDS="curl jq docker skopeo" +for c in $NEEDED_COMMANDS; do + if ! command -v "$c" &>/dev/null; then + echo "⚠️ '$c' is not installed. Can't proceed with build." + exit 1 + fi +done diff --git a/build-latest.sh b/build-latest.sh index ec4cc246f..0cc6c3800 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -1,5 +1,9 @@ #!/bin/bash # Builds the latest released version + +# Check if we have everything needed for the build +source ./build-functions/check-commands.sh + source ./build-functions/gh-functions.sh echo "▶️ $0 $*" diff --git a/build.sh b/build.sh index 5e633949d..6d7916012 100755 --- a/build.sh +++ b/build.sh @@ -137,13 +137,8 @@ END_OF_HELP fi fi -NEEDED_COMMANDS="curl jq docker skopeo" -for c in $NEEDED_COMMANDS; do - if ! command -v "$c" &>/dev/null; then - echo "⚠️ '$c' is not installed. Can't proceed with build." - exit 1 - fi -done +# Check if we have everything needed for the build +source ./build-functions/check-commands.sh source ./build-functions/gh-functions.sh From ac8cb022ae76db47f6ea7b9743c175bb8c290233 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 15 Mar 2023 14:32:09 +0100 Subject: [PATCH 044/318] Preparation for 2.5.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 197c4d5c2..437459cd9 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4.0 +2.5.0 diff --git a/docker-compose.yml b/docker-compose.yml index a8f3b54e4..a4cc531b4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.4.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.0} depends_on: - postgres - redis From 29e37a31d77f55a2c0c9c29d9b5beca8bcf28cda Mon Sep 17 00:00:00 2001 From: Marc <980978+marchagen@users.noreply.github.com> Date: Wed, 15 Mar 2023 21:53:59 +0100 Subject: [PATCH 045/318] Catch DoesNotExist preventing startup Fixes failing startup because of python error: ``` Traceback (most recent call last): File "/opt/netbox/netbox/./manage.py", line 10, in execute_from_command_line(sys.argv) File "/opt/netbox/venv/lib/python3.10/site-packages/django/core/management/__init__.py", line 446, in execute_from_command_line utility.execute() File "/opt/netbox/venv/lib/python3.10/site-packages/django/core/management/__init__.py", line 440, in execute self.fetch_command(subcommand).run_from_argv(self.argv) File "/opt/netbox/venv/lib/python3.10/site-packages/django/core/management/base.py", line 402, in run_from_argv self.execute(*args, **cmd_options) File "/opt/netbox/venv/lib/python3.10/site-packages/django/core/management/base.py", line 448, in execute output = self.handle(*args, **options) File "/opt/netbox/venv/lib/python3.10/site-packages/django/core/management/commands/shell.py", line 127, in handle exec(sys.stdin.read(), globals()) File "", line 2, in File "/opt/netbox/venv/lib/python3.10/site-packages/django/db/models/manager.py", line 85, in manager_method return getattr(self.get_queryset(), name)(*args, **kwargs) File "/opt/netbox/venv/lib/python3.10/site-packages/django/db/models/query.py", line 650, in get raise self.model.DoesNotExist( users.models.Token.DoesNotExist: Token matching query does not exist. ``` --- docker/docker-entrypoint.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index c3fb321e8..9b39689e4 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -84,9 +84,12 @@ fi ./manage.py shell --interface python < Date: Thu, 16 Mar 2023 07:39:38 +0100 Subject: [PATCH 046/318] Preparation for 2.5.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 437459cd9..73462a5a1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.5.0 +2.5.1 diff --git a/docker-compose.yml b/docker-compose.yml index a4cc531b4..890cae695 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.1} depends_on: - postgres - redis From b131b07af8a67399e966113e1bd2e9ad2568f36e Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 16 Mar 2023 07:50:24 +0100 Subject: [PATCH 047/318] Simplified basse image check --- build-functions/get-public-image-config.sh | 5 ----- build.sh | 5 +++-- 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/build-functions/get-public-image-config.sh b/build-functions/get-public-image-config.sh index 054efd214..70c292c6e 100644 --- a/build-functions/get-public-image-config.sh +++ b/build-functions/get-public-image-config.sh @@ -6,11 +6,6 @@ get_image_label() { skopeo inspect "docker://$image" | jq -r ".Labels[\"$label\"]" } -get_image_layers() { - local image=$1 - skopeo inspect "docker://$image" | jq -r ".Layers" -} - get_image_last_layer() { local image=$1 skopeo inspect "docker://$image" | jq -r ".Layers | last" diff --git a/build.sh b/build.sh index 6d7916012..d1c08e4ae 100755 --- a/build.sh +++ b/build.sh @@ -324,11 +324,11 @@ else source ./build-functions/get-public-image-config.sh echo "Checking labels for '${FINAL_DOCKER_TAG}'" BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM}") - mapfile -t IMAGES_LAYERS_OLD < <(get_image_layers "${FINAL_DOCKER_TAG}") + OLD_BASE_LAST_LAYER=$(get_image_label netbox.last-base-image-layer "${FINAL_DOCKER_TAG}") NETBOX_GIT_REF_OLD=$(get_image_label netbox.git-ref "${FINAL_DOCKER_TAG}") GIT_REF_OLD=$(get_image_label org.opencontainers.image.revision "${FINAL_DOCKER_TAG}") - if ! printf '%s\n' "${IMAGES_LAYERS_OLD[@]}" | grep -q -P "^${BASE_LAST_LAYER}\$"; then + if [ "${BASE_LAST_LAYER}" != "${OLD_BASE_LAST_LAYER}" ]; then SHOULD_BUILD="true" BUILD_REASON="${BUILD_REASON} ubuntu" fi @@ -388,6 +388,7 @@ fi if [ -n "${BUILD_REASON}" ]; then BUILD_REASON=$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' <<<"$BUILD_REASON") DOCKER_BUILD_ARGS+=(--label "netbox.build-reason=${BUILD_REASON}") + DOCKER_BUILD_ARGS+=(--label "netbox.last-base-image-layer=${BASE_LAST_LAYER}") fi # --build-arg From f2d070fc4947aed4d6e72a870904102975a7e34a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 16 Mar 2023 21:44:08 +0100 Subject: [PATCH 048/318] Added more tests (#965) --- docker-compose.test.override.yml | 6 ++++ docker-compose.test.yml | 31 ++++++++++++++++---- test.sh | 49 +++++++++++++++++++++++++++++++- 3 files changed, 80 insertions(+), 6 deletions(-) create mode 100644 docker-compose.test.override.yml diff --git a/docker-compose.test.override.yml b/docker-compose.test.override.yml new file mode 100644 index 000000000..e7a662d70 --- /dev/null +++ b/docker-compose.test.override.yml @@ -0,0 +1,6 @@ +version: '3.4' +services: + netbox: + ports: + - "127.0.0.1:8000:8080" + diff --git a/docker-compose.test.yml b/docker-compose.test.yml index b8444f07b..d0863ac22 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -1,6 +1,6 @@ version: '3.4' services: - netbox: + netbox: &netbox image: ${IMAGE-netboxcommunity/netbox:latest} depends_on: postgres: @@ -12,11 +12,32 @@ services: env_file: env/netbox.env user: 'unit:root' volumes: - - ./configuration:/etc/netbox/config:z,ro - ./test-configuration/logging.py:/etc/netbox/config/logging.py:z,ro - - ./reports:/etc/netbox/reports:z,ro - - ./scripts:/etc/netbox/scripts:z,ro - - netbox-media-files:/opt/netbox/netbox/media:z + healthcheck: + start_period: 120s + timeout: 3s + interval: 15s + test: "curl -f http://localhost:8080/api/ || exit 1" + netbox-worker: + <<: *netbox + command: + - /opt/netbox/venv/bin/python + - /opt/netbox/netbox/manage.py + - rqworker + healthcheck: + start_period: 40s + timeout: 3s + interval: 15s + test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" + netbox-housekeeping: + <<: *netbox + command: + - /opt/netbox/housekeeping.sh + healthcheck: + start_period: 40s + timeout: 3s + interval: 15s + test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" postgres: image: postgres:15-alpine env_file: env/postgres.env diff --git a/test.sh b/test.sh index 31b4d87a6..62ed3cb44 100755 --- a/test.sh +++ b/test.sh @@ -14,6 +14,8 @@ # exit when a command exits with an exit code != 0 set -e +source ./build-functions/gh-functions.sh + # IMAGE is used by `docker-compose.yml` do determine the tag # of the Docker Image that is to be used if [ "${1}x" != "x" ]; then @@ -35,29 +37,72 @@ if [ -z "${IMAGE}" ]; then fi # The docker compose command to use -doco="docker compose --file docker-compose.test.yml --project-name netbox_docker_test" +doco="docker compose --file docker-compose.test.yml --file docker-compose.test.override.yml --project-name netbox_docker_test" test_setup() { + gh_echo "::group:: Test setup" echo "🏗 Setup up test environment" $doco up --detach --quiet-pull --wait --force-recreate --renew-anon-volumes --no-start $doco start postgres $doco start redis $doco start redis-cache + gh_echo "::endgroup::" } test_netbox_unit_tests() { + gh_echo "::group:: Netbox unit tests" echo "⏱ Running NetBox Unit Tests" $doco run --rm netbox /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py test + gh_echo "::endgroup::" } test_compose_db_setup() { + gh_echo "::group:: Netbox DB migrations" echo "⏱ Running NetBox DB migrations" $doco run --rm netbox /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py migrate + gh_echo "::endgroup::" +} + +test_netbox_start() { + gh_echo "::group:: Start Netbox service" + echo "⏱ Starting NetBox services" + $doco up --detach --wait + gh_echo "::endgroup::" +} + +test_netbox_web() { + gh_echo "::group:: Web service test" + echo "⏱ Starting web service test" + RESP_CODE=$( + curl \ + --silent \ + --output /dev/null \ + --write-out '%{http_code}' \ + --request GET \ + --connect-timeout 5 \ + --max-time 10 \ + --retry 5 \ + --retry-delay 0 \ + --retry-max-time 40 \ + http://127.0.0.1:8000/ + ) + if [ "$RESP_CODE" == "200" ]; then + echo "Webservice running" + else + echo "⚠️ Got response code '$RESP_CODE' but expected '200'" + exit 1 + fi + gh_echo "::endgroup::" } test_cleanup() { echo "💣 Cleaning Up" + gh_echo "::group:: Docker compose logs" + $doco logs --no-color + gh_echo "::endgroup::" + gh_echo "::group:: Docker compose down" $doco down --volumes + gh_echo "::endgroup::" } echo "🐳🐳🐳 Start testing '${IMAGE}'" @@ -68,5 +113,7 @@ test_setup test_netbox_unit_tests test_compose_db_setup +test_netbox_start +test_netbox_web echo "🐳🐳🐳 Done testing '${IMAGE}'" From 2ba441124ecd8743eea3de65ef89cd1d38958e79 Mon Sep 17 00:00:00 2001 From: Ryan Merolle Date: Mon, 20 Mar 2023 08:21:17 -0400 Subject: [PATCH 049/318] Update docker-compose.yml --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 890cae695..148bf4bb8 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -63,7 +63,7 @@ services: volumes: - netbox-redis-data:/data redis-cache: - image: redis:7-alpine + image: docker.io/redis:7-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From 47a7eee16a48c365dae9b6ed77cb0b95472d072d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 28 Mar 2023 10:20:51 +0000 Subject: [PATCH 050/318] Update dependency django-auth-ldap to v4.2.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f1ccb53df..e0b24c73f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.1.0 +django-auth-ldap==4.2.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.5 From efd6e6a3c2584cab8e7c8c840e7be34f59fe123b Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 29 Mar 2023 08:58:49 +0200 Subject: [PATCH 051/318] Use same version as Netbox for social-auth-core --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f1ccb53df..945d3b958 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.5 python3-saml==1.15.0 -social-auth-core[all]==4.3.0 +social-auth-core[all]==4.4.0 From 17f1bb0af0f202a625ef561b429228d2087f8036 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 29 Mar 2023 10:31:52 +0200 Subject: [PATCH 052/318] Preparation for 2.5.2 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 73462a5a1..f225a78ad 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.5.1 +2.5.2 diff --git a/docker-compose.yml b/docker-compose.yml index 148bf4bb8..d8537266a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.2} depends_on: - postgres - redis From 41fd4e5d673d85906877d7cfe7ab5253ca870adb Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 29 Mar 2023 12:40:32 +0200 Subject: [PATCH 053/318] Further improved test configuration --- docker-compose.test.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index d0863ac22..6854e00e9 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -6,9 +6,9 @@ services: postgres: condition: service_healthy redis: - condition: service_started + condition: service_healthy redis-cache: - condition: service_started + condition: service_healthy env_file: env/netbox.env user: 'unit:root' volumes: @@ -42,23 +42,24 @@ services: image: postgres:15-alpine env_file: env/postgres.env healthcheck: - test: ["CMD-SHELL", "pg_isready"] + test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose interval: 10s timeout: 5s retries: 5 - redis: + redis: &redis image: redis:7-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env + healthcheck: + start_period: 20s + timeout: 3s + interval: 15s + test: "timeout 2 redis-cli ping" redis-cache: - image: redis:7-alpine - command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + <<: *redis env_file: env/redis-cache.env volumes: netbox-media-files: From 87a9808bc2351b1d3980a3b6a9964594a9394c95 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Apr 2023 11:39:03 +0000 Subject: [PATCH 054/318] Update dependency psycopg2 to v2.9.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index a5e163991..2701f23be 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.2.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 -psycopg2==2.9.5 +psycopg2==2.9.6 python3-saml==1.15.0 social-auth-core[all]==4.4.0 From 5d5b01f6b5b425211de84ddeb609adb058289b0f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 6 Apr 2023 09:52:28 +0200 Subject: [PATCH 055/318] Fixed version conflicts for social-auth-core --- Dockerfile | 9 +++++++-- requirements-container.txt | 1 - 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 56ba2d314..0e6e32c15 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,7 +14,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ libsasl2-dev \ libssl-dev \ libxml2-dev \ - libxml2-dev \ libxmlsec1 \ libxmlsec1-dev \ libxmlsec1-openssl \ @@ -31,7 +30,11 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / -RUN sed -i -e '/psycopg2-binary/d' requirements.txt && \ +RUN sed -i -e '/psycopg2-binary/d' /requirements.txt && \ + # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt + # we have potential version conflicts and the build will fail. + # That's why we just replace it in the original requirements.txt. + sed -i -e 's/social-auth-core\[openidconnect\]/social-auth-core\[all\]/g' /requirements.txt && \ /opt/netbox/venv/bin/pip install \ -r /requirements.txt \ -r /requirements-container.txt @@ -74,6 +77,8 @@ COPY --from=builder /opt/netbox/venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH} /opt/netbox +# Copy the modified 'requirements*.txt' files, to have the files actually used to install +COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py diff --git a/requirements-container.txt b/requirements-container.txt index 2701f23be..2fd446a12 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,3 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.6 python3-saml==1.15.0 -social-auth-core[all]==4.4.0 From 5a29364bca994e620d777ef7dd90c548b3f91bdd Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 6 Apr 2023 11:08:34 +0200 Subject: [PATCH 056/318] Fixed wording MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Christian Mäder --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0e6e32c15..60589c9d3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -77,7 +77,7 @@ COPY --from=builder /opt/netbox/venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH} /opt/netbox -# Copy the modified 'requirements*.txt' files, to have the files actually used to install +# Copy the modified 'requirements*.txt' files, to have the files actually used during installation COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py From e44f0398fb62d67b482cf83f03d6e7847647812d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 6 Apr 2023 12:05:02 +0200 Subject: [PATCH 057/318] Try to get test on ARM64 to pass --- .github/workflows/push.yml | 5 +++++ docker-compose.test.yml | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 2bf855b1b..47b3112a4 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -75,6 +75,11 @@ jobs: env: BUILDX_PLATFORM: ${{ matrix.platform }} BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} + - id: arm-time-limit + name: Set Netbox container start_period higher on ARM64 + if: matrix.platform == 'linux/arm64' + run: | + echo "NETBOX_START_PERIOD=240s" >>"${GITHUB_ENV}" - id: docker-test name: Test the image run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 6854e00e9..680c16c5f 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -14,7 +14,7 @@ services: volumes: - ./test-configuration/logging.py:/etc/netbox/config/logging.py:z,ro healthcheck: - start_period: 120s + start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s interval: 15s test: "curl -f http://localhost:8080/api/ || exit 1" From 23a262d72f5a33c0ef17baf878868543b0b03d98 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 14 Apr 2023 19:16:09 +0000 Subject: [PATCH 058/318] Update github/super-linter action to v5 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 47b3112a4..e7766db7e 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -23,7 +23,7 @@ jobs: with: python-version: '3.9' - name: Lint Code Base - uses: github/super-linter@v4 + uses: github/super-linter@v5 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From c698496e3688ee671bc6731dcf20e2b8721539fe Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 15 Apr 2023 01:16:40 +0200 Subject: [PATCH 059/318] Preparation for 2.5.3 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index f225a78ad..aedc15bb0 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.5.2 +2.5.3 diff --git a/docker-compose.yml b/docker-compose.yml index d8537266a..c1038ca6a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.2} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.3} depends_on: - postgres - redis From ddcc8b5131d59b644a700bde24c4985900df7930 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 26 Apr 2023 23:27:32 +0000 Subject: [PATCH 060/318] Update dependency django-auth-ldap to v4.3.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2fd446a12..fc139d8da 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.2.0 +django-auth-ldap==4.3.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 napalm==4.0.0 psycopg2==2.9.6 From cb524c32ed7fac98e8d2e19cb152fd41b236322e Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 8 Apr 2023 08:07:07 +0200 Subject: [PATCH 061/318] Preparation for Netbox 3.5 - Reports and Scripts have changed in Netbox 3.5. They need to be uploaded now. The Docker compose now creates a volume as it does for the media files - Napalm has been removed from Netbox 3.5 All configuration entries for Napalm were removed and napalm itself is removed from the requirements file - Removed Gunicorn from the image Nginx Unit has been used for a while now. No need to install Gunicorn --- .dockerignore | 12 ++++----- Dockerfile | 10 +++++--- README.md | 2 +- configuration/configuration.py | 22 ---------------- configuration/extra.py | 6 ----- docker-compose.yml | 12 ++++++--- reports/devices.py.example | 46 ---------------------------------- requirements-container.txt | 1 - scripts/__init__.py | 0 9 files changed, 22 insertions(+), 89 deletions(-) delete mode 100644 reports/devices.py.example delete mode 100644 scripts/__init__.py diff --git a/.dockerignore b/.dockerignore index 00fd8b8f2..0a0ae310d 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,10 +1,10 @@ -.git -.github -.travis.yml +.git* *.md -env build* -docker-compose.override.yml +docker-compose* +env +test-configuration .netbox/.git* -.netbox/.travis.yml +.netbox/contrib .netbox/scripts +.netbox/upgrade.sh diff --git a/Dockerfile b/Dockerfile index 60589c9d3..7c42911e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,7 +30,11 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / -RUN sed -i -e '/psycopg2-binary/d' /requirements.txt && \ +RUN \ + # We compile 'psycopg2' in the build process + sed -i -e '/psycopg2-binary/d' /requirements.txt && \ + # Gunicorn is not needed because we use Nginx Unit + sed -i -e '/gunicorn/d' /requirements.txt && \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. @@ -93,8 +97,8 @@ WORKDIR /opt/netbox/netbox # Must set permissions for '/opt/netbox/netbox/media' directory # to g+w so that pictures can be uploaded to netbox. RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ - && chown -R unit:root media /opt/unit/ \ - && chmod -R g+w media /opt/unit/ \ + && chown -R unit:root /opt/unit/ media reports scripts \ + && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input diff --git a/README.md b/README.md index 3613cb96d..e472945b6 100644 --- a/README.md +++ b/README.md @@ -99,7 +99,7 @@ For each of the above tag, there is an extra tag: ## Documentation Please refer [to our wiki on GitHub][netbox-docker-wiki] for further information on how to use the NetBox Docker image properly. -The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring NAPALM and LDAP. +The wiki covers advanced topics such as using files for secrets, configuring TLS, deployment to Kubernetes, monitoring and configuring LDAP. Our wiki is a community effort. Feel free to correct errors, update outdated information or provide additional guides and insights. diff --git a/configuration/configuration.py b/configuration/configuration.py index 18bfd0147..9dcd1821b 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -239,20 +239,6 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics' METRICS_ENABLED = _environ_get_and_map('METRICS_ENABLED', 'False', _AS_BOOL) -# Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM. -if 'NAPALM_USERNAME' in environ: - NAPALM_USERNAME = environ.get('NAPALM_USERNAME', None) -if 'NAPALM_PASSWORD' in environ: - NAPALM_PASSWORD = _read_secret('napalm_password', environ.get('NAPALM_PASSWORD', None)) - -# NAPALM timeout (in seconds). (Default: 30) -if 'NAPALM_TIMEOUT' in environ: - NAPALM_TIMEOUT = _environ_get_and_map('NAPALM_TIMEOUT', None, _AS_INT) - -# # NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must -# # be provided as a dictionary. -# NAPALM_ARGS = None - # Determine how many objects to display per page within a list. (Default: 50) if 'PAGINATE_COUNT' in environ: PAGINATE_COUNT = _environ_get_and_map('PAGINATE_COUNT', None, _AS_INT) @@ -301,17 +287,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: RELEASE_CHECK_URL = environ.get('RELEASE_CHECK_URL', None) # RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases' -# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of -# this setting is derived from the installed location. -REPORTS_ROOT = environ.get('REPORTS_ROOT', '/etc/netbox/reports') - # Maximum execution time for background tasks, in seconds. RQ_DEFAULT_TIMEOUT = _environ_get_and_map('RQ_DEFAULT_TIMEOUT', 300, _AS_INT) -# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of -# this setting is derived from the installed location. -SCRIPTS_ROOT = environ.get('SCRIPTS_ROOT', '/etc/netbox/scripts') - # The name to use for the csrf token cookie. CSRF_COOKIE_NAME = environ.get('CSRF_COOKIE_NAME', 'csrftoken') diff --git a/configuration/extra.py b/configuration/extra.py index 46f1877ed..8bd133716 100644 --- a/configuration/extra.py +++ b/configuration/extra.py @@ -15,12 +15,6 @@ # 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp', # ) - -## NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must -## be provided as a dictionary. -# NAPALM_ARGS = {} - - ## Enable installed plugins. Add the name of each plugin to the list. # from netbox.configuration.configuration import PLUGINS # PLUGINS.append('my_plugin') diff --git a/docker-compose.yml b/docker-compose.yml index c1038ca6a..d2a4b4224 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,9 +15,9 @@ services: test: "curl -f http://localhost:8080/api/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - - ./reports:/etc/netbox/reports:z,ro - - ./scripts:/etc/netbox/scripts:z,ro - - netbox-media-files:/opt/netbox/netbox/media:z + - netbox-media-files:/opt/netbox/netbox/media:z,rw + - netbox-reports-files:/opt/netbox/netbox/reports:z,rw + - netbox-scripts-files:/opt/netbox/netbox/scripts:z,rw netbox-worker: <<: *netbox depends_on: @@ -77,7 +77,11 @@ volumes: driver: local netbox-postgres-data: driver: local + netbox-redis-cache-data: + driver: local netbox-redis-data: driver: local - netbox-redis-cache-data: + netbox-reports-files: + driver: local + netbox-scripts-files: driver: local diff --git a/reports/devices.py.example b/reports/devices.py.example deleted file mode 100644 index 670eeb616..000000000 --- a/reports/devices.py.example +++ /dev/null @@ -1,46 +0,0 @@ -from dcim.choices import DeviceStatusChoices -from dcim.models import ConsolePort, Device, PowerPort -from extras.reports import Report - - -class DeviceConnectionsReport(Report): - description = "Validate the minimum physical connections for each device" - - def test_console_connection(self): - - # Check that every console port for every active device has a connection defined. - active = DeviceStatusChoices.STATUS_ACTIVE - for console_port in ConsolePort.objects.prefetch_related('device').filter(device__status=active): - if console_port.connected_endpoint is None: - self.log_failure( - console_port.device, - "No console connection defined for {}".format(console_port.name) - ) - elif not console_port.connection_status: - self.log_warning( - console_port.device, - "Console connection for {} marked as planned".format(console_port.name) - ) - else: - self.log_success(console_port.device) - - def test_power_connections(self): - - # Check that every active device has at least two connected power supplies. - for device in Device.objects.filter(status=DeviceStatusChoices.STATUS_ACTIVE): - connected_ports = 0 - for power_port in PowerPort.objects.filter(device=device): - if power_port.connected_endpoint is not None: - connected_ports += 1 - if not power_port.connection_status: - self.log_warning( - device, - "Power connection for {} marked as planned".format(power_port.name) - ) - if connected_ports < 2: - self.log_failure( - device, - "{} connected power supplies found (2 needed)".format(connected_ports) - ) - else: - self.log_success(device) diff --git a/requirements-container.txt b/requirements-container.txt index fc139d8da..e00569fd6 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,4 @@ django-auth-ldap==4.3.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 -napalm==4.0.0 psycopg2==2.9.6 python3-saml==1.15.0 diff --git a/scripts/__init__.py b/scripts/__init__.py deleted file mode 100644 index e69de29bb..000000000 From 155e90c99fc3743dab2ae9d9a5f105b66ca946fa Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 18 Apr 2023 14:15:27 +0200 Subject: [PATCH 062/318] Removed BASE_PATH from configuration Setting the BASE_PATH is a more involved process than just setting this variable. To prevent surprises the option to set this via ENV variable was removed. --- configuration/configuration.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 9dcd1821b..518573583 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -136,10 +136,6 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: if 'BANNER_LOGIN' in environ: BANNER_LOGIN = environ.get('BANNER_LOGIN', None) -# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: -# BASE_PATH = 'netbox/' -BASE_PATH = environ.get('BASE_PATH', '') - # Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90) if 'CHANGELOG_RETENTION' in environ: CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) From 858611ad675385a304b878bd4baa04b52e3c4ece Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 19 Apr 2023 10:14:44 +0200 Subject: [PATCH 063/318] Check if the new image tag exists --- build-functions/get-public-image-config.sh | 6 ++++++ build.sh | 10 +++++++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/build-functions/get-public-image-config.sh b/build-functions/get-public-image-config.sh index 70c292c6e..0a19c3fc9 100644 --- a/build-functions/get-public-image-config.sh +++ b/build-functions/get-public-image-config.sh @@ -1,5 +1,11 @@ #!/bin/bash +check_if_tags_exists() { + local image=$1 + local tag=$2 + skopeo list-tags "docker://$image" | jq -r ".Tags | contains([\"$tag\"])" +} + get_image_label() { local label=$1 local image=$2 diff --git a/build.sh b/build.sh index d1c08e4ae..5bbaf4d95 100755 --- a/build.sh +++ b/build.sh @@ -139,7 +139,8 @@ fi # Check if we have everything needed for the build source ./build-functions/check-commands.sh - +# Load all build functions +source ./build-functions/get-public-image-config.sh source ./build-functions/gh-functions.sh IMAGE_NAMES="${IMAGE_NAMES-docker.io/netboxcommunity/netbox}" @@ -309,19 +310,22 @@ gh_env "FINAL_DOCKER_TAG=${IMAGE_NAME_TAGS[0]}" ### # Checking if the build is necessary, # meaning build only if one of those values changed: +# - a new tag is beeing created # - base image digest # - netbox git ref (Label: netbox.git-ref) # - netbox-docker git ref (Label: org.opencontainers.image.revision) ### -# Load information from registry (only for docker.io) +# Load information from registry (only for first registry in "IMAGE_NAMES") SHOULD_BUILD="false" BUILD_REASON="" if [ -z "${GH_ACTION}" ]; then # Asuming non Github builds should always proceed SHOULD_BUILD="true" BUILD_REASON="${BUILD_REASON} interactive" +elif [ "false" == "$(check_if_tags_exists "${IMAGE_NAMES[0]}" "$TARGET_DOCKER_TAG")" ]; then + SHOULD_BUILD="true" + BUILD_REASON="${BUILD_REASON} newtag" else - source ./build-functions/get-public-image-config.sh echo "Checking labels for '${FINAL_DOCKER_TAG}'" BASE_LAST_LAYER=$(get_image_last_layer "${DOCKER_FROM}") OLD_BASE_LAST_LAYER=$(get_image_label netbox.last-base-image-layer "${FINAL_DOCKER_TAG}") From 7532508aab5b7abcc06ab6a7b220ec1638a8d661 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 27 Apr 2023 16:47:25 +0200 Subject: [PATCH 064/318] Ensure minimum length for the SECRET_KEY is met --- Dockerfile | 4 ++-- env/netbox.env | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7c42911e5..11fa4ac20 100644 --- a/Dockerfile +++ b/Dockerfile @@ -99,9 +99,9 @@ WORKDIR /opt/netbox/netbox RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ && chown -R unit:root /opt/unit/ media reports scripts \ && chmod -R g+w /opt/unit/ media reports scripts \ - && cd /opt/netbox/ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python -m mkdocs build \ + && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input + && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH ENTRYPOINT [ "/usr/bin/tini", "--" ] diff --git a/env/netbox.env b/env/netbox.env index 2691a04bb..9e490d019 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -29,6 +29,6 @@ REDIS_INSECURE_SKIP_TLS_VERIFY=false REDIS_PASSWORD=H733Kdjndks81 REDIS_SSL=false RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases -SECRET_KEY=r8OwDznj!!dci#P9ghmRfdu1Ysxm0AiPeDCQhKE+N_rClfWNj +SECRET_KEY=r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X SKIP_SUPERUSER=true WEBHOOKS_ENABLED=true From 3978b14c7fecad9f72dd904d3974f6380b376ce7 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 27 Apr 2023 23:45:39 +0200 Subject: [PATCH 065/318] Preparation for 2.6.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index aedc15bb0..e70b4523a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.5.3 +2.6.0 diff --git a/docker-compose.yml b/docker-compose.yml index d2a4b4224..593215227 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.5.3} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.6.0} depends_on: - postgres - redis From c085287e64de0e8d8eec9f3dadf672933aae145d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 28 Apr 2023 13:13:06 +0200 Subject: [PATCH 066/318] Prepare 2.6.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index e70b4523a..6a6a3d8e3 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.6.0 +2.6.1 diff --git a/docker-compose.yml b/docker-compose.yml index 593215227..049268c93 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.4-2.6.