From 5cf872d000d26cbf9595fd9b6b5380b5b984c3cc Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 27 Mar 2020 12:49:48 -0400 Subject: [PATCH 01/19] Post-release version bump --- netbox/netbox/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 0937279b2..684a377ad 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -15,7 +15,7 @@ from django.core.validators import URLValidator # Environment setup # -VERSION = '2.7.11' +VERSION = '2.7.12-dev' # Hostname HOSTNAME = platform.node() From aa38dcf4904f451a1e07b3141b5f1aebffd92be1 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Mon, 30 Mar 2020 15:54:35 -0400 Subject: [PATCH 02/19] Closes #3676: Reference VRF by name rather than RD during IP/prefix import --- docs/release-notes/version-2.7.md | 8 ++++++++ netbox/ipam/forms.py | 8 ++++---- netbox/ipam/tests/test_views.py | 17 +++++++++-------- 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 047ee3549..3cf4522a7 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -1,5 +1,13 @@ # NetBox v2.7 Release Notes +## v2.7.12 (FUTURE) + +### Enhancements + +* [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import + +--- + ## v2.7.11 (2020-03-27) ### Enhancements diff --git a/netbox/ipam/forms.py b/netbox/ipam/forms.py index 7a4373fb0..b0f28060d 100644 --- a/netbox/ipam/forms.py +++ b/netbox/ipam/forms.py @@ -335,9 +335,9 @@ class PrefixForm(BootstrapMixin, TenancyForm, CustomFieldModelForm): class PrefixCSVForm(CustomFieldModelCSVForm): vrf = FlexibleModelChoiceField( queryset=VRF.objects.all(), - to_field_name='rd', + to_field_name='name', required=False, - help_text='Route distinguisher of parent VRF (or {ID})', + help_text='Name of parent VRF (or {ID})', error_messages={ 'invalid_choice': 'VRF not found.', } @@ -739,9 +739,9 @@ class IPAddressBulkAddForm(BootstrapMixin, TenancyForm, CustomFieldModelForm): class IPAddressCSVForm(CustomFieldModelCSVForm): vrf = FlexibleModelChoiceField( queryset=VRF.objects.all(), - to_field_name='rd', + to_field_name='name', required=False, - help_text='Route distinguisher of parent VRF (or {ID})', + help_text='Name of parent VRF (or {ID})', error_messages={ 'invalid_choice': 'VRF not found.', } diff --git a/netbox/ipam/tests/test_views.py b/netbox/ipam/tests/test_views.py index ba9db74f7..5c48cccfd 100644 --- a/netbox/ipam/tests/test_views.py +++ b/netbox/ipam/tests/test_views.py @@ -180,10 +180,10 @@ class PrefixTestCase(ViewTestCases.PrimaryObjectViewTestCase): } cls.csv_data = ( - "prefix,status", - "10.4.0.0/16,Active", - "10.5.0.0/16,Active", - "10.6.0.0/16,Active", + "vrf,prefix,status", + "VRF 1,10.4.0.0/16,Active", + "VRF 1,10.5.0.0/16,Active", + "VRF 1,10.6.0.0/16,Active", ) cls.bulk_edit_data = { @@ -207,6 +207,7 @@ class IPAddressTestCase(ViewTestCases.PrimaryObjectViewTestCase): VRF(name='VRF 1', rd='65000:1'), VRF(name='VRF 2', rd='65000:2'), ) + VRF.objects.bulk_create(vrfs) IPAddress.objects.bulk_create([ IPAddress(family=4, address=IPNetwork('192.0.2.1/24'), vrf=vrfs[0]), @@ -228,10 +229,10 @@ class IPAddressTestCase(ViewTestCases.PrimaryObjectViewTestCase): } cls.csv_data = ( - "address,status", - "192.0.2.4/24,Active", - "192.0.2.5/24,Active", - "192.0.2.6/24,Active", + "vrf,address,status", + "VRF 1,192.0.2.4/24,Active", + "VRF 1,192.0.2.5/24,Active", + "VRF 1,192.0.2.6/24,Active", ) cls.bulk_edit_data = { From fb2868f8bbe7ba0d5520aa1cc1ff3210f0967350 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Mon, 30 Mar 2020 16:44:04 -0400 Subject: [PATCH 03/19] Fixes #4418: Fail cleanly when trying to import multiple device types simultaneously --- docs/release-notes/version-2.7.md | 4 ++++ netbox/utilities/forms.py | 14 ++++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 3cf4522a7..630d9186a 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -6,6 +6,10 @@ * [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import +### Bug Fixes + +* [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously + --- ## v2.7.11 (2020-03-27) diff --git a/netbox/utilities/forms.py b/netbox/utilities/forms.py index c17ff9299..fd528f827 100644 --- a/netbox/utilities/forms.py +++ b/netbox/utilities/forms.py @@ -698,7 +698,7 @@ class ImportForm(BootstrapMixin, forms.Form): """ data = forms.CharField( widget=forms.Textarea, - help_text="Enter object data in JSON or YAML format." + help_text="Enter object data in JSON or YAML format. Note: Only a single object/document is supported." ) format = forms.ChoiceField( choices=( @@ -717,14 +717,24 @@ class ImportForm(BootstrapMixin, forms.Form): if format == 'json': try: self.cleaned_data['data'] = json.loads(data) + # Check for multiple JSON objects + if type(self.cleaned_data['data']) is not dict: + raise forms.ValidationError({ + 'data': "Import is limited to one object at a time." + }) except json.decoder.JSONDecodeError as err: raise forms.ValidationError({ 'data': "Invalid JSON data: {}".format(err) }) else: + # Check for multiple YAML documents + if '\n---' in data: + raise forms.ValidationError({ + 'data': "Import is limited to one object at a time." + }) try: self.cleaned_data['data'] = yaml.load(data, Loader=yaml.SafeLoader) - except yaml.scanner.ScannerError as err: + except yaml.error.YAMLError as err: raise forms.ValidationError({ 'data': "Invalid YAML data: {}".format(err) }) From 221e014a25405fea9cd58e365d85ae5e286792b2 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Tue, 31 Mar 2020 11:36:53 -0400 Subject: [PATCH 04/19] Remove survey notification from README --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index be69a9e52..4203b7d87 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,5 @@ ![NetBox](docs/netbox_logo.svg "NetBox logo") -**The [2020 NetBox user survey](https://docs.google.com/forms/d/1OVZuC4kQ-6kJbVf0bDB6vgkL9H96xF6phvYzby23elk/edit) is open!