lucaspalomodevelop/netbox-acls
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/netbox-acls.git synced 2026-03-12 23:27:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #68 from ryanmerolle/1.0.1

Browse Source 
1.0.1
This commit is contained in:
Ryan Merolle 2022-10-07 14:39:48 -04:00 committed by GitHub
commit e5f4b92f57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
58 changed files with 624 additions and 195 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
.devcontainer/Dockerfile-plugin_dev
View File

@ -1,10 +1,13 @@
ARG VARIANT=v3.2-2.1.0
ARG NETBOX_VARIANT=v3.2
FROM netboxcommunity/netbox:${VARIANT}
FROM netboxcommunity/netbox:${NETBOX_VARIANT}
ARG NETBOX_INITIALIZERS_VARIANT=3.2.3
ARG DEBIAN_FRONTEND=noninteractive
# Install APT packages
# hadolint ignore=DL3008
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
&& apt-get -y install --no-install-recommends curl git make openssh-client python3.10-dev sudo wget zsh \
&& apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/*
@ -18,7 +21,7 @@ ARG USERNAME=vscode
ARG USER_UID=1000
ARG USER_GID=$USER_UID
RUN useradd -md /home/vscode -s /usr/bin/zsh -u $USER_UID $USERNAME \
RUN useradd -l -md /home/vscode -s /usr/bin/zsh -u $USER_UID $USERNAME \
&& usermod -aG sudo $USERNAME \
&& echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers \
&& mkdir /opt/netbox/netbox/netbox-acls \
@ -26,14 +29,18 @@ RUN useradd -md /home/vscode -s /usr/bin/zsh -u $USER_UID $USERNAME \
USER $USERNAME
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Add oh my zsh
RUN wget --quiet https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | zsh || true
COPY .bashrc /home/vscode/.bashrc
COPY .zshrc /home/vscode/.zshrc
RUN /opt/netbox/venv/bin/pip install --no-warn-script-location netbox-initializers==${NETBOX_INITIALIZERS_VARIANT}
WORKDIR /opt/netbox/netbox/netbox-acls
# hadolint ignore=DL3002
USER root
COPY entrypoint-dev.sh /bin/entrypoint-dev.sh

4
.devcontainer/configuration/plugins.py
View File

@ -5,9 +5,11 @@
# See https://github.com/netbox-community/netbox-docker/wiki/Using-Netbox-Plugins
PLUGINS = [
"netbox_initializers", # Loads demo data
"netbox_acls",
]
PLUGINS_CONFIG = {
PLUGINS_CONFIG = { # type: ignore
"netbox_initializers": {},
"netbox_acls": {},
}

6
.devcontainer/devcontainer.json
View File

@ -44,6 +44,10 @@
"python.linting.banditPath": "/opt/netbox/venv/bin/bandit",
"python.linting.enabled": true,
"python.linting.flake8Path": "/opt/netbox/venv/bin/flake8",
"python.linting.flake8Args": [
"--max-line-length=160",
"--ignore=E203"
],
"python.linting.mypyPath": "//opt/netbox/venv/bin/mypy",
"python.linting.pycodestylePath": "/opt/netbox/venv/bin/pycodestyle",
"python.linting.pydocstylePath": "/opt/netbox/venv/bin/pydocstyle",
@ -57,6 +61,7 @@
],
"python.linting.pylintEnabled": true,
"python.linting.pylintPath": "/opt/netbox/venv/bin/pylint",
"python.linting.lintOnSave": true,
"python.pythonPath": "/opt/netbox/venv/bin/python3",
"python.terminal.activateEnvironment": true,
"python.venvPath": "/opt/netbox/",
@ -83,6 +88,7 @@
"ms-python.python",
"ms-python.vscode-pylance",
"mutantdino.resourcemonitor",
"paulomenezes.duplicated-code",
"searKing.preview-vscode",
"sourcery.sourcery"
]

