From 05cb47e650617e95edcacbe2efc2bb343e14c152 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Thu, 30 Apr 2020 14:59:13 -0400 Subject: [PATCH] Closes #4502: Enable configuration of proxies for outbound HTTP requests --- docs/configuration/optional-settings.md | 15 +++++++++++++++ docs/release-notes/version-2.8.md | 1 + netbox/extras/webhooks_worker.py | 3 ++- netbox/netbox/configuration.example.py | 6 ++++++ netbox/netbox/settings.py | 1 + netbox/utilities/background_tasks.py | 2 +- 6 files changed, 26 insertions(+), 2 deletions(-) diff --git a/docs/configuration/optional-settings.md b/docs/configuration/optional-settings.md index 503ed1954..3f2b29b87 100644 --- a/docs/configuration/optional-settings.md +++ b/docs/configuration/optional-settings.md @@ -165,6 +165,21 @@ Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce uni --- +## HTTP_PROXIES + +Default: None + +A dictionary of HTTP proxies to use for outbound requests originating from NetBox (e.g. when sending webhooks). Proxies should be specified by schema as per the [Python requests library documentation](https://2.python-requests.org/en/master/user/advanced/). For example: + +```python +HTTP_PROXIES = { + 'http': 'http://10.10.1.10:3128', + 'https': 'http://10.10.1.10:1080', +} +``` + +--- + ## LOGGING By default, all messages of INFO severity or higher will be logged to the console. Additionally, if `DEBUG` is False and email access has been configured, ERROR and CRITICAL messages will be emailed to the users defined in `ADMINS`. diff --git a/docs/release-notes/version-2.8.md b/docs/release-notes/version-2.8.md index 0ffefcc7d..1d1ed5e2d 100644 --- a/docs/release-notes/version-2.8.md +++ b/docs/release-notes/version-2.8.md @@ -6,6 +6,7 @@ * [#3294](https://github.com/netbox-community/netbox/issues/3294) - Implement mechanism for storing user preferences * [#4421](https://github.com/netbox-community/netbox/issues/4421) - Retain user's preference for config context format +* [#4502](https://github.com/netbox-community/netbox/issues/4502) - Enable configuration of proxies for outbound HTTP requests * [#4531](https://github.com/netbox-community/netbox/issues/4531) - Retain user's preference for page length * [#4554](https://github.com/netbox-community/netbox/issues/4554) - Add ServerTech's HDOT Cx power outlet type diff --git a/netbox/extras/webhooks_worker.py b/netbox/extras/webhooks_worker.py index 15913c899..e47478f9f 100644 --- a/netbox/extras/webhooks_worker.py +++ b/netbox/extras/webhooks_worker.py @@ -1,6 +1,7 @@ import logging import requests +from django.conf import settings from django_rq import job from jinja2.exceptions import TemplateError @@ -69,7 +70,7 @@ def process_webhook(webhook, data, model_name, event, timestamp, username, reque session.verify = webhook.ssl_verification if webhook.ca_file_path: session.verify = webhook.ca_file_path - response = session.send(prepared_request) + response = session.send(prepared_request, proxies=settings.HTTP_PROXIES) if 200 <= response.status_code <= 299: logger.info("Request succeeded; response status {}".format(response.status_code)) diff --git a/netbox/netbox/configuration.example.py b/netbox/netbox/configuration.example.py index 2b9788808..94497f3cd 100644 --- a/netbox/netbox/configuration.example.py +++ b/netbox/netbox/configuration.example.py @@ -124,6 +124,12 @@ EXEMPT_VIEW_PERMISSIONS = [ # 'ipam.prefix', ] +# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks). +# HTTP_PROXIES = { +# 'http': 'http://10.10.1.10:3128', +# 'https': 'http://10.10.1.10:1080', +# } + # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: # https://docs.djangoproject.com/en/stable/topics/logging/ LOGGING = {} diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 8b1541a23..727fff499 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -77,6 +77,7 @@ DOCS_ROOT = getattr(configuration, 'DOCS_ROOT', os.path.join(os.path.dirname(BAS EMAIL = getattr(configuration, 'EMAIL', {}) ENFORCE_GLOBAL_UNIQUE = getattr(configuration, 'ENFORCE_GLOBAL_UNIQUE', False) EXEMPT_VIEW_PERMISSIONS = getattr(configuration, 'EXEMPT_VIEW_PERMISSIONS', []) +HTTP_PROXIES = getattr(configuration, 'HTTP_PROXIES', None) LOGGING = getattr(configuration, 'LOGGING', {}) LOGIN_REQUIRED = getattr(configuration, 'LOGIN_REQUIRED', False) LOGIN_TIMEOUT = getattr(configuration, 'LOGIN_TIMEOUT', None) diff --git a/netbox/utilities/background_tasks.py b/netbox/utilities/background_tasks.py index 1255846b7..79633f47f 100644 --- a/netbox/utilities/background_tasks.py +++ b/netbox/utilities/background_tasks.py @@ -28,7 +28,7 @@ def get_releases(pre_releases=False): try: logger.debug("Fetching new releases from {}".format(url)) - response = requests.get(url, headers=headers) + response = requests.get(url, headers=headers, proxies=settings.HTTP_PROXIES) response.raise_for_status() total_releases = len(response.json())