** Your feedback helps guide the project's long-term development. - NetBox is an IP address management (IPAM) and data center infrastructure management (DCIM) tool. Initially conceived by the network engineering team at [DigitalOcean](https://www.digitalocean.com/), NetBox was developed specifically From 354f87c888af784d75322416d79de5e53e82f8c7 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Thu, 2 Apr 2020 10:06:01 -0400 Subject: [PATCH 05/19] Fixes #4439: Tweak display of unset custom integer fields --- docs/release-notes/version-2.7.md | 1 + netbox/templates/inc/custom_fields_panel.html | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 630d9186a..67765c25c 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -9,6 +9,7 @@ ### Bug Fixes * [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously +* [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields --- diff --git a/netbox/templates/inc/custom_fields_panel.html b/netbox/templates/inc/custom_fields_panel.html index 00e009611..4f9b033b6 100644 --- a/netbox/templates/inc/custom_fields_panel.html +++ b/netbox/templates/inc/custom_fields_panel.html @@ -15,7 +15,7 @@ {% elif field.type == 'url' and value %} {{ value|truncatechars:70 }} - {% elif field.type == 'integer' or value %} + {% elif value %} {{ value }} {% elif field.required %} Not defined From 4ab3854d661153c90d1d78e344c7254d2d55f11b Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Thu, 2 Apr 2020 10:19:50 -0400 Subject: [PATCH 06/19] Fixes #4438: Fix exception when disconnecting a cable from a power feed --- docs/release-notes/version-2.7.md | 1 + netbox/dcim/models/__init__.py | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 67765c25c..fec39318d 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -9,6 +9,7 @@ ### Bug Fixes * [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously +* [#4438](https://github.com/netbox-community/netbox/issues/4438) - Fix exception when disconnecting a cable from a power feed * [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields --- diff --git a/netbox/dcim/models/__init__.py b/netbox/dcim/models/__init__.py index 902687617..63a320c78 100644 --- a/netbox/dcim/models/__init__.py +++ b/netbox/dcim/models/__init__.py @@ -1905,6 +1905,10 @@ class PowerFeed(ChangeLoggedModel, CableTermination, CustomFieldModel): super().save(*args, **kwargs) + @property + def parent(self): + return self.power_panel + def get_type_class(self): return self.TYPE_CLASS_MAP.get(self.type) From 1f3a21ba20ba735437f5f8c1597211bdfbf1647b Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 12:13:36 -0400 Subject: [PATCH 07/19] Fixes #4449: Fix reservation edit/delete button URLs on rack view --- docs/release-notes/version-2.7.md | 1 + netbox/templates/dcim/rack.html | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index fec39318d..afce2ef70 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -11,6 +11,7 @@ * [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously * [#4438](https://github.com/netbox-community/netbox/issues/4438) - Fix exception when disconnecting a cable from a power feed * [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields +* [#4449](https://github.com/netbox-community/netbox/issues/4449) - Fix reservation edit/delete button URLs on rack view --- diff --git a/netbox/templates/dcim/rack.html b/netbox/templates/dcim/rack.html index ecd17172b..10cf492ac 100644 --- a/netbox/templates/dcim/rack.html +++ b/netbox/templates/dcim/rack.html @@ -287,12 +287,12 @@ {% if perms.dcim.change_rackreservation %} - + {% endif %} {% if perms.dcim.delete_rackreservation %} - + {% endif %} From 721368ea8d095b3882fc31d1f88637ae696a204b Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 13:16:35 -0400 Subject: [PATCH 08/19] Closes #4147: Use absolute URLs in rack elevation SVG renderings --- docs/release-notes/version-2.7.md | 1 + netbox/dcim/api/views.py | 3 ++- netbox/dcim/elevations.py | 11 ++++++++--- netbox/dcim/models/__init__.py | 6 ++++-- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index afce2ef70..251b063ae 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -5,6 +5,7 @@ ### Enhancements * [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import +* [#4147](https://github.com/netbox-community/netbox/issues/4147) - Use absolute URLs in rack elevation SVG renderings ### Bug Fixes diff --git a/netbox/dcim/api/views.py b/netbox/dcim/api/views.py