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.5-2.6.1} depends_on: - postgres - redis From 5408cf5af0a7be8c05596e64655cab6374f81dfd Mon Sep 17 00:00:00 2001 From: Marc Leuser Date: Sun, 7 May 2023 21:23:10 +0200 Subject: [PATCH 067/318] rename JOBRESULT_RETENTION to JOB_RETENTION --- configuration/configuration.py | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 518573583..3e50aaf5c 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -141,8 +141,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: CHANGELOG_RETENTION = _environ_get_and_map('CHANGELOG_RETENTION', None, _AS_INT) # Maximum number of days to retain job results (scripts and reports). Set to 0 to retain job results in the database indefinitely. (Default: 90) -if 'JOBRESULT_RETENTION' in environ: - JOBRESULT_RETENTION = _environ_get_and_map('JOBRESULT_RETENTION', None, _AS_INT) +if 'JOB_RETENTION' in environ: + JOB_RETENTION = _environ_get_and_map('JOB_RETENTION', None, _AS_INT) +# JOBRESULT_RETENTION was renamed to JOB_RETENTION in the v3.5.0 release of NetBox. For backwards compatibility, map JOBRESULT_RETENTION to JOB_RETENTION +else if 'JOBRESULT_RETENTION' in environ: + JOB_RETENTION = _environ_get_and_map('JOBRESULT_RETENTION', None, _AS_INT) # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be # allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or From 055538cc21b782d767af144f2919dff0b9f4aab0 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 8 May 2023 17:44:09 +0200 Subject: [PATCH 068/318] Fixed type in else --- configuration/configuration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 3e50aaf5c..18c55dde6 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -144,7 +144,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: if 'JOB_RETENTION' in environ: JOB_RETENTION = _environ_get_and_map('JOB_RETENTION', None, _AS_INT) # JOBRESULT_RETENTION was renamed to JOB_RETENTION in the v3.5.0 release of NetBox. For backwards compatibility, map JOBRESULT_RETENTION to JOB_RETENTION -else if 'JOBRESULT_RETENTION' in environ: +elif 'JOBRESULT_RETENTION' in environ: JOB_RETENTION = _environ_get_and_map('JOBRESULT_RETENTION', None, _AS_INT) # API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be From 23d5865e3d512606cf11db74110818464de3d060 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 11 May 2023 08:09:56 +0200 Subject: [PATCH 069/318] Update Ubuntu und Nginx Unit --- .gitignore | 3 +-- Dockerfile | 10 +++++----- build.sh | 4 ++-- docker/launch-netbox.sh | 4 ++-- 4 files changed, 10 insertions(+), 11 deletions(-) diff --git a/.gitignore b/.gitignore index 9a5e13a4b..2fb516639 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ *.sql.gz .netbox -.initializers +.python-version docker-compose.override.yml *.pem configuration/* @@ -11,5 +11,4 @@ configuration/ldap/* !configuration/ldap/ldap_config.py !configuration/logging.py !configuration/plugins.py -prometheus.yml super-linter.log diff --git a/Dockerfile b/Dockerfile index 11fa4ac20..bd00e9032 100644 --- a/Dockerfile +++ b/Dockerfile @@ -66,15 +66,15 @@ RUN export DEBIAN_FRONTEND=noninteractive \ python3 \ python3-distutils \ tini \ - && curl -sL https://nginx.org/keys/nginx_signing.key \ - > /etc/apt/trusted.gpg.d/nginx.asc && \ - echo "deb https://packages.nginx.org/unit/ubuntu/ jammy unit" \ + && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ + https://unit.nginx.org/keys/nginx-keyring.gpg \ + && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ lunar unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.29.1-1~jammy \ - unit-python3.10=1.29.1-1~jammy \ + unit=1.30.0-1~lunar \ + unit-python3.11=1.30.0-1~lunar \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/build.sh b/build.sh index 5bbaf4d95..fd340299f 100755 --- a/build.sh +++ b/build.sh @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use. ${_GREEN}Default:${_CLEAR} Dockerfile DOCKER_FROM The base image to use. - ${_GREEN}Default:${_CLEAR} 'ubuntu:22.04' + ${_GREEN}Default:${_CLEAR} 'ubuntu:23.04' BUILDX_PLATFORMS Specifies the platform(s) to build the image for. @@ -219,7 +219,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="docker.io/ubuntu:22.04" + DOCKER_FROM="docker.io/ubuntu:23.04" fi ### diff --git a/docker/launch-netbox.sh b/docker/launch-netbox.sh index 510c5c854..6cc63ba01 100755 --- a/docker/launch-netbox.sh +++ b/docker/launch-netbox.sh @@ -51,7 +51,7 @@ exec unitd \ --control unix:$UNIT_SOCKET \ --pid /opt/unit/unit.pid \ --log /dev/stdout \ - --state /opt/unit/state/ \ - --tmp /opt/unit/tmp/ \ + --statedir /opt/unit/state/ \ + --tmpdir /opt/unit/tmp/ \ --user unit \ --group root From 8208dedb190fd7ef216a672d2ab790765840361c Mon Sep 17 00:00:00 2001 From: Florian Schroen Date: Thu, 15 Jun 2023 12:11:46 +0200 Subject: [PATCH 070/318] docker-compose.yml: fix volume mount options `z` is valid only for bindmounts When using with volumes a warning for each volume appears: netbox$ docker compose up [+] Building 0.0s (0/0) WARN[0000] mount of type `volume` should not define `bind` option WARN[0000] mount of type `volume` should not define `bind` option WARN[0000] mount of type `volume` should not define `bind` option This may appear only when using a docker-compose.override.yml --- docker-compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 049268c93..a0076b745 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,9 +15,9 @@ services: test: "curl -f http://localhost:8080/api/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - - netbox-media-files:/opt/netbox/netbox/media:z,rw - - netbox-reports-files:/opt/netbox/netbox/reports:z,rw - - netbox-scripts-files:/opt/netbox/netbox/scripts:z,rw + - netbox-media-files:/opt/netbox/netbox/media:rw + - netbox-reports-files:/opt/netbox/netbox/reports:rw + - netbox-scripts-files:/opt/netbox/netbox/scripts:rw netbox-worker: <<: *netbox depends_on: From d69dacef09881959b666bd26e01967949dd56b05 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 22 Jul 2023 19:52:18 +0000 Subject: [PATCH 071/318] Update dependency django-auth-ldap to v4.4.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index e00569fd6..b7d38583d 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.3.0 +django-auth-ldap==4.4.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 psycopg2==2.9.6 python3-saml==1.15.0 From c99172661ce384174685ad7fd2b7e45661b24a97 Mon Sep 17 00:00:00 2001 From: toriningen Date: Thu, 3 Aug 2023 05:19:59 +0000 Subject: [PATCH 072/318] netbox.env: fixed unwanted string interpolation --- env/netbox.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/env/netbox.env b/env/netbox.env index 9e490d019..ca2254917 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -29,6 +29,6 @@ REDIS_INSECURE_SKIP_TLS_VERIFY=false REDIS_PASSWORD=H733Kdjndks81 REDIS_SSL=false RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases -SECRET_KEY=r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X +SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X' SKIP_SUPERUSER=true WEBHOOKS_ENABLED=true From ec603633ea9171edaea6bd24c23e8c1b0d9e4d43 Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Fri, 4 Aug 2023 23:49:44 +0200 Subject: [PATCH 073/318] Set REMOTE_AUTH_AUTO_CREATE_USER default to False --- configuration/configuration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 18c55dde6..72fabd50e 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -277,7 +277,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) REMOTE_AUTH_BACKEND = environ.get('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend') REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') -REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'True', _AS_BOOL) +REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL) REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST) # REMOTE_AUTH_DEFAULT_PERMISSIONS = {} From 75690ac7dd8242f879b9b9754898775d38634099 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Aug 2023 18:58:31 +0000 Subject: [PATCH 074/318] Update dependency django-auth-ldap to v4.5.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index b7d38583d..20faff097 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.4.0 +django-auth-ldap==4.5.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 psycopg2==2.9.6 python3-saml==1.15.0 From 12af4233bd72c13748ff39b5aa152674e3b9f8bc Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Fri, 25 Aug 2023 11:26:36 +0200 Subject: [PATCH 075/318] Map REMOTE_AUTH_BACKEND env var to list --- configuration/configuration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 72fabd50e..d3bffb4fe 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -275,7 +275,7 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Remote authentication support REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) -REMOTE_AUTH_BACKEND = environ.get('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend') +REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST) REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL) REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST) From 44d0f47fb5d6d612e074199f8e7e77eaa745f1ba Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 7 Jul 2023 08:12:33 +0200 Subject: [PATCH 076/318] Prepare for Netbox 3.6 --- Dockerfile | 4 ++-- VERSION | 2 +- docker-compose.test.yml | 2 +- docker-compose.yml | 2 +- requirements-container.txt | 3 ++- test-configuration/{logging.py => test_config.py} | 2 ++ 6 files changed, 9 insertions(+), 6 deletions(-) rename test-configuration/{logging.py => test_config.py} (72%) diff --git a/Dockerfile b/Dockerfile index bd00e9032..a090c08af 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,8 +31,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / RUN \ - # We compile 'psycopg2' in the build process - sed -i -e '/psycopg2-binary/d' /requirements.txt && \ + # We compile 'psycopg' in the build process + sed -i -e '/psycopg/d' /requirements.txt && \ # Gunicorn is not needed because we use Nginx Unit sed -i -e '/gunicorn/d' /requirements.txt && \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt diff --git a/VERSION b/VERSION index 6a6a3d8e3..24ba9a38d 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.6.1 +2.7.0 diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 680c16c5f..0035f3268 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -12,7 +12,7 @@ services: env_file: env/netbox.env user: 'unit:root' volumes: - - ./test-configuration/logging.py:/etc/netbox/config/logging.py:z,ro + - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s diff --git a/docker-compose.yml b/docker-compose.yml index a0076b745..38cd6582e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.5-2.6.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.6-2.7.0} depends_on: - postgres - redis diff --git a/requirements-container.txt b/requirements-container.txt index 20faff097..8ea63525a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,5 @@ django-auth-ldap==4.5.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 -psycopg2==2.9.6 +dulwich==0.21.5 +psycopg[c,pool]==3.1.10 python3-saml==1.15.0 diff --git a/test-configuration/logging.py b/test-configuration/test_config.py similarity index 72% rename from test-configuration/logging.py rename to test-configuration/test_config.py index ab15e2a87..884defd42 100644 --- a/test-configuration/logging.py +++ b/test-configuration/test_config.py @@ -2,3 +2,5 @@ 'version': 1, 'disable_existing_loggers': True } + +DEFAULT_PERMISSIONS = {} From 69c5580a3ed5a763609e14b1be50c7135ad65b46 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 29 Aug 2023 13:13:57 +0200 Subject: [PATCH 077/318] Fix #1061: Install openssh-client --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index a090c08af..558f76462 100644 --- a/Dockerfile +++ b/Dockerfile @@ -62,6 +62,7 @@ RUN export DEBIAN_FRONTEND=noninteractive \ libldap-common \ libpq5 \ libxmlsec1-openssl \ + openssh-client \ openssl \ python3 \ python3-distutils \ From c798e881b0bfaf29f43d08f101fe5c069f0f8849 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 2 Sep 2023 13:43:45 +0000 Subject: [PATCH 078/318] Update dependency dulwich to v0.21.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 8ea63525a..158a4dd50 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 -dulwich==0.21.5 +dulwich==0.21.6 psycopg[c,pool]==3.1.10 python3-saml==1.15.0 From e45200452660b9f1a5f7941d43af5d5134f5208f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sun, 3 Sep 2023 09:07:26 +0200 Subject: [PATCH 079/318] Update Nginx unit to 1.31 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 558f76462..43cf50848 100644 --- a/Dockerfile +++ b/Dockerfile @@ -74,8 +74,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.30.0-1~lunar \ - unit-python3.11=1.30.0-1~lunar \ + unit=1.31.0-1~lunar \ + unit-python3.11=1.31.0-1~lunar \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv From bc6e4f81b0aac3c64b7e27240bbe41b6d8b56e75 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 5 Sep 2023 01:09:06 +0000 Subject: [PATCH 080/318] Update dependency django-storages to v1.14 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 158a4dd50..33e5f1ce7 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.13.2 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14 dulwich==0.21.6 psycopg[c,pool]==3.1.10 python3-saml==1.15.0 From 364555eef638f3a8fffbcf13b4045aaa3f76e570 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 5 Sep 2023 05:38:37 +0000 Subject: [PATCH 081/318] Update actions/checkout action to v4 --- .github/workflows/push.yml | 4 ++-- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index e7766db7e..c8b790918 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest name: Checks syntax of our code steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: # Full git history is needed to get a proper # list of changed files within `super-linter` @@ -62,7 +62,7 @@ jobs: steps: - id: git-checkout name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - id: qemu-setup name: Set up QEMU uses: docker/setup-qemu-action@v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1dd2c3af1..fc7128b1e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: steps: - id: source-checkout name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - id: set-netbox-docker-version name: Get Version of NetBox Docker run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT" From c473fcc44ae3eb8ce967629ee2b694f324b8eb30 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 09:21:44 +0000 Subject: [PATCH 082/318] Update docker/setup-buildx-action action to v3 --- .github/workflows/push.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index c8b790918..2055e8909 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -68,7 +68,7 @@ jobs: uses: docker/setup-qemu-action@v2 - id: buildx-setup name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - id: docker-build name: Build the image for '${{ matrix.platform }}' with '${{ matrix.build_cmd }}' run: ${{ matrix.build_cmd }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fc7128b1e..5400f4cf5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -40,7 +40,7 @@ jobs: uses: docker/setup-qemu-action@v2 - id: buildx-setup name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - id: docker-build name: Build the image with '${{ matrix.build_cmd }}' run: ${{ matrix.build_cmd }} From 8b8447f5c63ea3968642145104e6d954f7170300 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 15:12:56 +0000 Subject: [PATCH 083/318] Update docker/setup-qemu-action action to v3 --- .github/workflows/push.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 2055e8909..3420f4dee 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -65,7 +65,7 @@ jobs: uses: actions/checkout@v4 - id: qemu-setup name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5400f4cf5..b4f2ee6be 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: shell: bash - id: qemu-setup name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 From e6fedf16fee716e39899bd04131c10c28c0396ad Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 18:03:05 +0000 Subject: [PATCH 084/318] Update docker/login-action action to v3 --- .github/workflows/release.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b4f2ee6be..3021dab5e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -51,7 +51,7 @@ jobs: # docker.io - id: docker-io-login name: Login to docker.io - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: docker.io username: ${{ secrets.dockerhub_username }} @@ -60,7 +60,7 @@ jobs: # quay.io - id: quay-io-login name: Login to Quay.io - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: quay.io username: ${{ secrets.quayio_username }} @@ -69,7 +69,7 @@ jobs: # ghcr.io - id: ghcr-io-login name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} From 0603f1ebe94f7ddc48f6f8414cc0534a7b86f44d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 15 Sep 2023 23:13:09 +0000 Subject: [PATCH 085/318] Update docker.io/postgres Docker tag to v16 --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 38cd6582e..1cbffa66c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -47,7 +47,7 @@ services: # postgres postgres: - image: docker.io/postgres:15-alpine + image: docker.io/postgres:16-alpine env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data From 87159b56be4fad44bc3173e7465327e507729c88 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 23 Sep 2023 12:57:54 +0000 Subject: [PATCH 086/318] Update dependency psycopg to v3.1.11 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 33e5f1ce7..13ad6af4f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14 dulwich==0.21.6 -psycopg[c,pool]==3.1.10 +psycopg[c,pool]==3.1.11 python3-saml==1.15.0 From 714a1325667ecd415ca4261ef669ff4b6198733d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 23 Sep 2023 14:42:28 +0000 Subject: [PATCH 087/318] Update postgres Docker tag to v16 --- docker-compose.test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 0035f3268..8115afc43 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -39,7 +39,7 @@ services: interval: 15s test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" postgres: - image: postgres:15-alpine + image: postgres:16-alpine env_file: env/postgres.env healthcheck: test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose From f1de85d97579c4c0c9f64cc4a399f8fd4e2a3eaf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 27 Sep 2023 00:39:53 +0000 Subject: [PATCH 088/318] Update dependency psycopg to v3.1.12 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 13ad6af4f..4206ccdf5 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14 dulwich==0.21.6 -psycopg[c,pool]==3.1.11 +psycopg[c,pool]==3.1.12 python3-saml==1.15.0 From 1a3ace957a64c5310944fde6c536add273d5ab51 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 29 Sep 2023 15:58:04 +0000 Subject: [PATCH 089/318] Update dependency django-storages to v1.14.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4206ccdf5..d692cb9b7 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.1 dulwich==0.21.6 psycopg[c,pool]==3.1.12 python3-saml==1.15.0 From e8fa63d18b6d9a1bb057c55aa0032ef63c46ebc0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 03:36:20 +0000 Subject: [PATCH 090/318] Update dependency django-storages to v1.14.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d692cb9b7..49daf0b85 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.5.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.1 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.6 psycopg[c,pool]==3.1.12 python3-saml==1.15.0 From 4680e59a07eb9750236dd1f342f0e5c6accb4838 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 06:13:57 +0000 Subject: [PATCH 091/318] Update dependency django-auth-ldap to v4.6.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 49daf0b85..8583cc7d2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.5.0 +django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.6 psycopg[c,pool]==3.1.12 From 51049781b4a3d500a58a30e8b0741cd9f78c420c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 11:06:17 +0000 Subject: [PATCH 092/318] Update dependency python3-saml to v1.16.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 8583cc7d2..1d2fe7eb1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.6 psycopg[c,pool]==3.1.12 -python3-saml==1.15.0 +python3-saml==1.16.0 From 33430fda08381f14c8ba1399dc9e883ffc7d4f59 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 6 Dec 2023 12:35:21 +0000 Subject: [PATCH 093/318] Update actions/setup-python action to v5 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3420f4dee..5a9528a60 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -19,7 +19,7 @@ jobs: # Full git history is needed to get a proper # list of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-python@v4 + - uses: actions/setup-python@v5 with: python-version: '3.9' - name: Lint Code Base From d7866d5f6e18b46bf14971c34bb5eae03abebf27 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:24:47 +0000 Subject: [PATCH 094/318] Update dependency psycopg to v3.1.16 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1d2fe7eb1..7cf43b4e8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.6 -psycopg[c,pool]==3.1.12 +psycopg[c,pool]==3.1.16 python3-saml==1.16.0 From 7e1750d3a3e045b8bf94ffadaae9e6cd773fc20b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 19 Dec 2023 12:50:54 +0000 Subject: [PATCH 095/318] Update dependency dulwich to v0.21.7 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 7cf43b4e8..870eee912 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 -dulwich==0.21.6 +dulwich==0.21.7 psycopg[c,pool]==3.1.16 python3-saml==1.16.0 From dfa1904a82d1bea3074ae30828c0d8236640d2ba Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 1 Jan 2024 10:33:59 +0100 Subject: [PATCH 096/318] Preparation for 2.8.0 --- Dockerfile | 4 ++-- VERSION | 2 +- docker-compose.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 43cf50848..c55c4c92c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -74,8 +74,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.31.0-1~lunar \ - unit-python3.11=1.31.0-1~lunar \ + unit=1.31.1-1~lunar \ + unit-python3.11=1.31.1-1~lunar \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/VERSION b/VERSION index 24ba9a38d..834f26295 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.7.0 +2.8.0 diff --git a/docker-compose.yml b/docker-compose.yml index 1cbffa66c..8b0ea61d2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.6-2.7.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v3.7-2.8.0} depends_on: - postgres - redis From 249e5890965f164fc0cad6e6876c5328b9095e0a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 7 Jan 2024 16:16:19 +0000 Subject: [PATCH 097/318] Update dependency psycopg to v3.1.17 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 870eee912..2085b03eb 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 -psycopg[c,pool]==3.1.16 +psycopg[c,pool]==3.1.17 python3-saml==1.16.0 From 2fbb5dd0b00abf95d46d98011e44a36b35cb5c33 Mon Sep 17 00:00:00 2001 From: kindlich Date: Tue, 16 Jan 2024 10:13:57 +0100 Subject: [PATCH 098/318] Add env var for CENSUS_REPORTING_ENABLED See #999 --- configuration/configuration.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4fe..ed2baf289 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -183,6 +183,13 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: if 'ENFORCE_GLOBAL_UNIQUE' in environ: ENFORCE_GLOBAL_UNIQUE = _environ_get_and_map('ENFORCE_GLOBAL_UNIQUE', None, _AS_BOOL) +# By default, netbox sends census reporting data using a single HTTP request each time a worker starts. +# This data enables the project maintainers to estimate how many NetBox deployments exist and track the adoption of new versions over time. +# The only data reported by this function are the NetBox version, Python version, and a pseudorandom unique identifier. +# To opt out of census reporting, set CENSUS_REPORTING_ENABLED to False. +if 'CENSUS_REPORTING_ENABLED' in environ: + CENSUS_REPORTING_ENABLED = _environ_get_and_map('CENSUS_REPORTING_ENABLED', None, _AS_BOOL) + # Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and # by anonymous users. List models in the form `.`. Add '*' to this list to exempt all models. EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST) From 291ba760f11d184f23d35c862ed9dcfde6058b85 Mon Sep 17 00:00:00 2001 From: NdFeB <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:28:59 +0100 Subject: [PATCH 099/318] Add Redis Sentinel config as environment vars --- configuration/configuration.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4fe..4adc3dacc 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -86,6 +86,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'tasks': { 'HOST': environ.get('REDIS_HOST', 'localhost'), 'PORT': _environ_get_and_map('REDIS_PORT', 6379, _AS_INT), + 'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_SENTINELS', '', _AS_LIST) if uri != ''], + 'SENTINEL_SERVICE': environ.get('REDIS_SENTINEL_SERVICE', 'default'), + 'SENTINEL_TIMEOUT': _environ_get_and_map('REDIS_SENTINEL_TIMEOUT', 10, _AS_INT), 'USERNAME': environ.get('REDIS_USERNAME', ''), 'PASSWORD': _read_secret('redis_password', environ.get('REDIS_PASSWORD', '')), 'DATABASE': _environ_get_and_map('REDIS_DATABASE', 0, _AS_INT), @@ -95,6 +98,8 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: 'caching': { 'HOST': environ.get('REDIS_CACHE_HOST', environ.get('REDIS_HOST', 'localhost')), 'PORT': _environ_get_and_map('REDIS_CACHE_PORT', environ.get('REDIS_PORT', '6379'), _AS_INT), + 'SENTINELS': [tuple(uri.split(':')) for uri in _environ_get_and_map('REDIS_CACHE_SENTINELS', '', _AS_LIST) if uri != ''], + 'SENTINEL_SERVICE': environ.get('REDIS_CACHE_SENTINEL_SERVICE', environ.get('REDIS_SENTINEL_SERVICE', 'default')), 'USERNAME': environ.get('REDIS_CACHE_USERNAME', environ.get('REDIS_USERNAME', '')), 'PASSWORD': _read_secret('redis_cache_password', environ.get('REDIS_CACHE_PASSWORD', environ.get('REDIS_PASSWORD', ''))), 'DATABASE': _environ_get_and_map('REDIS_CACHE_DATABASE', '1', _AS_INT), From 9169fc768435502aebc4bb4d3380d5337b26fb2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hendrik=20Bl=C3=B6=C3=9F?= Date: Tue, 30 Jan 2024 12:14:16 +0100 Subject: [PATCH 100/318] added missing REMOTE_AUTH config options --- configuration/configuration.py | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index d3bffb4fe..470f2714c 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -274,12 +274,23 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: RACK_ELEVATION_DEFAULT_UNIT_WIDTH = _environ_get_and_map('RACK_ELEVATION_DEFAULT_UNIT_WIDTH', None, _AS_INT) # Remote authentication support -REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) -REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST) -REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') +REMOTE_AUTH_AUTO_CREATE_GROUPS = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_GROUPS', 'False', _AS_BOOL) REMOTE_AUTH_AUTO_CREATE_USER = _environ_get_and_map('REMOTE_AUTH_AUTO_CREATE_USER', 'False', _AS_BOOL) +REMOTE_AUTH_BACKEND = _environ_get_and_map('REMOTE_AUTH_BACKEND', 'netbox.authentication.RemoteUserBackend', _AS_LIST) REMOTE_AUTH_DEFAULT_GROUPS = _environ_get_and_map('REMOTE_AUTH_DEFAULT_GROUPS', '', _AS_LIST) -# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} +# REMOTE_AUTH_DEFAULT_PERMISSIONS = {} # dicts can't be configured via environment variables. See extra.py instead. +REMOTE_AUTH_ENABLED = _environ_get_and_map('REMOTE_AUTH_ENABLED', 'False', _AS_BOOL) +REMOTE_AUTH_GROUP_HEADER = _environ_get_and_map('REMOTE_AUTH_GROUP_HEADER', 'HTTP_REMOTE_USER_GROUP') +REMOTE_AUTH_GROUP_SEPARATOR = _environ_get_and_map('REMOTE_AUTH_GROUP_SEPARATOR', '|') +REMOTE_AUTH_GROUP_SYNC_ENABLED = _environ_get_and_map('REMOTE_AUTH_GROUP_SYNC_ENABLED', 'False', _AS_BOOL) +REMOTE_AUTH_HEADER = environ.get('REMOTE_AUTH_HEADER', 'HTTP_REMOTE_USER') +REMOTE_AUTH_USER_EMAIL = environ.get('REMOTE_AUTH_USER_EMAIL', 'HTTP_REMOTE_USER_EMAIL') +REMOTE_AUTH_USER_FIRST_NAME = environ.get('REMOTE_AUTH_USER_FIRST_NAME', 'HTTP_REMOTE_USER_FIRST_NAME') +REMOTE_AUTH_USER_LAST_NAME = environ.get('REMOTE_AUTH_USER_LAST_NAME', 'HTTP_REMOTE_USER_LAST_NAME') +REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUPS', '', _AS_LIST) +REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST) +REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST) +REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST) # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the # version check or use the URL below to check for release in the official NetBox repository. From 064b71348972bbd25697a66f60bbc278b9ae9617 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 4 Feb 2024 21:43:13 +0000 Subject: [PATCH 101/318] Update dependency psycopg to v3.1.18 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2085b03eb..97dbd7b98 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 -psycopg[c,pool]==3.1.17 +psycopg[c,pool]==3.1.18 python3-saml==1.16.0 From f27148634a230ecd5f781e79d9a2bfa44de38460 Mon Sep 17 00:00:00 2001 From: tbotnz Date: Wed, 17 Jan 2024 08:23:34 +1300 Subject: [PATCH 102/318] fix segfault --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 97dbd7b98..4013e7380 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.6.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 -python3-saml==1.16.0 +python3-saml==1.16.0 --no-binary lxml From 607ccd10bfe91bf42e7152e56249fc06e20cef4e Mon Sep 17 00:00:00 2001 From: Florian Knodt Date: Fri, 19 Jan 2024 09:12:56 +0100 Subject: [PATCH 103/318] docker-entrypoint.sh: clarify default token message When a default admin API token is found, a warning is displayed. As it is only called "token", some users might not know what token is referred to. Also the message should give a hint or link to a documentation on how to remove it. --- docker/docker-entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 9b39689e4..14406d3dd 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -87,7 +87,7 @@ from users.models import Token try: old_default_token = Token.objects.get(key="0123456789abcdef0123456789abcdef01234567") if old_default_token: - print("⚠️ Warning: You have the old default admin token in your database. This token is widely known; please remove it.") + print("⚠️ Warning: You have the old default admin API token in your database. This token is widely known; please remove it. Log in as your superuser and check API Tokens in your user menu.") except Token.DoesNotExist: pass END From 99b906c4f1bc39b805064db3940462ad55a31065 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 28 Feb 2024 08:05:22 +0100 Subject: [PATCH 104/318] Update Ubuntu and Nginx Unit --- Dockerfile | 6 +++--- build.sh | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index c55c4c92c..0c694a757 100644 --- a/Dockerfile +++ b/Dockerfile @@ -69,13 +69,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \ tini \ && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ lunar unit" \ + && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.31.1-1~lunar \ - unit-python3.11=1.31.1-1~lunar \ + unit=1.32.0-1~mantic \ + unit-python3.11=1.32.0-1~mantic \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/build.sh b/build.sh index fd340299f..352c1ce30 100755 --- a/build.sh +++ b/build.sh @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use. ${_GREEN}Default:${_CLEAR} Dockerfile DOCKER_FROM The base image to use. - ${_GREEN}Default:${_CLEAR} 'ubuntu:23.04' + ${_GREEN}Default:${_CLEAR} 'ubuntu:23.10' BUILDX_PLATFORMS Specifies the platform(s) to build the image for. @@ -219,7 +219,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="docker.io/ubuntu:23.04" + DOCKER_FROM="docker.io/ubuntu:23.10" fi ### From 24eaba7f9bb675f268179d1fafc492a4e2a63b7f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 2 Mar 2024 11:12:23 +0100 Subject: [PATCH 105/318] Use ARM64 self-hosted runner --- .github/workflows/push.