diff options
author | Mike Crute <mike@crute.us> | 2022-12-05 21:18:50 -0800 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2022-12-05 21:18:50 -0800 |
commit | 2140cdadde6cb657441b8469ea03cc968047ee30 (patch) | |
tree | 81bb3ee872b627dcb6f6058a0b6dacc50f1a7764 | |
parent | 1b297be993b39c38a29f2d4a512fe8f3a9b3cacf (diff) | |
download | dockerfiles-2140cdadde6cb657441b8469ea03cc968047ee30.tar.bz2 dockerfiles-2140cdadde6cb657441b8469ea03cc968047ee30.tar.xz dockerfiles-2140cdadde6cb657441b8469ea03cc968047ee30.zip |
netbox: carry different django patch
-rw-r--r-- | netbox/Dockerfile | 12 | ||||
-rw-r--r-- | netbox/Makefile | 5 | ||||
-rw-r--r-- | netbox/configuration.py | 4 | ||||
-rw-r--r-- | netbox/django.patch | 27 | ||||
-rw-r--r-- | netbox/settings.patch | 10 |
5 files changed, 39 insertions, 19 deletions
diff --git a/netbox/Dockerfile b/netbox/Dockerfile index 3b63944..0ca36fa 100644 --- a/netbox/Dockerfile +++ b/netbox/Dockerfile | |||
@@ -4,7 +4,7 @@ LABEL maintainer="Mike Crute <mike@crute.us>" | |||
4 | ARG netbox_version | 4 | ARG netbox_version |
5 | 5 | ||
6 | ADD configuration.py /configuration.py | 6 | ADD configuration.py /configuration.py |
7 | ADD settings.patch /settings.patch | 7 | ADD django.patch /django.patch |
8 | 8 | ||
9 | RUN set -euxo pipefail; \ | 9 | RUN set -euxo pipefail; \ |
10 | \ | 10 | \ |
@@ -30,17 +30,17 @@ RUN set -euxo pipefail; \ | |||
30 | rm "v${netbox_version}.tar.gz"; \ | 30 | rm "v${netbox_version}.tar.gz"; \ |
31 | mv /opt/netbox-${netbox_version}/ /opt/netbox/; \ | 31 | mv /opt/netbox-${netbox_version}/ /opt/netbox/; \ |
32 | \ | 32 | \ |
33 | cd /; \ | ||
34 | mv /configuration.py /opt/netbox/netbox/netbox/configuration.py; \ | ||
35 | patch -p1 < /settings.patch; rm /settings.patch; \ | ||
36 | \ | ||
37 | addgroup -S netbox; \ | 33 | addgroup -S netbox; \ |
38 | adduser -S -G netbox netbox; \ | 34 | adduser -S -G netbox netbox; \ |
39 | chown -R netbox:netbox /opt/netbox/netbox/media; \ | 35 | chown -R netbox:netbox /opt/netbox/netbox/media; \ |
40 | \ | 36 | \ |
41 | cd /opt/netbox; \ | 37 | cd /opt/netbox; \ |
42 | pip3 install -r requirements.txt; \ | 38 | pip3 install -r requirements.txt; \ |
43 | pip3 install django-postgresql-setrole; \ | 39 | \ |
40 | cd /; \ | ||
41 | mv /configuration.py /opt/netbox/netbox/netbox/configuration.py; \ | ||
42 | patch -p1 < /django.patch; rm /django.patch; \ | ||
43 | cd /opt/netbox; \ | ||
44 | \ | 44 | \ |
45 | export NETBOX_SECRET_KEY="testing key for running the build"; \ | 45 | export NETBOX_SECRET_KEY="testing key for running the build"; \ |
46 | export NETBOX_DB_PORT="0"; \ | 46 | export NETBOX_DB_PORT="0"; \ |
diff --git a/netbox/Makefile b/netbox/Makefile index f572b39..2c15f43 100644 --- a/netbox/Makefile +++ b/netbox/Makefile | |||
@@ -1,6 +1,7 @@ | |||
1 | VERSION=3.3.9 | 1 | VERSION=3.3.9 |
2 | IMAGE=docker.crute.me/netbox:$(VERSION) | 2 | VERSION_TAG=$(VERSION)-1 |