index 34ba0c47d..1041a0f41 100644 --- a/netbox/dcim/api/views.py +++ b/netbox/dcim/api/views.py @@ -225,7 +225,8 @@ class RackViewSet(CustomFieldModelViewSet): unit_width=data['unit_width'], unit_height=data['unit_height'], legend_width=data['legend_width'], - include_images=data['include_images'] + include_images=data['include_images'], + base_url=request.build_absolute_uri('/') ) return HttpResponse(drawing.tostring(), content_type='image/svg+xml') diff --git a/netbox/dcim/elevations.py b/netbox/dcim/elevations.py index a1af3968c..ea780b2d9 100644 --- a/netbox/dcim/elevations.py +++ b/netbox/dcim/elevations.py @@ -15,10 +15,15 @@ class RackElevationSVG: :param rack: A NetBox Rack instance :param include_images: If true, the SVG document will embed front/rear device face images, where available + :param base_url: Base URL for links within the SVG document. If none, links will be relative. """ - def __init__(self, rack, include_images=True): + def __init__(self, rack, include_images=True, base_url=None): self.rack = rack self.include_images = include_images + if base_url is not None: + self.base_url = base_url.rstrip('/') + else: + self.base_url = '' def _get_device_description(self, device): return '{} ({}) — {} ({}U) {} {}'.format( @@ -69,7 +74,7 @@ class RackElevationSVG: color = device.device_role.color link = drawing.add( drawing.a( - href=reverse('dcim:device', kwargs={'pk': device.pk}), + href='{}{}'.format(self.base_url, reverse('dcim:device', kwargs={'pk': device.pk})), target='_top', fill='black' ) @@ -81,7 +86,7 @@ class RackElevationSVG: # Embed front device type image if one exists if self.include_images and device.device_type.front_image: - url = device.device_type.front_image.url + url = '{}{}'.format(self.base_url, device.device_type.front_image.url) image = drawing.image(href=url, insert=start, size=end, class_='device-image') image.fit(scale='slice') link.add(image) diff --git a/netbox/dcim/models/__init__.py b/netbox/dcim/models/__init__.py index 63a320c78..f8a15ced9 100644 --- a/netbox/dcim/models/__init__.py +++ b/netbox/dcim/models/__init__.py @@ -682,7 +682,8 @@ class Rack(ChangeLoggedModel, CustomFieldModel): unit_width=RACK_ELEVATION_UNIT_WIDTH_DEFAULT, unit_height=RACK_ELEVATION_UNIT_HEIGHT_DEFAULT, legend_width=RACK_ELEVATION_LEGEND_WIDTH_DEFAULT, - include_images=True + include_images=True, + base_url=None ): """ Return an SVG of the rack elevation @@ -693,8 +694,9 @@ class Rack(ChangeLoggedModel, CustomFieldModel): height of the elevation :param legend_width: Width of the unit legend, in pixels :param include_images: Embed front/rear device images where available + :param base_url: Base URL for links and images. If none, URLs will be relative. """ - elevation = RackElevationSVG(self, include_images=include_images) + elevation = RackElevationSVG(self, include_images=include_images, base_url=base_url) return elevation.render(face, unit_width, unit_height, legend_width) From 630788731eede86f930d5295b24ca28ec4042484 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 13:44:41 -0400 Subject: [PATCH 09/19] Closes #4448: Allow connecting cables between two circuit terminations --- docs/release-notes/version-2.7.md | 1 + netbox/dcim/constants.py | 2 +- netbox/templates/circuits/inc/circuit_termination.html | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 251b063ae..78afbf06d 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -6,6 +6,7 @@ * [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import * [#4147](https://github.com/netbox-community/netbox/issues/4147) - Use absolute URLs in rack elevation SVG renderings +* [#4448](https://github.com/netbox-community/netbox/issues/4448) - Allow connecting cables between two circuit terminations ### Bug Fixes diff --git a/netbox/dcim/constants.py b/netbox/dcim/constants.py index 78a418283..f938b6f14 100644 --- a/netbox/dcim/constants.py +++ b/netbox/dcim/constants.py @@ -92,5 +92,5 @@ COMPATIBLE_TERMINATION_TYPES = { 'interface': ['interface', 'circuittermination', 'frontport', 'rearport'], 'frontport': ['consoleport', 'consoleserverport', 'interface', 'frontport', 'rearport', 'circuittermination'], 'rearport': ['consoleport', 'consoleserverport', 'interface', 'frontport', 'rearport', 'circuittermination'], - 'circuittermination': ['interface', 'frontport', 'rearport'], + 'circuittermination': ['interface', 'frontport', 'rearport', 'circuittermination'], } diff --git a/netbox/templates/circuits/inc/circuit_termination.html b/netbox/templates/circuits/inc/circuit_termination.html index 970f48f21..8db715711 100644 --- a/netbox/templates/circuits/inc/circuit_termination.html +++ b/netbox/templates/circuits/inc/circuit_termination.html @@ -66,6 +66,7 @@
  • Interface
  • Front Port
  • Rear Port
    • +
  • Circuit Termination