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 5a9528a60..3ce70180a 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -49,35 +49,36 @@ jobs: - PRERELEASE=true ./build-latest.sh - ./build.sh feature - ./build.sh develop - platform: - - linux/amd64 - - linux/arm64 + os: + - ubuntu-latest + - self-hosted fail-fast: false env: GH_ACTION: enable GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} IMAGE_NAMES: docker.io/netboxcommunity/netbox - runs-on: ubuntu-latest + runs-on: ${{ matrix.os }} name: Builds new NetBox Docker Images steps: - id: git-checkout name: Checkout uses: actions/checkout@v4 - - id: qemu-setup - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - id: arm-buildx-platform + name: Set BUILDX_PLATFORM to ARM64 + if: matrix.os == 'self-hosted' + run: | + echo "BUILDX_PLATFORM=linux/arm64" >>"${GITHUB_ENV}" - id: docker-build - name: Build the image for '${{ matrix.platform }}' with '${{ matrix.build_cmd }}' + name: Build the image for '${{ matrix.os }}' with '${{ matrix.build_cmd }}' run: ${{ matrix.build_cmd }} env: - BUILDX_PLATFORM: ${{ matrix.platform }} BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} - id: arm-time-limit name: Set Netbox container start_period higher on ARM64 - if: matrix.platform == 'linux/arm64' + if: matrix.os == 'self-hosted' run: | echo "NETBOX_START_PERIOD=240s" >>"${GITHUB_ENV}" - id: docker-test From 31a4da297ac0c32aacadc745aca28f43a9a62d14 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 Mar 2024 16:12:04 +0000 Subject: [PATCH 106/318] Update dependency django-auth-ldap to v4.7.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4013e7380..0afc316c3 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.6.0 +django-auth-ldap==4.7.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 From d2d79480210fe8144ac3a31073efc814ff998956 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 26 Mar 2024 17:32:05 +0100 Subject: [PATCH 107/318] Avoid duplicate checks for Renovate PRs --- .github/workflows/push.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3ce70180a..713eb7031 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -5,6 +5,7 @@ on: push: branches-ignore: - release + - renovate/** pull_request: branches-ignore: - release From 73ce1f9b7a1ccdd5cb8541b40bb1fdf07215a268 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 23 Feb 2024 08:10:21 +0100 Subject: [PATCH 108/318] Fix #1127: Added sentry-sdk to requirements --- requirements-container.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements-container.txt b/requirements-container.txt index 0afc316c3..d7a4a5974 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,3 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml +sentry-sdk==1.43.0 From 46f628e91b543bfa958adc1b073f04e58b5a68fa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 28 Mar 2024 17:06:50 +0000 Subject: [PATCH 109/318] Update dependency sentry-sdk to v1.44.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d7a4a5974..1b78d9ee3 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.43.0 +sentry-sdk==1.44.0 From 6c01ada88251ed370521e81890da678b35259837 Mon Sep 17 00:00:00 2001 From: Chandan Kumar Date: Mon, 1 Apr 2024 16:57:53 -0400 Subject: [PATCH 110/318] Removed version line from the yaml file as it is obsolete --- README.md | 1 - docker-compose.override.yml.example | 1 - docker-compose.test.override.yml | 1 - docker-compose.test.yml | 1 - docker-compose.yml | 1 - 5 files changed, 5 deletions(-) diff --git a/README.md b/README.md index e472945b6..7b70f819a 100644 --- a/README.md +++ b/README.md @@ -34,7 +34,6 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star git clone -b release https://github.com/netbox-community/netbox-docker.git cd netbox-docker tee docker-compose.override.yml < Date: Wed, 3 Apr 2024 10:47:45 +0000 Subject: [PATCH 111/318] Update dependency sentry-sdk to v1.44.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1b78d9ee3..036d9c808 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.44.0 +sentry-sdk==1.44.1 From 3df807faa019ff323ea461900eae95e94cec73f2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 4 Apr 2024 13:21:43 +0000 Subject: [PATCH 112/318] Update dependency django-auth-ldap to v4.8.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1b78d9ee3..8c4b86f0e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.7.0 +django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 From 2ee4acba21f633318cb6fe474a557218b66f7ac2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Apr 2024 14:59:14 +0000 Subject: [PATCH 113/318] Update dependency sentry-sdk to v1.45.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 27671bfed..3932065a2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.21.7 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.44.1 +sentry-sdk==1.45.0 From e141d9f16de99f2771c360fbb1bb80bbaf13fae4 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 28 Mar 2024 10:39:51 +0100 Subject: [PATCH 114/318] Prepare for Netbox 4.0 --- Dockerfile | 2 -- configuration/configuration.py | 8 -------- docker/docker-entrypoint.sh | 5 ++--- requirements-container.txt | 1 - 4 files changed, 2 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0c694a757..a2ceb9549 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,8 +31,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / RUN \ - # We compile 'psycopg' in the build process - sed -i -e '/psycopg/d' /requirements.txt && \ # Gunicorn is not needed because we use Nginx Unit sed -i -e '/gunicorn/d' /requirements.txt && \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt diff --git a/configuration/configuration.py b/configuration/configuration.py index 856807132..d74a7a9fa 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -320,11 +320,3 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Time zone (default: UTC) TIME_ZONE = environ.get('TIME_ZONE', 'UTC') -# Date/time formatting. See the following link for supported formats: -# https://docs.djangoproject.com/en/stable/ref/templates/builtins/#date -DATE_FORMAT = environ.get('DATE_FORMAT', 'N j, Y') -SHORT_DATE_FORMAT = environ.get('SHORT_DATE_FORMAT', 'Y-m-d') -TIME_FORMAT = environ.get('TIME_FORMAT', 'g:i a') -SHORT_TIME_FORMAT = environ.get('SHORT_TIME_FORMAT', 'H:i:s') -DATETIME_FORMAT = environ.get('DATETIME_FORMAT', 'N j, Y g:i a') -SHORT_DATETIME_FORMAT = environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i') diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 14406d3dd..fa5930d49 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -72,10 +72,9 @@ else fi ./manage.py shell --interface python < Date: Fri, 19 Apr 2024 21:53:06 +0200 Subject: [PATCH 115/318] Cancel workflow runs for in progress PRs --- .github/workflows/push.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 713eb7031..26828fa34 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -10,6 +10,10 @@ on: branches-ignore: - release +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} + cancel-in-progress: true + jobs: lint: runs-on: ubuntu-latest From e024427428be7c128085ba34f05bcc11ffa1116f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 19:13:28 +0000 Subject: [PATCH 116/318] Update dependency dulwich to v0.22.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3932065a2..b8c940fec 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 -dulwich==0.21.7 +dulwich==0.22.0 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml sentry-sdk==1.45.0 From 347b943b759982834b4fa331f95b12e4419613f0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 13:58:41 +0000 Subject: [PATCH 117/318] Update dependency dulwich to v0.22.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index b8c940fec..7e623cec0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 -dulwich==0.22.0 +dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml sentry-sdk==1.45.0 From e1335a1194ff92ce9e628c2e8a35852739d59df3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Tue, 23 Apr 2024 16:40:40 +0200 Subject: [PATCH 118/318] Adds SECURE_* parameters introduced in 3.7.6 See https://github.com/netbox-community/netbox/issues/15644 --- configuration/configuration.py | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 856807132..5efbdc05d 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -312,6 +312,23 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # The name to use for the session cookie. SESSION_COOKIE_NAME = environ.get('SESSION_COOKIE_NAME', 'sessionid') +# If true, the `includeSubDomains` directive will be included in the HTTP Strict Transport Security (HSTS) header. +# This directive instructs the browser to apply the HSTS policy to all subdomains of the current domain. +SECURE_HSTS_INCLUDE_SUBDOMAINS = _environ_get_and_map('SECURE_HSTS_INCLUDE_SUBDOMAINS', 'False', _AS_BOOL) + +# If true, the `preload` directive will be included in the HTTP Strict Transport Security (HSTS) header. +# This directive instructs the browser to preload the site in HTTPS. Browsers that use the HSTS preload list will force the +# site to be accessed via HTTPS even if the user types HTTP in the address bar. +SECURE_HSTS_PRELOAD = _environ_get_and_map('SECURE_HSTS_PRELOAD', 'False', _AS_BOOL) + +# If set to a non-zero integer value, the SecurityMiddleware sets the HTTP Strict Transport Security (HSTS) header on all +# responses that do not already have it. This will instruct the browser that the website must be accessed via HTTPS, +# blocking any HTTP request. +SECURE_HSTS_SECONDS = _environ_get_and_map('SECURE_HSTS_SECONDS', 0, _AS_INT) + +# If true, all non-HTTPS requests will be automatically redirected to use HTTPS. +SECURE_SSL_REDIRECT = _environ_get_and_map('SECURE_SSL_REDIRECT', 'False', _AS_BOOL) + # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only # database access.) Note that the user as which NetBox runs must have read and write permissions to this path. From b7d99c9c69a90aa595c885b846c566fd1780e9d5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 19:44:05 +0000 Subject: [PATCH 119/318] Update github/super-linter action to v6 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 26828fa34..893a650e4 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -28,7 +28,7 @@ jobs: with: python-version: '3.9' - name: Lint Code Base - uses: github/super-linter@v5 + uses: github/super-linter@v6 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 8fb42b321324a5e379bff6ebdfb2caff58fbf149 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Apr 2024 10:16:25 +0000 Subject: [PATCH 120/318] Update dependency sentry-sdk to v2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 7e623cec0..1029f51e8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==1.45.0 +sentry-sdk==2.0.1 From f1787b47753d7d4f5d083dd0f1a26c310d62413d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sun, 28 Apr 2024 09:29:43 +0200 Subject: [PATCH 121/318] Disabled new tests --- .github/workflows/push.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 893a650e4..d7bf3b992 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -35,8 +35,10 @@ jobs: SUPPRESS_POSSUM: true LINTER_RULES_PATH: / VALIDATE_ALL_CODEBASE: false + VALIDATE_CHECKOV: false VALIDATE_DOCKERFILE: false VALIDATE_GITLEAKS: false + VALIDATE_JSCPD: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .ecrc DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml From 40f24105e61eb2b02942613dac49c1d5805f610d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 4 May 2024 23:02:30 +0000 Subject: [PATCH 122/318] Update dependency django-storages to v1.14.3 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1029f51e8..595be8732 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml From 1e78c386a5a3259173aa90b5243a9d5150d4e682 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 6 May 2024 09:56:49 +0200 Subject: [PATCH 123/318] Fixed regex for social-auth-core replacement --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a2ceb9549..2a6de8c41 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ RUN \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. - sed -i -e 's/social-auth-core\[openidconnect\]/social-auth-core\[all\]/g' /requirements.txt && \ + sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \ /opt/netbox/venv/bin/pip install \ -r /requirements.txt \ -r /requirements-container.txt From 6307a58c4ac5db22cbd9360f562082010faa5e8b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 6 May 2024 12:35:54 +0000 Subject: [PATCH 124/318] Update dependency sentry-sdk to v2.1.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1029f51e8..7c1c229af 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.2 dulwich==0.22.1 psycopg[c,pool]==3.1.18 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==2.0.1 +sentry-sdk==2.1.1 From 36f409a16b6a10a862d6219c7a136c07174a2114 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 6 May 2024 19:04:09 +0200 Subject: [PATCH 125/318] Preparation for 2.9.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 834f26295..c8e38b614 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.8.0 +2.9.0 diff --git a/docker-compose.yml b/docker-compose.yml index 105b9a180..9af4480a6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v3.7-2.8.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.0} depends_on: - postgres - redis From b6492b2e6b036cdc05e968d4ca671b5ba5a32808 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 07:15:37 +0200 Subject: [PATCH 126/318] Fix #1222: Use /login/ as health check URL --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 9af4480a6..fd1474d1e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,7 +11,7 @@ services: start_period: 60s timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/api/ || exit 1" + test: "curl -f http://localhost:8080/login/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - netbox-media-files:/opt/netbox/netbox/media:rw From 25610552659d1f8508ab86a31d6781a9b250cfe4 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 09:57:59 +0200 Subject: [PATCH 127/318] Install Sentry Django integration correctly --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3699222dc..f65442dbc 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk==2.1.1 +sentry-sdk[django]==2.1.1 From 1265d2277a760823e3c82a2c4618eeb051bc8f62 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 7 May 2024 13:45:53 +0200 Subject: [PATCH 128/318] Preparation for 2.9.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index c8e38b614..dedcc7d43 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.9.0 +2.9.1 diff --git a/docker-compose.yml b/docker-compose.yml index fd1474d1e..958561f1b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.1} depends_on: - postgres - redis From c22996d7d72dc78356d536c1f62ea1fe8773e45e Mon Sep 17 00:00:00 2001 From: Laurent <44160341+lchastel@users.noreply.github.com> Date: Thu, 9 May 2024 19:38:49 +0200 Subject: [PATCH 129/318] Add xmlsec with no-binary option SAML backend is still not working. I have the issue "lxml & xmlsec libxml2 library version mismatch". --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f65442dbc..df95b38a2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 -python3-saml==1.16.0 --no-binary lxml +python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.1.1 From 918952a2a50373b4718ea831bd93a35da123e038 Mon Sep 17 00:00:00 2001 From: Niklas Date: Fri, 10 May 2024 10:19:55 +0200 Subject: [PATCH 130/318] Update docker-compose.yml --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 958561f1b..0dcb7c442 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: - start_period: 60s + start_period: 90s timeout: 3s interval: 15s test: "curl -f http://localhost:8080/login/ || exit 1" From 60e9cfd45880648ee0ec9a6e9ea01b46100216d5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 May 2024 19:29:50 +0000 Subject: [PATCH 131/318] Update dependency sentry-sdk to v2.2.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f65442dbc..c006b93e0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.1.1 +sentry-sdk[django]==2.2.0 From 8c691f13089aef8da74a8e6fbfe4c49c247f7942 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 21 May 2024 13:04:35 +0200 Subject: [PATCH 132/318] Change LOGIN_REQUIRED default to 'True' --- configuration/configuration.py | 6 +++--- test-configuration/test_config.py | 1 + test.sh | 2 +- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 2145a2511..78fe58e99 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -221,9 +221,9 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # authenticated to NetBox indefinitely. LOGIN_PERSISTENCE = _environ_get_and_map('LOGIN_PERSISTENCE', 'False', _AS_BOOL) -# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users -# are permitted to access most data in NetBox (excluding secrets) but not make any changes. -LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'False', _AS_BOOL) +# When enabled, only authenticated users are permitted to access any part of NetBox. +# Disabling this will allow unauthenticated users to access most areas of NetBox (but not make any changes). +LOGIN_REQUIRED = _environ_get_and_map('LOGIN_REQUIRED', 'True', _AS_BOOL) # The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to # re-authenticate. (Default: 1209600 [14 days]) diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 884defd42..09bd5dcb9 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -4,3 +4,4 @@ } DEFAULT_PERMISSIONS = {} +LOGIN_REQUIRED = False diff --git a/test.sh b/test.sh index 62ed3cb44..f415cd77b 100755 --- a/test.sh +++ b/test.sh @@ -84,7 +84,7 @@ test_netbox_web() { --retry 5 \ --retry-delay 0 \ --retry-max-time 40 \ - http://127.0.0.1:8000/ + http://127.0.0.1:8000/login/ ) if [ "$RESP_CODE" == "200" ]; then echo "Webservice running" From 730743139ecb71d94fe7f528e4a4bf9dd7c2a220 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 21 May 2024 12:56:09 +0000 Subject: [PATCH 133/318] Update dependency sentry-sdk to v2.2.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c006b93e0..bd1f9b9ff 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.2.0 +sentry-sdk[django]==2.2.1 From daa8b40c3490beb9f3a056a619678b17410fbb43 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 May 2024 11:23:15 +0000 Subject: [PATCH 134/318] Update dependency sentry-sdk to v2.3.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index bd1f9b9ff..26412a05a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.2.1 +sentry-sdk[django]==2.3.0 From 75fa7e7e99be13a9fed6592786fd4ac83dee6ff2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 May 2024 14:08:00 +0000 Subject: [PATCH 135/318] Update dependency sentry-sdk to v2.3.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 26412a05a..36904fc36 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml -sentry-sdk[django]==2.3.0 +sentry-sdk[django]==2.3.1 From 3c8449fbecd7685aa7d91477fb680a2daf420307 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:11:06 +0200 Subject: [PATCH 136/318] Switch to valkey and add healthcheck --- docker-compose.yml | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 0dcb7c442..4986fc09a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -53,20 +53,30 @@ services: # redis redis: - image: docker.io/redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + healthcheck: + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + interval: 1s + timeout: 3s + retries: 5 env_file: env/redis.env volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + healthcheck: + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + interval: 1s + timeout: 3s + retries: 5 env_file: env/redis-cache.env volumes: - netbox-redis-cache-data:/data From 26b15f9ff115566a967ccd65e7a97ec43a40f91f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:11:14 +0200 Subject: [PATCH 137/318] Add healthcheck to postgres too --- docker-compose.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docker-compose.yml b/docker-compose.yml index 4986fc09a..67d72af0d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -47,6 +47,12 @@ services: # postgres postgres: image: docker.io/postgres:16-alpine + healthcheck: + test: pg_isready -d db_prod + interval: 10s + timeout: 30s + retries: 5 + start_period: 20s env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data From 5e492c63c6fc8a4ea616be7a3e5cacddf87e265d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 17:40:06 +0200 Subject: [PATCH 138/318] Suggestion from Tobias --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 67d72af0d..0ba1ba5c5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -48,7 +48,7 @@ services: postgres: image: docker.io/postgres:16-alpine healthcheck: - test: pg_isready -d db_prod + test: pg_isready -q -U netbox -d netbox interval: 10s timeout: 30s retries: 5 From 6a3ba4409e4aee413cfbbeb1c2bab13478ef71f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 21:14:21 +0200 Subject: [PATCH 139/318] Update test to valkey as well --- docker-compose.test.yml | 29 +++++++++++++++++------------ docker-compose.yml | 23 ++++++++++------------- 2 files changed, 27 insertions(+), 25 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index f7a3cf1a1..9d916e2c8 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: ${IMAGE-netboxcommunity/netbox:latest} + image: ${IMAGE-docker.io/netboxcommunity/netbox:latest} depends_on: postgres: condition: service_healthy @@ -13,10 +13,10 @@ services: volumes: - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: + test: curl -f http://localhost:8080/api/ || exit 1 start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/api/ || exit 1" netbox-worker: <<: *netbox command: @@ -24,42 +24,47 @@ services: - /opt/netbox/netbox/manage.py - rqworker healthcheck: + test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 40s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" netbox-housekeeping: <<: *netbox command: - /opt/netbox/housekeeping.sh healthcheck: + test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 40s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" + postgres: - image: postgres:16-alpine + image: docker.io/postgres:16-alpine env_file: env/postgres.env healthcheck: - test: "pg_isready -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER" ## $$ because of docker-compose - interval: 10s + test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose + start_period: 20s + interval: 1s timeout: 5s retries: 5 + redis: &redis - image: redis:7-alpine + image: docker.io/valkey/valkey:7.2-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env healthcheck: - start_period: 20s + test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + start_period: 5s timeout: 3s - interval: 15s - test: "timeout 2 redis-cli ping" + interval: 1s + retries: 5 redis-cache: <<: *redis env_file: env/redis-cache.env + volumes: netbox-media-files: driver: local diff --git a/docker-compose.yml b/docker-compose.yml index 0ba1ba5c5..a4678da03 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,10 +8,10 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: + test: curl -f http://localhost:8081/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s - test: "curl -f http://localhost:8080/login/ || exit 1" volumes: - ./configuration:/etc/netbox/config:z,ro - netbox-media-files:/opt/netbox/netbox/media:rw @@ -27,10 +27,10 @@ services: - /opt/netbox/netbox/manage.py - rqworker healthcheck: + test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 20s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q rqworker || exit 1" netbox-housekeeping: <<: *netbox depends_on: @@ -39,20 +39,20 @@ services: command: - /opt/netbox/housekeeping.sh healthcheck: + test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 20s timeout: 3s interval: 15s - test: "ps -aux | grep -v grep | grep -q housekeeping || exit 1" # postgres postgres: image: docker.io/postgres:16-alpine healthcheck: - test: pg_isready -q -U netbox -d netbox - interval: 10s + test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER + start_period: 20s timeout: 30s + interval: 10s retries: 5 - start_period: 20s env_file: env/postgres.env volumes: - netbox-postgres-data:/var/lib/postgresql/data @@ -64,10 +64,11 @@ services: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose - healthcheck: + healthcheck: &redis-healthcheck test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" - interval: 1s + start_period: 5s timeout: 3s + interval: 1s retries: 5 env_file: env/redis.env volumes: @@ -78,11 +79,7 @@ services: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose - healthcheck: - test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" - interval: 1s - timeout: 3s - retries: 5 + healthcheck: *redis-healthcheck env_file: env/redis-cache.env volumes: - netbox-redis-cache-data:/data From b29f7fd446719cbd11455d47563c456a410b862b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Fri, 19 Apr 2024 21:23:06 +0200 Subject: [PATCH 140/318] Disable valkey persistence in tests --- docker-compose.test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 9d916e2c8..c209cbcfd 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -53,7 +53,7 @@ services: command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env healthcheck: test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" From 9d04f2a7a58bbc15bf9ba6c7f599dcc66930c41f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 15:26:07 +0200 Subject: [PATCH 141/318] Fix endpoint --- docker-compose.test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index c209cbcfd..5011e26f9 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -13,7 +13,7 @@ services: volumes: - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: - test: curl -f http://localhost:8080/api/ || exit 1 + test: curl -f http://localhost:8080/login/ || exit 1 start_period: ${NETBOX_START_PERIOD-120s} timeout: 3s interval: 15s From 21cf7b498d4546ea13b3114fc3c9667adafc7183 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 15:45:25 +0200 Subject: [PATCH 142/318] Fix port --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index a4678da03..adbce78b9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: env_file: env/netbox.env user: 'unit:root' healthcheck: - test: curl -f http://localhost:8081/login/ || exit 1 + test: curl -f http://localhost:8080/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s From ac496a16ee371c51231a438d83df8094cb98fdc2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 4 Jun 2024 11:52:02 +0000 Subject: [PATCH 143/318] Update dependency sentry-sdk to v2.4.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0034890e5..164344fc4 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.3.1 +sentry-sdk[django]==2.4.0 From f0b3a0701cf78eb2e050f286a24821e960e8c1fd Mon Sep 17 00:00:00 2001 From: threes33 Date: Tue, 4 Jun 2024 12:29:35 -0700 Subject: [PATCH 144/318] Adds HTTP_PROXIES related parameters --- configuration/configuration.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 2145a2511..063a9e265 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -200,10 +200,10 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: EXEMPT_VIEW_PERMISSIONS = _environ_get_and_map('EXEMPT_VIEW_PERMISSIONS', '', _AS_LIST) # HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks). -# HTTP_PROXIES = { -# 'http': 'http://10.10.1.10:3128', -# 'https': 'http://10.10.1.10:1080', -# } +HTTP_PROXIES = { + 'http': environ.get('HTTP_PROXY', None), + 'https': environ.get('HTTPS_PROXY', None), +} # IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing # NetBox from an internal IP. From 33d52308599d6d5ceb4c3efde94b873cea0601c5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 6 Jun 2024 14:13:00 +0000 Subject: [PATCH 145/318] Update dependency sentry-sdk to v2.5.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 164344fc4..88a4ca721 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.4.0 +sentry-sdk[django]==2.5.0 From ee2d1dea17d586af6eee739c847bf1e09b3e3842 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 7 Jun 2024 21:53:49 +0000 Subject: [PATCH 146/318] Update dependency sentry-sdk to v2.5.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 88a4ca721..35bd909da 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.5.0 +sentry-sdk[django]==2.5.1 From bb9a7fe5422d657efc76b3f5ec799a5128f4e257 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 15:05:23 +0000 Subject: [PATCH 147/318] Update dependency sentry-sdk to v2.6.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 35bd909da..96388c138 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.5.1 +sentry-sdk[django]==2.6.0 From 53418e7d1903cdf90bf9811e5a5eccd8cc409cfc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 14:19:54 +0000 Subject: [PATCH 148/318] Update dependency sentry-sdk to v2.7.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 96388c138..3faeab0b2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.6.0 +sentry-sdk[django]==2.7.0 From 84132e4b59eec741212b898e545ebdb98c615e1c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 27 Jun 2024 17:02:32 +0000 Subject: [PATCH 149/318] Update dependency sentry-sdk to v2.7.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3faeab0b2..ba9947ecb 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.7.0 +sentry-sdk[django]==2.7.1 From 29e66a0a0102dd86cee3877e287e1eed65686ca1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Jul 2024 09:58:02 +0000 Subject: [PATCH 150/318] Update dependency sentry-sdk to v2.8.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index ba9947ecb..dd4f142b1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.7.1 +sentry-sdk[django]==2.8.0 From 279873d20e31c1c597c0ddd377646e18dadf2f71 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Jul 2024 04:30:55 +0000 Subject: [PATCH 151/318] Update dependency django-storages to v1.14.4 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index dd4f142b1..0954fb7e1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.8.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.3 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.8.0 From 51372eed3257b74779f2edd9c96ff0cdce971efc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 10 Jul 2024 09:41:27 +0000 Subject: [PATCH 152/318] Update dependency sentry-sdk to v2.9.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0954fb7e1..0fa9c27c9 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.8.0 +sentry-sdk[django]==2.9.0 From 3134057f8792f9f47f808d05087b6190391ffd48 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 15 Jul 2024 11:07:41 +0000 Subject: [PATCH 153/318] Update dependency sentry-sdk to v2.10.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0fa9c27c9..0e12be0aa 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.9.0 +sentry-sdk[django]==2.10.0 From 2a15689e5f2a81925d56e5e0ff2004ca9dd8d170 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 24 Jul 2024 10:38:05 +0000 Subject: [PATCH 154/318] Update dependency sentry-sdk to v2.11.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0e12be0aa..38a86bf8a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.10.0 +sentry-sdk[django]==2.11.0 From 542300056c177fe2e50ad21a4e0829d5af1b6c20 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 31 Jul 2024 10:32:58 +0000 Subject: [PATCH 155/318] Update dependency sentry-sdk to v2.12.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 38a86bf8a..d23301033 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.11.0 +sentry-sdk[django]==2.12.0 From 838a56c96fbe8721a6cbe5af81c56fe8fe161846 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 2 Aug 2024 02:08:50 +0000 Subject: [PATCH 156/318] Update docker.io/valkey/valkey Docker tag to v8 --- docker-compose.test.yml | 2 +- docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 5011e26f9..98a6c19af 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -49,7 +49,7 @@ services: retries: 5 redis: &redis - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env diff --git a/docker-compose.yml b/docker-compose.yml index adbce78b9..53f2da726 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: # redis redis: - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env @@ -74,7 +74,7 @@ services: volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/valkey/valkey:7.2-alpine + image: docker.io/valkey/valkey:8.