1
.devcontainer/initializers/aggregates.yml
View File

@ -1,4 +1,3 @@
---
- prefix: 10.0.0.0/16
rir: RFC1918
tenant: tenant1

1
.devcontainer/initializers/asns.yml
View File

@ -1,4 +1,3 @@
---
- asn: 1
rir: RFC1918
tenant: tenant1

71
.devcontainer/initializers/cables.yml Normal file
View File

@ -0,0 +1,71 @@
# Required parameters for termination X ('a' or 'b'):
#
# ```
# termination_x_name -> name of interface
# termination_x_device -> name of the device interface belongs to
# termination_x_class -> required if different than 'Interface' which is the default
# ```
#
# Supported termination classes: Interface, ConsolePort, ConsoleServerPort, FrontPort, RearPort, PowerPort, PowerOutlet
#
#
# If a termination is a circuit then the required parameter is termination_x_circuit.
# Required parameters for a circuit termination:
#
# ```
# termination_x_circuit:
# term_side -> termination side of a circuit. Must be A or B
# cid -> circuit ID value
# site OR provider_network -> name of Site or ProviderNetwork respectively. If both provided, Site takes precedence
# ```
#
# If a termination is a power feed then the required parameter is termination_x_feed.
#
# ```
# termination_x_feed:
# name -> name of the PowerFeed object
# power_panel:
# name -> name of the PowerPanel the PowerFeed is attached to
# site -> name of the Site in which the PowerPanel is present
# ```
#
# Any other Cable parameters supported by Netbox are supported as the top level keys, e.g. 'type', 'status', etc.
#
# - termination_a_name: console
# termination_a_device: spine
# termination_a_class: ConsolePort
# termination_b_name: tty9
# termination_b_device: console-server
# termination_b_class: ConsoleServerPort
# type: cat6
#
- termination_a_name: to-server02
termination_a_device: server01
termination_b_name: to-server01
termination_b_device: server02
status: planned
type: mmf
- termination_a_name: eth0
termination_a_device: server02
termination_b_circuit:
term_side: A
cid: Circuit_ID-1
site: AMS 1
type: cat6
- termination_a_name: psu0
termination_a_device: server04
termination_a_class: PowerPort
termination_b_feed:
name: power feed 1
power_panel:
name: power panel AMS 1
site: AMS 1
- termination_a_name: outlet1
termination_a_device: server04
termination_a_class: PowerOutlet
termination_b_name: psu1
termination_b_device: server04
termination_b_class: PowerPort

1
.devcontainer/initializers/circuit_types.yml
View File

@ -1,4 +1,3 @@
---
- name: VPLS
slug: vpls
- name: MPLS

1
.devcontainer/initializers/circuits.yml
View File

@ -1,4 +1,3 @@
---
- cid: Circuit_ID-1
provider: Provider1
type: Internet

1
.devcontainer/initializers/cluster_groups.yml
View File

@ -1,4 +1,3 @@
---
- name: Group 1
slug: group-1
- name: Group 2

1
.devcontainer/initializers/cluster_types.yml
View File

@ -1,3 +1,2 @@
---
- name: Hyper-V
slug: hyper-v

1
.devcontainer/initializers/clusters.yml
View File

@ -1,4 +1,3 @@
---
- name: cluster1
type: Hyper-V
group: Group 1

7
.devcontainer/initializers/contact_groups.yml Normal file
View File

@ -0,0 +1,7 @@
- name: Network-Team
slug: network-team
description: This is a new contact group for the Network-Team
- name: New Contact Group
slug: new-contact-group
description: This is a new contact group sub under of Network-Team
parent: Network-Team

3
.devcontainer/initializers/contact_roles.yml Normal file
View File

@ -0,0 +1,3 @@
- name: New Contact Role
slug: new-contact-role
description: This is a new contact role description

20
.devcontainer/initializers/contacts.yml Normal file
View File

@ -0,0 +1,20 @@
- name: Lee Widget
title: CEO of Widget Corp
phone: 221-555-1212
email: widgetCEO@widgetcorp.com
address: 1200 Nowhere Blvd, Scranton NJ, 555111
comments: This is a very important contact
- name: Ali Gator
group: Network-Team
title: Consultant for Widget Corp
phone: 221-555-1213
email: Consultant@widgetcorp.com
address: 1200 Nowhere Blvd, Scranton NJ, 555111
comments: This is a very important contact
- name: Karlchen Maier
group: New Contact Group
title: COO of Widget Corp
phone: 221-555-1214
email: Karlchen@widgetcorp.com
address: 1200 Nowhere Blvd, Scranton NJ, 555111
comments: This is a very important contact

