diff --git a/Dockerfile b/Dockerfile index af20b72..cdab91d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,9 @@ RUN mkdir /install \ --prefix="/install" --no-warn-script-location --no-cache-dir \ gunicorn \ django-auth-ldap \ - django-radius + django-radius \ + django-debug_toolbar + ############## # Main stage # diff --git a/configuration/configuration.py b/configuration/configuration.py index 039fb8d..fba2be7 100644 --- a/configuration/configuration.py +++ b/configuration/configuration.py @@ -53,8 +53,9 @@ def read_secret(secret_name): "tasks": { "HOST": os.environ.get("REDIS_HOST", "localhost"), "PORT": int(os.environ.get("REDIS_PORT", 6379)), + "SENTINEL_SERVICE": os.environ.get("REDIS_SENTINEL_SERVICE", "default"), "PASSWORD": os.environ.get("REDIS_PASSWORD", read_secret("redis_password")), - "CACHE_DATABASE": int(os.environ.get("REDIS_DATABASE", 0)), + "DATABASE": int(os.environ.get("REDIS_DATABASE", 0)), "DEFAULT_TIMEOUT": int(os.environ.get("REDIS_TIMEOUT", 300)), "SSL": os.environ.get("REDIS_SSL", "False").lower() == "true", }, @@ -62,15 +63,16 @@ def read_secret(secret_name): "HOST": os.environ.get( "REDIS_CACHE_HOST", os.environ.get("REDIS_HOST", "localhost") ), - "PORT": os.environ.get( - "REDIS_CACHE_PORT", - os.environ.get("REDIS_PORT", 6379) + "PORT": os.environ.get("REDIS_CACHE_PORT", os.environ.get("REDIS_PORT", 6379)), + "SENTINEL_SERVICE": os.environ.get( + "REDIS_CACHE_SENTINEL_SERVICE", + os.environ.get("REDIS_SENTINEL_SERVICE", "default"), ), "PASSWORD": os.environ.get( "REDIS_CACHE_PASSWORD", os.environ.get("REDIS_PASSWORD", read_secret("redis_cache_password")), ), - "CACHE_DATABASE": int(os.environ.get("REDIS_CACHE_DATABASE", 1)), + "DATABASE": int(os.environ.get("REDIS_CACHE_DATABASE", 1)), "DEFAULT_TIMEOUT": int( os.environ.get("REDIS_CACHE_TIMEOUT", os.environ.get("REDIS_TIMEOUT", 300)) ), @@ -80,10 +82,19 @@ def read_secret(secret_name): == "true", }, } +if 'REDIS_SENTINELS' in os.environ: + REDIS['tasks']['SENTINELS'] = os.environ.get("REDIS_SENTINELS").split(" ") + REDIS['caching']['SENTINELS'] = os.environ.get("REDIS_SENTINELS").split(" ") +if 'REDIS_CACHE_SENTINELS' in os.environ: + REDIS['caching']['SENTINELS'] = os.environ.get("REDIS_CACHE_SENTINELS").split(" ") + # Cache timeout in seconds. Set to 0 to disable caching. CACHE_TIMEOUT = int(os.environ.get("CACHE_TIMEOUT", 900)) DEBUG = os.environ.get("DEBUG", "False").lower() == "true" +INTERNAL_IPS = ["127.0.0.1", "::1"] +for ip in os.environ.get("INTERNAL_IPS", "").split(" "): + INTERNAL_IPS.append(ip) EMAIL = { "SERVER": os.environ.get("EMAIL_SERVER", "localhost"), @@ -92,6 +103,7 @@ def read_secret(secret_name): "PASSWORD": os.environ.get("EMAIL_PASSWORD", read_secret("email_password")), "TIMEOUT": int(os.environ.get("EMAIL_TIMEOUT", 10)), # seconds "FROM_ADDRESS": os.environ.get("EMAIL_FROM_ADDRESS", ""), + "SUBJECT_PREFIX": os.environ.get("EMAIL_SUBJECT_PREFIX", ""), "USE_SSL": os.environ.get("EMAIL_USE_SSL", "False").lower() == "true", "USE_TLS": os.environ.get("EMAIL_USE_TLS", "False").lower() == "true", "SSL_CERTFILE": os.environ.get("EMAIL_SSL_CERTFILE", ""), @@ -100,17 +112,20 @@ def read_secret(secret_name): CHANGELOG_RETENTION = int(os.environ.get("CHANGELOG_RETENTION", 90)) LOGIN_REQUIRED = os.environ.get("LOGIN_REQUIRED", "False").lower() == "true" +NAPALM_USERNAME = os.environ.get("NAPALM_USERNAME", "") +NAPALM_PASSWORD = os.environ.get("NAPALM_PASSWORD", read_secret("napalm_password")) +NAPALM_TIMEOUT = int(os.environ.get("NAPALM_TIMEOUT", 30)) +NAPALM_ARGS = dict( + [ + (var[len("NAPALM_ARG_") :].lower(), os.environ.get(var)) + for var in os.environ.keys() + if var.startswith("NAPALM_ARG_") + ] +) PEERINGDB_USERNAME = os.environ.get("PEERINGDB_USERNAME", "") PEERINGDB_PASSWORD = os.environ.get( "PEERINGDB_PASSWORD", read_secret("peeringdb_password") ) -NAPALM_USERNAME = os.environ.get("NAPALM_USERNAME", "") -NAPALM_PASSWORD = os.environ.get("NAPALM_PASSWORD", read_secret("napalm_password")) -NAPALM_TIMEOUT = int(os.environ.get("NAPALM_TIMEOUT", 30)) -NAPALM_ARGS = dict([ - (var[len('NAPALM_ARG_'):].lower(), os.environ.get(var)) - for var in os.environ.keys() if var.startswith('NAPALM_ARG_') -]) PAGINATE_COUNT = int(os.environ.get("PAGINATE_COUNT", 50)) BGPQ3_PATH = os.environ.get("BGPQ3_PATH", "bgpq3") BGPQ3_HOST = os.environ.get("BGPQ3_HOST", "rr.ntt.net") @@ -122,13 +137,20 @@ def read_secret(secret_name): "ipv6": os.environ.get("BGPQ3_ARGS_IPV6", "-r 16 -R 48").split(" "), "ipv4": os.environ.get("BGPQ3_ARGS_IPV4", "-r 8 -R 24").split(" "), } +METRICS_ENABLED = os.environ.get("METRICS_ENABLED", "False").lower() == "true" NETBOX_API = os.environ.get("NETBOX_API", None) NETBOX_API_TOKEN = os.environ.get("NETBOX_API_TOKEN", read_secret("netbox_api_token")) +NETBOX_API_THREADING = os.environ.get("NETBOX_API_THREADING", "False").lower() == "true" +NETBOX_API_VERIFY_SSL = ( + os.environ.get("NETBOX_API_VERIFY_SSL", "True").lower() == "true" +) NETBOX_DEVICE_ROLES = os.environ.get( "NETBOX_DEVICE_ROLES", "router,firewall,switch" ).split(",") RELEASE_CHECK_URL = os.environ.get( "RELEASE_CHECK_URL", - "https://api.github.com/repos/respawner/peering-manager/releases", + "https://api.github.com/repos/peering-manager/peering-manager/releases", ) RELEASE_CHECK_TIMEOUT = os.environ.get("RELEASE_CHECK_TIMEOUT", 86400) +SOFTDELETE_ENABLED = os.environ.get("SOFTDELETE_ENABLED", "False").lower() == "true" +SOFTDELETE_RETENTION = int(os.environ.get("SOFTDELETE_RETENTION", CHANGELOG_RETENTION)) diff --git a/docker-compose.yml b/docker-compose.yml index 1907a19..44643f4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ version: '3.4' services: peering-manager: - image: peering-manager:latest + image: peeringmanager/peering-manager:latest env_file: env/peering-manager.env depends_on: - postgres @@ -11,7 +11,7 @@ services: - peering-manager-static-files:/opt/peering-manager/static:z - peering-manager-nginx-config:/etc/peering-manager/nginx:z peering-manager-worker: - image: peering-manager:latest + image: peeringmanager/peering-manager:latest entrypoint: - python3 - /opt/peering-manager/manage.py diff --git a/env/peering-manager.env b/env/peering-manager.env index 78e9fe0..ec29be2 100644 --- a/env/peering-manager.env +++ b/env/peering-manager.env @@ -15,21 +15,40 @@ EMAIL_USERNAME=peering-manager EMAIL_PASSWORD= EMAIL_TIMEOUT=5 EMAIL_FROM=peering-manager@bar.com +# EMAIL_SUBJECT_PREFIX= # EMAIL_USE_SSL and EMAIL_USE_TLS are mutually exclusive, i.e. they can't both be `true`! EMAIL_USE_SSL=false EMAIL_USE_TLS=false EMAIL_SSL_CERTFILE= EMAIL_SSL_KEYFILE= PEERINGDB_USERNAME= +# PEERINGDB_PASSWORD= NAPALM_USERNAME= NAPALM_PASSWORD= -NAPALM_TIMEOUT=10 +NAPALM_TIMEOUT=30 +# BGPQ3_PATH= +# BGPQ3_HOST= +# BGPQ3_SOURCES= +# NETBOX_API= +# NETBOX_API_TOKEN= +# NETBOX_API_THREADING= +# NETBOX_API_VERIFY_SSL= +# NETBOX_DEVICE_ROLES= +METRICS_ENABLED=False +SOFTDELETE_ENABLED=False +# SOFTDELETE_RETENTION= REDIS_HOST=redis REDIS_PASSWORD=VDMLLoJA8JnMLAxx +# Space separate list of sentinel hosts +# REDIS_SENTINELS= +REDIS_SENTINEL_SERVICE=default REDIS_DATABASE=0 REDIS_SSL=false REDIS_CACHE_HOST=redis REDIS_CACHE_PASSWORD=VDMLLoJA8JnMLAxx +# Space separate list of sentinel hosts +# REDIS_CACHE_SENTINELS= +REDIS_CACHE_SENTINEL_SERVICE=default REDIS_CACHE_DATABASE=1 REDIS_CACHE_SSL=false SKIP_STARTUP_SCRIPTS=false @@ -38,4 +57,6 @@ SUPERUSER_NAME=admin SUPERUSER_EMAIL=admin@bar.com SUPERUSER_PASSWORD=admin SUPERUSER_API_TOKEN=0123456789abcdef0123456789abcdef01234567 -RELEASE_CHECK_URL=https://api.github.com/repos/respawner/peering-manager/releases +PAGINATE_COUNT=50 +RELEASE_CHECK_URL=https://api.github.com/repos/peering-manager/peering-manager/releases +INTERNAL_IPS="127.0.0.1 ::1"