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From 59922f34233689090f61345c71d46518b0d7b44c Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 21 Aug 2024 10:38:20 +0200 Subject: [PATCH 157/318] Prepare for Ubuntu 24.04 --- Dockerfile | 9 ++++----- build.sh | 4 ++-- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2a6de8c41..743bb4eb4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -63,17 +63,16 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssh-client \ openssl \ python3 \ - python3-distutils \ tini \ - && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ + && curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ + && echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.32.0-1~mantic \ - unit-python3.11=1.32.0-1~mantic \ + unit=1.32.1-1~mantic \ + unit-python3.12=1.32.1-1~mantic \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/build.sh b/build.sh index 352c1ce30..071596969 100755 --- a/build.sh +++ b/build.sh @@ -61,7 +61,7 @@ DOCKERFILE The name of Dockerfile to use. ${_GREEN}Default:${_CLEAR} Dockerfile DOCKER_FROM The base image to use. - ${_GREEN}Default:${_CLEAR} 'ubuntu:23.10' + ${_GREEN}Default:${_CLEAR} 'ubuntu:24.04' BUILDX_PLATFORMS Specifies the platform(s) to build the image for. @@ -219,7 +219,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="docker.io/ubuntu:23.10" + DOCKER_FROM="docker.io/ubuntu:24.04" fi ### From 279a54bef0375d78547f8e3ad0c9d12ca1a84ebf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 29 Aug 2024 19:48:38 +0000 Subject: [PATCH 158/318] Update github/super-linter action to v7 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index d7bf3b992..b173062ba 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -28,7 +28,7 @@ jobs: with: python-version: '3.9' - name: Lint Code Base - uses: github/super-linter@v6 + uses: github/super-linter@v7 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From a75db6add94ede9a0ecfc9699b9c14d6f1d1c244 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sun, 1 Sep 2024 13:23:58 +0200 Subject: [PATCH 159/318] Fix linter error --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index b173062ba..41d4d40f4 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -26,7 +26,7 @@ jobs: fetch-depth: 0 - uses: actions/setup-python@v5 with: - python-version: '3.9' + python-version: "3.9" - name: Lint Code Base uses: github/super-linter@v7 env: From d9ff19fd30a12245fe595b3c67c0e31583146e17 Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:27:37 +0000 Subject: [PATCH 160/318] Support for multiple AUTH_LDAP_REQUIRE_GROUP from environment variable --- configuration/ldap/ldap_config.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 82fad72a8..d25b3e821 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -2,7 +2,7 @@ from os import environ import ldap -from django_auth_ldap.config import LDAPSearch +from django_auth_ldap.config import LDAPGroupQuery, LDAPSearch # Read secret from file @@ -86,12 +86,22 @@ def _import_group_type(group_type_name): # Define a group required to login. AUTH_LDAP_REQUIRE_GROUP = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN') +# If non-empty string, AUTH_LDAP_REQUIRE_GROUP will be treated as a list delimited by this separator +AUTH_LDAP_REQUIRE_GROUP_SEPARATOR = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN_SEPARATOR', '') + # Define special user types using groups. Exercise great caution when assigning superuser status. AUTH_LDAP_USER_FLAGS_BY_GROUP = {} if AUTH_LDAP_REQUIRE_GROUP is not None: + # Build an LDAPGroupQuery when AUTH_LDAP_REQUIRE_GROUP should be treated as a list + if AUTH_LDAP_REQUIRE_GROUP_SEPARATOR: + _groups = list(filter(None, AUTH_LDAP_REQUIRE_GROUP.split(AUTH_LDAP_REQUIRE_GROUP_SEPARATOR))) + AUTH_LDAP_REQUIRE_GROUP = LDAPGroupQuery(_groups[0]) + for i in range(1, len(_groups)): + AUTH_LDAP_REQUIRE_GROUP |= LDAPGroupQuery(_groups[i]) + AUTH_LDAP_USER_FLAGS_BY_GROUP = { - "is_active": environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), + "is_active": AUTH_LDAP_REQUIRE_GROUP, "is_staff": environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), "is_superuser": environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') } From 671f5e94111fc73954d8d8e5f8f0d3a07d16042b Mon Sep 17 00:00:00 2001 From: NeodymiumFerBore <32781483+NeodymiumFerBore@users.noreply.github.com> Date: Mon, 2 Sep 2024 17:29:17 +0000 Subject: [PATCH 161/318] Adapt ldap/extra: LDAPGroupQuery is now imported in ldap_config --- configuration/ldap/extra.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/configuration/ldap/extra.py b/configuration/ldap/extra.py index 45051978e..b76047a07 100644 --- a/configuration/ldap/extra.py +++ b/configuration/ldap/extra.py @@ -1,11 +1,10 @@ #### ## This file contains extra configuration options that can't be configured ## directly through environment variables. -## All vairables set here overwrite any existing found in ldap_config.py +## All variables set here overwrite any existing found in ldap_config.py #### # # This Python script inherits all the imports from ldap_config.py -# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py # # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin. # AUTH_LDAP_REQUIRE_GROUP = ( From 2c26000304cd07d01648e6378db060a9e02309af Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:08:36 +0200 Subject: [PATCH 162/318] Preparation for 3.0.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index dedcc7d43..4a36342fc 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.9.1 +3.0.0 diff --git a/docker-compose.yml b/docker-compose.yml index 53f2da726..a087c12da 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.0-2.9.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} depends_on: - postgres - redis From b81d4fba647b7e899ec777cebd48092d3a4ceed5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:22:55 +0200 Subject: [PATCH 163/318] Updated YAML formatting to fix linter --- .github/FUNDING.yml | 4 +- .github/ISSUE_TEMPLATE/bug_report.yml | 280 ++++++++++----------- .github/ISSUE_TEMPLATE/config.yml | 2 +- .github/ISSUE_TEMPLATE/feature_request.yml | 120 ++++----- .github/pull_request_template.md | 6 +- .github/workflows/release.yml | 2 +- docker-compose.yml | 44 ++-- 7 files changed, 229 insertions(+), 229 deletions(-) diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index acdb4e09a..f76f0f48f 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,8 +1,8 @@ # These are supported funding model platforms github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -- cimnine -- tobiasge + - cimnine + - tobiasge patreon: # Replace with a single Patreon username open_collective: # Replace with a single Open Collective username ko_fi: # Replace with a single Ko-fi username diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index b6f0479ed..4aa05407d 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -1,148 +1,148 @@ name: Bug report description: Create a report about a malfunction of the Docker setup body: -- type: markdown - attributes: - value: | - Please only raise an issue if you're certain that you've found a bug. - Else, see these other means to get help: + - type: markdown + attributes: + value: | + Please only raise an issue if you're certain that you've found a bug. + Else, see these other means to get help: - - See our troubleshooting section: - https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting - - Have a look at the rest of the wiki: - https://github.com/netbox-community/netbox-docker/wiki - - Check the release notes: - https://github.com/netbox-community/netbox-docker/releases - - Look through the issues already resolved: - https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed + - See our troubleshooting section: + https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting + - Have a look at the rest of the wiki: + https://github.com/netbox-community/netbox-docker/wiki + - Check the release notes: + https://github.com/netbox-community/netbox-docker/releases + - Look through the issues already resolved: + https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed - If you did not find what you're looking for, - try the help of our community: + If you did not find what you're looking for, + try the help of our community: - - Post to Github Discussions: - https://github.com/netbox-community/netbox-docker/discussions - - Join the `#netbox-docker` channel on our Slack: - https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - - Ask on the NetBox mailing list: - https://groups.google.com/d/forum/netbox-discuss + - Post to Github Discussions: + https://github.com/netbox-community/netbox-docker/discussions + - Join the `#netbox-docker` channel on our Slack: + https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ + - Ask on the NetBox mailing list: + https://groups.google.com/d/forum/netbox-discuss - Please don't open an issue to open a PR. - Just submit the PR, that's good enough. -- type: textarea - id: current-behavior - attributes: - label: Current Behavior - description: Please describe what you did and how you think it misbehaved - placeholder: I tried to … by doing …, but it … - validations: - required: true -- type: textarea - id: expected-behavior - attributes: - label: Expected Behavior - description: Please describe what you expected instead - placeholder: I expected that … when I do … - validations: - required: true -- type: input - id: docker-compose-version - attributes: - label: Docker Compose Version - description: Please paste the output of `docker-compose version` - placeholder: Docker Compose version vX.Y.Z - validations: - required: true -- type: textarea - id: docker-version - attributes: - label: Docker Version - description: Please paste the output of `docker version` - render: text - placeholder: | - Client: - Cloud integration: 1.0.17 - Version: 20.10.8 - API version: 1.41 - Go version: go1.16.6 - Git commit: 3967b7d - Built: Fri Jul 30 19:55:20 2021 - OS/Arch: darwin/amd64 - Context: default - Experimental: true + Please don't open an issue to open a PR. + Just submit the PR, that's good enough. + - type: textarea + id: current-behavior + attributes: + label: Current Behavior + description: Please describe what you did and how you think it misbehaved + placeholder: I tried to … by doing …, but it … + validations: + required: true + - type: textarea + id: expected-behavior + attributes: + label: Expected Behavior + description: Please describe what you expected instead + placeholder: I expected that … when I do … + validations: + required: true + - type: input + id: docker-compose-version + attributes: + label: Docker Compose Version + description: Please paste the output of `docker-compose version` + placeholder: Docker Compose version vX.Y.Z + validations: + required: true + - type: textarea + id: docker-version + attributes: + label: Docker Version + description: Please paste the output of `docker version` + render: text + placeholder: | + Client: + Cloud integration: 1.0.17 + Version: 20.10.8 + API version: 1.41 + Go version: go1.16.6 + Git commit: 3967b7d + Built: Fri Jul 30 19:55:20 2021 + OS/Arch: darwin/amd64 + Context: default + Experimental: true - Server: Docker Engine - Community - Engine: - Version: 20.10.8 - API version: 1.41 (minimum version 1.12) - Go version: go1.16.6 - Git commit: 75249d8 - Built: Fri Jul 30 19:52:10 2021 - OS/Arch: linux/amd64 - Experimental: false - containerd: - Version: 1.4.9 - GitCommit: e25210fe30a0a703442421b0f60afac609f950a3 - runc: - Version: 1.0.1 - GitCommit: v1.0.1-0-g4144b63 - docker-init: - Version: 0.19.0 - GitCommit: de40ad0 - validations: - required: true -- type: input - id: git-rev - attributes: - label: The git Revision - description: Please paste the output of `git rev-parse HEAD` - validations: - required: true -- type: textarea - id: git-status - attributes: - label: The git Status - description: Please paste the output of `git status` - render: text - placeholder: | - On branch main - nothing to commit, working tree clean - validations: - required: true -- type: input - id: run-command - attributes: - label: Startup Command - description: Please specify the command you used to start the project - placeholder: docker compose up - validations: - required: true -- type: textarea - id: netbox-logs - attributes: - label: NetBox Logs - description: Please paste the output of `docker-compose logs netbox` (or `docker compose logs netbox`) - render: text - placeholder: | - netbox_1 | ⚙️ Applying database migrations - netbox_1 | 🧬 loaded config '/etc/netbox/config/configuration.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/a.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/extra.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/logging.py' - netbox_1 | 🧬 loaded config '/etc/netbox/config/plugins.py' - ... - validations: - required: true -- type: textarea - id: docker-compose-override-yml - attributes: - label: Content of docker-compose.override.yml - description: Please paste the output of `cat docker-compose.override.yml` - render: yaml - placeholder: | - version: '3.4' - services: - netbox: - ports: - - '8080:8080' - validations: - required: true + Server: Docker Engine - Community + Engine: + Version: 20.10.8 + API version: 1.41 (minimum version 1.12) + Go version: go1.16.6 + Git commit: 75249d8 + Built: Fri Jul 30 19:52:10 2021 + OS/Arch: linux/amd64 + Experimental: false + containerd: + Version: 1.4.9 + GitCommit: e25210fe30a0a703442421b0f60afac609f950a3 + runc: + Version: 1.0.1 + GitCommit: v1.0.1-0-g4144b63 + docker-init: + Version: 0.19.0 + GitCommit: de40ad0 + validations: + required: true + - type: input + id: git-rev + attributes: + label: The git Revision + description: Please paste the output of `git rev-parse HEAD` + validations: + required: true + - type: textarea + id: git-status + attributes: + label: The git Status + description: Please paste the output of `git status` + render: text + placeholder: | + On branch main + nothing to commit, working tree clean + validations: + required: true + - type: input + id: run-command + attributes: + label: Startup Command + description: Please specify the command you used to start the project + placeholder: docker compose up + validations: + required: true + - type: textarea + id: netbox-logs + attributes: + label: NetBox Logs + description: Please paste the output of `docker-compose logs netbox` (or `docker compose logs netbox`) + render: text + placeholder: | + netbox_1 | ⚙️ Applying database migrations + netbox_1 | 🧬 loaded config '/etc/netbox/config/configuration.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/a.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/extra.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/logging.py' + netbox_1 | 🧬 loaded config '/etc/netbox/config/plugins.py' + ... + validations: + required: true + - type: textarea + id: docker-compose-override-yml + attributes: + label: Content of docker-compose.override.yml + description: Please paste the output of `cat docker-compose.override.yml` + render: yaml + placeholder: | + version: '3.4' + services: + netbox: + ports: + - '8080:8080' + validations: + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index a584cc2eb..3e3d62a5b 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -6,7 +6,7 @@ contact_links: - name: Chat url: https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - about: 'Usually the quickest way to seek help with small issues is to join our #netbox-docker Slack channel.' + about: "Usually the quickest way to seek help with small issues is to join our #netbox-docker Slack channel." - name: Community Wiki url: https://github.com/netbox-community/netbox-docker/wiki diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index e8f2a55ba..88d46fdcd 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -1,68 +1,68 @@ name: Feature or Change Request description: Request a new feature or a change of the current behavior body: -- type: markdown - attributes: - value: | - This issue type is to propose new features for the Docker setup. - To just spin an idea, see the Github Discussions section, please. + - type: markdown + attributes: + value: | + This issue type is to propose new features for the Docker setup. + To just spin an idea, see the Github Discussions section, please. - Before asking for help, see these links first: + Before asking for help, see these links first: - - See our troubleshooting section: - https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting - - Have a look at the rest of the wiki: - https://github.com/netbox-community/netbox-docker/wiki - - Check the release notes: - https://github.com/netbox-community/netbox-docker/releases - - Look through the issues already resolved: - https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed + - See our troubleshooting section: + https://github.com/netbox-community/netbox-docker/wiki/Troubleshooting + - Have a look at the rest of the wiki: + https://github.com/netbox-community/netbox-docker/wiki + - Check the release notes: + https://github.com/netbox-community/netbox-docker/releases + - Look through the issues already resolved: + https://github.com/netbox-community/netbox-docker/issues?q=is%3Aclosed - If you did not find what you're looking for, - try the help of our community: + If you did not find what you're looking for, + try the help of our community: - - Post to Github Discussions: - https://github.com/netbox-community/netbox-docker/discussions - - Join the `#netbox-docker` channel on our Slack: - https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ - - Ask on the NetBox mailing list: - https://groups.google.com/d/forum/netbox-discuss + - Post to Github Discussions: + https://github.com/netbox-community/netbox-docker/discussions + - Join the `#netbox-docker` channel on our Slack: + https://join.slack.com/t/netdev-community/shared_invite/zt-mtts8g0n-Sm6Wutn62q_M4OdsaIycrQ + - Ask on the NetBox mailing list: + https://groups.google.com/d/forum/netbox-discuss - Please don't open an issue to open a PR. - Just submit the PR, that's good enough. -- type: textarea - id: desired-behavior - attributes: - label: Desired Behavior - description: Please describe the desired behavior - placeholder: To me, it would be useful, if … because … - validations: - required: true -- type: textarea - id: contrast-to-current - attributes: - label: Contrast to Current Behavior - description: Please describe how the desired behavior is different from the current behavior - placeholder: The current behavior is …, but this lacks … - validations: - required: true -- type: textarea - id: required-changes - attributes: - label: Required Changes - description: If you can, please elaborate what changes will be required to implement the desired behavior - placeholder: I suggest to change the file … - validations: - required: false -- type: textarea - id: discussion - attributes: - label: 'Discussion: Benefits and Drawbacks' - description: | - Please make your case here: - - Why do you think this project and the community will benefit from your suggestion? - - What are the drawbacks of this change? Is it backwards-compatible? - - Anything else that you think is relevant to the discussion of this feature/change request. - placeholder: I suggest to change the file … - validations: - required: false + Please don't open an issue to open a PR. + Just submit the PR, that's good enough. + - type: textarea + id: desired-behavior + attributes: + label: Desired Behavior + description: Please describe the desired behavior + placeholder: To me, it would be useful, if … because … + validations: + required: true + - type: textarea + id: contrast-to-current + attributes: + label: Contrast to Current Behavior + description: Please describe how the desired behavior is different from the current behavior + placeholder: The current behavior is …, but this lacks … + validations: + required: true + - type: textarea + id: required-changes + attributes: + label: Required Changes + description: If you can, please elaborate what changes will be required to implement the desired behavior + placeholder: I suggest to change the file … + validations: + required: false + - type: textarea + id: discussion + attributes: + label: "Discussion: Benefits and Drawbacks" + description: | + Please make your case here: + - Why do you think this project and the community will benefit from your suggestion? + - What are the drawbacks of this change? Is it backwards-compatible? + - Anything else that you think is relevant to the discussion of this feature/change request. + placeholder: I suggest to change the file … + validations: + required: false diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 139ff9638..8c51bfdfc 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -80,6 +80,6 @@ into the release notes. Please put an x into the brackets (like `[x]`) if you've completed that task. --> -* [ ] I have read the comments and followed the PR template. -* [ ] I have explained my PR according to the information in the comments. -* [ ] My PR targets the `develop` branch. +- [ ] I have read the comments and followed the PR template. +- [ ] I have explained my PR according to the information in the comments. +- [ ] My PR targets the `develop` branch. diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3021dab5e..910c3a13a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,7 +6,7 @@ on: types: - published schedule: - - cron: '45 5 * * *' + - cron: "45 5 * * *" workflow_dispatch: jobs: diff --git a/docker-compose.yml b/docker-compose.yml index a087c12da..9d68b0e9a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,30 +2,30 @@ services: netbox: &netbox image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} depends_on: - - postgres - - redis - - redis-cache + - postgres + - redis + - redis-cache env_file: env/netbox.env - user: 'unit:root' + user: "unit:root" healthcheck: test: curl -f http://localhost:8080/login/ || exit 1 start_period: 90s timeout: 3s interval: 15s volumes: - - ./configuration:/etc/netbox/config:z,ro - - netbox-media-files:/opt/netbox/netbox/media:rw - - netbox-reports-files:/opt/netbox/netbox/reports:rw - - netbox-scripts-files:/opt/netbox/netbox/scripts:rw + - ./configuration:/etc/netbox/config:z,ro + - netbox-media-files:/opt/netbox/netbox/media:rw + - netbox-reports-files:/opt/netbox/netbox/reports:rw + - netbox-scripts-files:/opt/netbox/netbox/scripts:rw netbox-worker: <<: *netbox depends_on: netbox: condition: service_healthy command: - - /opt/netbox/venv/bin/python - - /opt/netbox/netbox/manage.py - - rqworker + - /opt/netbox/venv/bin/python + - /opt/netbox/netbox/manage.py + - rqworker healthcheck: test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 20s @@ -37,7 +37,7 @@ services: netbox: condition: service_healthy command: - - /opt/netbox/housekeeping.sh + - /opt/netbox/housekeeping.sh healthcheck: test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 20s @@ -55,34 +55,34 @@ services: retries: 5 env_file: env/postgres.env volumes: - - netbox-postgres-data:/var/lib/postgresql/data + - netbox-postgres-data:/var/lib/postgresql/data # redis redis: image: docker.io/valkey/valkey:8.0-alpine command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - sh + - -c # this is to evaluate the $REDIS_PASSWORD from the env + - valkey-server --appendonly yes --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose healthcheck: &redis-healthcheck - test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + test: '[ $$(valkey-cli --pass "$${REDIS_PASSWORD}" ping) = ''PONG'' ]' start_period: 5s timeout: 3s interval: 1s retries: 5 env_file: env/redis.env volumes: - - netbox-redis-data:/data + - netbox-redis-data:/data redis-cache: image: docker.io/valkey/valkey:8.0-alpine command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - sh + - -c # this is to evaluate the $REDIS_PASSWORD from the env + - valkey-server --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose healthcheck: *redis-healthcheck env_file: env/redis-cache.env volumes: - - netbox-redis-cache-data:/data + - netbox-redis-cache-data:/data volumes: netbox-media-files: From f3a78bfd10f394c6a04e3e9da08d6bc050a12bf5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:26:16 +0200 Subject: [PATCH 164/318] More linter fixes --- .yamllint.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.yamllint.yaml b/.yamllint.yaml index 50d6af787..217eb28f2 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -2,4 +2,4 @@ rules: line-length: - max: 120 + max: 160 From 09ba1d3f4ecb1fae9d6c07c7ff07ff7cc4da95a3 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 3 Sep 2024 20:31:00 +0200 Subject: [PATCH 165/318] More linter fixes --- .yamllint.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.yamllint.yaml b/.yamllint.yaml index 217eb28f2..81a9e05e7 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -1,5 +1,4 @@ --- - rules: line-length: max: 160 From 6e735fd431383f429012707cc1d5ae0ebc04b125 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 3 Sep 2024 20:03:58 +0000 Subject: [PATCH 166/318] Update dependency sentry-sdk to v2.13.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d23301033..fd97e0f2a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.12.0 +sentry-sdk[django]==2.13.0 From 52f80cc7ca2fa24b8672fca52c628414c1e06e0c Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 07:25:04 +0200 Subject: [PATCH 167/318] Fix #1300: Disable ARM64 release --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 910c3a13a..c94c1f95a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - ./build.sh feature - ./build.sh develop platform: - - linux/amd64,linux/arm64 + - linux/amd64 fail-fast: false runs-on: ubuntu-latest name: Builds new NetBox Docker Images From f13a6bf5e47c0fccb76187d13c6030e606f828f6 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 07:25:44 +0200 Subject: [PATCH 168/318] Preparation for 3.0.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 4a36342fc..cb2b00e4f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0.0 +3.0.1 diff --git a/docker-compose.yml b/docker-compose.yml index 9d68b0e9a..34ce41d7f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.1} depends_on: - postgres - redis From a24c19c503fb236b1900883ea18f326856bc415a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 10:17:05 +0200 Subject: [PATCH 169/318] Use Docker Build Cloud for releases With QEMU the ARM64 builds are slow and not reliable. If we use the Docker Cloud builders we reduce the build times considerably. As a Docker OSS organisation we get 400 build minutes per month, which should be fine, because we already use checks if builds are really needed. The Docker Cloud also uses a cache that should reduce build times a little bit more. --- .github/workflows/release.yml | 33 ++++++++++++++++----------------- build.sh | 7 +++++++ 2 files changed, 23 insertions(+), 17 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c94c1f95a..7c2759488 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - ./build.sh feature - ./build.sh develop platform: - - linux/amd64 + - linux/amd64,linux/arm64 fail-fast: false runs-on: ubuntu-latest name: Builds new NetBox Docker Images @@ -35,19 +35,11 @@ jobs: name: Get Version of NetBox Docker run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT" shell: bash - - id: qemu-setup - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - id: buildx-setup - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - id: docker-build - name: Build the image with '${{ matrix.build_cmd }}' + - id: check-build-needed + name: Check if the build is needed for '${{ matrix.build_cmd }}' + env: + CHECK_ONLY: "true" run: ${{ matrix.build_cmd }} - - id: test-image - name: Test the image - run: IMAGE="${FINAL_DOCKER_TAG}" ./test.sh - if: steps.docker-build.outputs.skipped != 'true' # docker.io - id: docker-io-login name: Login to docker.io @@ -56,7 +48,14 @@ jobs: registry: docker.io username: ${{ secrets.dockerhub_username }} password: ${{ secrets.dockerhub_password }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' + - id: buildx-setup + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + version: "lab:latest" + driver: cloud + endpoint: "netboxcommunity/netbox-default" # quay.io - id: quay-io-login name: Login to Quay.io @@ -65,7 +64,7 @@ jobs: registry: quay.io username: ${{ secrets.quayio_username }} password: ${{ secrets.quayio_password }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' # ghcr.io - id: ghcr-io-login name: Login to GitHub Container Registry @@ -74,11 +73,11 @@ jobs: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' - id: build-and-push name: Push the image run: ${{ matrix.build_cmd }} --push - if: steps.docker-build.outputs.skipped != 'true' + if: steps.check-build-needed.outputs.skipped != 'true' env: BUILDX_PLATFORM: ${{ matrix.platform }} BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} diff --git a/build.sh b/build.sh index 071596969..df85df7c2 100755 --- a/build.sh +++ b/build.sh @@ -103,6 +103,8 @@ GH_ACTION If defined, special 'echo' statements are enabled that set the - FINAL_DOCKER_TAG: The final value of the DOCKER_TAG env variable ${_GREEN}Default:${_CLEAR} undefined +CHECK_ONLY Only checks if the build is needed and sets the GH Action output. + ${_BOLD}Examples:${_CLEAR} ${0} master @@ -355,6 +357,11 @@ else fi gh_echo "::endgroup::" +if [ "${CHECK_ONLY}" = "true" ]; then + echo "Only check if build needed was requested. Exiting" + exit 0 +fi + ### # Build the image ### From 942f978ed26217b4795a5a22fb4e42661b311b4a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 4 Sep 2024 17:53:24 +0200 Subject: [PATCH 170/318] Revert "Feature: Support for multiple AUTH_LDAP_REQUIRE_GROUP from environment variables" --- configuration/ldap/extra.py | 3 ++- configuration/ldap/ldap_config.py | 14 ++------------ 2 files changed, 4 insertions(+), 13 deletions(-) diff --git a/configuration/ldap/extra.py b/configuration/ldap/extra.py index b76047a07..45051978e 100644 --- a/configuration/ldap/extra.py +++ b/configuration/ldap/extra.py @@ -1,10 +1,11 @@ #### ## This file contains extra configuration options that can't be configured ## directly through environment variables. -## All variables set here overwrite any existing found in ldap_config.py +## All vairables set here overwrite any existing found in ldap_config.py #### # # This Python script inherits all the imports from ldap_config.py +# from django_auth_ldap.config import LDAPGroupQuery # Imported since not in ldap_config.py # # Sets a base requirement of membetship to netbox-user-ro, netbox-user-rw, or netbox-user-admin. # AUTH_LDAP_REQUIRE_GROUP = ( diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index d25b3e821..82fad72a8 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -2,7 +2,7 @@ from os import environ import ldap -from django_auth_ldap.config import LDAPGroupQuery, LDAPSearch +from django_auth_ldap.config import LDAPSearch # Read secret from file @@ -86,22 +86,12 @@ def _import_group_type(group_type_name): # Define a group required to login. AUTH_LDAP_REQUIRE_GROUP = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN') -# If non-empty string, AUTH_LDAP_REQUIRE_GROUP will be treated as a list delimited by this separator -AUTH_LDAP_REQUIRE_GROUP_SEPARATOR = environ.get('AUTH_LDAP_REQUIRE_GROUP_DN_SEPARATOR', '') - # Define special user types using groups. Exercise great caution when assigning superuser status. AUTH_LDAP_USER_FLAGS_BY_GROUP = {} if AUTH_LDAP_REQUIRE_GROUP is not None: - # Build an LDAPGroupQuery when AUTH_LDAP_REQUIRE_GROUP should be treated as a list - if AUTH_LDAP_REQUIRE_GROUP_SEPARATOR: - _groups = list(filter(None, AUTH_LDAP_REQUIRE_GROUP.split(AUTH_LDAP_REQUIRE_GROUP_SEPARATOR))) - AUTH_LDAP_REQUIRE_GROUP = LDAPGroupQuery(_groups[0]) - for i in range(1, len(_groups)): - AUTH_LDAP_REQUIRE_GROUP |= LDAPGroupQuery(_groups[i]) - AUTH_LDAP_USER_FLAGS_BY_GROUP = { - "is_active": AUTH_LDAP_REQUIRE_GROUP, + "is_active": environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), "is_staff": environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), "is_superuser": environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') } From f134a44bc7383a1c4a910c1e05cd706282e1b7fb Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 6 Sep 2024 09:50:12 +0200 Subject: [PATCH 171/318] When no build is needed don't create the buildx config --- .github/workflows/release.