3 | LATEST=$(subst :$(VERSION),,$(IMAGE)):latest | 3 | IMAGE=docker.crute.me/netbox:$(VERSION_TAG) |
4 | LATEST=$(subst :$(VERSION_TAG),,$(IMAGE)):latest | ||
4 | 5 | ||
5 | all: | 6 | all: |
6 | #docker pull alpine:latest | 7 | #docker pull alpine:latest |
diff --git a/netbox/configuration.py b/netbox/configuration.py index 9abd2aa..74d7a15 100644 --- a/netbox/configuration.py +++ b/netbox/configuration.py | |||
@@ -8,8 +8,10 @@ DATABASE = { | |||
8 | 'PORT': int(os.getenv("NETBOX_DB_PORT")), | 8 | 'PORT': int(os.getenv("NETBOX_DB_PORT")), |
9 | 'USER': os.getenv("NETBOX_DB_USERNAME"), | 9 | 'USER': os.getenv("NETBOX_DB_USERNAME"), |
10 | 'PASSWORD': os.getenv("NETBOX_DB_PASSWORD"), | 10 | 'PASSWORD': os.getenv("NETBOX_DB_PASSWORD"), |
11 | 'SET_ROLE': os.getenv("NETBOX_SET_ROLE"), | ||
12 | 'CONN_MAX_AGE': 300, | 11 | 'CONN_MAX_AGE': 300, |
12 | 'OPTIONS': { | ||
13 | 'role': os.getenv("NETBOX_SET_ROLE"), | ||
14 | } | ||
13 | } | 15 | } |
14 | 16 | ||
15 | REDIS = { | 17 | REDIS = { |
diff --git a/netbox/django.patch b/netbox/django.patch new file mode 100644 index 0000000..2cb8d76 --- /dev/null +++ b/netbox/django.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | --- a/usr/lib/python3.10/site-packages/django/db/backends/postgresql/base.py 21:41:07.000000000 -0800 | ||
2 | +++ b/usr/lib/python3.10/site-packages/django/db/backends/postgresql/base.py 19:52:18.092424193 -0800 | ||
3 | @@ -187,6 +187,7 @@ | ||
4 | else: | ||
5 | conn_params = {**settings_dict["OPTIONS"]} | ||
6 | |||
7 | + conn_params.pop("role", None) | ||
8 | conn_params.pop("isolation_level", None) | ||
9 | if settings_dict["USER"]: | ||
10 | conn_params["user"] = settings_dict["USER"] | ||
11 | @@ -244,6 +245,16 @@ | ||
12 | if not self.get_autocommit(): | ||
13 | self.connection.commit() | ||
14 | |||
15 | + # Set the role on the connection. This is useful if the | ||
16 | + # credential used to login is not the same as the role that | ||
17 | + # owns database resources. This scenario can occur when using | ||
18 | + # temporary credentials generated by an external system like | ||
19 | + # Vault. | ||
20 | + options = self.settings_dict["OPTIONS"] | ||
21 | + if options["role"]: | ||
22 | + with self.connection.cursor() as cursor: | ||
23 | + cursor.execute("SET ROLE %s", (options["role"],)) | ||
24 | + | ||
25 | @async_unsafe | ||
26 | def create_cursor(self, name=None): | ||
27 | if name: | ||
diff --git a/netbox/settings.patch b/netbox/settings.patch deleted file mode 100644 index 1141d64..0000000 --- a/netbox/settings.patch +++ /dev/null | |||
@@ -1,10 +0,0 @@ | |||
1 | --- a/opt/netbox/netbox/netbox/settings.py 2022-11-30 13:14:00.000000000 -0800 | ||
2 | +++ b/opt/netbox/netbox/netbox/settings.py 2022-12-04 21:35:52.779482819 -0800 | ||
3 | @@ -302,6 +302,7 @@ | ||
4 | # | ||
5 | |||
6 | INSTALLED_APPS = [ | ||
7 | + 'postgresql_setrole', | ||
8 | 'django.contrib.admin', | ||
9 | 'django.contrib.auth', | ||
10 | 'django.contrib.contenttypes', | ||