117
.devcontainer/initializers/custom_fields.yml Normal file
View File

@ -0,0 +1,117 @@
## Possible Choices:
## type:
## - text
## - integer
## - boolean
## - date
## - url
## - select
## - multiselect
## - object
## - multiobject
## filter_logic:
## - disabled
## - loose
## - exact
##
## Examples:
text_field:
type: text
label: Custom Text
description: Enter text in a text field.
required: false
weight: 0
on_objects:
- dcim.models.Device
- dcim.models.Rack
- dcim.models.Site
- dcim.models.DeviceType
- ipam.models.IPAddress
- ipam.models.Prefix
- tenancy.models.Tenant
- virtualization.models.VirtualMachine
integer_field:
type: integer
label: Custom Number
description: Enter numbers into an integer field.
required: true
filter_logic: loose
validation_minimum: 0
validation_maximum: 255
weight: 10
on_objects:
- tenancy.models.Tenant
select_field:
type: select
label: Choose between items
required: false
filter_logic: exact
weight: 30
default: First Item
on_objects:
- dcim.models.Device
choices:
- First Item
- Second Item
- Third Item
- Fifth Item
- Fourth Item
select_field_legacy_format:
type: select
label: Choose between items
required: false
filter_logic: loose
weight: 30
on_objects:
- dcim.models.Device
choices:
- value: A # this is the deprecated format.
- value: B # we only use it for the tests.
- value: C # please see above for the new format.
- value: "D like deprecated"
weight: 999
- value: E
boolean_field:
type: boolean
label: Yes Or No?
required: true
filter_logic: loose
default: "false" # important: put "false" in quotes!
weight: 90
on_objects:
- dcim.models.Device
url_field:
type: url
label: Hyperlink
description: Link to something nice.
required: true
filter_logic: disabled
validation_regex: ^https://
on_objects:
- tenancy.models.Tenant
date_field:
type: date
label: Important Date
required: false
filter_logic: disabled
on_objects:
- dcim.models.Device
multiobject_field:
type: multiobject
label: Related Objects
description: IP addresses that belong to this location
required: true
filter_logic: loose
on_objects:
- dcim.models.Location
object_type: ipam.models.IPAddress
object_field:
type: object
label: ASN
description: This device has an ASN now
required: false
filter_logic: loose
on_objects:
- dcim.models.Device
object_type: ipam.models.ASN

21
.devcontainer/initializers/custom_links.yml Normal file
View File

@ -0,0 +1,21 @@
## Possible Choices:
## new_window:
## - True
## - False
## content_type:
## - device
## - site
## - any-other-content-type
##
## Examples:
- name: link_to_repo
link_text: 'Link to Netbox Docker'
link_url: 'https://github.com/netbox-community/netbox-docker'
new_window: False
content_type: device
- name: link_to_localhost
link_text: 'Link to localhost'
link_url: 'http://localhost'
new_window: True
content_type: device

9
.devcontainer/initializers/dcim_interfaces.yml
View File

@ -1,9 +0,0 @@
---
- device: server01
enabled: true
type: virtual
name: to-server02
- device: server02
enabled: true
type: virtual
name: to-server01

1
.devcontainer/initializers/device_roles.yml
View File

@ -1,4 +1,3 @@
---
- name: switch
slug: switch
color: Grey

43
.devcontainer/initializers/device_types.yml
View File

@ -1,16 +1,57 @@
---
- model: Model 1
manufacturer: Manufacturer 1
slug: model-1
u_height: 2
custom_field_data:
text_field: Description
- model: Model 2
manufacturer: Manufacturer 1
slug: model-2
custom_field_data:
text_field: Description
- model: Model 3
manufacturer: Manufacturer 1
slug: model-3
is_full_depth: false
u_height: 0
custom_field_data:
text_field: Description
- model: Other
manufacturer: No Name
slug: other
custom_field_data:
text_field: Description
interfaces:
- name: eth0
type: 1000base-t
mgmt_only: True
- name: eth1
type: 1000base-t
console_server_ports:
- name_template: ttyS[1-48]
type: rj-45
power_ports:
- name_template: psu[0,1]
type: iec-60320-c14
maximum_draw: 35
allocated_draw: 35
front_ports:
- name_template: front[1,2]
type: 8p8c
rear_port_template: rear[0,1]
rear_port_position_template: "[1,2]"
rear_ports:
- name_template: rear[0,1]
type: 8p8c
positions_template: "[3,2]"
device_bays:
- name: bay0 # both non-template and template field specified; non-template field takes precedence
name_template: bay[0-9]
label: test0
label_template: test[0-5,9,6-8]
description: Test description
power_outlets:
- name_template: outlet[0,1]
type: iec-60320-c5
power_port: psu0
feed_leg: B

24
.devcontainer/initializers/devices.yml
View File

@ -1,4 +1,18 @@
---
## Possible Choices:
## face:
## - front
## - rear
## status:
## - offline
## - active
## - planned
## - staged
## - failed
## - inventory
## - decommissioning
##
## Examples:
- name: server01
device_role: server
device_type: Other
@ -6,6 +20,8 @@
rack: rack-01
face: front
position: 1
custom_field_data:
text_field: Description
- name: server02
device_role: server
device_type: Other
@ -15,6 +31,8 @@
position: 2
primary_ip4: 10.1.1.2/24
primary_ip6: 2001:db8:a000:1::2/64
custom_field_data:
text_field: Description
- name: server03
device_role: server
device_type: Other
@ -22,6 +40,8 @@
rack: rack-03
face: front
position: 3
custom_field_data:
text_field: Description
- name: server04
device_role: server
device_type: Other
@ -29,3 +49,5 @@
location: cage 101
face: front
position: 3
custom_field_data:
text_field: Description