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7c2759488..b90bf1580 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -56,6 +56,7 @@ jobs: version: "lab:latest" driver: cloud endpoint: "netboxcommunity/netbox-default" + if: steps.check-build-needed.outputs.skipped != 'true' # quay.io - id: quay-io-login name: Login to Quay.io From 09c897aa22238fb480953c77f9dd99677df1c1d2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 9 Sep 2024 14:16:13 +0000 Subject: [PATCH 172/318] Update dependency sentry-sdk to v2.14.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index fd97e0f2a..6dfd15240 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.13.0 +sentry-sdk[django]==2.14.0 From 35c19d0fc8e91be74ed14fc6bd966e5e22815e5f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 18 Sep 2024 17:56:41 +0200 Subject: [PATCH 173/318] Upgrade Nginx Unit to version 1.33 --- Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 743bb4eb4..1c17caa93 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ ARG FROM -FROM ${FROM} as builder +FROM ${FROM} AS builder RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ @@ -46,7 +46,7 @@ RUN \ ### ARG FROM -FROM ${FROM} as main +FROM ${FROM} AS main RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ @@ -64,15 +64,15 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssl \ python3 \ tini \ - && curl --silent --output /etc/apt/keyrings/nginx-keyring.gpg \ + && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/etc/apt/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ mantic unit" \ + && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ noble unit" \ > /etc/apt/sources.list.d/unit.list \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.32.1-1~mantic \ - unit-python3.12=1.32.1-1~mantic \ + unit=1.33.0-1~noble \ + unit-python3.12=1.33.0-1~noble \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv From 5dea11c4d470523629bf61c0cfbe61cc56c93949 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 19 Sep 2024 13:43:31 +0200 Subject: [PATCH 174/318] Preparation for 3.0.2 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index cb2b00e4f..b50214693 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0.1 +3.0.2 diff --git a/docker-compose.yml b/docker-compose.yml index 34ce41d7f..a00825c71 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.2} depends_on: - postgres - redis From db34a0ae2bc382b0e09d1ae740e7d492cccd56d6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Sep 2024 03:23:22 +0000 Subject: [PATCH 175/318] Update docker.io/postgres Docker tag to v17 --- docker-compose.test.yml | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 98a6c19af..e1f33729f 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -39,7 +39,7 @@ services: interval: 15s postgres: - image: docker.io/postgres:16-alpine + image: docker.io/postgres:17-alpine env_file: env/postgres.env healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose diff --git a/docker-compose.yml b/docker-compose.yml index a00825c71..1e27d91ed 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -46,7 +46,7 @@ services: # postgres postgres: - image: docker.io/postgres:16-alpine + image: docker.io/postgres:17-alpine healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s From d3ce916073415c62c9ef0a102895a0b394040082 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 12:47:04 +0000 Subject: [PATCH 176/318] Update dependency sentry-sdk to v2.16.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6dfd15240..1ec98a44f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==4.8.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.14.0 +sentry-sdk[django]==2.16.0 From 5354b142cb08b89420d4c506239f275d30bf7680 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 16:41:06 +0000 Subject: [PATCH 177/318] Update dependency django-auth-ldap to v5 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6dfd15240..5b5ef2de9 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==4.8.0 +django-auth-ldap==5.0.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.1 python3-saml==1.16.0 --no-binary lxml,xmlsec From bffdc6d82243d795e312490a1a94444e7ab612e0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 14:38:27 +0000 Subject: [PATCH 178/318] Update dependency dulwich to v0.22.3 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 318639747..4749227a2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.0.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 -dulwich==0.22.1 +dulwich==0.22.3 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.16.0 From cc6a35b6368bfc98673e7cef5f70112be9c63f62 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 17 Oct 2024 13:18:36 +0000 Subject: [PATCH 179/318] Update dependency django-auth-ldap to v5.1.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4749227a2..6d93f1819 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==5.0.0 +django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.3 python3-saml==1.16.0 --no-binary lxml,xmlsec From 8453eab8ddb7ae4d2c8aa7d5878a51dadf9ff13c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 17 Oct 2024 13:18:41 +0000 Subject: [PATCH 180/318] Update dependency sentry-sdk to v2.17.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4749227a2..106171850 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.0.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.3 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.16.0 +sentry-sdk[django]==2.17.0 From 8fcbc5c2943af5be5de2e54b9cc279cc62bfd288 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 13:38:59 +0000 Subject: [PATCH 181/318] Update dependency dulwich to v0.22.4 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 8e8664ec4..d2b329d35 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 -dulwich==0.22.3 +dulwich==0.22.4 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.17.0 From 50721989bf3b0a980d8e3b3e75ca42b42fa1b3ea Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 17:39:16 +0000 Subject: [PATCH 182/318] Update dependency sentry-sdk to v2.18.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d2b329d35..d43bfd71e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.4 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.17.0 +sentry-sdk[django]==2.18.0 From afd18c6f395539b853a0c07fea8711a324f3b3b7 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 5 Nov 2024 12:52:50 +0100 Subject: [PATCH 183/318] Fixes #1331: Added 'forwarded' section Unit config Simplifies the listener configuration by using a wildcard for the IP and adds a forwarded section that trusts all proxies on RFC1918 networks. --- docker/nginx-unit.json | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index fc33a2c6b..76415f5c3 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -1,16 +1,20 @@ { "listeners": { - "0.0.0.0:8080": { - "pass": "routes/main" - }, - "[::]:8080": { - "pass": "routes/main" - }, - "0.0.0.0:8081": { - "pass": "routes/status" + "*:8080": { + "pass": "routes/main", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + } }, - "[::]:8081": { - "pass": "routes/status" + "*:8081": { + "pass": "routes/status", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + } } }, "routes": { From dcc8a624baec8b604ab0c4d2a0b8b4aa02657b2f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 7 Nov 2024 16:51:46 +0000 Subject: [PATCH 184/318] Update dependency dulwich to v0.22.5 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d43bfd71e..dc84e61d5 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 -dulwich==0.22.4 +dulwich==0.22.5 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.18.0 From bf0cecc7fde9e59ee8ed4ca926ff1f444725f9d0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 18 Nov 2024 01:40:01 +0000 Subject: [PATCH 185/318] Update dependency dulwich to v0.22.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index dc84e61d5..60146c5c6 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 -dulwich==0.22.5 +dulwich==0.22.6 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.18.0 From d8ac6f828ce5562f0012d25089779b38e0fafd14 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 19 Nov 2024 15:58:22 +0100 Subject: [PATCH 186/318] Removed LOGIN_REQUIRED --- test-configuration/test_config.py | 1 - 1 file changed, 1 deletion(-) diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 09bd5dcb9..884defd42 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -4,4 +4,3 @@ } DEFAULT_PERMISSIONS = {} -LOGIN_REQUIRED = False From 404b4bcffe88c7fdf71e0b3e3cda283f71da31e7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 17:26:58 +0000 Subject: [PATCH 187/318] Update dependency sentry-sdk to v2.19.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 60146c5c6..99b2ab55a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.6 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.18.0 +sentry-sdk[django]==2.19.0 From c416a054aeaac438f9935644280dc9c8327e4f77 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 17:56:35 +0000 Subject: [PATCH 188/318] Update dependency sentry-sdk to v2.19.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 99b2ab55a..40b22b339 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.6 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.19.0 +sentry-sdk[django]==2.19.1 From 0c0c468386e3c0862202b384763f05fb6a61d5cb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 6 Dec 2024 09:44:23 +0000 Subject: [PATCH 189/318] Update dependency sentry-sdk to v2.19.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 40b22b339..4c87e7368 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.6 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.19.1 +sentry-sdk[django]==2.19.2 From 49d80c9109110fcb205ec0e0f3b8a72933de5c6c Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 18 Dec 2024 12:41:10 +0100 Subject: [PATCH 190/318] Make superlinter happy --- docker-compose.test.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index e1f33729f..8e89790fc 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -9,9 +9,9 @@ services: redis-cache: condition: service_healthy env_file: env/netbox.env - user: 'unit:root' + user: "unit:root" volumes: - - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro + - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: test: curl -f http://localhost:8080/login/ || exit 1 start_period: ${NETBOX_START_PERIOD-120s} @@ -20,9 +20,9 @@ services: netbox-worker: <<: *netbox command: - - /opt/netbox/venv/bin/python - - /opt/netbox/netbox/manage.py - - rqworker + - /opt/netbox/venv/bin/python + - /opt/netbox/netbox/manage.py + - rqworker healthcheck: test: ps -aux | grep -v grep | grep -q rqworker || exit 1 start_period: 40s @@ -31,7 +31,7 @@ services: netbox-housekeeping: <<: *netbox command: - - /opt/netbox/housekeeping.sh + - /opt/netbox/housekeeping.sh healthcheck: test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 start_period: 40s @@ -51,12 +51,12 @@ services: redis: &redis image: docker.io/valkey/valkey:8.0-alpine command: - - sh - - -c # this is to evaluate the $REDIS_PASSWORD from the env - - valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose + - sh + - -c # this is to evaluate the $REDIS_PASSWORD from the env + - valkey-server --save "" --appendonly no --requirepass $$REDIS_PASSWORD ## $$ because of docker-compose env_file: env/redis.env healthcheck: - test: "[ $$(valkey-cli --pass \"$${REDIS_PASSWORD}\" ping) = 'PONG' ]" + test: '[ $$(valkey-cli --pass "$${REDIS_PASSWORD}" ping) = ''PONG'' ]' start_period: 5s timeout: 3s interval: 1s From 878b3b6abb3e2e373a052ecbb9e80a9473e27105 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 18:26:11 +0000 Subject: [PATCH 191/318] Update dependency dulwich to v0.22.7 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4c87e7368..9641dd46d 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 -dulwich==0.22.6 +dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml,xmlsec sentry-sdk[django]==2.19.2 From 1a70f971c090e9af09205a9fc21b1bae8d5f8731 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 4 Jan 2025 10:59:12 +0100 Subject: [PATCH 192/318] Prepare for Netbox 4.2 --- .github/workflows/push.yml | 2 +- .github/workflows/release.yml | 2 +- Dockerfile | 4 ++-- VERSION | 2 +- build.sh | 33 +++++++++++++-------------------- docker-compose.yml | 2 +- 6 files changed, 19 insertions(+), 26 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 41d4d40f4..43a56c3ea 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -55,7 +55,7 @@ jobs: - ./build-latest.sh - PRERELEASE=true ./build-latest.sh - ./build.sh feature - - ./build.sh develop + - ./build.sh main os: - ubuntu-latest - self-hosted diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b90bf1580..8f1656d5e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ jobs: - ./build-latest.sh - PRERELEASE=true ./build-latest.sh - ./build.sh feature - - ./build.sh develop + - ./build.sh main platform: - linux/amd64,linux/arm64 fail-fast: false diff --git a/Dockerfile b/Dockerfile index 1c17caa93..0611f720e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,8 +71,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.33.0-1~noble \ - unit-python3.12=1.33.0-1~noble \ + unit=1.34.0-1~noble \ + unit-python3.12=1.34.0-1~noble \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv diff --git a/VERSION b/VERSION index b50214693..fd2a01863 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.0.2 +3.1.0 diff --git a/build.sh b/build.sh index df85df7c2..a7ac817ad 100755 --- a/build.sh +++ b/build.sh @@ -39,9 +39,8 @@ SKIP_GIT If defined, git is not invoked and \${NETBOX_PATH} will not be alter TAG The version part of the image tag. ${_GREEN}Default:${_CLEAR} - When =master: latest - When =develop: snapshot - Else: same as + When =main: snapshot + Else: same as IMAGE_NAMES The names used for the image including the registry Used for tagging the image. @@ -104,24 +103,21 @@ GH_ACTION If defined, special 'echo' statements are enabled that set the ${_GREEN}Default:${_CLEAR} undefined CHECK_ONLY Only checks if the build is needed and sets the GH Action output. + ${_GREEN}Default:${_CLEAR} undefined ${_BOLD}Examples:${_CLEAR} -${0} master - This will fetch the latest 'master' branch, build a Docker Image and tag it - 'netboxcommunity/netbox:latest'. - -${0} develop - This will fetch the latest 'develop' branch, build a Docker Image and tag it +${0} main + This will fetch the latest 'main' branch, build a Docker Image and tag it 'netboxcommunity/netbox:snapshot'. -${0} v2.6.6 - This will fetch the 'v2.6.6' tag, build a Docker Image and tag it - 'netboxcommunity/netbox:v2.6.6' and 'netboxcommunity/netbox:v2.6'. +${0} v4.2.0 + This will fetch the 'v4.2.0' tag, build a Docker Image and tag it + 'netboxcommunity/netbox:v4.2.0' and 'netboxcommunity/netbox:v4.2'. -${0} develop-2.7 - This will fetch the 'develop-2.7' branch, build a Docker Image and tag it - 'netboxcommunity/netbox:develop-2.7'. +${0} feature + This will fetch the 'feature' branch, build a Docker Image and tag it + 'netboxcommunity/netbox:feature'. SRC_ORG=cimnine ${0} feature-x This will fetch the 'feature-x' branch from https://github.com/cimnine/netbox.git, @@ -259,10 +255,7 @@ DOCKER_REGISTRY="${DOCKER_REGISTRY-docker.io}" DOCKER_ORG="${DOCKER_ORG-netboxcommunity}" DOCKER_REPO="${DOCKER_REPO-netbox}" case "${NETBOX_BRANCH}" in -master) - TAG="${TAG-latest}" - ;; -develop) +main) TAG="${TAG-snapshot}" ;; *) @@ -278,7 +271,7 @@ TARGET_DOCKER_TAG_PROJECT="${TARGET_DOCKER_TAG}-${PROJECT_VERSION}" ### # composing the additional DOCKER_SHORT_TAG, -# i.e. "v2.6.1" becomes "v2.6", +# i.e. "v4.2.0" becomes "v4.2", # which is only relevant for version tags # Also let "latest" follow the highest version ### diff --git a/docker-compose.yml b/docker-compose.yml index 1e27d91ed..c91c7b713 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.1-3.0.2} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.0} depends_on: - postgres - redis From a194302a4147e3b25635819a4fdc71d0377d0a4a Mon Sep 17 00:00:00 2001 From: Mathijs van Willigen Date: Mon, 13 Jan 2025 10:34:37 +0100 Subject: [PATCH 193/318] Update Nginx unit to 1.34.1 This fixes the OTel bug in nginx unit 1.34.0. Signed-off-by: Mathijs van Willigen --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0611f720e..50b721b29 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,8 +71,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get install \ --yes -qq --no-install-recommends \ - unit=1.34.0-1~noble \ - unit-python3.12=1.34.0-1~noble \ + unit=1.34.1-1~noble \ + unit-python3.12=1.34.1-1~noble \ && rm -rf /var/lib/apt/lists/* COPY --from=builder /opt/netbox/venv /opt/netbox/venv From 6fd2681449d3c2d256adeb44de0d6734d1017fad Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Jan 2025 17:12:54 +0000 Subject: [PATCH 194/318] Update dependency sentry-sdk to v2.20.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 9641dd46d..e3095a9fc 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -2,4 +2,4 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml,xmlsec -sentry-sdk[django]==2.19.2 +sentry-sdk[django]==2.20.0 From b56c45b4ee0f2760683ff53c0031baf67fba19e0 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 16 Jan 2025 17:58:06 +0100 Subject: [PATCH 195/318] Use hosted Ubuntu 24.04 runners --- .github/workflows/push.yml | 24 +++++++++++++++--------- .github/workflows/release.yml | 2 +- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 43a56c3ea..f0db36e00 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -16,19 +16,20 @@ concurrency: jobs: lint: - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Checks syntax of our code + permissions: + contents: read + packages: read + statuses: write steps: - uses: actions/checkout@v4 with: # Full git history is needed to get a proper # list of changed files within `super-linter` fetch-depth: 0 - - uses: actions/setup-python@v5 - with: - python-version: "3.9" - name: Lint Code Base - uses: github/super-linter@v7 + uses: super-linter/super-linter@v7 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -57,8 +58,8 @@ jobs: - ./build.sh feature - ./build.sh main os: - - ubuntu-latest - - self-hosted + - ubuntu-24.04 + - ubuntu-24.04-arm fail-fast: false env: GH_ACTION: enable @@ -73,9 +74,14 @@ jobs: - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - id: arm-install-skopeo + name: Install 'skopeo' on ARM64 + if: matrix.os == 'ubuntu-24.04-arm' + run: | + sudo apt-get install -y skopeo - id: arm-buildx-platform name: Set BUILDX_PLATFORM to ARM64 - if: matrix.os == 'self-hosted' + if: matrix.os == 'ubuntu-24.04-arm' run: | echo "BUILDX_PLATFORM=linux/arm64" >>"${GITHUB_ENV}" - id: docker-build @@ -85,7 +91,7 @@ jobs: BUILDX_BUILDER_NAME: ${{ steps.buildx-setup.outputs.name }} - id: arm-time-limit name: Set Netbox container start_period higher on ARM64 - if: matrix.os == 'self-hosted' + if: matrix.os == 'ubuntu-24.04-arm' run: | echo "NETBOX_START_PERIOD=240s" >>"${GITHUB_ENV}" - id: docker-test diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8f1656d5e..347874e46 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,7 +21,7 @@ jobs: platform: - linux/amd64,linux/arm64 fail-fast: false - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 name: Builds new NetBox Docker Images env: GH_ACTION: enable From f394400b2bfd9c13dee3210ce6ae557c0c0f5daa Mon Sep 17 00:00:00 2001 From: Marco Kamner Date: Fri, 17 Jan 2025 15:28:32 +0100 Subject: [PATCH 196/318] Feature: Support ISOLATED_DEPLOYMENT setting --- configuration/configuration.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 9691592f2..577c3f4f3 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -348,3 +348,5 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # Time zone (default: UTC) TIME_ZONE = environ.get('TIME_ZONE', 'UTC') +# If true disables miscellaneous functionality which depends on access to the Internet. +ISOLATED_DEPLOYMENT = _environ_get_and_map('ISOLATED_DEPLOYMENT', 'False', _AS_BOOL) From e48a1b685b0600d5b2612aade66870aa0cecb960 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 20 Jan 2025 08:53:40 +0100 Subject: [PATCH 197/318] Preparation for 3.1.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index fd2a01863..94ff29cc4 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.1.0 +3.1.1 diff --git a/docker-compose.yml b/docker-compose.yml index c91c7b713..f222d6829 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.1} depends_on: - postgres - redis From 0ec4c5d7952f97b45fc027a7f1780855e6c7d8ea Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 20 Jan 2025 10:38:42 +0100 Subject: [PATCH 198/318] Display Docker image version --- .dockerignore | 3 +++ Dockerfile | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.dockerignore b/.dockerignore index 0a0ae310d..ea4976e2a 100644 --- a/.dockerignore +++ b/.dockerignore @@ -5,6 +5,9 @@ docker-compose* env test-configuration .netbox/.git* +.netbox/.pre-commit-config.yaml +.netbox/.readthedocs.yaml +.netbox/.tx .netbox/contrib .netbox/scripts .netbox/upgrade.sh diff --git a/Dockerfile b/Dockerfile index 50b721b29..743929e3a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,6 +89,7 @@ COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh COPY configuration/ /etc/netbox/config/ COPY docker/nginx-unit.json /etc/unit/ +COPY VERSION /opt/netbox/VERSION WORKDIR /opt/netbox/netbox @@ -99,7 +100,9 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input + && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ + && mkdir /opt/netbox/netbox/local \ + && echo "edition: Community (Docker image $(cat /opt/netbox/VERSION))" > /opt/netbox/netbox/local/release.yaml ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH ENTRYPOINT [ "/usr/bin/tini", "--" ] From 607ae32450acdf25c793cbd4c21e5e1bd137bce7 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 24 Jan 2025 14:31:41 +0100 Subject: [PATCH 199/318] Updates for new branch names --- README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7b70f819a..0992a6709 100644 --- a/README.md +++ b/README.md @@ -72,18 +72,16 @@ New container images are built and published automatically every ~24h. These are release builds, containing the latest stable version of NetBox. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. - These images are automatically built from [the `master` branch of NetBox][netbox-master]. * `snapshot-a.b.c`: These are prerelease builds. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. - These images are automatically built from the [`develop` branch of NetBox][netbox-develop]. + These images are automatically built from the [`main` branch of NetBox][netbox-main]. For each of the above tag, there is an extra tag: * `vX.Y.Z`, `vX.Y`: This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively). - It always points to the latest version of _NetBox Docker_. * `latest` This is the same version as `latest-a.b.c`. It always points to the latest version of _NetBox Docker_. @@ -92,8 +90,7 @@ For each of the above tag, there is an extra tag: It always points to the latest version of _NetBox Docker_. [netbox-releases]: https://github.com/netbox-community/netbox/releases -[netbox-master]: https://github.com/netbox-community/netbox/tree/master -[netbox-develop]: https://github.com/netbox-community/netbox/tree/develop +[netbox-main]: https://github.com/netbox-community/netbox/tree/main ## Documentation From 60db7e6c90b8ae76bc60df9ae3cabfc37bfa35e5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 24 Jan 2025 14:45:00 +0100 Subject: [PATCH 200/318] Make Superlinter happy --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 0992a6709..588c6ec4e 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. Do you have any questions? -Before opening an issue on Github, +Before opening an issue on GitHub, please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers @@ -63,16 +63,16 @@ New container images are built and published automatically every ~24h. > We recommend to use either the `vX.Y.Z-a.b.c` tags or the `vX.Y-a.b.c` tags in production! -* `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`: +- `vX.Y.Z-a.b.c`, `vX.Y-a.b.c`: These are release builds containing _NetBox version_ `vX.Y.Z`. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. These images are automatically built from [the corresponding releases of NetBox][netbox-releases]. -* `latest-a.b.c`: +- `latest-a.b.c`: These are release builds, containing the latest stable version of NetBox. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. -* `snapshot-a.b.c`: +- `snapshot-a.b.c`: These are prerelease builds. They contain the support files of _NetBox Docker version_ `a.b.c`. You must use _NetBox Docker version_ `a.b.c` to guarantee the compatibility. @@ -80,12 +80,12 @@ New container images are built and published automatically every ~24h. For each of the above tag, there is an extra tag: -* `vX.Y.Z`, `vX.Y`: +- `vX.Y.Z`, `vX.Y`: This is the same version as `vX.Y.Z-a.b.c` (or `vX.Y-a.b.c`, respectively). -* `latest` +- `latest` This is the same version as `latest-a.b.c`. It always points to the latest version of _NetBox Docker_. -* `snapshot` +- `snapshot` This is the same version as `snapshot-a.b.c`. It always points to the latest version of _NetBox Docker_. @@ -117,9 +117,9 @@ you may find [the `#netbox` channel][netbox-slack-channel] on the same Slack ins This project relies only on _Docker_ and _docker-compose_ meeting these requirements: -* The _Docker version_ must be at least `20.10.10`. -* The _containerd version_ must be at least `1.5.6`. -* The _docker-compose version_ must be at least `1.28.0`. +- The _Docker version_ must be at least `20.10.10`. +- The _containerd version_ must be at least `1.5.6`. +- The _docker-compose version_ must be at least `1.28.0`. To check the version installed on your system run `docker --version` and `docker compose version`. From 1bd16cec68f889edd0eac07c3c82de260bc7169e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 25 May 2024 16:53:57 +0200 Subject: [PATCH 201/318] First draft for PRINCIPALS.md, MAINTAINERS.md --- MAINTAINERS.md | 20 ++++++++++++++++ PRINCIPALS.md | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 26 ++++++++++++++------- 3 files changed, 100 insertions(+), 8 deletions(-) create mode 100644 MAINTAINERS.md create mode 100644 PRINCIPALS.md diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 000000000..8018a1384 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,20 @@ +# Maintainers of _NetBox Docker_ + +This file lists all currently recognized maintainers of the _NetBox Docker_ project in alphabetical order: + +- @cimnine +- @tobiasge + +## Stepping Down + +Every maintainer is a volunteer and may step down as maintainer at any time without providing any reason. +To make this explicit, the maintainer is asked to update this file. + +The last maintainer stepping down is asked to archive the project on GitHub to indicate that the project is no longer maintained. + +## Signing up + +Everyone is welcome to sign up as maintainer by creating a PR and add their own username to the list. +The current maintainers shall discuss the application. +They may turn down an application. +They shall provide a reason when doing so. diff --git a/PRINCIPALS.md b/PRINCIPALS.md new file mode 100644 index 000000000..5a9106a39 --- /dev/null +++ b/PRINCIPALS.md @@ -0,0 +1,62 @@ +# Development, Maintenance and Community Principals for _NetBox Docker_ + +This principals shall guide the development and the maintenance of _NetBox Docker_. + +## Basic principals + +This project is maintained on voluntary basis. +Everyone is asked to respect that. + +This means, that … + +- … sometimes features are not implemented as fast as one might like -- or not at all. +- … sometimes nobody is looking at bugs or they are not fixed as fast as one might like -- or not at all. +- … sometimes PRs are not reviewed for an extended period. + +Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. + +## Development Principals + +The goal of the _NetBox Docker_ project is to provide a container to run the basic NetBox project. +The container should feel like a native container -- as if it were provided by NetBox itself: + +- Configuration via environment variables where feasible. +- Configuration of secrets via secret files. +- Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). +- Volumes for data and cache directories. +- Runs a non-root user by default. +- One process / role for each instance. + +There is one exception for the configuration: +Whenever a `dict` is required as value of a configuration setting, then it must not be provided through an environment variable. + +The container generally does not provide more features than the basic NetBox project itself provides. +It may provide additional Python dependencies than the upstream project, so that all features of NetBox can be used in the container. +It may provide helpers, so that the container feels and behaves like a native container. + +The container does not come with pre-bundled plugins. + +## Maintenance Principals + +The main goals of maintainig _NetBox Docker_ are: + +- Keeping the project on a high quality level. +- Keeping the maintenance effort minimal. +- Coordinating development efforts. + +The following guidelines help us to achieve these goals: + +- As many maintenance tasks as possible shall be automated or scripted. +- All manual tasks must be documented. +- All changes are reviewed by at least one maintainer. + - Changes of maintainers are reviewed by at least one other maintainer. +- The infrastructure beyond what GitHub provides shall be kept to a minimum. + - On request, every maintainer shall get access to infrastructure that is beyond GitHub (at the time of writing that's _Docker Hub_ and _Quay_ in particular). + +## Community Principals + +This project is developed by the NetBox community for the NetBox community. +We welcome contributions, as long as they are in line with the principals above. + +The maintainers of NetBox Docker are not the support team. +The community is expected to help each other out. diff --git a/README.md b/README.md index 588c6ec4e..3651fac8e 100644 --- a/README.md +++ b/README.md @@ -8,11 +8,16 @@ [![GitHub license](https://img.shields.io/github/license/netbox-community/netbox-docker)][netbox-docker-license] [The GitHub repository][netbox-docker-github] houses the components needed to build NetBox as a container. -Images are built regularly using the code in that repository and are pushed to [Docker Hub][netbox-dockerhub], [Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. +Images are built regularly using the code in that repository +and are pushed to [Docker Hub][netbox-dockerhub], +[Quay.io][netbox-quayio] and [GitHub Container Registry][netbox-ghcr]. +_NetBox Docker_ is a project developed and maintained by the _NetBox_ community. Do you have any questions? Before opening an issue on GitHub, -please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel. +please join [our Slack][netbox-docker-slack] +and ask for help in the [`#netbox-docker`][netbox-docker-slack-channel] channel, +or start a new [GitHub Discussion][github-discussions]. [github-stargazers]: https://github.com/netbox-community/netbox-docker/stargazers [github-release]: https://github.com/netbox-community/netbox-docker/releases @@ -24,6 +29,7 @@ please join [our Slack][netbox-docker-slack] and ask for help in the [`#netbox-d [netbox-docker-slack-channel]: https://netdev-community.slack.com/archives/C01P0GEVBU7 [netbox-slack-channel]: https://netdev-community.slack.com/archives/C01P0FRSXRV [netbox-docker-license]: https://github.com/netbox-community/netbox-docker/blob/release/LICENSE +[github-discussions]: https://github.com/netbox-community/netbox-docker/discussions ## Quickstart @@ -53,7 +59,8 @@ To create the first admin user run this command: docker compose exec netbox /opt/netbox/netbox/manage.py createsuperuser ``` -If you need to restart Netbox from an empty database often, you can also set the `SUPERUSER_*` variables in your `docker-compose.override.yml` as shown in the example. +If you need to restart Netbox from an empty database often, +you can also set the `SUPERUSER_*` variables in your `docker-compose.override.yml`. [wiki-getting-started]: https://github.com/netbox-community/netbox-docker/wiki/Getting-Started @@ -106,7 +113,7 @@ Feel free to correct errors, update outdated information or provide additional g Feel free to ask questions in our [GitHub Community][netbox-community] or [join our Slack][netbox-docker-slack] and ask [in our channel `#netbox-docker`][netbox-docker-slack-channel], -which is free to use and where there are almost always people online that can help you in the Slack channel. +which is free to use and where there are almost always people online that can help you. If you need help with using NetBox or developing for it or against it's API you may find [the `#netbox` channel][netbox-slack-channel] on the same Slack instance very helpful. @@ -126,7 +133,7 @@ To check the version installed on your system run `docker --version` and `docker ## Updating Please read [the release notes][releases] carefully when updating to a new image version. -Note that the version of the NetBox Docker container image must stay in sync with the code. +Note that the version of the NetBox Docker container image must stay in sync with the version of the git repository. If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating]. @@ -135,7 +142,8 @@ If you update for the first time, be sure [to follow our _How To Update NetBox D ## Rebuilding the Image -`./build.sh` can be used to rebuild the container image. See `./build.sh --help` for more information. +`./build.sh` can be used to rebuild the container image. +See `./build.sh --help` for more information or `./build-latest.sh` for an example. For more details on custom builds [consult our wiki][netbox-docker-wiki-build]. @@ -144,13 +152,15 @@ For more details on custom builds [consult our wiki][netbox-docker-wiki-build]. ## Tests We have a test script. -It runs NetBox's own unit tests and ensures that all initializers work: +It runs NetBox's own unit tests and ensures that NetBox starts: ```bash -IMAGE=netboxcommunity/netbox:latest ./test.sh +IMAGE=docker.io/netboxcommunity/netbox:latest ./test.sh ``` ## Support This repository is currently maintained by the community. +The community is expected to help each other. + Please consider sponsoring the maintainers of this project. From 7516e5d00d571f3d585f7434c0fea94cfefb94c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 3 Jun 2024 20:55:35 +0200 Subject: [PATCH 202/318] Remove having to provide a reason for turning down applications --- MAINTAINERS.