mirror/netbox-community-netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2024-05-10 07:54:54 +00:00
Code Activity

Merge branch 'develop' into develop-2.8

Browse Source
This commit is contained in:
Jeremy Stretch
2020-04-06 13:51:05 -04:00
parent 52ef488208 5f6b63e978
commit 46b896b2cf
15 changed files with 150 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -1,7 +1,5 @@
![NetBox](docs/netbox_logo.svg "NetBox logo")
**The [2020 NetBox user survey](https://docs.google.com/forms/d/1OVZuC4kQ-6kJbVf0bDB6vgkL9H96xF6phvYzby23elk/edit) is open!** Your feedback helps guide the project's long-term development.
NetBox is an IP address management (IPAM) and data center infrastructure
management (DCIM) tool. Initially conceived by the network engineering team at
[DigitalOcean](https://www.digitalocean.com/), NetBox was developed specifically

26
contrib/apache.conf Normal file
View File

@ -0,0 +1,26 @@
<VirtualHost *:443>
ProxyPreserveHost On
# CHANGE THIS TO YOUR SERVER'S NAME
ServerName netbox.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/netbox.crt
SSLCertificateKeyFile /etc/ssl/private/netbox.key
Alias /static /opt/netbox/netbox/static
<Directory /opt/netbox/netbox/static>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>
<Location /static>
ProxyPass !
</Location>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
ProxyPass / http://127.0.0.1:8001/
ProxyPassReverse / http://127.0.0.1:8001/
</VirtualHost>

29
contrib/nginx.conf Normal file
View File

@ -0,0 +1,29 @@
server {
listen 443 ssl;
# CHANGE THIS TO YOUR SERVER'S NAME
server_name netbox.example.com;
ssl_certificate /etc/ssl/certs/netbox.crt;
ssl_certificate_key /etc/ssl/private/netbox.key;
client_max_body_size 25m;
location /static/ {
alias /opt/netbox/netbox/static/;
}
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
# Redirect HTTP traffic to HTTPS
listen 80;
server_name _;
return 301 https://$host$request_uri;
}

