From a5bb31b95347229e400099565bedd3f6a3785c9a Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Tue, 7 Apr 2020 12:02:22 +0200 Subject: [Contrib] Authorize choice of subcomponents Instead of forcing installation of all contrib components, make the installation of these components enabled with a toggle, so each person can choose to install a subset, all or none. Issue-ID: OOM-2352 Signed-off-by: Sylvain Desbureaux Change-Id: Ie112fe1f1864587b9ac69f18967a3c28d16bdbbe --- .../config/configuration/configuration.py | 156 +++++++++++++++++++++ .../config/configuration/gunicorn_config.py | 8 ++ .../resources/config/configuration/ldap_config.py | 55 ++++++++ .../config/initializers/custom_fields.yml | 18 +++ .../resources/config/initializers/groups.yml | 9 ++ .../resources/config/initializers/users.yml | 9 ++ .../resources/config/provisioning/provision.sh | 136 ++++++++++++++++++ .../resources/config/startup_scripts/00_users.py | 26 ++++ .../resources/config/startup_scripts/10_groups.py | 19 +++ .../config/startup_scripts/20_custom_fields.py | 68 +++++++++ 10 files changed, 504 insertions(+) create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py create mode 100755 kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py (limited to 'kubernetes/contrib/components/netbox/charts/netbox-app/resources') diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py new file mode 100755 index 0000000000..7d704ae762 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/configuration.py @@ -0,0 +1,156 @@ +import os +import socket + +# For reference see http://netbox.readthedocs.io/en/latest/configuration/mandatory-settings/ +# Based on https://github.com/digitalocean/netbox/blob/develop/netbox/netbox/configuration.example.py + +# Read secret from file +def read_secret(secret_name): + try: + f = open('/run/secrets/' + secret_name, 'r', encoding='utf-8') + except EnvironmentError: + return '' + else: + with f: + return f.readline().strip() + +BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +######################### +# # +# Required settings # +# # +######################### + +# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write +# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name. +# +# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local'] +ALLOWED_HOSTS = os.environ.get('ALLOWED_HOSTS', socket.gethostname()).split(' ') + +# PostgreSQL database configuration. +DATABASE = { + 'NAME': os.environ.get('DB_NAME', 'netbox'), # Database name + 'USER': os.environ.get('DB_USER', ''), # PostgreSQL username + 'PASSWORD': os.environ.get('DB_PASSWORD', read_secret('db_password')), + # PostgreSQL password + 'HOST': os.environ.get('DB_HOST', 'localhost'), # Database server + 'PORT': os.environ.get('DB_PORT', ''), # Database port (leave blank for default) +} + +# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file. +# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and +# symbols. NetBox will not run without this defined. For more information, see +# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SECRET_KEY +SECRET_KEY = os.environ.get('SECRET_KEY', read_secret('secret_key')) + +######################### +# # +# Optional settings # +# # +######################### + +# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of +# application errors (assuming correct email settings are provided). +ADMINS = [ + # ['John Doe', 'jdoe@example.com'], +] + +# Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same +# content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP. +BANNER_TOP = os.environ.get('BANNER_TOP', '') +BANNER_BOTTOM = os.environ.get('BANNER_BOTTOM', '') + +# Text to include on the login page above the login form. HTML is allowed. +BANNER_LOGIN = os.environ.get('BANNER_LOGIN', '') + +# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: +# BASE_PATH = 'netbox/' +BASE_PATH = os.environ.get('BASE_PATH', '') + +# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be +# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or +# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers +CORS_ORIGIN_ALLOW_ALL = os.environ.get('CORS_ORIGIN_ALLOW_ALL', 'False').lower() == 'true' +CORS_ORIGIN_WHITELIST = os.environ.get('CORS_ORIGIN_WHITELIST', '').split(' ') +CORS_ORIGIN_REGEX_WHITELIST = [ + # r'^(https?://)?(\w+\.)