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/MAINTAINERS.md b/MAINTAINERS.md index 8018a1384..a3071eb0d 100644 --- a/MAINTAINERS.md +++ b/MAINTAINERS.md @@ -16,5 +16,4 @@ The last maintainer stepping down is asked to archive the project on GitHub to i Everyone is welcome to sign up as maintainer by creating a PR and add their own username to the list. The current maintainers shall discuss the application. -They may turn down an application. -They shall provide a reason when doing so. +They may turn down an application if they don't feel confident that the new maintainer is a positive addition. From 052b17d5c13c0e12a71902076384c41b52bb962f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 3 Jun 2024 21:06:01 +0200 Subject: [PATCH 203/318] Slight improvements --- PRINCIPALS.md | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 5a9106a39..6d77cae9a 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -21,26 +21,27 @@ The goal of the _NetBox Docker_ project is to provide a container to run the bas The container should feel like a native container -- as if it were provided by NetBox itself: - Configuration via environment variables where feasible. + - Except: Whenever a `dict` is required as value of a configuration setting, + then it must not be provided through an environment variable. - Configuration of secrets via secret files. - Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). - Volumes for data and cache directories. + - Otherwise no mounts shall be necessary. - Runs a non-root user by default. - One process / role for each instance. -There is one exception for the configuration: -Whenever a `dict` is required as value of a configuration setting, then it must not be provided through an environment variable. - The container generally does not provide more features than the basic NetBox project itself provides. -It may provide additional Python dependencies than the upstream project, so that all features of NetBox can be used in the container. -It may provide helpers, so that the container feels and behaves like a native container. +It may provide additional Python dependencies than the upstream project, +so that all configurable features of NetBox can be used in the container without further modification. +The container may provide helpers, so that it feels and behaves like a native container. -The container does not come with pre-bundled plugins. +The container does not bundle any community plugins. ## Maintenance Principals The main goals of maintainig _NetBox Docker_ are: -- Keeping the project on a high quality level. +- Keeping the project at a high quality level. - Keeping the maintenance effort minimal. - Coordinating development efforts. @@ -60,3 +61,9 @@ We welcome contributions, as long as they are in line with the principals above. The maintainers of NetBox Docker are not the support team. The community is expected to help each other out. + +Always remember: +Behind every screen (or screen-reader) on the other end is a fellow human. +Be nice and respectful, thankful for help, +and value ideas and contributions, +even when they don't fit the goals. From 0082261007656450c0b7560c6eb5f717449261c2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Sat, 1 Feb 2025 16:24:26 +0100 Subject: [PATCH 204/318] Fix typos --- PRINCIPALS.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 6d77cae9a..9ef6cf57a 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -1,6 +1,6 @@ # Development, Maintenance and Community Principals for _NetBox Docker_ -This principals shall guide the development and the maintenance of _NetBox Docker_. +These principals shall guide the development and the maintenance of _NetBox Docker_. ## Basic principals @@ -10,7 +10,7 @@ Everyone is asked to respect that. This means, that … - … sometimes features are not implemented as fast as one might like -- or not at all. -- … sometimes nobody is looking at bugs or they are not fixed as fast as one might like -- or not at all. +- … sometimes nobody is looking at bugs, or they are not fixed as fast as one might like -- or not at all. - … sometimes PRs are not reviewed for an extended period. Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. @@ -21,12 +21,12 @@ The goal of the _NetBox Docker_ project is to provide a container to run the bas The container should feel like a native container -- as if it were provided by NetBox itself: - Configuration via environment variables where feasible. - - Except: Whenever a `dict` is required as value of a configuration setting, - then it must not be provided through an environment variable. + - Except: Whenever a complex type such as a `dict` is required as value of a configuration setting, + then it shall not be provided through an environment variable. - Configuration of secrets via secret files. -- Log output to standard out (STDOUT/&1) / standard error (STDERR/&2). +- Log output to standard out (STDOUT/`&1`) / standard error (STDERR/`&2`). - Volumes for data and cache directories. - - Otherwise no mounts shall be necessary. + - Otherwise, no mounts shall be necessary. - Runs a non-root user by default. - One process / role for each instance. @@ -39,7 +39,7 @@ The container does not bundle any community plugins. ## Maintenance Principals -The main goals of maintainig _NetBox Docker_ are: +The main goals of maintaining _NetBox Docker_ are: - Keeping the project at a high quality level. - Keeping the maintenance effort minimal. @@ -51,8 +51,10 @@ The following guidelines help us to achieve these goals: - All manual tasks must be documented. - All changes are reviewed by at least one maintainer. - Changes of maintainers are reviewed by at least one other maintainer. + (Except if there's only one maintainer left.) - The infrastructure beyond what GitHub provides shall be kept to a minimum. - - On request, every maintainer shall get access to infrastructure that is beyond GitHub (at the time of writing that's _Docker Hub_ and _Quay_ in particular). + - On request, every maintainer shall get access to infrastructure that is beyond GitHub + (at the time of writing that's _Docker Hub_ and _Quay_ in particular). ## Community Principals From 5332504c5a0c5dcadb457a8d182861140c0a7577 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20M=C3=A4der?= Date: Mon, 3 Feb 2025 08:54:56 +0100 Subject: [PATCH 205/318] Implement linter feedback --- PRINCIPALS.md | 2 +- README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PRINCIPALS.md b/PRINCIPALS.md index 9ef6cf57a..f2d03554c 100644 --- a/PRINCIPALS.md +++ b/PRINCIPALS.md @@ -13,7 +13,7 @@ This means, that … - … sometimes nobody is looking at bugs, or they are not fixed as fast as one might like -- or not at all. - … sometimes PRs are not reviewed for an extended period. -Everyone is welcome to provide improvements and bug fixes to the benefit of everyone else. +Everyone is welcome to provide improvements and bugfixes to the benefit of everyone else. ## Development Principals diff --git a/README.md b/README.md index 3651fac8e..d5af47780 100644 --- a/README.md +++ b/README.md @@ -133,7 +133,7 @@ To check the version installed on your system run `docker --version` and `docker ## Updating Please read [the release notes][releases] carefully when updating to a new image version. -Note that the version of the NetBox Docker container image must stay in sync with the version of the git repository. +Note that the version of the NetBox Docker container image must stay in sync with the version of the Git repository. If you update for the first time, be sure [to follow our _How To Update NetBox Docker_ guide in the wiki][netbox-docker-wiki-updating]. From ab948e467cd49640a0bc14a83548b09491124122 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 4 Feb 2025 20:02:57 +0100 Subject: [PATCH 206/318] Ignore actionlint error for now --- actionlint.yml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 actionlint.yml diff --git a/actionlint.yml b/actionlint.yml new file mode 100644 index 000000000..28fadea16 --- /dev/null +++ b/actionlint.yml @@ -0,0 +1,5 @@ +--- +paths: + .github/workflows/**/*.{yml,yaml}: + ignore: + - ".*ubuntu-24.04-arm.*" From 542538bf5c2140f5397a110e5381b03e4eca3cb1 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 29 Jan 2025 07:51:22 +0100 Subject: [PATCH 207/318] Improved image build - Fix #1383: Setting DEBUG = true when collection the static files enables the use of the Django debug toolbar. - Fix #1385: Use uv as package manager instead of pip speeds up the build. - Nice display of Docker image version --- Dockerfile | 23 ++++++++++------------- requirements-container.txt | 4 +++- 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 743929e3a..e62704497 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ ARG FROM FROM ${FROM} AS builder +COPY --from=ghcr.io/astral-sh/uv:0.5 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ @@ -20,16 +21,11 @@ RUN export DEBIAN_FRONTEND=noninteractive \ libxslt-dev \ pkg-config \ python3-dev \ - python3-pip \ - python3-venv \ - && python3 -m venv /opt/netbox/venv \ - && /opt/netbox/venv/bin/python3 -m pip install --upgrade \ - pip \ - setuptools \ - wheel + && /usr/local/bin/uv venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / +ENV VIRTUAL_ENV=/opt/netbox/venv RUN \ # Gunicorn is not needed because we use Nginx Unit sed -i -e '/gunicorn/d' /requirements.txt && \ @@ -37,7 +33,7 @@ RUN \ # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \ - /opt/netbox/venv/bin/pip install \ + /usr/local/bin/uv pip install \ -r /requirements.txt \ -r /requirements-container.txt @@ -75,12 +71,13 @@ RUN export DEBIAN_FRONTEND=noninteractive \ unit-python3.12=1.34.1-1~noble \ && rm -rf /var/lib/apt/lists/* +# Copy the modified 'requirements*.txt' files, to have the files actually used during installation +COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ +COPY --from=builder /usr/local/bin/uv /usr/local/bin/ COPY --from=builder /opt/netbox/venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH} /opt/netbox -# Copy the modified 'requirements*.txt' files, to have the files actually used during installation -COPY --from=builder /requirements.txt /requirements-container.txt /opt/netbox/ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py @@ -100,11 +97,11 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ + && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ && mkdir /opt/netbox/netbox/local \ - && echo "edition: Community (Docker image $(cat /opt/netbox/VERSION))" > /opt/netbox/netbox/local/release.yaml + && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml -ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH +ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH VIRTUAL_ENV=/opt/netbox/venv UV_NO_CACHE=1 ENTRYPOINT [ "/usr/bin/tini", "--" ] CMD [ "/opt/netbox/docker-entrypoint.sh", "/opt/netbox/launch-netbox.sh" ] diff --git a/requirements-container.txt b/requirements-container.txt index e3095a9fc..c00be208d 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,7 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 dulwich==0.22.7 -python3-saml==1.16.0 --no-binary lxml,xmlsec +python3-saml==1.16.0 +--no-binary lxml +--no-binary xmlsec sentry-sdk[django]==2.20.0 From b1d6e3caaac443dd8bd104d27c5b6c2603e0c689 Mon Sep 17 00:00:00 2001 From: Paul Donald Date: Tue, 4 Feb 2025 21:47:24 +0100 Subject: [PATCH 208/318] udpate issue reporting (#1329) * Update issue report string * Remove docker version string from placeholder (now obsolete) --- .github/ISSUE_TEMPLATE/bug_report.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 4aa05407d..bc64d3de9 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -48,7 +48,7 @@ body: id: docker-compose-version attributes: label: Docker Compose Version - description: Please paste the output of `docker-compose version` + description: Please paste the output of `docker-compose version` (or `docker compose version`) placeholder: Docker Compose version vX.Y.Z validations: required: true @@ -139,7 +139,6 @@ body: description: Please paste the output of `cat docker-compose.override.yml` render: yaml placeholder: | - version: '3.4' services: netbox: ports: From 230cd09cb52e80d62fd53be307a1199124611e98 Mon Sep 17 00:00:00 2001 From: Mikulas Willaschek Date: Tue, 28 Jan 2025 12:17:24 +0100 Subject: [PATCH 209/318] Update nginx-unit.json with new listeners and forwarded sources --- docker/nginx-unit.json | 38 ++++++++++++++++++++++++++++++++++---- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index 76415f5c3..9d8092f87 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -1,19 +1,49 @@ { "listeners": { - "*:8080": { + "0.0.0.0:8080": { "pass": "routes/main", "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + "source": [ + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] } }, - "*:8081": { + "0.0.0.0:8081": { "pass": "routes/status", "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] + "source": [ + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16" + ] + } + }, + "[::]:8080": { + "pass": "routes/main", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": [ + "fc00::/7", + "fe80::/10" + ] + } + }, + "[::]:8081": { + "pass": "routes/status", + "forwarded": { + "client_ip": "X-Forwarded-For", + "protocol": "X-Forwarded-Proto", + "source": [ + "fc00::/7", + "fe80::/10" + ] } } }, From 1aa742342cec00c138c1822d4cad1d339f61f63d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 5 Feb 2025 07:20:46 +0100 Subject: [PATCH 210/318] Make superlinter happy --- docker/nginx-unit.json | 22 ++++------------------ 1 file changed, 4 insertions(+), 18 deletions(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index 9d8092f87..c095611fc 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -5,11 +5,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "10.0.0.0/8", - "172.16.0.0/12", - "192.168.0.0/16" - ] + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] } }, "0.0.0.0:8081": { @@ -17,11 +13,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "10.0.0.0/8", - "172.16.0.0/12", - "192.168.0.0/16" - ] + "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] } }, "[::]:8080": { @@ -29,10 +21,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "fc00::/7", - "fe80::/10" - ] + "source": ["fc00::/7", "fe80::/10"] } }, "[::]:8081": { @@ -40,10 +29,7 @@ "forwarded": { "client_ip": "X-Forwarded-For", "protocol": "X-Forwarded-Proto", - "source": [ - "fc00::/7", - "fe80::/10" - ] + "source": ["fc00::/7", "fe80::/10"] } } }, From cecfd627e4640fa72be3b124052ad08bf2abc42a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 5 Feb 2025 20:27:26 +0000 Subject: [PATCH 211/318] Preparation for 3.2.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 94ff29cc4..944880fa1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.1.1 +3.2.0 diff --git a/docker-compose.yml b/docker-compose.yml index f222d6829..65176c50a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.1.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.0} depends_on: - postgres - redis From 1701399b82cbe9b37480a50132a60e9131edda44 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 12 Feb 2025 11:35:22 +0000 Subject: [PATCH 212/318] Update dependency sentry-sdk to v2.21.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c00be208d..08e9bb242 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.20.0 +sentry-sdk[django]==2.21.0 From 0f0ce521d697b37c3d21f8bb3771b79d8d8f60e2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 14 Feb 2025 18:56:50 +0000 Subject: [PATCH 213/318] Update ghcr.io/astral-sh/uv Docker tag to v0.6 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index e62704497..b335a7824 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ARG FROM FROM ${FROM} AS builder -COPY --from=ghcr.io/astral-sh/uv:0.5 /uv /usr/local/bin/ +COPY --from=ghcr.io/astral-sh/uv:0.6 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ From 29bef7450a072ca4581bcb45a12d5060791cd4fd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 15 Feb 2025 18:46:36 +0000 Subject: [PATCH 214/318] Update dependency django-storages to v1.14.5 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 08e9bb242..f098c9634 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.5 dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml From 25b022203ac48beb0e62cc492cdb485c99c442b8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 15:35:24 +0000 Subject: [PATCH 215/318] Update dependency sentry-sdk to v2.22.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f098c9634..60020934f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.21.0 +sentry-sdk[django]==2.22.0 From 34c26bbd3052234992b8a7fe7bff5cdb0ae34aaf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 22:53:25 +0000 Subject: [PATCH 216/318] Update docker.io/valkey/valkey Docker tag to v8.1 --- docker-compose.test.yml | 2 +- docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 8e89790fc..bbc139c95 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -49,7 +49,7 @@ services: retries: 5 redis: &redis - image: docker.io/valkey/valkey:8.0-alpine + image: docker.io/valkey/valkey:8.1-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env diff --git a/docker-compose.yml b/docker-compose.yml index 65176c50a..bac242667 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: # redis redis: - image: docker.io/valkey/valkey:8.0-alpine + image: docker.io/valkey/valkey:8.1-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env @@ -74,7 +74,7 @@ services: volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/valkey/valkey:8.0-alpine + image: docker.io/valkey/valkey:8.1-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From 9eee74ba6118464f38758be7e6ca3b6e5227f66d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Mar 2025 03:04:24 +0000 Subject: [PATCH 217/318] Update dependency dulwich to v0.22.8 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 60020934f..5687a9fea 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==5.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.5 -dulwich==0.22.7 +dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 849f8bef071779ca9080e4194e84f64605eec59b Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 6 Mar 2025 20:47:46 +0100 Subject: [PATCH 218/318] Make superliner happy --- .ecrc => .editorconfig-checker.json | 7 +------ .github/workflows/push.yml | 2 +- 2 files changed, 2 insertions(+), 7 deletions(-) rename .ecrc => .editorconfig-checker.json (72%) diff --git a/.ecrc b/.editorconfig-checker.json similarity index 72% rename from .ecrc rename to .editorconfig-checker.json index f0c91f7c9..e10260e9b 100644 --- a/.ecrc +++ b/.editorconfig-checker.json @@ -4,15 +4,10 @@ "IgnoreDefaults": false, "SpacesAftertabs": false, "NoColor": false, - "Exclude": [ - "LICENSE", - "\\.initializers", - "\\.vscode" - ], + "Exclude": ["LICENSE", "\\.initializers", "\\.vscode"], "AllowedContentTypes": [], "PassedFiles": [], "Disable": { - // set these options to true to disable specific checks "EndOfLine": false, "Indentation": false, "InsertFinalNewline": false, diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index f0db36e00..c4f22d654 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -41,7 +41,7 @@ jobs: VALIDATE_GITLEAKS: false VALIDATE_JSCPD: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) - EDITORCONFIG_FILE_NAME: .ecrc + EDITORCONFIG_FILE_NAME: .editorconfig-checker.json DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml MARKDOWN_CONFIG_FILE: .markdown-lint.yml PYTHON_BLACK_CONFIG_FILE: pyproject.toml From 4eb0d6a368ac68b3e506c8a9264173de26d18c4a Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 6 Mar 2025 21:29:33 +0100 Subject: [PATCH 219/318] Update test configuration --- test-configuration/test_config.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 884defd42..76ec6a029 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -3,4 +3,9 @@ 'disable_existing_loggers': True } +PLUGINS = [ + 'netbox.tests.dummy_plugin', +] + + DEFAULT_PERMISSIONS = {} From 1c8cdfa6ddda8d650daa756213937da73a93591f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 14 Mar 2025 17:12:42 +0100 Subject: [PATCH 220/318] Update Nginx Unit --- Dockerfile | 13 ++++--------- docker/unit.list | 1 + 2 files changed, 5 insertions(+), 9 deletions(-) create mode 100644 docker/unit.list diff --git a/Dockerfile b/Dockerfile index b335a7824..012b7f944 100644 --- a/Dockerfile +++ b/Dockerfile @@ -44,6 +44,8 @@ RUN \ ARG FROM FROM ${FROM} AS main +COPY docker/unit.list /etc/apt/sources.list.d/unit.list +ADD --chmod=444 --chown=0:0 https://unit.nginx.org/keys/nginx-keyring.gpg /usr/share/keyrings/nginx-keyring.gpg RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ @@ -60,15 +62,8 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssl \ python3 \ tini \ - && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \ - https://unit.nginx.org/keys/nginx-keyring.gpg \ - && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ noble unit" \ - > /etc/apt/sources.list.d/unit.list \ - && apt-get update -qq \ - && apt-get install \ - --yes -qq --no-install-recommends \ - unit=1.34.1-1~noble \ - unit-python3.12=1.34.1-1~noble \ + unit-python3.12=1.34.2-1~noble \ + unit=1.34.2-1~noble \ && rm -rf /var/lib/apt/lists/* # Copy the modified 'requirements*.txt' files, to have the files actually used during installation diff --git a/docker/unit.list b/docker/unit.list new file mode 100644 index 000000000..6193723b7 --- /dev/null +++ b/docker/unit.list @@ -0,0 +1 @@ +deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] http://packages.nginx.org/unit/ubuntu/ noble unit From d9f72e94faa2361fbb7f4d7bc2a08a50bb069e1e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 11:43:58 +0000 Subject: [PATCH 221/318] Update dependency sentry-sdk to v2.23.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 5687a9fea..c1f7d7209 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.22.0 +sentry-sdk[django]==2.23.0 From d9da3fa35b6bed04fd5ac624e60efc66468d8531 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 18:07:11 +0000 Subject: [PATCH 222/318] Update dependency sentry-sdk to v2.23.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c1f7d7209..6793f4f71 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.23.0 +sentry-sdk[django]==2.23.1 From 017098a58703147f08696cd9a40e60bf3a19f5cf Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 21 Mar 2025 16:10:17 +0000 Subject: [PATCH 223/318] Update dependency sentry-sdk to v2.24.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6793f4f71..5893a1189 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.23.1 +sentry-sdk[django]==2.24.0 From 139c158d8ad55e475876ddfec0405b090796958b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 12:37:10 +0000 Subject: [PATCH 224/318] Update dependency sentry-sdk to v2.24.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 5893a1189..15c5a9421 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.24.0 +sentry-sdk[django]==2.24.1 From c8bd177a9304007088963fd7f4d86e5d031be2d2 Mon Sep 17 00:00:00 2001 From: skupjoe Date: Sat, 22 Mar 2025 17:13:38 -0700 Subject: [PATCH 225/318] Fix deprecated config name --- .editorconfig-checker.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.editorconfig-checker.json b/.editorconfig-checker.json index e10260e9b..d36f06099 100644 --- a/.editorconfig-checker.json +++ b/.editorconfig-checker.json @@ -2,7 +2,7 @@ "Verbose": false, "Debug": false, "IgnoreDefaults": false, - "SpacesAftertabs": false, + "SpacesAfterTabs": false, "NoColor": false, "Exclude": ["LICENSE", "\\.initializers", "\\.vscode"], "AllowedContentTypes": [], From 688d8901b775b28c93e09b8dc79a8b352b29ff8e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 15:49:55 +0000 Subject: [PATCH 226/318] Update dependency sentry-sdk to v2.25.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 15c5a9421..2140e87c1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.24.1 +sentry-sdk[django]==2.25.0 From 67ddeb6735c1bdecf70038d034948c72e09b8b97 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 06:32:03 +0000 Subject: [PATCH 227/318] Update dependency django-storages to v1.14.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2140e87c1..f5fa9286f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.5 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.6 dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml From 5ded00b6fb14665ee4b2df21f98b2465af704d3a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 16:02:23 +0000 Subject: [PATCH 228/318] Update dependency sentry-sdk to v2.25.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2140e87c1..602326047 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.25.0 +sentry-sdk[django]==2.25.1 From ec9a3e80daa5efd2643c8e5127b04eea92383da5 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 12 Apr 2025 10:26:09 +0200 Subject: [PATCH 229/318] Prepare for NetBox 4.3 --- .editorconfig | 3 +++ Dockerfile | 2 ++ VERSION | 2 +- docker-compose.yml | 2 +- requirements-container.txt | 1 - 5 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.editorconfig b/.editorconfig index 7f9f55de0..4f5c931b8 100644 --- a/.editorconfig +++ b/.editorconfig @@ -9,3 +9,6 @@ indent_size = 2 [*.py] indent_size = 4 + +[VERSION] +insert_final_newline = false diff --git a/Dockerfile b/Dockerfile index 012b7f944..fb5e8943b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,6 +33,8 @@ RUN \ # we have potential version conflicts and the build will fail. # That's why we just replace it in the original requirements.txt. sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \ + # The same is true for 'django-storages' + sed -i -e 's/django-storages/django-storages\[azure,boto3,dropbox,google,libcloud,sftp\]/g' /requirements.txt && \ /usr/local/bin/uv pip install \ -r /requirements.txt \ -r /requirements-container.txt diff --git a/VERSION b/VERSION index 944880fa1..0fa4ae489 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2.0 +3.3.0 \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 65176c50a..dec846b9c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.3-3.3.0} depends_on: - postgres - redis diff --git a/requirements-container.txt b/requirements-container.txt index 4011fd79c..6b79c473e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,4 @@ django-auth-ldap==5.1.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.6 dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml From 8f7c21749e3caa4c18506c46cd0352526ac2e00f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 12 Apr 2025 11:10:33 +0200 Subject: [PATCH 230/318] Match upstream testing configuration --- test-configuration/test_config.py | 1 + 1 file changed, 1 insertion(+) diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 76ec6a029..308d437b8 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -7,5 +7,6 @@ 'netbox.tests.dummy_plugin', ] +ALLOW_TOKEN_RETRIEVAL = True DEFAULT_PERMISSIONS = {} From 19e167ec19753090b5b8f2ce823dd8870b706c96 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 15 Apr 2025 11:46:55 +0000 Subject: [PATCH 231/318] Update dependency sentry-sdk to v2.26.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 4011fd79c..160f7a978 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.25.1 +sentry-sdk[django]==2.26.1 From 8431b77422a7b49316d4b219436281215770ba4d Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 19 Apr 2025 17:36:09 +0200 Subject: [PATCH 232/318] Use develop branch for pre-releases --- .github/workflows/release.yml | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 347874e46..71b718c25 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,11 +13,13 @@ jobs: build: strategy: matrix: - build_cmd: - - ./build-latest.sh - - PRERELEASE=true ./build-latest.sh - - ./build.sh feature - - ./build.sh main + build: + - { "cmd": "./build-latest.sh", "branch": "release" } + - { "cmd": "./build.sh main", "branch": "release" } + # Build pre release images from our develop branch + # This is used to test the latest changes before they are merged into the main branch + - { "cmd": "PRERELEASE=true ./build-latest.sh", "branch": "develop" } + - { "cmd": "./build.sh feature", "branch": "develop" } platform: - linux/amd64,linux/arm64 fail-fast: false @@ -31,15 +33,17 @@ jobs: - id: source-checkout name: Checkout uses: actions/checkout@v4 + with: + ref: ${{ matrix.build.branch }} - id: set-netbox-docker-version name: Get Version of NetBox Docker run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT" shell: bash - id: check-build-needed - name: Check if the build is needed for '${{ matrix.build_cmd }}' + name: Check if the build is needed for '${{ matrix.build.cmd }}' env: CHECK_ONLY: "true" - run: ${{ matrix.build_cmd }} + run: ${{ matrix.build.cmd }} # docker.io - id: docker-io-login name: Login to docker.io @@ -77,7 +81,7 @@ jobs: if: steps.check-build-needed.outputs.skipped != 'true' - id: build-and-push name: Push the image - run: ${{ matrix.build_cmd }} --push + run: ${{ matrix.build.cmd }} --push if: steps.check-build-needed.outputs.skipped != 'true' env: BUILDX_PLATFORM: ${{ matrix.platform }} From 0fe49f87d72ae55c0e08d61383e58cc41116553a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 24 Apr 2025 15:15:00 +0000 Subject: [PATCH 233/318] Update dependency sentry-sdk to v2.27.