92
docs/installation/4-http-daemon.md
View File

@ -5,6 +5,18 @@ We'll set up a simple WSGI front end using [gunicorn](http://gunicorn.org/) for
!!! info
For the sake of brevity, only Ubuntu 18.04 instructions are provided here, but this sort of web server and WSGI configuration is not unique to NetBox. Please consult your distribution's documentation for assistance if needed.
## Obtain an SSL Certificate
To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from [Let's Encrypt](https://letsencrypt.org/getting-started/), or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the `netbox` user.
The command below can be used to generate a self-signed certificate for testing purposes, however it is strongly recommended to use a certificate from a trusted authority in production. Two files will be created: the public certificate (`netbox.crt`) and the private key (`netbox.key`). The certificate is published to the world, whereas the private key must be kept secret at all times.
```no-highlight
# openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/netbox.key \
-out /etc/ssl/certs/netbox.crt
```
## HTTP Daemon Installation
### Option A: nginx
@ -15,27 +27,10 @@ The following will serve as a minimal nginx configuration. Be sure to modify you
# apt-get install -y nginx
```
Once nginx is installed, save the following configuration to `/etc/nginx/sites-available/netbox`. Be sure to replace `netbox.example.com` with the domain name or IP address of your installation. (This should match the value configured for `ALLOWED_HOSTS` in `configuration.py`.)
Once nginx is installed, copy the default nginx configuration file to `/etc/nginx/sites-available/netbox`. Be sure to replace `netbox.example.com` with the domain name or IP address of your installation. (This should match the value configured for `ALLOWED_HOSTS` in `configuration.py`.)
```nginx
server {
listen 80;
server_name netbox.example.com;
client_max_body_size 25m;
location /static/ {
alias /opt/netbox/netbox/static/;
}
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
```no-highlight
# cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox
```
Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sites-enabled` directory to the configuration file you just created.
@ -46,61 +41,34 @@ Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sit
# ln -s /etc/nginx/sites-available/netbox
```
Restart the nginx service to use the new configuration.
Finally, restart the `nginx` service to use the new configuration.
```no-highlight
# service nginx restart
```
To enable SSL, consider this guide on [securing nginx with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04).
### Option B: Apache
```no-highlight
# apt-get install -y apache2 libapache2-mod-wsgi-py3
```
Once Apache is installed, proceed with the following configuration (Be sure to modify the `ServerName` appropriately):
```apache
<VirtualHost *:80>
ProxyPreserveHost On
ServerName netbox.example.com
Alias /static /opt/netbox/netbox/static
# Needed to allow token-based API authentication
WSGIPassAuthorization on
<Directory /opt/netbox/netbox/static>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Require all granted
</Directory>
<Location /static>
ProxyPass !
</Location>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
ProxyPass / http://127.0.0.1:8001/
ProxyPassReverse / http://127.0.0.1:8001/
</VirtualHost>
```
Save the contents of the above example in `/etc/apache2/sites-available/netbox.conf`, enable the `proxy` and `proxy_http` modules, and reload Apache:
Begin by installing Apache:
```no-highlight
# a2enmod proxy
# a2enmod proxy_http
# a2enmod headers
# apt-get install -y apache2
```
Next, copy the default configuration file to `/etc/apache2/sites-available/`. Be sure to modify the `ServerName` parameter appropriately.
```no-highlight
# cp /opt/netbox/contrib/apache.conf /etc/apache2/sites-available/netbox.conf
```
Finally, ensure that the required Apache modules are enabled, enable the `netbox` site, and reload Apache:
```no-highlight
# a2enmod ssl proxy proxy_http headers
# a2ensite netbox
# service apache2 restart
```
To enable SSL, consider this guide on [securing Apache with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04).
!!! note
Certain components of NetBox (such as the display of rack elevation diagrams) rely on the use of embedded objects. Ensure that your HTTP server configuration does not override the `X-Frame-Options` response header set by NetBox.

17
docs/release-notes/version-2.7.md
View File

@ -1,5 +1,22 @@
# NetBox v2.7 Release Notes
## v2.7.12 (FUTURE)
### Enhancements
* [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import