    • From 1ffbeba181028da871e31b65c503141e01a7ef8f Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 13:47:58 -0400 Subject: [PATCH 10/19] #4439: Fix null integer field display --- netbox/templates/inc/custom_fields_panel.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/netbox/templates/inc/custom_fields_panel.html b/netbox/templates/inc/custom_fields_panel.html index 4f9b033b6..8c1872273 100644 --- a/netbox/templates/inc/custom_fields_panel.html +++ b/netbox/templates/inc/custom_fields_panel.html @@ -15,7 +15,7 @@ {% elif field.type == 'url' and value %} {{ value|truncatechars:70 }} - {% elif value %} + {% elif value is not None %} {{ value }} {% elif field.required %} Not defined From af405a8ab2b3d1e9ca5e1e2f72e1f0afc133395c Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 15:35:45 -0400 Subject: [PATCH 11/19] Closes #4391: Extend installation docs to include enabling SSL --- docs/installation/4-http-daemon.md | 44 ++++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 11 deletions(-) diff --git a/docs/installation/4-http-daemon.md b/docs/installation/4-http-daemon.md index 4ab28dca7..29912f66c 100644 --- a/docs/installation/4-http-daemon.md +++ b/docs/installation/4-http-daemon.md @@ -5,6 +5,18 @@ We'll set up a simple WSGI front end using [gunicorn](http://gunicorn.org/) for !!! info For the sake of brevity, only Ubuntu 18.04 instructions are provided here, but this sort of web server and WSGI configuration is not unique to NetBox. Please consult your distribution's documentation for assistance if needed. +## Obtain an SSL Certificate + +To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from [Let's Encrypt](https://letsencrypt.org/getting-started/), or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the `netbox` user. + +The command below can be used to generate a self-signed certificate for testing purposes, however it is strongly recommended to use a certificate from a trusted authority in production. Two files will be created: the public certificate (`netbox.crt`) and the private key (`netbox.key`). The certificate is published to the world, whereas the private key must be kept secret at all times. + +```no-highlight +# openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ +-keyout /etc/ssl/private/netbox.key \ +-out /etc/ssl/certs/netbox.crt +``` + ## HTTP Daemon Installation ### Option A: nginx @@ -19,10 +31,13 @@ Once nginx is installed, save the following configuration to `/etc/nginx/sites-a ```nginx server { - listen 80; + listen 443 ssl; server_name netbox.example.com; + ssl_certificate /etc/ssl/certs/netbox.crt; + ssl_certificate_key /etc/ssl/private/netbox.key; + client_max_body_size 25m; location /static/ { @@ -36,6 +51,14 @@ server { proxy_set_header X-Forwarded-Proto $scheme; } } + +server { + # Redirect HTTP traffic to HTTPS + listen 80; + server_name _; + return 301 https://$host$request_uri; +} + ``` Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sites-enabled` directory to the configuration file you just created. @@ -52,8 +75,6 @@ Restart the nginx service to use the new configuration. # service nginx restart ``` -To enable SSL, consider this guide on [securing nginx with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04). - ### Option B: Apache ```no-highlight @@ -63,15 +84,16 @@ To enable SSL, consider this guide on [securing nginx with Let's Encrypt](https: Once Apache is installed, proceed with the following configuration (Be sure to modify the `ServerName` appropriately): ```apache - + ProxyPreserveHost On ServerName netbox.example.com - Alias /static /opt/netbox/netbox/static + SSLEngine on + SSLCertificateFile /etc/ssl/certs/netbox.crt + SSLCertificateKeyFile /etc/ssl/private/netbox.key - # Needed to allow token-based API authentication - WSGIPassAuthorization on + Alias /static /opt/netbox/netbox/static Options Indexes FollowSymLinks MultiViews @@ -89,12 +111,12 @@ Once Apache is installed, proceed with the following configuration (Be sure to m ``` -Save the contents of the above example in `/etc/apache2/sites-available/netbox.conf`, enable the `proxy` and `proxy_http` modules, and reload Apache: +Save the contents of the above example in `/etc/apache2/sites-available/netbox.conf`. + +Finally, ensure that the required Apache modules are enabled, enable the `netbox` site and reload Apache: ```no-highlight -# a2enmod proxy -# a2enmod proxy_http -# a2enmod headers +# a2enmod ssl proxy proxy_http headers # a2ensite netbox # service apache2 restart ``` From ad08935c57977109b4ae7908cd95941033357b1e Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 15:46:48 -0400 Subject: [PATCH 12/19] Move nginx/Apache configs to discrete files --- contrib/apache.conf | 26 +++++++++++ contrib/nginx.conf | 29 ++++++++++++ docs/installation/4-http-daemon.md | 74 ++++-------------------------- 3 files changed, 65 insertions(+), 64 deletions(-) create mode 100644 contrib/apache.conf create mode 100644 contrib/nginx.conf diff --git a/contrib/apache.conf b/contrib/apache.conf new file mode 100644 index 000000000..1804e380d --- /dev/null +++ b/contrib/apache.conf @@ -0,0 +1,26 @@ + + ProxyPreserveHost On + + # CHANGE THIS TO YOUR SERVER'S NAME + ServerName netbox.example.com + + SSLEngine on + SSLCertificateFile /etc/ssl/certs/netbox.crt + SSLCertificateKeyFile /etc/ssl/private/netbox.key + + Alias /static /opt/netbox/netbox/static + + + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Require all granted + + + + ProxyPass ! + + + RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME} + ProxyPass / http://127.0.0.1:8001/ + ProxyPassReverse / http://127.0.0.1:8001/ + diff --git a/contrib/nginx.conf b/contrib/nginx.conf new file mode 100644 index 000000000..1230f3ce4 --- /dev/null +++ b/contrib/nginx.conf @@ -0,0 +1,29 @@ +server { + listen 443 ssl; + + # CHANGE THIS TO YOUR SERVER'S NAME + server_name netbox.example.com; + + ssl_certificate /etc/ssl/certs/netbox.crt; + ssl_certificate_key /etc/ssl/private/netbox.key; + + client_max_body_size 25m; + + location /static/ { + alias /opt/netbox/netbox/static/; + } + + location / { + proxy_pass http://127.0.0.1:8001; + proxy_set_header X-Forwarded-Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + } +} + +server { + # Redirect HTTP traffic to HTTPS + listen 80; + server_name _; + return 301 https://$host$request_uri; +} diff --git a/docs/installation/4-http-daemon.md b/docs/installation/4-http-daemon.md index 29912f66c..d9190e39f 100644 --- a/docs/installation/4-http-daemon.md +++ b/docs/installation/4-http-daemon.md @@ -27,38 +27,10 @@ The following will serve as a minimal nginx configuration. Be sure to modify you # apt-get install -y nginx ``` -Once nginx is installed, save the following configuration to `/etc/nginx/sites-available/netbox`. Be sure to replace `netbox.example.com` with the domain name or IP address of your installation. (This should match the value configured for `ALLOWED_HOSTS` in `configuration.py`.) - -```nginx -server { - listen 443 ssl; - - server_name netbox.example.com; - - ssl_certificate /etc/ssl/certs/netbox.crt; - ssl_certificate_key /etc/ssl/private/netbox.key; - - client_max_body_size 25m; - - location /static/ { - alias /opt/netbox/netbox/static/; - } - - location / { - proxy_pass http://127.0.0.1:8001; - proxy_set_header X-Forwarded-Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - -server { - # Redirect HTTP traffic to HTTPS - listen 80; - server_name _; - return 301 https://$host$request_uri; -} +Once nginx is installed, copy the default nginx configuration file to `/etc/nginx/sites-available/netbox`. Be sure to replace `netbox.example.com` with the domain name or IP address of your installation. (This should match the value configured for `ALLOWED_HOSTS` in `configuration.py`.) +```no-highlight +# cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox ``` Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sites-enabled` directory to the configuration file you just created. @@ -69,7 +41,7 @@ Then, delete `/etc/nginx/sites-enabled/default` and create a symlink in the `sit # ln -s /etc/nginx/sites-available/netbox ``` -Restart the nginx service to use the new configuration. +Finally, restart the `nginx` service to use the new configuration. ```no-highlight # service nginx restart @@ -77,43 +49,19 @@ Restart the nginx service to use the new configuration. ### Option B: Apache +Begin by installing Apache: + ```no-highlight # apt-get install -y apache2 libapache2-mod-wsgi-py3 ``` -Once Apache is installed, proceed with the following configuration (Be sure to modify the `ServerName` appropriately): +Next, copy the default configuration file to `/etc/apache2/sites-available/`. Be sure to modify the `ServerName` parameter appropriately. -```apache - - ProxyPreserveHost On - - ServerName netbox.example.com - - SSLEngine on - SSLCertificateFile /etc/ssl/certs/netbox.crt - SSLCertificateKeyFile /etc/ssl/private/netbox.key - - Alias /static /opt/netbox/netbox/static - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Require all granted - - - - ProxyPass ! - - - RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME} - ProxyPass / http://127.0.0.1:8001/ - ProxyPassReverse / http://127.0.0.1:8001/ - +```no-highlight +# cp /opt/netbox/contrib/apache.conf /etc/apache2/sites-available/netbox.conf ``` -Save the contents of the above example in `/etc/apache2/sites-available/netbox.conf`. - -Finally, ensure that the required Apache modules are enabled, enable the `netbox` site and reload Apache: +Finally, ensure that the required Apache modules are enabled, enable the `netbox` site, and reload Apache: ```no-highlight # a2enmod ssl proxy proxy_http headers @@ -121,8 +69,6 @@ Finally, ensure that the required Apache modules are enabled, enable the `netbox # service apache2 restart ``` -To enable SSL, consider this guide on [securing Apache with Let's Encrypt](https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-16-04). - !!! note Certain components of NetBox (such as the display of rack elevation diagrams) rely on the use of embedded objects. Ensure that your HTTP server configuration does not override the `X-Frame-Options` response header set by NetBox. From 5f6b63e978426bced60cd82bbda26b27f3522c92 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Fri, 3 Apr 2020 16:03:50 -0400 Subject: [PATCH 13/19] Remove extraneous package from Apache installation instructions --- docs/installation/4-http-daemon.