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 89e14054a..b1a83042e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.26.1 +sentry-sdk[django]==2.27.0 From fd9b41a5d1a25b9dc6a20c8b410abde951402df0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 24 Apr 2025 15:15:00 +0000 Subject: [PATCH 234/318] Update dependency sentry-sdk to v2.27.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c00be208d..8d44c3464 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.20.0 +sentry-sdk[django]==2.27.0 From fa08388175f7761d9d0dfbb05a48c71546f7256c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 2 Apr 2025 06:32:03 +0000 Subject: [PATCH 235/318] Update dependency django-storages to v1.14.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 8d44c3464..e1c9d650b 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.1.0 -django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.4 +django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.6 dulwich==0.22.7 python3-saml==1.16.0 --no-binary lxml From a4ce13be195032a1b06c469f58e54c7b478f9c8e Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 25 Apr 2025 06:59:30 +0200 Subject: [PATCH 236/318] Preparation for 3.2.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 944880fa1..e4604e3af 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.2.0 +3.2.1 diff --git a/docker-compose.yml b/docker-compose.yml index 65176c50a..7ac5274d4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.1} depends_on: - postgres - redis From 56defa3f82c99124ed843c09e2a63190d603ae87 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 30 Apr 2025 04:00:06 +0000 Subject: [PATCH 237/318] Update ghcr.io/astral-sh/uv Docker tag to v0.7 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index fb5e8943b..ffb368272 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ARG FROM FROM ${FROM} AS builder -COPY --from=ghcr.io/astral-sh/uv:0.6 /uv /usr/local/bin/ +COPY --from=ghcr.io/astral-sh/uv:0.7 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ From 945f61e684fc502df6a476df042b2b00404d7374 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 7 May 2025 13:36:43 +0000 Subject: [PATCH 238/318] Update dependency django-auth-ldap to v5.2.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index b1a83042e..831c49e87 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==5.1.0 +django-auth-ldap==5.2.0 dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml From 4a2b9be52cab4ddad986221513fc728d46a980aa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 12:54:48 +0000 Subject: [PATCH 239/318] Update dependency sentry-sdk to v2.28.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 831c49e87..2e2e2a59e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.27.0 +sentry-sdk[django]==2.28.0 From 9748e5b9b77c328d2bb278ef5529c6cb65db0f6f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 12 Jun 2025 12:41:10 +0000 Subject: [PATCH 240/318] Update dependency sentry-sdk to v2.30.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 2e2e2a59e..ce980acae 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.22.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.28.0 +sentry-sdk[django]==2.30.0 From 0e7e68e153f7378fd1c634a6e80fbde627f94d94 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 21 Jun 2025 20:48:00 +0000 Subject: [PATCH 241/318] Update dependency dulwich to v0.23.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index ce980acae..799da56ff 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.22.8 +dulwich==0.23.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 8e8e37fcc145fce6fa0a9402deeee690120bf7be Mon Sep 17 00:00:00 2001 From: Jens Rudolf <58146618+jensrudolf@users.noreply.github.com> Date: Mon, 23 Jun 2025 13:08:00 +0200 Subject: [PATCH 242/318] Add AUTH_LDAP_ALWAY_UPDATE_USER to ldap config This change exposes the Django setting AUTH_LDAP_ALWAYS_UPDATE_USER as environment variable to simplify deployments with readonly databases and LDAP based authentication as no extra file is required to be mounted into the container anymore. --- configuration/ldap/ldap_config.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/configuration/ldap/ldap_config.py b/configuration/ldap/ldap_config.py index 82fad72a8..59e6aea8f 100644 --- a/configuration/ldap/ldap_config.py +++ b/configuration/ldap/ldap_config.py @@ -109,3 +109,6 @@ def _import_group_type(group_type_name): "last_name": environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'), "email": environ.get('AUTH_LDAP_ATTR_MAIL', 'mail') } + +# Update user object with the latest values from the LDAP directory every time the user logs in. +AUTH_LDAP_ALWAYS_UPDATE_USER = environ.get('AUTH_LDAP_ALWAYS_UPDATE_USER', 'True').lower() == 'true' From a0b6ce5acee11ea8e8e97d0c571a817420b9cd79 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 24 Jun 2025 19:28:55 +0000 Subject: [PATCH 243/318] Update dependency sentry-sdk to v2.31.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 799da56ff..556d52eca 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.30.0 +sentry-sdk[django]==2.31.0 From b845a0f45fd69cdffcb98370b606fd4b5f0e4804 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Jun 2025 08:38:17 +0000 Subject: [PATCH 244/318] Update dependency sentry-sdk to v2.32.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 556d52eca..09e1afa1a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.31.0 +sentry-sdk[django]==2.32.0 From bc4131017939515bc6bef6e32b2590604c65ce57 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 30 Jun 2025 23:37:38 +0000 Subject: [PATCH 245/318] Update dependency dulwich to v0.23.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 09e1afa1a..6bb19b244 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.23.0 +dulwich==0.23.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 21232c8ce10b97c4c7aa3fad3559a4c9cebfee5f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 7 Jul 2025 13:43:56 +0000 Subject: [PATCH 246/318] Update dependency dulwich to v0.23.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6bb19b244..b5dcc0a17 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.23.1 +dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 3320c5d82fb958bdc76177109e40313a54b45439 Mon Sep 17 00:00:00 2001 From: dawnstrider Date: Mon, 7 Jul 2025 23:08:49 +0200 Subject: [PATCH 247/318] Fixed typo for BUILDX_PLATFORM variable The help prints the variable name as BUILDX_PLATFORMS whereas the code uses BUILDX_PLATFORM --- build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.sh b/build.sh index a7ac817ad..c12fbe4e1 100755 --- a/build.sh +++ b/build.sh @@ -62,7 +62,7 @@ DOCKERFILE The name of Dockerfile to use. DOCKER_FROM The base image to use. ${_GREEN}Default:${_CLEAR} 'ubuntu:24.04' -BUILDX_PLATFORMS +BUILDX_PLATFORM Specifies the platform(s) to build the image for. ${_CYAN}Example:${_CLEAR} 'linux/amd64,linux/arm64' ${_GREEN}Default:${_CLEAR} 'linux/amd64' From c8d766a95bc6d4f1110bf8f4f45623bd2e05daaf Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 8 Jul 2025 07:33:49 +0200 Subject: [PATCH 248/318] Use our example file in the Readme --- README.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index d5af47780..74b1ad774 100644 --- a/README.md +++ b/README.md @@ -39,12 +39,9 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star ```bash git clone -b release https://github.com/netbox-community/netbox-docker.git cd netbox-docker -tee docker-compose.override.yml < Date: Tue, 15 Jul 2025 15:30:00 +0000 Subject: [PATCH 249/318] Update dependency sentry-sdk to v2.33.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index b5dcc0a17..37c8f53d8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.32.0 +sentry-sdk[django]==2.33.0 From 658fc00a8691e790e3e49f55992c4d36d727a846 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 17 Jul 2025 23:45:53 +0000 Subject: [PATCH 250/318] Update ghcr.io/astral-sh/uv Docker tag to v0.8 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ffb368272..ea17f0750 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ARG FROM FROM ${FROM} AS builder -COPY --from=ghcr.io/astral-sh/uv:0.7 /uv /usr/local/bin/ +COPY --from=ghcr.io/astral-sh/uv:0.8 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ From 950b74e3e60c4c62be50c5de38bb7f7b1a3e4607 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 18 Jul 2025 15:59:13 +0000 Subject: [PATCH 251/318] Update super-linter/super-linter action to v8 --- .github/workflows/push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index c4f22d654..3d27f1384 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -29,7 +29,7 @@ jobs: # list of changed files within `super-linter` fetch-depth: 0 - name: Lint Code Base - uses: super-linter/super-linter@v7 + uses: super-linter/super-linter@v8 env: DEFAULT_BRANCH: develop GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From f9f5ae70f9ca2882392b3c747bb4c1984c24816d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 21 Jul 2025 19:45:47 +0000 Subject: [PATCH 252/318] Update dependency sentry-sdk to v2.33.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 37c8f53d8..36d7b3bf1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.33.0 +sentry-sdk[django]==2.33.1 From e58c7358251413f37b0095a772e6b0dce4b892a1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 22 Jul 2025 18:24:34 +0000 Subject: [PATCH 253/318] Update dependency sentry-sdk to v2.33.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 36d7b3bf1..480b5fdc8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.33.1 +sentry-sdk[django]==2.33.2 From d1ef353b31fc512202d6552665924e461377baea Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 29 Jul 2025 18:12:22 +0000 Subject: [PATCH 254/318] Update dependency sentry-sdk to v2.34.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 480b5fdc8..3eaa5f0c8 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.33.2 +sentry-sdk[django]==2.34.0 From 7b10cf0933e8dd7e6ce8934c8821571bf7dcb698 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 30 Jul 2025 12:45:32 +0000 Subject: [PATCH 255/318] Update dependency sentry-sdk to v2.34.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3eaa5f0c8..18c20de95 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.23.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.34.0 +sentry-sdk[django]==2.34.1 From f03200b88bd65dc6bf2999429e4a90bdf4c4fd0b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 1 Aug 2025 06:47:14 +0000 Subject: [PATCH 256/318] Update dependency dulwich to v0.24.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 18c20de95..f4e6e608c 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.23.2 +dulwich==0.24.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 68fd99c34a88c3fd926396d78af3a1af2980ed5d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 1 Aug 2025 14:59:00 +0000 Subject: [PATCH 257/318] Update dependency dulwich to v0.24.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index f4e6e608c..0865c1abb 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.0 +dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 56e8af355ed01e0f54a33bc55cecda2f66d00360 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Sat, 2 Aug 2025 10:00:17 +0200 Subject: [PATCH 258/318] Fixed build for Netbox feature branch --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ea17f0750..e22c55dda 100644 --- a/Dockerfile +++ b/Dockerfile @@ -89,7 +89,7 @@ WORKDIR /opt/netbox/netbox # Must set permissions for '/opt/netbox/netbox/media' directory # to g+w so that pictures can be uploaded to netbox. -RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ +RUN mkdir -p static media /opt/unit/state/ /opt/unit/tmp/ \ && chown -R unit:root /opt/unit/ media reports scripts \ && chmod -R g+w /opt/unit/ media reports scripts \ && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ From 109ef8afd2617415352954dd00cc8149c76a583f Mon Sep 17 00:00:00 2001 From: Kelly Shutt Date: Mon, 4 Aug 2025 13:10:06 -0400 Subject: [PATCH 259/318] Update DATABASES syntax. --- configuration/configuration.py | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/configuration/configuration.py b/configuration/configuration.py index 577c3f4f3..6125e2b33 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -64,19 +64,21 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # PostgreSQL database configuration. See the Django documentation for a complete list of available parameters: # https://docs.djangoproject.com/en/stable/ref/settings/#databases -DATABASE = { - 'NAME': environ.get('DB_NAME', 'netbox'), # Database name - 'USER': environ.get('DB_USER', ''), # PostgreSQL username - 'PASSWORD': _read_secret('db_password', environ.get('DB_PASSWORD', '')), - # PostgreSQL password - 'HOST': environ.get('DB_HOST', 'localhost'), # Database server - 'PORT': environ.get('DB_PORT', ''), # Database port (leave blank for default) - 'OPTIONS': {'sslmode': environ.get('DB_SSLMODE', 'prefer')}, - # Database connection SSLMODE - 'CONN_MAX_AGE': _environ_get_and_map('DB_CONN_MAX_AGE', '300', _AS_INT), - # Max database connection age - 'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _AS_BOOL), - # Disable the use of server-side cursors transaction pooling +DATABASES = { + 'default': { + 'NAME': environ.get('DB_NAME', 'netbox'), # Database name + 'USER': environ.get('DB_USER', ''), # PostgreSQL username + 'PASSWORD': _read_secret('db_password', environ.get('DB_PASSWORD', '')), + # PostgreSQL password + 'HOST': environ.get('DB_HOST', 'localhost'), # Database server + 'PORT': environ.get('DB_PORT', ''), # Database port (leave blank for default) + 'OPTIONS': {'sslmode': environ.get('DB_SSLMODE', 'prefer')}, + # Database connection SSLMODE + 'CONN_MAX_AGE': _environ_get_and_map('DB_CONN_MAX_AGE', '300', _AS_INT), + # Max database connection age + 'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _AS_BOOL), + # Disable the use of server-side cursors transaction pooling + } } # Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate From e9b6231d03145855ea598a6b214b09bad1f93890 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 11 Aug 2025 15:30:00 +0000 Subject: [PATCH 260/318] Update actions/checkout action to v5 --- .github/workflows/push.yml | 4 ++-- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 3d27f1384..e5aaf6963 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -23,7 +23,7 @@ jobs: packages: read statuses: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: # Full git history is needed to get a proper # list of changed files within `super-linter` @@ -70,7 +70,7 @@ jobs: steps: - id: git-checkout name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 71b718c25..2d83729c5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: steps: - id: source-checkout name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: ${{ matrix.build.branch }} - id: set-netbox-docker-version From 71ebfca443f0345a812c40b5fc7bb914a5074c4a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 14 Aug 2025 21:03:27 +0000 Subject: [PATCH 261/318] Update dependency sentry-sdk to v2.35.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0865c1abb..d03d87475 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.34.1 +sentry-sdk[django]==2.35.0 From 00d8dd75d6f13175ee4d6a64c5889d95217bf1e5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 15 Aug 2025 00:38:39 +0000 Subject: [PATCH 262/318] Update docker.io/valkey/valkey Docker tag to v9 --- docker-compose.test.yml | 2 +- docker-compose.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index bbc139c95..17ba35819 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -49,7 +49,7 @@ services: retries: 5 redis: &redis - image: docker.io/valkey/valkey:8.1-alpine + image: docker.io/valkey/valkey:9.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env diff --git a/docker-compose.yml b/docker-compose.yml index 3ba2fd4e1..da03da654 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -59,7 +59,7 @@ services: # redis redis: - image: docker.io/valkey/valkey:8.1-alpine + image: docker.io/valkey/valkey:9.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env @@ -74,7 +74,7 @@ services: volumes: - netbox-redis-data:/data redis-cache: - image: docker.io/valkey/valkey:8.1-alpine + image: docker.io/valkey/valkey:9.0-alpine command: - sh - -c # this is to evaluate the $REDIS_PASSWORD from the env From 67eff20f7daa55dad1a208e169f695b7464e80fb Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Tue, 5 Aug 2025 08:06:22 +0200 Subject: [PATCH 263/318] Housekeeping --- Dockerfile | 1 - docker-compose.test.yml | 9 --------- docker-compose.yml | 12 ------------ docker/housekeeping.sh | 8 -------- env/netbox.env | 1 - 5 files changed, 31 deletions(-) delete mode 100755 docker/housekeeping.sh diff --git a/Dockerfile b/Dockerfile index e22c55dda..452b44c57 100644 --- a/Dockerfile +++ b/Dockerfile @@ -79,7 +79,6 @@ COPY ${NETBOX_PATH} /opt/netbox COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh -COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh COPY configuration/ /etc/netbox/config/ COPY docker/nginx-unit.json /etc/unit/ diff --git a/docker-compose.test.yml b/docker-compose.test.yml index bbc139c95..9388022cd 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -28,15 +28,6 @@ services: start_period: 40s timeout: 3s interval: 15s - netbox-housekeeping: - <<: *netbox - command: - - /opt/netbox/housekeeping.sh - healthcheck: - test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 - start_period: 40s - timeout: 3s - interval: 15s postgres: image: docker.io/postgres:17-alpine diff --git a/docker-compose.yml b/docker-compose.yml index 3ba2fd4e1..8ac3358ff 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -31,18 +31,6 @@ services: start_period: 20s timeout: 3s interval: 15s - netbox-housekeeping: - <<: *netbox - depends_on: - netbox: - condition: service_healthy - command: - - /opt/netbox/housekeeping.sh - healthcheck: - test: ps -aux | grep -v grep | grep -q housekeeping || exit 1 - start_period: 20s - timeout: 3s - interval: 15s # postgres postgres: diff --git a/docker/housekeeping.sh b/docker/housekeeping.sh deleted file mode 100755 index 47a4a3df4..000000000 --- a/docker/housekeeping.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -SLEEP_SECONDS=${HOUSEKEEPING_INTERVAL:=86400} -echo "Interval set to ${SLEEP_SECONDS} seconds" -while true; do - date - /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py housekeeping - sleep "${SLEEP_SECONDS}s" -done diff --git a/env/netbox.env b/env/netbox.env index ca2254917..c89844f20 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -15,7 +15,6 @@ EMAIL_USERNAME=netbox EMAIL_USE_SSL=false EMAIL_USE_TLS=false GRAPHQL_ENABLED=true -HOUSEKEEPING_INTERVAL=86400 MEDIA_ROOT=/opt/netbox/netbox/media METRICS_ENABLED=false REDIS_CACHE_DATABASE=1 From af562671e2c515fdf9b715ceec47fec6c8414702 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 Aug 2025 15:54:13 +0000 Subject: [PATCH 264/318] Update dependency sentry-sdk to v2.35.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index d03d87475..0f4b5934f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.35.0 +sentry-sdk[django]==2.35.1 From 8dac9f2dc7c7a371748e6a5ce145da2a3016ed8c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 1 Sep 2025 21:58:31 +0000 Subject: [PATCH 265/318] Update dependency sentry-sdk to v2.35.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0f4b5934f..086708302 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.35.1 +sentry-sdk[django]==2.35.2 From e61aba8388849b7ff90254e635f178acbfd1a754 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 3 Sep 2025 07:50:41 +0200 Subject: [PATCH 266/318] Preparation for 3.4.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index 0fa4ae489..18091983f 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.3.0 \ No newline at end of file +3.4.0 diff --git a/docker-compose.yml b/docker-compose.yml index 8ac3358ff..a5e78d4aa 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.3-3.3.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.0} depends_on: - postgres - redis From 1b0da4048bd74c3187b406dfd670ffc5df93c6db Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 3 Sep 2025 07:59:56 +0200 Subject: [PATCH 267/318] Disable Trivy for now --- .github/workflows/push.yml | 1 + VERSION | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index e5aaf6963..73b6a9cc3 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -40,6 +40,7 @@ jobs: VALIDATE_DOCKERFILE: false VALIDATE_GITLEAKS: false VALIDATE_JSCPD: false + VALIDATE_TRIVY: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .editorconfig-checker.json DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml diff --git a/VERSION b/VERSION index 18091983f..fbcbf7380 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.4.0 +3.4.0 \ No newline at end of file From e9a8e14aa8511ec82f414723bb64546a113fa33f Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 3 Sep 2025 08:10:15 +0200 Subject: [PATCH 268/318] Disable zizmor for now --- .github/workflows/push.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 73b6a9cc3..a4833e157 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -41,6 +41,7 @@ jobs: VALIDATE_GITLEAKS: false VALIDATE_JSCPD: false VALIDATE_TRIVY: false + VALIDATE_GITHUB_ACTIONS_ZIZMOR: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .editorconfig-checker.json DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml From fb1cfd880aaf910f02893ae892d3a171f913d742 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 4 Sep 2025 09:54:49 +0000 Subject: [PATCH 269/318] Update dependency sentry-sdk to v2.36.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 086708302..602b28fdf 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.35.2 +sentry-sdk[django]==2.36.0 From 76f670faaa6a885e119f5a28f62520309e5fb646 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 5 Sep 2025 12:59:40 +0000 Subject: [PATCH 270/318] Update dependency sentry-sdk to v2.37.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 602b28fdf..dd7043da1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.36.0 +sentry-sdk[django]==2.37.0 From 4744eeb3ef331671da647d9df32fec32d3608e68 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9o=20Colombaro?= Date: Sun, 7 Sep 2025 14:41:44 +0200 Subject: [PATCH 271/318] Update BUILD_DATE format to include seconds * Comply with all standards (RFC 3339, ISO 8601, and HTML). * Reduce ambiguity. * Ensure a fully compliant `org.opencontainers.image.created`. (fix artifacthub error) --- build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.sh b/build.sh index c12fbe4e1..ef4dc9607 100755 --- a/build.sh +++ b/build.sh @@ -223,7 +223,7 @@ fi ### # Variables for labelling the docker image ### -BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M+00:00')" +BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%S+00:00')" if [ -d ".git" ] && [ -z "${SKIP_GIT}" ]; then GIT_REF="$(git rev-parse HEAD)" From 942fc04776f4f9285944097e47e01524ff4ef5fd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 9 Sep 2025 14:47:12 +0000 Subject: [PATCH 272/318] Update dependency sentry-sdk to v2.37.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index dd7043da1..928d472bf 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.37.0 +sentry-sdk[django]==2.37.1 From e62af8be769852bac73ab89d814e8d6b2eeac6ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20Hofst=C3=A4tter?= <6820505+alexanderhofstaetter@users.noreply.github.com> Date: Sat, 13 Sep 2025 13:06:29 +0200 Subject: [PATCH 273/318] Increase default NGINX Unit request body limit to 100 MB in docker/nginx-unit.json The current NGINX Unit configuration in netbox-docker implicitly limits incoming HTTP request bodies to roughly 2.5 MB. This causes file uploads (custom scripts, attachments, etc.) to fail with HTTP 413 before they reach Django, even when NetBox settings like FILE_UPLOAD_MAX_MEMORY_SIZE are raised. This change adds a settings block to docker/nginx-unit.json to raise the default limit: { "settings": { "http": { "max_body_size": 104857600 } } } With this change, new deployments can handle uploads up to 100 MB out of the box, aligning the container default with the capabilities of NetBox core and preventing unexpected 413 errors. Fixes: https://github.com/netbox-community/netbox-docker/issues/897 --- docker/nginx-unit.json | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index c095611fc..95fa1efa1 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -73,5 +73,10 @@ } } }, - "access_log": "/dev/stdout" + "access_log": "/dev/stdout", + "settings": { + "http": { + "max_body_size": 104857600 + } + } } From c05e838edc51f07f24616b131492e0cbf7ccb8aa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 15 Sep 2025 23:32:23 +0000 Subject: [PATCH 274/318] Update dependency sentry-sdk to v2.38.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 928d472bf..18e914b3b 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.37.1 +sentry-sdk[django]==2.38.0 From 2c49500e8d5c3ec2172a564e99213d1ccea79504 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Sep 2025 12:49:11 +0000 Subject: [PATCH 275/318] Update dependency sentry-sdk to v2.39.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 18e914b3b..e285b5504 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.38.0 +sentry-sdk[django]==2.39.0 From 88a2e489230518ba01541525c2b007a5b4179419 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Sep 2025 02:25:40 +0000 Subject: [PATCH 276/318] Update docker.io/postgres Docker tag to v18 --- docker-compose.test.yml | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 9388022cd..c75b13fdb 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -30,7 +30,7 @@ services: interval: 15s postgres: - image: docker.io/postgres:17-alpine + image: docker.io/postgres:18-alpine env_file: env/postgres.env healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER ## $$ because of docker-compose diff --git a/docker-compose.yml b/docker-compose.yml index a5e78d4aa..907a76f5a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -34,7 +34,7 @@ services: # postgres postgres: - image: docker.io/postgres:17-alpine + image: docker.io/postgres:18-alpine healthcheck: test: pg_isready -q -t 2 -d $$POSTGRES_DB -U $$POSTGRES_USER start_period: 20s From a945236c818f563c2ca483db23d26f0992ffb000 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Fri, 26 Sep 2025 09:46:29 +0200 Subject: [PATCH 277/318] Preparation for 3.4.1 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index fbcbf7380..47b322c97 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.4.0 \ No newline at end of file +3.4.1 diff --git a/docker-compose.yml b/docker-compose.yml index a5e78d4aa..0af361cc2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.0} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.1} depends_on: - postgres - redis From dbc1b37cf7088c01f87a1527ca393f77c5f0bf7c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Sep 2025 10:42:24 +0000 Subject: [PATCH 278/318] Update dependency dulwich to v0.24.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index e285b5504..1fa64b907 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.1 +dulwich==0.24.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 88bc5cf8d6c91cd8b88428f1e5ab9da7692ff2c0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 6 Oct 2025 13:37:57 +0000 Subject: [PATCH 279/318] Update dependency sentry-sdk to v2.40.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1fa64b907..c65b63597 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.2 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.39.0 +sentry-sdk[django]==2.40.0 From 7067475a81a7bd0591c03a3285a6fe90544f4421 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 8 Oct 2025 05:08:30 +0000 Subject: [PATCH 280/318] Update ghcr.io/astral-sh/uv Docker tag to v0.9 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 452b44c57..b398e9c9b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ ARG FROM FROM ${FROM} AS builder -COPY --from=ghcr.io/astral-sh/uv:0.8 /uv /usr/local/bin/ +COPY --from=ghcr.io/astral-sh/uv:0.9 /uv /usr/local/bin/ RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ From 1f0ef020a9d1372f6786d55c907870a46493a818 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 8 Oct 2025 08:12:59 +0200 Subject: [PATCH 281/318] Support new API_TOKEN format Allows configuration the new API_TOKEN_PEPPERS setting from an ENV variable or secret file. Feature request: https://github.com/netbox-community/netbox/issues/20210 Pull request: https://github.com/netbox-community/netbox/pull/20477 --- .github/workflows/push.yml | 3 ++- configuration/configuration.py | 5 +++++ env/netbox.env | 1 + test-configuration/test_config.py | 4 ++++ 4 files changed, 12 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index a4833e157..f4b630535 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -36,12 +36,13 @@ jobs: SUPPRESS_POSSUM: true LINTER_RULES_PATH: / VALIDATE_ALL_CODEBASE: false + VALIDATE_BIOME_FORMAT: false VALIDATE_CHECKOV: false VALIDATE_DOCKERFILE: false + VALIDATE_GITHUB_ACTIONS_ZIZMOR: false VALIDATE_GITLEAKS: false VALIDATE_JSCPD: false VALIDATE_TRIVY: false - VALIDATE_GITHUB_ACTIONS_ZIZMOR: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .editorconfig-checker.json DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml diff --git a/configuration/configuration.py b/configuration/configuration.py index 6125e2b33..8dfa736d3 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -116,6 +116,11 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY SECRET_KEY = _read_secret('secret_key', environ.get('SECRET_KEY', '')) +API_TOKEN_PEPPERS = {} +if api_token_pepper := _read_secret('api_token_pepper_1', environ.get('API_TOKEN_PEPPER_1', '')): + API_TOKEN_PEPPERS.update({1: api_token_pepper}) + + ######################### # # diff --git a/env/netbox.env b/env/netbox.env index c89844f20..52fca3baf 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -1,3 +1,4 @@ +API_TOKEN_PEPPER_1=Qy+F=OTeGskWQ(wTMgjc+NPPlz6YwFXY=KHIIg=wpYXT&e(6u8 CORS_ORIGIN_ALLOW_ALL=True DB_HOST=postgres DB_NAME=netbox diff --git a/test-configuration/test_config.py b/test-configuration/test_config.py index 308d437b8..10f414c46 100644 --- a/test-configuration/test_config.py +++ b/test-configuration/test_config.py @@ -10,3 +10,7 @@ ALLOW_TOKEN_RETRIEVAL = True DEFAULT_PERMISSIONS = {} + +API_TOKEN_PEPPERS = { + 1: 'TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE', +} From f89f9074083660d01947962e725264fa0063cf3d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Oct 2025 01:45:18 +0000 Subject: [PATCH 282/318] Update dependency dulwich to v0.24.3 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c65b63597..ec870bc5a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.2 +dulwich==0.24.3 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 85615a9bea38dcd44a368b38435dfe20a27faa48 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Oct 2025 04:46:28 +0000 Subject: [PATCH 283/318] Update dependency sentry-sdk to v2.41.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index ec870bc5a..671050059 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.3 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.40.0 +sentry-sdk[django]==2.41.0 From 95bcfeb69d0fc9fba273452f5b3b2fae3fe21f7d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 14 Oct 2025 21:08:52 +0000 Subject: [PATCH 284/318] Update dependency dulwich to v0.24.4 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 671050059..83a3ac4c9 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.3 +dulwich==0.24.4 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 07258394d151fc27c67a6db822a8a408fc588570 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 15 Oct 2025 10:43:52 +0000 Subject: [PATCH 285/318] Update dependency sentry-sdk to v2.42.