* [#4147](https://github.com/netbox-community/netbox/issues/4147) - Use absolute URLs in rack elevation SVG renderings
* [#4448](https://github.com/netbox-community/netbox/issues/4448) - Allow connecting cables between two circuit terminations
### Bug Fixes
* [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously
* [#4438](https://github.com/netbox-community/netbox/issues/4438) - Fix exception when disconnecting a cable from a power feed
* [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields
* [#4449](https://github.com/netbox-community/netbox/issues/4449) - Fix reservation edit/delete button URLs on rack view
---
## v2.7.11 (2020-03-27)
### Enhancements

3
netbox/dcim/api/views.py
View File

@ -169,7 +169,8 @@ class RackViewSet(CustomFieldModelViewSet):
unit_width=data['unit_width'],
unit_height=data['unit_height'],
legend_width=data['legend_width'],
include_images=data['include_images']
include_images=data['include_images'],
base_url=request.build_absolute_uri('/')
)
return HttpResponse(drawing.tostring(), content_type='image/svg+xml')

2
netbox/dcim/constants.py
View File

@ -92,5 +92,5 @@ COMPATIBLE_TERMINATION_TYPES = {
'interface': ['interface', 'circuittermination', 'frontport', 'rearport'],
'frontport': ['consoleport', 'consoleserverport', 'interface', 'frontport', 'rearport', 'circuittermination'],
'rearport': ['consoleport', 'consoleserverport', 'interface', 'frontport', 'rearport', 'circuittermination'],
'circuittermination': ['interface', 'frontport', 'rearport'],
'circuittermination': ['interface', 'frontport', 'rearport', 'circuittermination'],
}

11
netbox/dcim/elevations.py
View File

@ -15,10 +15,15 @@ class RackElevationSVG:
:param rack: A NetBox Rack instance
:param include_images: If true, the SVG document will embed front/rear device face images, where available
:param base_url: Base URL for links within the SVG document. If none, links will be relative.
"""
def __init__(self, rack, include_images=True):
def __init__(self, rack, include_images=True, base_url=None):
self.rack = rack
self.include_images = include_images
if base_url is not None:
self.base_url = base_url.rstrip('/')
else:
self.base_url = ''
def _get_device_description(self, device):
return '{} ({}) — {} ({}U) {} {}'.format(
@ -69,7 +74,7 @@ class RackElevationSVG:
color = device.device_role.color
link = drawing.add(
drawing.a(
href=reverse('dcim:device', kwargs={'pk': device.pk}),
href='{}{}'.format(self.base_url, reverse('dcim:device', kwargs={'pk': device.pk})),
target='_top',
fill='black'
)
@ -81,7 +86,7 @@ class RackElevationSVG:
# Embed front device type image if one exists
if self.include_images and device.device_type.front_image:
url = device.device_type.front_image.url
url = '{}{}'.format(self.base_url, device.device_type.front_image.url)
image = drawing.image(href=url, insert=start, size=end, class_='device-image')
image.fit(scale='slice')
link.add(image)

10
netbox/dcim/models/__init__.py
View File

@ -719,7 +719,8 @@ class Rack(ChangeLoggedModel, CustomFieldModel):
unit_width=RACK_ELEVATION_UNIT_WIDTH_DEFAULT,
unit_height=RACK_ELEVATION_UNIT_HEIGHT_DEFAULT,
legend_width=RACK_ELEVATION_LEGEND_WIDTH_DEFAULT,
include_images=True
include_images=True,
base_url=None
):
"""
Return an SVG of the rack elevation
@ -730,8 +731,9 @@ class Rack(ChangeLoggedModel, CustomFieldModel):
height of the elevation
:param legend_width: Width of the unit legend, in pixels
:param include_images: Embed front/rear device images where available
:param base_url: Base URL for links and images. If none, URLs will be relative.
"""
elevation = RackElevationSVG(self, include_images=include_images)
elevation = RackElevationSVG(self, include_images=include_images, base_url=base_url)
return elevation.render(face, unit_width, unit_height, legend_width)
@ -1952,6 +1954,10 @@ class PowerFeed(ChangeLoggedModel, CableTermination, CustomFieldModel):
super().save(*args, **kwargs)
@property
def parent(self):
return self.power_panel
def get_type_class(self):
return self.TYPE_CLASS_MAP.get(self.type)

8
netbox/ipam/forms.py
View File

@ -335,9 +335,9 @@ class PrefixForm(BootstrapMixin, TenancyForm, CustomFieldModelForm):
class PrefixCSVForm(CustomFieldModelCSVForm):
vrf = FlexibleModelChoiceField(
queryset=VRF.objects.all(),
to_field_name='rd',
to_field_name='name',
required=False,
help_text='Route distinguisher of parent VRF (or {ID})',
help_text='Name of parent VRF (or {ID})',
error_messages={
'invalid_choice': 'VRF not found.',
}
@ -739,9 +739,9 @@ class IPAddressBulkAddForm(BootstrapMixin, TenancyForm, CustomFieldModelForm):
class IPAddressCSVForm(CustomFieldModelCSVForm):