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/installation/4-http-daemon.md b/docs/installation/4-http-daemon.md index d9190e39f..9124354cf 100644 --- a/docs/installation/4-http-daemon.md +++ b/docs/installation/4-http-daemon.md @@ -52,7 +52,7 @@ Finally, restart the `nginx` service to use the new configuration. Begin by installing Apache: ```no-highlight -# apt-get install -y apache2 libapache2-mod-wsgi-py3 +# apt-get install -y apache2 ``` Next, copy the default configuration file to `/etc/apache2/sites-available/`. Be sure to modify the `ServerName` parameter appropriately. From fe088dba7ad66ca9445821b4dbf51eba75ceebe7 Mon Sep 17 00:00:00 2001 From: Daniel Sheppard Date: Tue, 7 Apr 2020 08:33:00 -0500 Subject: [PATCH 14/19] Fixes: #4396 - Fix typing on interface serializer --- docs/release-notes/version-2.7.md | 1 + netbox/dcim/api/serializers.py | 1 + 2 files changed, 2 insertions(+) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 78afbf06d..e4625f82a 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -10,6 +10,7 @@ ### Bug Fixes +* [#4396](https://github.com/netbox-community/netbox/issues/4395) - Fix typing of count_ipaddresses on interface serializer * [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously * [#4438](https://github.com/netbox-community/netbox/issues/4438) - Fix exception when disconnecting a cable from a power feed * [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields diff --git a/netbox/dcim/api/serializers.py b/netbox/dcim/api/serializers.py index 5483904f5..5c72430c8 100644 --- a/netbox/dcim/api/serializers.py +++ b/netbox/dcim/api/serializers.py @@ -530,6 +530,7 @@ class InterfaceSerializer(TaggitSerializer, ConnectedEndpointSerializer): ) cable = NestedCableSerializer(read_only=True) tags = TagListSerializerField(required=False) + count_ipaddresses = serializers.IntegerField(read_only=True) class Meta: model = Interface From 225ba4cc35fd25a93bd59b8491fd7318139a3417 Mon Sep 17 00:00:00 2001 From: Daniel Sheppard Date: Tue, 7 Apr 2020 08:36:13 -0500 Subject: [PATCH 15/19] Fixes: #4395 - Fix typing on interface serializer --- docs/release-notes/version-2.7.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index e4625f82a..d4ea671f3 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -10,7 +10,7 @@ ### Bug Fixes -* [#4396](https://github.com/netbox-community/netbox/issues/4395) - Fix typing of count_ipaddresses on interface serializer +* [#4395](https://github.com/netbox-community/netbox/issues/4395) - Fix typing of count_ipaddresses on interface serializer * [#4418](https://github.com/netbox-community/netbox/issues/4418) - Fail cleanly when trying to import multiple device types simultaneously * [#4438](https://github.com/netbox-community/netbox/issues/4438) - Fix exception when disconnecting a cable from a power feed * [#4439](https://github.com/netbox-community/netbox/issues/4439) - Tweak display of unset custom integer fields From 902b1b2c3239f4693748243b0c3c52d6599a53a7 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Tue, 7 Apr 2020 10:17:34 -0400 Subject: [PATCH 16/19] Fixes #4458: Remove custom admin site to avoid conflict with django-rq 2.3.0 --- netbox/extras/admin.py | 13 ++++++------- netbox/netbox/admin.py | 25 +++++++++---------------- netbox/secrets/admin.py | 3 +-- netbox/users/admin.py | 7 +++---- 4 files changed, 19 insertions(+), 29 deletions(-) diff --git a/netbox/extras/admin.py b/netbox/extras/admin.py index f66cc248f..8f6a20db6 100644 --- a/netbox/extras/admin.py +++ b/netbox/extras/admin.py @@ -1,7 +1,6 @@ from django import forms from django.contrib import admin -from netbox.admin import admin_site from utilities.forms import LaxURLField from .models import CustomField, CustomFieldChoice, CustomLink, Graph, ExportTemplate, ReportResult, Webhook from .reports import get_report @@ -35,7 +34,7 @@ class WebhookForm(forms.ModelForm): order_content_types(self.fields['obj_type']) -@admin.register(Webhook, site=admin_site) +@admin.register(Webhook) class WebhookAdmin(admin.ModelAdmin): list_display = [ 'name', 'models', 'payload_url', 'http_content_type', 'enabled', 'type_create', 'type_update', 'type_delete', @@ -93,7 +92,7 @@ class CustomFieldChoiceAdmin(admin.TabularInline): extra = 5 -@admin.register(CustomField, site=admin_site) +@admin.register(CustomField) class CustomFieldAdmin(admin.ModelAdmin): inlines = [CustomFieldChoiceAdmin] list_display = [ @@ -135,7 +134,7 @@ class CustomLinkForm(forms.ModelForm): self.fields['content_type'].choices.insert(0, ('', '---------')) -@admin.register(CustomLink, site=admin_site) +@admin.register(CustomLink) class CustomLinkAdmin(admin.ModelAdmin): list_display = [ 'name', 'content_type', 'group_name', 'weight', @@ -150,7 +149,7 @@ class CustomLinkAdmin(admin.ModelAdmin): # Graphs # -@admin.register(Graph, site=admin_site) +@admin.register(Graph) class GraphAdmin(admin.ModelAdmin): list_display = [ 'name', 'type', 'weight', 'template_language', 'source', @@ -178,7 +177,7 @@ class ExportTemplateForm(forms.ModelForm): self.fields['content_type'].choices.insert(0, ('', '---------')) -@admin.register(ExportTemplate, site=admin_site) +@admin.register(ExportTemplate) class