?example\.com$', +] + +# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal +# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging +# on a production system. +DEBUG = os.environ.get('DEBUG', 'False').lower() == 'true' + +# Email settings +EMAIL = { + 'SERVER': os.environ.get('EMAIL_SERVER', 'localhost'), + 'PORT': int(os.environ.get('EMAIL_PORT', 25)), + 'USERNAME': os.environ.get('EMAIL_USERNAME', ''), + 'PASSWORD': os.environ.get('EMAIL_PASSWORD', read_secret('email_password')), + 'TIMEOUT': int(os.environ.get('EMAIL_TIMEOUT', 10)), # seconds + 'FROM_EMAIL': os.environ.get('EMAIL_FROM', ''), +} + +# Enforcement of unique IP space can be toggled on a per-VRF basis. +# To enforce unique IP space within the global table (all prefixes and IP addresses not assigned to a VRF), +# set ENFORCE_GLOBAL_UNIQUE to True. +ENFORCE_GLOBAL_UNIQUE = os.environ.get('ENFORCE_GLOBAL_UNIQUE', 'False').lower() == 'true' + +# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: +# https://docs.djangoproject.com/en/1.11/topics/logging/ +LOGGING = {} + +# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users +# are permitted to access most data in NetBox (excluding secrets) but not make any changes. +LOGIN_REQUIRED = os.environ.get('LOGIN_REQUIRED', 'False').lower() == 'true' + +# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set: +# BASE_PATH = 'netbox/' +BASE_PATH = os.environ.get('BASE_PATH', '') + +# Setting this to True will display a "maintenance mode" banner at the top of every page. +MAINTENANCE_MODE = os.environ.get('MAINTENANCE_MODE', 'False').lower() == 'true' + +# An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g. +# "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request +# all objects by specifying "?limit=0". +MAX_PAGE_SIZE = int(os.environ.get('MAX_PAGE_SIZE', 1000)) + +# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that +# the default value of this setting is derived from the installed location. +MEDIA_ROOT = os.environ.get('MEDIA_ROOT', os.path.join(BASE_DIR, 'media')) + +# Credentials that NetBox will use to access live devices. +NAPALM_USERNAME = os.environ.get('NAPALM_USERNAME', '') +NAPALM_PASSWORD = os.environ.get('NAPALM_PASSWORD', read_secret('napalm_password')) + +# NAPALM timeout (in seconds). (Default: 30) +NAPALM_TIMEOUT = int(os.environ.get('NAPALM_TIMEOUT', 30)) + +# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must +# be provided as a dictionary. +NAPALM_ARGS = {} + +# Determine how many objects to display per page within a list. (Default: 50) +PAGINATE_COUNT = int(os.environ.get('PAGINATE_COUNT', 50)) + +# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to +# prefer IPv4 instead. +PREFER_IPV4 = os.environ.get('PREFER_IPV4', 'False').lower() == 'true' + +# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of +# this setting is derived from the installed location. +REPORTS_ROOT = os.environ.get('REPORTS_ROOT', '/etc/netbox/reports') + +# Time zone (default: UTC) +TIME_ZONE = os.environ.get('TIME_ZONE', 'UTC') + +# Date/time formatting. See the following link for supported formats: +# https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date +DATE_FORMAT = os.environ.get('DATE_FORMAT', 'N j, Y') +SHORT_DATE_FORMAT = os.environ.get('SHORT_DATE_FORMAT', 'Y-m-d') +TIME_FORMAT = os.environ.get('TIME_FORMAT', 'g:i a') +SHORT_TIME_FORMAT = os.environ.get('SHORT_TIME_FORMAT', 'H:i:s') +DATETIME_FORMAT = os.environ.get('DATETIME_FORMAT', 'N j, Y g:i a') +SHORT_DATETIME_FORMAT = os.environ.get('SHORT_DATETIME_FORMAT', 'Y-m-d H:i') diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py new file mode 100755 index 0000000000..c7d9f7b725 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/gunicorn_config.py @@ -0,0 +1,8 @@ +command = '/usr/bin/gunicorn' +pythonpath = '/opt/netbox/netbox' +bind = '0.0.0.0:{{ .Values.service.internalPort }}' +workers = 3 +errorlog = '-' +accesslog = '-' +capture_output = False +loglevel = 'debug' diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py new file mode 100755 index 0000000000..c7e0d3bee9 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/configuration/ldap_config.py @@ -0,0 +1,55 @@ +import ldap +import os + +from django_auth_ldap.config import LDAPSearch, GroupOfNamesType + +# Server URI +AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '') + +# The following may be needed if you are binding to Active Directory. +AUTH_LDAP_CONNECTION_OPTIONS = { + ldap.OPT_REFERRALS: 0 +} + +# Set the DN and password for the NetBox service account. +AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '') +AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '') + +# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert. +# Note that this is a NetBox-specific setting which sets: +# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) +LDAP_IGNORE_CERT_ERRORS = os.environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').lower() == 'true' + +AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''), + ldap.SCOPE_SUBTREE, + "(sAMAccountName=%(user)s)") + +# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group +# heirarchy. +AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE, + "(objectClass=group)") +AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() + +# Define a group required to login. +AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '') + +# Define special user types using groups. Exercise great caution when assigning superuser status. +AUTH_LDAP_USER_FLAGS_BY_GROUP = { + "is_active": os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), + "is_staff": os.environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), + "is_superuser": os.environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') +} + +# For more granular permissions, we can map LDAP groups to Django groups. +AUTH_LDAP_FIND_GROUP_PERMS = os.environ.get('AUTH_LDAP_FIND_GROUP_PERMS', 'True').lower() == 'true' + +# Cache groups for one hour to reduce LDAP traffic +AUTH_LDAP_CACHE_GROUPS = os.environ.get('AUTH_LDAP_CACHE_GROUPS', 'True').lower() == 'true' +AUTH_LDAP_GROUP_CACHE_TIMEOUT = int(os.environ.get('AUTH_LDAP_CACHE_GROUPS', 3600)) + +# Populate the Django user from the LDAP directory. +AUTH_LDAP_USER_ATTR_MAP = { + "first_name": os.environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'), + "last_name": os.environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'), + "email": os.environ.get('AUTH_LDAP_ATTR_MAIL', 'mail') +} diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml new file mode 100755 index 0000000000..c23e29a11d --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/custom_fields.yml @@ -0,0 +1,18 @@ +external-key: + description: "The external-key uniquely identify the resources to a service within ONAP." + filterable: true + label: ONAP external key + on_objects: + - ipam.models.IPAddress + required: true + type: text + weight: 0 +resource-name: + description: "The resource-name of the element using this IP." + filterable: true + label: ONAP resource name + on_objects: + - ipam.models.IPAddress + required: true + type: text + weight: 0 \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml new file mode 100755 index 0000000000..1f4a5a7a6e --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/groups.yml @@ -0,0 +1,9 @@ +# applications: +# users: +# - technical_user +# readers: +# users: +# - reader +# writers: +# users: +# - writer diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml new file mode 100755 index 0000000000..77d330beac --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/initializers/users.yml @@ -0,0 +1,9 @@ +onap: + first_name: Steve + last_name: McQueen + email: steve.mcqueen@onap.org + password: onap123$ + api_token: onceuponatimeiplayedwithnetbox20180814 # This API KEY is used by SDNC, if you edit it, make sure to change it in the netbox.properties file + is_staff: true # whether user is admin or not, default = false + is_active: true # whether user is active, default = true + is_superuser: true # Whether user has all edit rights or not, default = false \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh new file mode 100755 index 0000000000..5db036f708 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/provisioning/provision.sh @@ -0,0 +1,136 @@ +#!/bin/bash + +# Create region + +echo "Create region: RegionOne" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "RegionOne", + "slug": "RegionOne" +}' + +# Create tenant group + +echo "Create tenant group: ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP group", + "slug": "onap-group" +}' + +# Create tenant + +echo "Create tenant ONAP in ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP", + "slug": "onap", + "group": 1, + "description": "ONAP tenant", + "comments": "Tenant for ONAP demo use cases" +}' + +# Create site + +echo "Create ONAP demo site: Montreal Lab" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "Montreal Lab D3", + "slug": "mtl-lab-d3", + "region": 1, + "tenant": 1, + "facility": "Campus", + "time_zone": "Canada/Atlantic", + "description": "Site hosting the ONAP use cases", + "physical_address": "1 Graham Bell", + "shipping_address": "1 Graham Bell", + "contact_name": "Alexis", + "contact_phone": "0000000000", + "contact_email": "adetalhouet89@gmail.com", + "comments": "ONAP lab" +}' + +# Create prefixes + +echo "Create Prefix for vFW protected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.private2 }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for private network 2" +}' + +echo "Create Prefix for vFW unprotected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.private1 }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for private network 1" +}' + +echo "Create Prefix for ONAP general purpose network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "{{ .Values.service.management }}", + "site": 1, + "tenant": 1, + "is_pool": false, + "description": "IP Pool for ONAP - general purpose" +}' + +# Reserve ports, gateway and dhcp, for each protected and unprotected networks. + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/1/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/2/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' + +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/3/available-ips/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py new file mode 100755 index 0000000000..7626058357 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py @@ -0,0 +1,26 @@ +from django.contrib.auth.models import Group, User +from users.models import Token + +from ruamel.yaml import YAML + +with open('/opt/netbox/initializers/users.yml', 'r') as stream: + yaml=YAML(typ='safe') + users = yaml.load(stream) + + if users is not None: + for username, user_details in users.items(): + if not User.objects.filter(username=username): + user = User.objects.create_user( + username = username, + password = user_details.get('password', 0) or User.objects.make_random_password, + is_staff = user_details.get('is_staff', 0) or false, + is_superuser = user_details.get('is_superuser', 0) or false, + is_active = user_details.get('is_active', 0) or true, + first_name = user_details.get('first_name', 0), + last_name = user_details.get('last_name', 0), + email = user_details.get('email', 0)) + + print("👤 Created user ",username) + + if user_details.get('api_token', 0): + Token.objects.create(user=user, key=user_details['api_token']) \ No newline at end of file diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py new file mode 100755 index 0000000000..7932874704 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/10_groups.py @@ -0,0 +1,19 @@ +from django.contrib.auth.models import Group, User +from ruamel.yaml import YAML + +with open('/opt/netbox/initializers/groups.yml', 'r') as stream: + yaml=YAML(typ='safe') + groups = yaml.load(stream) + + if groups is not None: + for groupname, group_details in groups.items(): + group, created = Group.objects.get_or_create(name=groupname) + + if created: + print("👥 Created group", groupname) + + for username in group_details['users']: + user = User.objects.get(username=username) + + if user: + user.groups.add(group) diff --git a/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py new file mode 100755 index 0000000000..5c40e37bf2 --- /dev/null +++ b/kubernetes/contrib/components/netbox/charts/netbox-app/resources/config/startup_scripts/20_custom_fields.py @@ -0,0 +1,68 @@ +from extras.constants import CF_TYPE_TEXT, CF_TYPE_INTEGER, CF_TYPE_BOOLEAN, CF_TYPE_DATE, CF_TYPE_URL, CF_TYPE_SELECT +from extras.models import CustomField, CustomFieldChoice + +from ruamel.yaml import YAML + +text_to_fields = { + 'boolean': CF_TYPE_BOOLEAN, + 'date': CF_TYPE_DATE, + 'integer': CF_TYPE_INTEGER, + 'selection': CF_TYPE_SELECT, + 'text': CF_TYPE_TEXT, + 'url': CF_TYPE_URL, +} + +def get_class_for_class_path(class_path): + import importlib + from django.contrib.contenttypes.models import ContentType + + module_name, class_name = class_path.rsplit(".", 1) + module = importlib.import_module(module_name) + clazz = getattr(module, class_name) + return ContentType.objects.get_for_model(clazz) + +with open('/opt/netbox/initializers/custom_fields.yml', 'r') as stream: + yaml = YAML(typ='safe') + customfields = yaml.load(stream) + + if customfields is not None: + for cf_name, cf_details in customfields.items(): + custom_field, created = CustomField.objects.get_or_create(name = cf_name) + + if created: + if cf_details.get('default', 0): + custom_field.default = cf_details['default'] + + if cf_details.get('description', 0): + custom_field.description = cf_details['description'] + + if cf_details.get('filterable', 0): + custom_field.is_filterables = cf_details['filterable'] + + if cf_details.get('label', 0): + custom_field.label = cf_details['label'] + + for object_type in cf_details.get('on_objects', []): + custom_field.obj_type.add(get_class_for_class_path(object_type)) + + if cf_details.get('required', 0): + custom_field.required = cf_details['required'] + + if cf_details.get('type', 0): + custom_field.type = text_to_fields[cf_details['type']] + + if cf_details.get('weight', 0): + custom_field.weight = cf_details['weight'] + + custom_field.save() + + for choice_details in cf_details.get('choices', []): + choice = CustomFieldChoice.objects.create( + field=custom_field, + value=choice_details['value']) + + if choice_details.get('weight', 0): + choice.weight = choice_details['weight'] + choice.save() + + print("🔧 Created custom field", cf_name) -- cgit 1.2.3-korg