vrf = FlexibleModelChoiceField(
queryset=VRF.objects.all(),
to_field_name='rd',
to_field_name='name',
required=False,
help_text='Route distinguisher of parent VRF (or {ID})',
help_text='Name of parent VRF (or {ID})',
error_messages={
'invalid_choice': 'VRF not found.',
}

17
netbox/ipam/tests/test_views.py
View File

@ -180,10 +180,10 @@ class PrefixTestCase(ViewTestCases.PrimaryObjectViewTestCase):
}
cls.csv_data = (
"prefix,status",
"10.4.0.0/16,Active",
"10.5.0.0/16,Active",
"10.6.0.0/16,Active",
"vrf,prefix,status",
"VRF 1,10.4.0.0/16,Active",
"VRF 1,10.5.0.0/16,Active",
"VRF 1,10.6.0.0/16,Active",
)
cls.bulk_edit_data = {
@ -207,6 +207,7 @@ class IPAddressTestCase(ViewTestCases.PrimaryObjectViewTestCase):
VRF(name='VRF 1', rd='65000:1'),
VRF(name='VRF 2', rd='65000:2'),
)
VRF.objects.bulk_create(vrfs)
IPAddress.objects.bulk_create([
IPAddress(address=IPNetwork('192.0.2.1/24'), vrf=vrfs[0]),
@ -228,10 +229,10 @@ class IPAddressTestCase(ViewTestCases.PrimaryObjectViewTestCase):
}
cls.csv_data = (
"address,status",
"192.0.2.4/24,Active",
"192.0.2.5/24,Active",
"192.0.2.6/24,Active",
"vrf,address,status",
"VRF 1,192.0.2.4/24,Active",
"VRF 1,192.0.2.5/24,Active",
"VRF 1,192.0.2.6/24,Active",
)
cls.bulk_edit_data = {

1
netbox/templates/circuits/inc/circuit_termination.html
View File

@ -66,6 +66,7 @@
<li><a href="{% url 'circuits:circuittermination_connect' termination_a_id=termination.pk termination_b_type='interface' %}?return_url={{ device.get_absolute_url }}">Interface</a></li>
<li><a href="{% url 'circuits:circuittermination_connect' termination_a_id=termination.pk termination_b_type='front-port' %}?return_url={{ device.get_absolute_url }}">Front Port</a></li>
<li><a href="{% url 'circuits:circuittermination_connect' termination_a_id=termination.pk termination_b_type='rear-port' %}?return_url={{ device.get_absolute_url }}">Rear Port</a></li>
<li><a href="{% url 'circuits:circuittermination_connect' termination_a_id=termination.pk termination_b_type='circuit-termination' %}?return_url={{ device.get_absolute_url }}">Circuit Termination</a></li>
</ul>
</span>
</div>

4
netbox/templates/dcim/rack.html
View File

@ -289,12 +289,12 @@
</td>
<td class="text-right noprint">
{% if perms.dcim.change_rackreservation %}
<a href="{% url 'dcim:rackreservation_edit' pk=resv.pk %}&return_url={{ rack.get_absolute_url }}" class="btn btn-warning btn-xs" title="Edit reservation">
<a href="{% url 'dcim:rackreservation_edit' pk=resv.pk %}?return_url={{ rack.get_absolute_url }}" class="btn btn-warning btn-xs" title="Edit reservation">
<i class="glyphicon glyphicon-pencil" aria-hidden="true"></i>
</a>
{% endif %}
{% if perms.dcim.delete_rackreservation %}
<a href="{% url 'dcim:rackreservation_delete' pk=resv.pk %}&return_url={{ rack.get_absolute_url }}" class="btn btn-danger btn-xs" title="Delete reservation">
<a href="{% url 'dcim:rackreservation_delete' pk=resv.pk %}?return_url={{ rack.get_absolute_url }}" class="btn btn-danger btn-xs" title="Delete reservation">
<i class="glyphicon glyphicon-trash" aria-hidden="true"></i>
</a>
{% endif %}

2
netbox/templates/inc/custom_fields_panel.html
View File

@ -15,7 +15,7 @@
<i class="glyphicon glyphicon-remove text-danger" title="False"></i>
{% elif field.type == 'url' and value %}
<a href="{{ value }}">{{ value|truncatechars:70 }}</a>
{% elif field.type == 'integer' or value %}
{% elif value is not None %}
{{ value }}
{% elif field.required %}
<span class="text-warning">Not defined</span>

14
netbox/utilities/forms.py
View File

@ -698,7 +698,7 @@ class ImportForm(BootstrapMixin, forms.Form):
"""
data = forms.CharField(
widget=forms.Textarea,
help_text="Enter object data in JSON or YAML format."
help_text="Enter object data in JSON or YAML format. Note: Only a single object/document is supported."
)
format = forms.ChoiceField(
choices=(
@ -717,14 +717,24 @@ class ImportForm(BootstrapMixin, forms.Form):
if format == 'json':
try:
self.cleaned_data['data'] = json.loads(data)
# Check for multiple JSON objects
if type(self.cleaned_data['data']) is not dict:
raise forms.ValidationError({
'data': "Import is limited to one object at a time."
})
except json.decoder.JSONDecodeError as err:
raise forms.ValidationError({
'data': "Invalid JSON data: {}".format(err)
})
else:
# Check for multiple YAML documents
if '\n---' in data:
raise forms.ValidationError({
'data': "Import is limited to one object at a time."
})
try:
self.cleaned_data['data'] = yaml.load(data, Loader=yaml.SafeLoader)
except yaml.scanner.ScannerError as err:
except yaml.error.YAMLError as err:
raise forms.ValidationError({
'data': "Invalid YAML data: {}".format(err)
})