ExportTemplateAdmin(admin.ModelAdmin): list_display = [ 'name', 'content_type', 'description', 'mime_type', 'file_extension', @@ -193,7 +192,7 @@ class ExportTemplateAdmin(admin.ModelAdmin): # Reports # -@admin.register(ReportResult, site=admin_site) +@admin.register(ReportResult) class ReportResultAdmin(admin.ModelAdmin): list_display = [ 'report', 'active', 'created', 'user', 'passing', diff --git a/netbox/netbox/admin.py b/netbox/netbox/admin.py index 1f806c7d9..6e762a1cc 100644 --- a/netbox/netbox/admin.py +++ b/netbox/netbox/admin.py @@ -1,20 +1,13 @@ from django.conf import settings -from django.contrib.admin import AdminSite -from django.contrib.auth.admin import GroupAdmin, UserAdmin -from django.contrib.auth.models import Group, User +from django.contrib.admin import site as admin_site +from taggit.models import Tag -class NetBoxAdminSite(AdminSite): - """ - Custom admin site - """ - site_header = 'NetBox Administration' - site_title = 'NetBox' - site_url = '/{}'.format(settings.BASE_PATH) +# Override default AdminSite attributes so we can avoid creating and +# registering our own class +admin_site.site_header = 'NetBox Administration' +admin_site.site_title = 'NetBox' +admin_site.site_url = '/{}'.format(settings.BASE_PATH) - -admin_site = NetBoxAdminSite(name='admin') - -# Register external models -admin_site.register(Group, GroupAdmin) -admin_site.register(User, UserAdmin) +# Unregister the unused stock Tag model provided by django-taggit +admin_site.unregister(Tag) diff --git a/netbox/secrets/admin.py b/netbox/secrets/admin.py index 94ede4545..94cd1c7fa 100644 --- a/netbox/secrets/admin.py +++ b/netbox/secrets/admin.py @@ -1,12 +1,11 @@ from django.contrib import admin, messages from django.shortcuts import redirect, render -from netbox.admin import admin_site from .forms import ActivateUserKeyForm from .models import UserKey -@admin.register(UserKey, site=admin_site) +@admin.register(UserKey) class UserKeyAdmin(admin.ModelAdmin): actions = ['activate_selected'] list_display = ['user', 'is_filled', 'is_active', 'created'] diff --git a/netbox/users/admin.py b/netbox/users/admin.py index 4549945bf..289a1efcd 100644 --- a/netbox/users/admin.py +++ b/netbox/users/admin.py @@ -3,14 +3,13 @@ from django.contrib import admin from django.contrib.auth.admin import UserAdmin as UserAdmin_ from django.contrib.auth.models import User -from netbox.admin import admin_site from .models import Token # Unregister the built-in UserAdmin so that we can use our custom admin view below -admin_site.unregister(User) +admin.site.unregister(User) -@admin.register(User, site=admin_site) +@admin.register(User) class UserAdmin(UserAdmin_): list_display = [ 'username', 'email', 'first_name', 'last_name', 'is_superuser', 'is_staff', 'is_active' @@ -30,7 +29,7 @@ class TokenAdminForm(forms.ModelForm): model = Token -@admin.register(Token, site=admin_site) +@admin.register(Token) class TokenAdmin(admin.ModelAdmin): form = TokenAdminForm list_display = [ From ae58af4bb75e2f81a305ee1f3fdc85bb26780b97 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Tue, 7 Apr 2020 13:37:48 -0400 Subject: [PATCH 17/19] Added webhook_receiver management command --- .../management/commands/webhook_receiver.py | 85 +++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 netbox/extras/management/commands/webhook_receiver.py diff --git a/netbox/extras/management/commands/webhook_receiver.py b/netbox/extras/management/commands/webhook_receiver.py new file mode 100644 index 000000000..b15dc9d27 --- /dev/null +++ b/netbox/extras/management/commands/webhook_receiver.py @@ -0,0 +1,85 @@ +import sys +from http.server import HTTPServer, BaseHTTPRequestHandler + +from django.core.management.base import BaseCommand + + +request_counter = 1 + + +class WebhookHandler(BaseHTTPRequestHandler): + show_headers = True + + def __getattr__(self, item): + + # Return the same method for any type of HTTP request (GET, POST, etc.) + if item.startswith('do_'): + return self.do_ANY + + raise AttributeError + + def log_message(self, format_str, *args): + global request_counter + + print("[{}] {} {} {}".format( + request_counter, + self.date_time_string(), + self.address_string(), + format_str % args + )) + + def do_ANY(self): + global request_counter + + # Send a 200 response regardless of the request content + self.send_response(200) + self.end_headers() + self.wfile.write(b'Webhook received!\n') + + request_counter += 1 + + # Print the request headers to stdout + if self.show_headers: + for k, v in self.headers.items(): + print('{}: {}'.format(k, v)) + print() + + # Print the request body (if any) + content_length = self.headers.get('Content-Length') + if content_length is not None: + body = self.rfile.read(int(content_length)) + print(body.decode('utf-8')) + else: + print('(No body)') + + print('------------') + + +class Command(BaseCommand): + help = "Start a simple listener to display received HTTP requests" + + default_port = 9000 + + def add_arguments(self, parser): + parser.add_argument( + '--port', type=int, default=self.default_port, + help="Optional port number (default: {})".format(self.default_port) + ) + parser.add_argument( + "--no-headers", action='store_true', dest='no_headers', + help="Hide HTTP request headers" + ) + + def handle(self, *args, **options): + port = options['port'] + quit_command = 'CTRL-BREAK' if sys.platform == 'win32' else 'CONTROL-C' + + WebhookHandler.show_headers = not options['no_headers'] + + self.stdout.write('Listening on port http://localhost:{}. Stop with {}.'