From af3c8cf29bc2acc99d73c663c51a806096f0758c Mon Sep 17 00:00:00 2001
From: Mike Crute <mike@crute.us>
Date: Mon, 12 Jul 2021 02:38:40 +0000
Subject: netbox: update to 2.11.9

---
 netbox/Makefile               |  2 +-
 netbox/config-patch1.diff     |  6 +++---
 netbox/config-patch2.diff     | 15 +++++++++------
 netbox/django-driver.py       |  8 ++++++++
 netbox/django-vault-client.py |  4 ++++
 5 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/netbox/Makefile b/netbox/Makefile
index ffe7e64..1fb4dad 100644
--- a/netbox/Makefile
+++ b/netbox/Makefile
@@ -1,4 +1,4 @@
-VERSION=2.10.3
+VERSION=2.11.9
 IMAGE=docker.crute.me/netbox:$(VERSION)
 LATEST=$(subst :$(VERSION),,$(IMAGE)):latest
 
diff --git a/netbox/config-patch1.diff b/netbox/config-patch1.diff
index be5b068..cc5c6d2 100644
--- a/netbox/config-patch1.diff
+++ b/netbox/config-patch1.diff
@@ -1,5 +1,5 @@
---- a/opt/netbox/netbox/netbox/configuration.py
-+++ b/opt/netbox/netbox/netbox/configuration.py
+--- a/opt/netbox/netbox/netbox/configuration.py	2021-07-11 22:24:55.365668931 +0000
++++ b/opt/netbox/netbox/netbox/configuration.py	2021-07-11 22:25:25.077103585 +0000
 @@ -4,11 +4,13 @@
  #                       #
  #########################
@@ -15,7 +15,7 @@
  
  # PostgreSQL database configuration. See the Django documentation for a complete list of available parameters:
  #   https://docs.djangoproject.com/en/stable/ref/settings/#databases
-@@ -51,7 +53,7 @@
+@@ -57,7 +59,7 @@
  # For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and
  # symbols. NetBox will not run without this defined. For more information, see
  # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
diff --git a/netbox/config-patch2.diff b/netbox/config-patch2.diff
index 5983cc1..69162e4 100644
--- a/netbox/config-patch2.diff
+++ b/netbox/config-patch2.diff
@@ -1,5 +1,5 @@
---- a/opt/netbox/netbox/netbox/configuration.py
-+++ b/opt/netbox/netbox/netbox/configuration.py
+--- a/opt/netbox/netbox/netbox/configuration.py	2021-07-11 22:24:55.365668931 +0000
++++ b/opt/netbox/netbox/netbox/configuration.py	2021-07-11 22:28:09.665982854 +0000
 @@ -4,21 +4,35 @@
  #                       #
  #########################
@@ -43,7 +43,7 @@
  }
  
  # Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate
-@@ -26,23 +40,23 @@
+@@ -26,26 +40,26 @@
  # to use two separate database IDs.
  REDIS = {
      'tasks': {
@@ -57,6 +57,9 @@
 -        'DATABASE': 0,
 +        'DATABASE': int(os.getenv("NETBOX_REDIS_TASK_DB")),
          'SSL': False,
+         # Set this to True to skip TLS certificate verification
+         # This can expose the connection to attacks, be careful
+         # 'INSECURE_SKIP_TLS_VERIFY': False,
      },
      'caching': {
 -        'HOST': 'localhost',
@@ -69,9 +72,9 @@
 -        'DATABASE': 1,
 +        'DATABASE': int(os.getenv("NETBOX_REDIS_CACHE_DB")),
          'SSL': False,
-     }
- }
-@@ -51,7 +65,14 @@
+         # Set this to True to skip TLS certificate verification
+         # This can expose the connection to attacks, be careful
+@@ -57,7 +71,14 @@
  # For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and
  # symbols. NetBox will not run without this defined. For more information, see
  # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
diff --git a/netbox/django-driver.py b/netbox/django-driver.py
index 65a9136..80bfa13 100644
--- a/netbox/django-driver.py
+++ b/netbox/django-driver.py
@@ -28,12 +28,20 @@ class DatabaseWrapper(OrigWrapper):
         self._vault_cache_lock = threading.Lock()
         self._vault_cred_cache = Credential.empty()
 
+    def close(self):
+        self._vault_cred_cache = Credential.empty()
+        super().close()
+
     def close_if_unusable_or_obsolete(self):
         super().close_if_unusable_or_obsolete()
 
         if self.connection is None:
             return
 
+        if not self.is_usable():
+            self.close()
+            return
+
         with self._vault_cache_lock:
             if not self._vault_cred_cache.is_valid:
                 self.close()
diff --git a/netbox/django-vault-client.py b/netbox/django-vault-client.py
index e699db3..85b5671 100644
--- a/netbox/django-vault-client.py
+++ b/netbox/django-vault-client.py
@@ -73,6 +73,10 @@ class SimpleVaultClient:
         url = parse.urljoin(self.base_url, parse.urljoin("/v1/", url))
         req = request.Request(url, headers=headers, data=data)
         res = request.urlopen(req, context=context)
+
+        if res.status != 200:
+            raise Exception("Failed to fetch credential from vault")
+
         return json.load(res)
 
     def get_kv_secret(self, path, key):
-- 
cgit v1.2.3