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 83a3ac4c9..608b11708 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.4 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.41.0 +sentry-sdk[django]==2.42.0 From 56d27f84a7791adc918761d32a092804f2f29515 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Oct 2025 14:11:49 +0000 Subject: [PATCH 286/318] Update dependency dulwich to v0.24.5 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 608b11708..551fd6981 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.4 +dulwich==0.24.5 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From eb2822a978fdba91dd45200a0a902dac3de2eff4 Mon Sep 17 00:00:00 2001 From: Willard Nilges Date: Sun, 19 Oct 2025 01:17:23 -0400 Subject: [PATCH 287/318] Fix typo in error message for Unit configuration --- docker/launch-netbox.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/launch-netbox.sh b/docker/launch-netbox.sh index 6cc63ba01..11da1dea2 100755 --- a/docker/launch-netbox.sh +++ b/docker/launch-netbox.sh @@ -36,7 +36,7 @@ load_configuration() { http://localhost/config ) if [ "$RESP_CODE" != "200" ]; then - echo "⚠️ Could no load Unit configuration" + echo "⚠️ Could not load Unit configuration" kill "$(cat /opt/unit/unit.pid)" return 1 fi From b0aad0dfda909d6456e098902eff5a308a87721a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 19 Oct 2025 12:45:34 +0000 Subject: [PATCH 288/318] Update dependency dulwich to v0.24.6 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 551fd6981..570f05db0 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.5 +dulwich==0.24.6 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 73bbf17d6bed7ef35b112e1ee3a0479447ddccd6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 20 Oct 2025 15:32:40 +0000 Subject: [PATCH 289/318] Update dependency sentry-sdk to v2.42.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 570f05db0..89e3ac6b1 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.6 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.42.0 +sentry-sdk[django]==2.42.1 From 2d6d5058fe803f412ff2276d5975766217db300d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 23 Oct 2025 12:46:08 +0000 Subject: [PATCH 290/318] Update dependency dulwich to v0.24.7 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 89e3ac6b1..6e197a100 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.6 +dulwich==0.24.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 3f0f4e7160121e688f270f550cbb0eb6ee7f690a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 29 Oct 2025 19:47:17 +0000 Subject: [PATCH 291/318] Update dependency sentry-sdk to v2.43.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6e197a100..a64f051c5 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.42.1 +sentry-sdk[django]==2.43.0 From 35473e755b94a1b90d7c31f2cc4a4bf4c60c907e Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 30 Oct 2025 03:30:40 +0000 Subject: [PATCH 292/318] Update dependency dulwich to v0.24.8 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 6e197a100..1c83807d7 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.7 +dulwich==0.24.8 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 4965e7e988a0b6d5dc4d09829657e5bcb1305b84 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 10 Nov 2025 10:28:40 +0100 Subject: [PATCH 293/318] Preparation for 3.4.2 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 47b322c97..a423d4217 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.4.1 +3.4.2 \ No newline at end of file From 22688dedd44a45ecb136d304734652f609a6ecb0 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 10 Nov 2025 20:51:29 +0000 Subject: [PATCH 294/318] Update dependency dulwich to v0.24.10 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index a42196f95..22bdc09a3 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.8 +dulwich==0.24.10 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From f474cc585c609355facd72fb4f522d28f75be87f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 11 Nov 2025 13:43:40 +0000 Subject: [PATCH 295/318] Update dependency sentry-sdk to v2.44.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 22bdc09a3..65dc7891b 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -3,4 +3,4 @@ dulwich==0.24.10 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.43.0 +sentry-sdk[django]==2.44.0 From 07fcb205b4f6bd00d98c39fe84629ca7f1f76325 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Wed, 12 Nov 2025 13:57:50 +0100 Subject: [PATCH 296/318] Switch server to Granian (#1561) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Switch server to Granian Because the development of Nginx Unit has been stopped, switch the server to Granian which still allows to serve the Python application and the static files from one server. * Addressed review comments * Update docker/launch-netbox.sh Co-authored-by: Christian Mäder * Update docker/launch-netbox.sh Co-authored-by: Christian Mäder --------- Co-authored-by: Christian Mäder --- .github/workflows/push.yml | 1 + Dockerfile | 24 ++++----- docker-compose.override.yml.example | 4 -- docker-compose.test.yml | 2 +- docker-compose.yml | 2 +- docker/granian.py | 13 +++++ docker/launch-netbox.sh | 73 +++++++------------------ docker/nginx-unit.json | 82 ----------------------------- docker/unit.list | 1 - env/netbox.env | 2 + requirements-container.txt | 1 + 11 files changed, 47 insertions(+), 158 deletions(-) create mode 100644 docker/granian.py delete mode 100644 docker/nginx-unit.json delete mode 100644 docker/unit.list diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index f4b630535..fa6bab10c 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -42,6 +42,7 @@ jobs: VALIDATE_GITHUB_ACTIONS_ZIZMOR: false VALIDATE_GITLEAKS: false VALIDATE_JSCPD: false + VALIDATE_PYTHON_PYLINT: false VALIDATE_TRIVY: false FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*) EDITORCONFIG_FILE_NAME: .editorconfig-checker.json diff --git a/Dockerfile b/Dockerfile index b398e9c9b..753200a37 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / ENV VIRTUAL_ENV=/opt/netbox/venv RUN \ - # Gunicorn is not needed because we use Nginx Unit + # Gunicorn is not needed because we use Granian sed -i -e '/gunicorn/d' /requirements.txt && \ # We need 'social-auth-core[all]' in the Docker image. But if we put it in our own requirements-container.txt # we have potential version conflicts and the build will fail. @@ -46,8 +46,6 @@ RUN \ ARG FROM FROM ${FROM} AS main -COPY docker/unit.list /etc/apt/sources.list.d/unit.list -ADD --chmod=444 --chown=0:0 https://unit.nginx.org/keys/nginx-keyring.gpg /usr/share/keyrings/nginx-keyring.gpg RUN export DEBIAN_FRONTEND=noninteractive \ && apt-get update -qq \ && apt-get upgrade \ @@ -64,8 +62,6 @@ RUN export DEBIAN_FRONTEND=noninteractive \ openssl \ python3 \ tini \ - unit-python3.12=1.34.2-1~noble \ - unit=1.34.2-1~noble \ && rm -rf /var/lib/apt/lists/* # Copy the modified 'requirements*.txt' files, to have the files actually used during installation @@ -81,21 +77,21 @@ COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh COPY configuration/ /etc/netbox/config/ -COPY docker/nginx-unit.json /etc/unit/ +COPY docker/granian.py /opt/netbox/netbox/netbox/granian.py COPY VERSION /opt/netbox/VERSION WORKDIR /opt/netbox/netbox # Must set permissions for '/opt/netbox/netbox/media' directory # to g+w so that pictures can be uploaded to netbox. -RUN mkdir -p static media /opt/unit/state/ /opt/unit/tmp/ \ - && chown -R unit:root /opt/unit/ media reports scripts \ - && chmod -R g+w /opt/unit/ media reports scripts \ - && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ - --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ - && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ - && mkdir /opt/netbox/netbox/local \ - && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml +RUN useradd --home-dir /opt/netbox/ --no-create-home --no-user-group --system --shell /bin/false --uid 999 --gid 0 netbox \ + && mkdir -p static media local \ + && chown -R netbox:root media reports scripts \ + && chmod -R g+w media reports scripts \ + && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \ + --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ + && DEBUG="true" SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input \ + && echo "build: Docker-$(cat /opt/netbox/VERSION)" > /opt/netbox/netbox/local/release.yaml ENV LANG=C.utf8 PATH=/opt/netbox/venv/bin:$PATH VIRTUAL_ENV=/opt/netbox/venv UV_NO_CACHE=1 ENTRYPOINT [ "/usr/bin/tini", "--" ] diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index d7ef96167..139481401 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -2,9 +2,6 @@ services: netbox: ports: - "8000:8080" - # If you want the Nginx unit status page visible from the - # outside of the container add the following port mapping: - # - "8001:8081" # healthcheck: # Time for which the health check can fail after the container is started. # This depends mostly on the performance of your database. On the first start, @@ -19,4 +16,3 @@ services: # SUPERUSER_EMAIL: "" # SUPERUSER_NAME: "" # SUPERUSER_PASSWORD: "" - diff --git a/docker-compose.test.yml b/docker-compose.test.yml index d5acd9557..8e22aa6c9 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -9,7 +9,7 @@ services: redis-cache: condition: service_healthy env_file: env/netbox.env - user: "unit:root" + user: "netbox:root" volumes: - ./test-configuration/test_config.py:/etc/netbox/config/test_config.py:z,ro healthcheck: diff --git a/docker-compose.yml b/docker-compose.yml index 2049c3325..86586c082 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: - redis - redis-cache env_file: env/netbox.env - user: "unit:root" + user: "netbox:root" healthcheck: test: curl -f http://localhost:8080/login/ || exit 1 start_period: 90s diff --git a/docker/granian.py b/docker/granian.py new file mode 100644 index 000000000..651b7da4d --- /dev/null +++ b/docker/granian.py @@ -0,0 +1,13 @@ +from granian.utils.proxies import wrap_wsgi_with_proxy_headers +from netbox.wsgi import application + +application = wrap_wsgi_with_proxy_headers( + application, + trusted_hosts=[ + "10.0.0.0/8", + "172.16.0.0/12", + "192.168.0.0/16", + "fc00::/7", + "fe80::/10", + ], +) diff --git a/docker/launch-netbox.sh b/docker/launch-netbox.sh index 11da1dea2..a61e0767b 100755 --- a/docker/launch-netbox.sh +++ b/docker/launch-netbox.sh @@ -1,57 +1,20 @@ #!/bin/bash -UNIT_CONFIG="${UNIT_CONFIG-/etc/unit/nginx-unit.json}" -# Also used in "nginx-unit.json" -UNIT_SOCKET="/opt/unit/unit.sock" - -load_configuration() { - MAX_WAIT=10 - WAIT_COUNT=0 - while [ ! -S $UNIT_SOCKET ]; do - if [ $WAIT_COUNT -ge $MAX_WAIT ]; then - echo "⚠️ No control socket found; configuration will not be loaded." - return 1 - fi - - WAIT_COUNT=$((WAIT_COUNT + 1)) - echo "⏳ Waiting for control socket to be created... (${WAIT_COUNT}/${MAX_WAIT})" - - sleep 1 - done - - # even when the control socket exists, it does not mean unit has finished initialisation - # this curl call will get a reply once unit is fully launched - curl --silent --output /dev/null --request GET --unix-socket $UNIT_SOCKET http://localhost/ - - echo "⚙️ Applying configuration from $UNIT_CONFIG" - - RESP_CODE=$( - curl \ - --silent \ - --output /dev/null \ - --write-out '%{http_code}' \ - --request PUT \ - --data-binary "@${UNIT_CONFIG}" \ - --unix-socket $UNIT_SOCKET \ - http://localhost/config - ) - if [ "$RESP_CODE" != "200" ]; then - echo "⚠️ Could not load Unit configuration" - kill "$(cat /opt/unit/unit.pid)" - return 1 - fi - - echo "✅ Unit configuration loaded successfully" -} - -load_configuration & - -exec unitd \ - --no-daemon \ - --control unix:$UNIT_SOCKET \ - --pid /opt/unit/unit.pid \ - --log /dev/stdout \ - --statedir /opt/unit/state/ \ - --tmpdir /opt/unit/tmp/ \ - --user unit \ - --group root +exec granian \ + --host "::" \ + --port "8080" \ + --interface "wsgi" \ + --no-ws \ + --workers "${GRANIAN_WORKERS:-4}" \ + --respawn-failed-workers \ + --backpressure "${GRANIAN_BACKPRESSURE:-${GRANIAN_WORKERS:-4}}" \ + --loop "uvloop" \ + --log \ + --log-level "info" \ + --access-log \ + --working-dir "/opt/netbox/netbox/" \ + --static-path-route "/static" \ + --static-path-mount "/opt/netbox/netbox/static/" \ + --pid-file "/tmp/granian.pid" \ + "${GRANIAN_EXTRA_ARGS[@]}" \ + "netbox.granian:application" diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json deleted file mode 100644 index 95fa1efa1..000000000 --- a/docker/nginx-unit.json +++ /dev/null @@ -1,82 +0,0 @@ -{ - "listeners": { - "0.0.0.0:8080": { - "pass": "routes/main", - "forwarded": { - "client_ip": "X-Forwarded-For", - "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] - } - }, - "0.0.0.0:8081": { - "pass": "routes/status", - "forwarded": { - "client_ip": "X-Forwarded-For", - "protocol": "X-Forwarded-Proto", - "source": ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"] - } - }, - "[::]:8080": { - "pass": "routes/main", - "forwarded": { - "client_ip": "X-Forwarded-For", - "protocol": "X-Forwarded-Proto", - "source": ["fc00::/7", "fe80::/10"] - } - }, - "[::]:8081": { - "pass": "routes/status", - "forwarded": { - "client_ip": "X-Forwarded-For", - "protocol": "X-Forwarded-Proto", - "source": ["fc00::/7", "fe80::/10"] - } - } - }, - "routes": { - "main": [ - { - "match": { - "uri": "/static/*" - }, - "action": { - "share": "/opt/netbox/netbox${uri}" - } - }, - { - "action": { - "pass": "applications/netbox" - } - } - ], - "status": [ - { - "match": { - "uri": "/status/*" - }, - "action": { - "proxy": "http://unix:/opt/unit/unit.sock" - } - } - ] - }, - "applications": { - "netbox": { - "type": "python 3", - "path": "/opt/netbox/netbox/", - "module": "netbox.wsgi", - "home": "/opt/netbox/venv", - "processes": { - "max": 4, - "spare": 1, - "idle_timeout": 120 - } - } - }, - "access_log": "/dev/stdout", - "settings": { - "http": { - "max_body_size": 104857600 - } - } -} diff --git a/docker/unit.list b/docker/unit.list deleted file mode 100644 index 6193723b7..000000000 --- a/docker/unit.list +++ /dev/null @@ -1 +0,0 @@ -deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] http://packages.nginx.org/unit/ubuntu/ noble unit diff --git a/env/netbox.env b/env/netbox.env index 52fca3baf..88c8705ec 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -15,6 +15,8 @@ EMAIL_USERNAME=netbox # EMAIL_USE_SSL and EMAIL_USE_TLS are mutually exclusive, i.e. they can't both be `true`! EMAIL_USE_SSL=false EMAIL_USE_TLS=false +GRANIAN_BACKPRESSURE=4 +GRANIAN_WORKERS=4 GRAPHQL_ENABLED=true MEDIA_ROOT=/opt/netbox/netbox/media METRICS_ENABLED=false diff --git a/requirements-container.txt b/requirements-container.txt index 65dc7891b..74b4b1e97 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,6 @@ django-auth-ldap==5.2.0 dulwich==0.24.10 +granian[uvloop]==2.5.7 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From db027b14a309b600ee633826d5d782bbb6139195 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 16 Nov 2025 17:56:30 +0000 Subject: [PATCH 297/318] Update dependency granian to v2.6.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 74b4b1e97..5e50235d2 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==5.2.0 dulwich==0.24.10 -granian[uvloop]==2.5.7 +granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 74b0a41f3ed55c44dccf6452f48ddfc0d0a9b454 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 18 Nov 2025 22:51:24 +0000 Subject: [PATCH 298/318] Update dependency sentry-sdk to v2.45.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 5e50235d2..cd5bf737e 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.44.0 +sentry-sdk[django]==2.45.0 From 0f2fb47d9c61283a2ba42d069b8bcbe4064b4314 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 20 Nov 2025 18:38:17 +0000 Subject: [PATCH 299/318] Update actions/checkout action to v6 --- .github/workflows/push.yml | 4 ++-- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index fa6bab10c..4eb4efd07 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -23,7 +23,7 @@ jobs: packages: read statuses: write steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: # Full git history is needed to get a proper # list of changed files within `super-linter` @@ -74,7 +74,7 @@ jobs: steps: - id: git-checkout name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - id: buildx-setup name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2d83729c5..9314b8f66 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: steps: - id: source-checkout name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: ${{ matrix.build.branch }} - id: set-netbox-docker-version From 10031c29902bb56b4abb63238f3f88253362c719 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 13:50:32 +0000 Subject: [PATCH 300/318] Update dependency sentry-sdk to v2.46.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index cd5bf737e..8725c57cd 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.45.0 +sentry-sdk[django]==2.46.0 From 6967b2ca34353383283b6afddd530ed2e94cf585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Bouynot?= Date: Mon, 1 Dec 2025 14:57:07 +0100 Subject: [PATCH 301/318] feat: bump the version to 3.4.2 so it match a newer docker image --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 0af361cc2..c6df93864 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.1} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.2} depends_on: - postgres - redis From 9a68d6fd7015df922ebee62646cd8d8cd401a746 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 3 Dec 2025 19:34:23 +0000 Subject: [PATCH 302/318] Update dependency sentry-sdk to v2.47.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 8725c57cd..65a5f82ba 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.46.0 +sentry-sdk[django]==2.47.0 From ac419312ae13b239b082d03271958ca8b7b03884 Mon Sep 17 00:00:00 2001 From: Nahuel Cassinari Date: Tue, 9 Dec 2025 15:27:25 +0100 Subject: [PATCH 303/318] Update STORAGES example --- configuration/extra.py | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/configuration/extra.py b/configuration/extra.py index 8bd133716..3a10ea28f 100644 --- a/configuration/extra.py +++ b/configuration/extra.py @@ -33,13 +33,20 @@ ## By default uploaded media is stored on the local filesystem. Using Django-storages is also supported. Provide the -## class path of the storage driver in STORAGE_BACKEND and any configuration options in STORAGE_CONFIG. For example: -# STORAGE_BACKEND = 'storages.backends.s3boto3.S3Boto3Storage' -# STORAGE_CONFIG = { -# 'AWS_ACCESS_KEY_ID': 'Key ID', -# 'AWS_SECRET_ACCESS_KEY': 'Secret', -# 'AWS_STORAGE_BUCKET_NAME': 'netbox', -# 'AWS_S3_REGION_NAME': 'eu-west-1', +## class path of the storage driver and any configuration options in STORAGES. For example: +# STORAGES = { +# 'default': { +# 'BACKEND': 'storages.backends.s3boto3.S3Boto3Storage', +# 'OPTIONS': { +# 'access_key': 'Key ID', +# 'secret_key': 'Secret', +# 'bucket_name': 'netbox', +# 'region_name': 'us-west-1', +# } +# }, +# 'staticfiles': { +# 'BACKEND': 'django.contrib.staticfiles.storage.StaticFilesStorage', +# } # } From 8387b4d0f6df6b0f79c4017b343b6c4777bcade9 Mon Sep 17 00:00:00 2001 From: Skye Fugate Date: Wed, 10 Dec 2025 00:51:30 -0600 Subject: [PATCH 304/318] NetBox-Docker Okta & Google SSO Environment Additions (#1475) * feat: add SSO environment variable support for OKTA and Google OAuth2 Add native support for SSO configuration through environment variables and Docker secrets, eliminating the need to modify configuration.py for common SSO providers. Changes: - Add OKTA OpenID Connect configuration variables: - SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY (env var) - SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET (env var + Docker secret: okta_openidconnect_secret) - SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL (env var) - Add Google OAuth2 configuration variables: - SOCIAL_AUTH_GOOGLE_OAUTH2_KEY (env var) - SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET (env var + Docker secret: google_oauth2_secret) Follows existing patterns with _read_secret() for sensitive data and environ.get() for non-sensitive configuration. Resolves: netbox-community/netbox-docker#1139 * Secrets example * fix: add newline at end of file --------- Co-authored-by: skyefugate --- configuration/configuration.py | 6 ++++++ docker-compose.override.yml.example | 15 +++++++++++++++ env/netbox.env | 8 ++++++++ 3 files changed, 29 insertions(+) diff --git a/configuration/configuration.py b/configuration/configuration.py index 8dfa736d3..f71786a23 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -310,6 +310,12 @@ def _environ_get_and_map(variable_name: str, default: str | None = None, map_fn: REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST) REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST) REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST) +# SSO Configuration +SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY') +SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET = _read_secret('okta_openidconnect_secret', environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET', '')) +SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL') +SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY') +SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = _read_secret('google_oauth2_secret', environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', '')) # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the # version check or use the URL below to check for release in the official NetBox repository. diff --git a/docker-compose.override.yml.example b/docker-compose.override.yml.example index 139481401..8c2ff7021 100644 --- a/docker-compose.override.yml.example +++ b/docker-compose.override.yml.example @@ -16,3 +16,18 @@ services: # SUPERUSER_EMAIL: "" # SUPERUSER_NAME: "" # SUPERUSER_PASSWORD: "" + # SSO Configuration + # SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY: "your_okta_client_id" + # SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL: "https://your-domain.okta.com" + # SOCIAL_AUTH_GOOGLE_OAUTH2_KEY: "your_google_client_id" + # secrets: + # - okta_openidconnect_secret + # - google_oauth2_secret + +# Uncomment to use Docker secrets for SSO credentials +# secrets: +# okta_openidconnect_secret: +# file: ./secrets/okta_secret.txt +# google_oauth2_secret: +# file: ./secrets/google_secret.txt + diff --git a/env/netbox.env b/env/netbox.env index 88c8705ec..c7b97db89 100644 --- a/env/netbox.env +++ b/env/netbox.env @@ -33,4 +33,12 @@ REDIS_SSL=false RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X' SKIP_SUPERUSER=true +# SSO Configuration (uncomment and configure as needed) +# OKTA OpenID Connect +# SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY=your_okta_client_id +# SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET=your_okta_client_secret +# SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL=https://your-domain.okta.com +# Google OAuth2 +# SOCIAL_AUTH_GOOGLE_OAUTH2_KEY=your_google_client_id +# SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET=your_google_client_secret WEBHOOKS_ENABLED=true From 021c3fea99950150a10846d07c0e6f9798cbe539 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 16 Dec 2025 19:14:21 +0000 Subject: [PATCH 305/318] chore(deps): update dependency sentry-sdk to v2.48.0 (#1579) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 65a5f82ba..c59726627 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.47.0 +sentry-sdk[django]==2.48.0 From 968bef976ca068a23f8e19d02730721db189db1c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 18 Dec 2025 00:05:52 +0000 Subject: [PATCH 306/318] chore(deps): update dependency dulwich to v0.25.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index c59726627..0145b21c4 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.2.0 -dulwich==0.24.10 +dulwich==0.25.0 granian[uvloop]==2.6.0 python3-saml==1.16.0 --no-binary lxml From 36f075e407d843d423ccabc6bed9754ae9b1d305 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 26 Dec 2025 18:05:18 +0000 Subject: [PATCH 307/318] chore(deps): update dependency django-auth-ldap to v5.3.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 0145b21c4..1e4b90601 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,4 +1,4 @@ -django-auth-ldap==5.2.0 +django-auth-ldap==5.3.0 dulwich==0.25.0 granian[uvloop]==2.6.0 python3-saml==1.16.0 From ebba20d02b5b827be1ef14984262b7fac7cf5584 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 1 Dec 2025 12:50:47 +0100 Subject: [PATCH 308/318] Changed volume to match upstream image --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 86586c082..d35800144 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -43,7 +43,7 @@ services: retries: 5 env_file: env/postgres.env volumes: - - netbox-postgres-data:/var/lib/postgresql/data + - netbox-postgres:/var/lib/postgresql # redis redis: @@ -75,7 +75,7 @@ services: volumes: netbox-media-files: driver: local - netbox-postgres-data: + netbox-postgres: driver: local netbox-redis-cache-data: driver: local From da0784992eb5ee55efac30338432d7f5aebe2d74 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 7 Jan 2026 13:54:12 +0000 Subject: [PATCH 309/318] chore(deps): update dependency granian to v2.6.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 1e4b90601..82db07d0a 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==5.3.0 dulwich==0.25.0 -granian[uvloop]==2.6.0 +granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 20cccc3869aeb4455501fc0622b340cc9ababb86 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 8 Jan 2026 10:09:25 +0000 Subject: [PATCH 310/318] chore(deps): update dependency sentry-sdk to v2.49.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 82db07d0a..3242b8f70 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.48.0 +sentry-sdk[django]==2.49.0 From fd6a75ac96185921ad004967c2878ad18516e8d2 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 8 Jan 2026 13:36:54 +0100 Subject: [PATCH 311/318] Support new API token format (#1591) Support new API token format --- .flake8 | 2 +- Dockerfile | 1 + docker/docker-entrypoint.sh | 37 ++----------------------------------- docker/super_user.py | 36 ++++++++++++++++++++++++++++++++++++ 4 files changed, 40 insertions(+), 36 deletions(-) create mode 100644 docker/super_user.py diff --git a/.flake8 b/.flake8 index 83a86a295..6872797da 100644 --- a/.flake8 +++ b/.flake8 @@ -4,4 +4,4 @@ extend-ignore = E203, W503 per-file-ignores = configuration/*:E131,E251,E266,E302,E305,E501,E722 startup_scripts/startup_script_utils/__init__.py:F401 - docker/*:E266,E722 + docker/*:E266,E722,E501 diff --git a/Dockerfile b/Dockerfile index 753200a37..91f814f9a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -76,6 +76,7 @@ COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh +COPY docker/super_user.py /opt/netbox/super_user.py COPY configuration/ /etc/netbox/config/ COPY docker/granian.py /opt/netbox/netbox/netbox/granian.py COPY VERSION /opt/netbox/VERSION diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index fa5930d49..1d3616766 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -54,43 +54,10 @@ fi if [ "$SKIP_SUPERUSER" == "true" ]; then echo "↩️ Skip creating the superuser" else - if [ -z ${SUPERUSER_NAME+x} ]; then - SUPERUSER_NAME='admin' - fi - if [ -z ${SUPERUSER_EMAIL+x} ]; then - SUPERUSER_EMAIL='admin@example.com' - fi - if [ -f "/run/secrets/superuser_password" ]; then - SUPERUSER_PASSWORD="$( str | None: + try: + f = open("/run/secrets/" + secret_name, "r", encoding="utf-8") + except EnvironmentError: + return default + else: + with f: + return f.readline().strip() + + +su_name = environ.get("SUPERUSER_NAME", "admin") +su_email = environ.get("SUPERUSER_EMAIL", "admin@example.com") +su_password = _read_secret("superuser_password", environ.get("SUPERUSER_PASSWORD", "admin")) +su_api_token = _read_secret( + "superuser_api_token", + environ.get("SUPERUSER_API_TOKEN", "0123456789abcdef0123456789abcdef01234567"), +) + +if not User.objects.filter(username=su_name): + u = User.objects.create_superuser(su_name, su_email, su_password) + msg = "" + if not settings.API_TOKEN_PEPPERS: + print("⚠️ No API token will be created as API_TOKEN_PEPPERS is not set") + msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}" + else: + t = Token.objects.create(user=u, token=su_api_token, version=TokenVersionChoices.V2) + msg = f"💡 Superuser Username: {su_name}, E-Mail: {su_email}, API Token: {t} (use with '{t.get_auth_header_prefix()}')" + print(msg) From c8232c058eb391a34f7a1b8dfe7d88d8372d5f64 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 9 Jan 2026 00:43:09 +0000 Subject: [PATCH 312/318] chore(deps): update dependency dulwich to v0.25.1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 3242b8f70..250227485 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.3.0 -dulwich==0.25.0 +dulwich==0.25.1 granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml From 4f60741e791bec506d9df94ed42fcead1e85af7f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 12 Jan 2026 01:54:47 +0000 Subject: [PATCH 313/318] chore(deps): update dependency dulwich to v0.25.2 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 250227485..9d9f910df 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.3.0 -dulwich==0.25.1 +dulwich==0.25.2 granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml From 050f3134851d47bafec8df5c921863153849cb02 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 18 Jan 2026 02:03:43 +0000 Subject: [PATCH 314/318] chore(deps): update dependency dulwich to v1 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 9d9f910df..bbd3ec071 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==5.3.0 -dulwich==0.25.2 +dulwich==1.0.0 granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml From 909c234af641155c3e3f238709ee72eeb7b3a4ca Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 20 Jan 2026 14:45:03 +0000 Subject: [PATCH 315/318] chore(deps): update dependency sentry-sdk to v2.50.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index bbd3ec071..118d963a9 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.49.0 +sentry-sdk[django]==2.50.0 From a4a83453d95b4ce1d545d9a6ebec0e6f5ccb1e15 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 11:07:37 +0000 Subject: [PATCH 316/318] chore(deps): update dependency sentry-sdk to v2.51.0 --- requirements-container.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-container.txt b/requirements-container.txt index 118d963a9..2535bbd9f 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -4,4 +4,4 @@ granian[uvloop]==2.6.1 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec -sentry-sdk[django]==2.50.0 +sentry-sdk[django]==2.51.0 From 52b1e23c80c3c878ea5f238e9f41b0212b7d1d24 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 2 Feb 2026 12:46:02 +0100 Subject: [PATCH 317/318] Fixed serving of the local documentation --- docker/launch-netbox.sh | 1 + requirements-container.txt | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docker/launch-netbox.sh b/docker/launch-netbox.sh index a61e0767b..d68f9bcee 100755 --- a/docker/launch-netbox.sh +++ b/docker/launch-netbox.sh @@ -15,6 +15,7 @@ exec granian \ --working-dir "/opt/netbox/netbox/" \ --static-path-route "/static" \ --static-path-mount "/opt/netbox/netbox/static/" \ + --static-path-dir-to-file index.html \ --pid-file "/tmp/granian.pid" \ "${GRANIAN_EXTRA_ARGS[@]}" \ "netbox.granian:application" diff --git a/requirements-container.txt b/requirements-container.txt index 2535bbd9f..ebe01cb8b 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,6 +1,6 @@ django-auth-ldap==5.3.0 dulwich==1.0.0 -granian[uvloop]==2.6.1 +granian[uvloop]==2.7.0 python3-saml==1.16.0 --no-binary lxml --no-binary xmlsec From 01a36c69c4998dd191f406fbf78129497f75c421 Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Mon, 2 Feb 2026 12:46:51 +0100 Subject: [PATCH 318/318] Preparation for 4.0.0 --- VERSION | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index a423d4217..0c89fc927 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -3.4.2 \ No newline at end of file +4.0.0 \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 173476038..64c67ba39 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,6 @@ services: netbox: &netbox - image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.2} + image: docker.io/netboxcommunity/netbox:${VERSION-v4.5-4.0.0} depends_on: - postgres - redis