diff --git a/readme-vars.yml b/readme-vars.yml index 54a4376..e94b5dd 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -33,6 +33,12 @@ param_env_vars: - { env_var: "REDIS_HOST", env_value: "", desc: "Redis host (optional, default: redis)" } - { env_var: "REDIS_PORT", env_value: "", desc: "Redis port number (optional, default: 6379)" } - { env_var: "REDIS_PASSWORD", env_value: "", desc: "Redis password (optional, default: none)" } + - { env_var: "REMOTE_AUTH_ENABLED", env_value: "", desc: "Enable remote authentication (optional, default: False" } + - { env_var: "REMOTE_AUTH_BACKEND", env_value: "", desc: "Python path to the custom Django authentication backend to use for external user authentication (optional, default: netbox.authentication.RemoteUserBackend" } + - { env_var: "REMOTE_AUTH_HEADER", env_value: "", desc: "Name of the HTTP header which informs NetBox of the currently authenticated user. (optional, default: HTTP_REMOTE_USER" } + - { env_var: "REMOTE_AUTH_AUTO_CREATE_USER", env_value: "", desc: "If true, NetBox will automatically create local accounts for users authenticated via a remote service (optional, default: False" } + - { env_var: "REMOTE_AUTH_DEFAULT_GROUPS", env_value: "", desc: "The list of groups to assign a new user account when created using remote authentication (optional, default: []" } + - { env_var: "REMOTE_AUTH_DEFAULT_PERMISSIONS", env_value: "", desc: "A mapping of permissions to assign a new user account when created using remote authentication (optional, default: {}" } - { env_var: "TZ", env_value: "", desc: "Timezone (i.e., America/New_York)" } param_usage_include_ports: true @@ -46,5 +52,6 @@ app_setup_block: | # changelog changelogs: + - { date: "03.02.21:", desc: "Added remote authentication environment variables." } - { date: "02.01.21:", desc: "Added BASE_PATH environment variable." } - - { date: "23.08.20:", desc: "Initial Release." } + - { date: "23.08.20:", desc: "Initial Release." } \ No newline at end of file diff --git a/root/defaults/configuration.py b/root/defaults/configuration.py index e729675..78480c3 100644 --- a/root/defaults/configuration.py +++ b/root/defaults/configuration.py @@ -213,12 +213,12 @@ RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220 # Remote authentication support -REMOTE_AUTH_ENABLED = False -REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend' -REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER' -REMOTE_AUTH_AUTO_CREATE_USER = True -REMOTE_AUTH_DEFAULT_GROUPS = [] -REMOTE_AUTH_DEFAULT_PERMISSIONS = {} +REMOTE_AUTH_ENABLED = {{REMOTE_AUTH_ENABLED}} +REMOTE_AUTH_BACKEND = '{{REMOTE_AUTH_BACKEND}}' +REMOTE_AUTH_HEADER = '{{REMOTE_AUTH_HEADER}}' +REMOTE_AUTH_AUTO_CREATE_USER = {{REMOTE_AUTH_AUTO_CREATE_USER}} +REMOTE_AUTH_DEFAULT_GROUPS = {{REMOTE_AUTH_DEFAULT_GROUPS}} +REMOTE_AUTH_DEFAULT_PERMISSIONS = {{REMOTE_AUTH_DEFAULT_PERMISSIONS}} # This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour. RELEASE_CHECK_TIMEOUT = 24 * 3600 diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config index b990b8a..607ea66 100644 --- a/root/etc/cont-init.d/50-config +++ b/root/etc/cont-init.d/50-config @@ -13,6 +13,12 @@ NETBOX_CONF[DB_PORT]=${DB_PORT:-} NETBOX_CONF[REDIS_HOST]=${REDIS_HOST:-redis} NETBOX_CONF[REDIS_PORT]=${REDIS_PORT:-6379} NETBOX_CONF[REDIS_PASSWORD]=${REDIS_PASSWORD:-} +NETBOX_CONF[REMOTE_AUTH_ENABLED]=${REMOTE_AUTH_ENABLED:-False} +NETBOX_CONF[REMOTE_AUTH_BACKEND]=${REMOTE_AUTH_BACKEND:-netbox.authentication.RemoteUserBackend} +NETBOX_CONF[REMOTE_AUTH_HEADER]=${REMOTE_AUTH_HEADER:-HTTP_REMOTE_USER} +NETBOX_CONF[REMOTE_AUTH_AUTO_CREATE_USER]=${REMOTE_AUTH_AUTO_CREATE_USER:-False} +NETBOX_CONF[REMOTE_AUTH_DEFAULT_GROUPS]=${REMOTE_AUTH_DEFAULT_GROUPS:-[]} +NETBOX_CONF[REMOTE_AUTH_DEFAULT_PERMISSIONS]=${REMOTE_AUTH_DEFAULT_PERMISSIONS:-{}} cd /app/netbox/netbox/netbox NETBOX_CONF[SECRET_KEY]=${SECRET_KEY:-$(python3 ../generate_secret_key.py)}