.format(port, quit_command)) + httpd = HTTPServer(('localhost', port), WebhookHandler) + + try: + httpd.serve_forever() + except KeyboardInterrupt: + self.stdout.write("\nExiting...") From 2357928e728332e1fce0a6202323320567ef9340 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Tue, 7 Apr 2020 13:49:30 -0400 Subject: [PATCH 18/19] Add documentation for webhook_receiver --- docs/additional-features/webhooks.md | 33 ++++++++++++++++++++++++++++ docs/release-notes/version-2.7.md | 1 + 2 files changed, 34 insertions(+) diff --git a/docs/additional-features/webhooks.md b/docs/additional-features/webhooks.md index 310e67bf5..de06c50b7 100644 --- a/docs/additional-features/webhooks.md +++ b/docs/additional-features/webhooks.md @@ -71,3 +71,36 @@ If no body template is specified, the request body will be populated with a JSON When a change is detected, any resulting webhooks are placed into a Redis queue for processing. This allows the user's request to complete without needing to wait for the outgoing webhook(s) to be processed. The webhooks are then extracted from the queue by the `rqworker` process and HTTP requests are sent to their respective destinations. The current webhook queue and any failed webhooks can be inspected in the admin UI under Django RQ > Queues. A request is considered successful if the response has a 2XX status code; otherwise, the request is marked as having failed. Failed requests may be retried manually via the admin UI. + +## Troubleshooting + +To assist with verifying that the content of outgoing webhooks is rendered correctly, NetBox provides a simple HTTP listener that can be run locally to receive and display webhook requests. First, modify the target URL of the desired webhook to `http://localhost:9000/`. This will instruct NetBox to send the request to the local server on TCP port 9000. Then, start the webhook receiver service from the NetBox root directory: + +```no-highlight +$ python netbox/manage.py webhook_receiver +Listening on port http://localhost:9000. Stop with CONTROL-C. +``` + +You can test the receiver itself by sending any HTTP request to it. For example: + +```no-highlight +$ curl -X POST http://localhost:9000 --data '{"foo": "bar"}' +``` + +The server will print output similar to the following: + +```no-highlight +[1] Tue, 07 Apr 2020 17:44:02 GMT 127.0.0.1 "POST / HTTP/1.1" 200 - +Host: localhost:9000 +User-Agent: curl/7.58.0 +Accept: */* +Content-Length: 14 +Content-Type: application/x-www-form-urlencoded + +{"foo": "bar"} +------------ +``` + +Note that `webhook_receiver` does not actually _do_ anything with the information received: It merely prints the request headers and body for inspection. + +Now, when the NetBox webhook is triggered and processed, you should see its headers and content appear in the terminal where the webhook receiver is listening. If you don't, check that the `rqworker` process is running and that webhook events are being placed into the queue (visible under the NetBox admin UI). diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index d4ea671f3..714f47893 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -7,6 +7,7 @@ * [#3676](https://github.com/netbox-community/netbox/issues/3676) - Reference VRF by name rather than RD during IP/prefix import * [#4147](https://github.com/netbox-community/netbox/issues/4147) - Use absolute URLs in rack elevation SVG renderings * [#4448](https://github.com/netbox-community/netbox/issues/4448) - Allow connecting cables between two circuit terminations +* [#4460](https://github.com/netbox-community/netbox/issues/4460) - Add the `webhook_receiver` management command to assist in troubleshooting outgoing webhooks ### Bug Fixes From b86c61dcdb2ef633bfa331ee8e2a49fc918922f8 Mon Sep 17 00:00:00 2001 From: Jeremy Stretch Date: Wed, 8 Apr 2020 13:26:33 -0400 Subject: [PATCH 19/19] Release v2.7.12 --- docs/release-notes/version-2.7.md | 2 +- netbox/netbox/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/release-notes/version-2.7.md b/docs/release-notes/version-2.7.md index 714f47893..e0297a692 100644 --- a/docs/release-notes/version-2.7.md +++ b/docs/release-notes/version-2.7.md @@ -1,6 +1,6 @@ # NetBox v2.7 Release Notes -## v2.7.12 (FUTURE) +## v2.7.12 (2020-04-08) ### Enhancements diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 684a377ad..ba2060ce4 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -15,7 +15,7 @@ from django.core.validators import URLValidator # Environment setup # -VERSION = '2.7.12-dev' +VERSION = '2.7.12' # Hostname HOSTNAME = platform.node()