19
.devcontainer/initializers/groups.yml
View File

@ -1,10 +1,9 @@
---
# applications:
# users:
# - technical_user
# readers:
# users:
# - reader
# writers:
# users:
# - writer
applications:
users:
- technical_user
readers:
users:
- reader
writers:
users:
- writer

35
.devcontainer/initializers/interfaces.yml Normal file
View File

@ -0,0 +1,35 @@
## Possible Choices:
## type:
## - virtual
## - lag
## - 1000base-t
## - ... and many more. See for yourself:
## https://github.com/netbox-community/netbox/blob/295d4f0394b431351c0cb2c3ecc791df68c6c2fb/netbox/dcim/choices.py#L510
##
## Examples:
- device: server01
name: ath0
type: 1000base-t
lag: ae0
bridge: br0
- device: server01
name: ath1
type: 1000base-t
parent: ath0
- device: server01
enabled: true
type: 1000base-x-sfp
name: to-server02
- device: server02
enabled: true
type: 1000base-x-sfp
name: to-server01
- device: server02
enabled: true
type: 1000base-t
name: eth0
- device: server02
enabled: true
type: virtual
name: loopback

19
.devcontainer/initializers/ip_addresses.yml
View File

@ -1,4 +1,21 @@
---
## Possible Choices:
## status:
## - active
## - reserved
## - deprecated
## - dhcp
## role:
## - loopback
## - secondary
## - anycast
## - vip
## - vrrp
## - hsrp
## - glbp
## - carp
##
## Examples:
- address: 10.1.1.1/24
device: server01
interface: to-server02

1
.devcontainer/initializers/locations.yml
View File

@ -1,4 +1,3 @@
---
- name: cage 101
slug: cage-101
site: SING 1

1
.devcontainer/initializers/manufacturers.yml
View File

@ -1,4 +1,3 @@
---
- name: Manufacturer 1
slug: manufacturer-1
- name: Manufacturer 2

109
.devcontainer/initializers/object_permissions.yml
View File

@ -1,49 +1,60 @@
---
# all.ro:
# actions:
# - view
# description: 'Read Only for All Objects'
# enabled: true
# groups:
# - applications
# - readers
# object_types: all
# users:
# - jdoe
# all.rw:
# actions:
# - add
# - change
# - delete
# - view
# description: 'Read/Write for All Objects'
# enabled: true
# groups:
# - writers
# object_types: all
# network_team.rw:
# actions:
# - add
# - change
# - delete
# - view
# description: "Network Team Permissions"
# enabled: true
# object_types:
# circuits:
# - circuit
# - circuittermination
# - circuittype
# - provider
# dcim: all
# ipam:
# - aggregate
# - ipaddress
# - prefix
# - rir
# - role
# - routetarget
# - service
# - vlan
# - vlangroup
# - vrf
all.ro:
actions:
- view
description: 'Read Only for All Objects'
enabled: true
groups:
- applications
- readers
object_types: all
users:
- jdoe
all.rw:
actions:
- add
- change
- delete
- view
description: 'Read/Write for All Objects'
enabled: true
groups:
- writers
object_types: all
network_team.rw:
actions:
- add
- change
- delete
- view
description: "Network Team Permissions"
enabled: true
object_types:
circuits:
- circuit
- circuittermination
- circuittype
- provider
dcim: all
ipam:
- aggregate
- ipaddress
- prefix
- rir
- role
- routetarget
- service
- vlan
- vlangroup
- vrf
vips.change:
actions:
- change
description: "Update VIP object permission"
enabled: true
object_types:
ipam:
- ipaddress
groups:
- devops
constraints:
role: vip

1
.devcontainer/initializers/platforms.yml
View File

@ -1,4 +1,3 @@
---
- name: Platform 1
slug: platform-1
manufacturer: Manufacturer 1

1
.devcontainer/initializers/power_feeds.yml
View File

@ -1,4 +1,3 @@
---
- name: power feed 1
power_panel: power panel AMS 1
voltage: 208

1
.devcontainer/initializers/power_panels.yml
View File

@ -1,4 +1,3 @@
---
- name: power panel AMS 1
site: AMS 1
- name: power panel SING 1

1
.devcontainer/initializers/prefix_vlan_roles.yml
View File

@ -1,3 +1,2 @@
---
- name: Main Management
slug: main-management

18
.devcontainer/initializers/prefixes.yml
View File

@ -1,4 +1,12 @@
---
## Possible Choices:
## status:
## - container
## - active
## - reserved
## - deprecated
##
## Examples:
- description: prefix1
prefix: 10.1.1.0/24
site: AMS 1
@ -19,11 +27,3 @@
status: active
tenant: tenant2
vlan: vlan2
- description: prefix3
prefix: 192.168.1.0/24
site: AMS 1
status: active
- description: prefix4
prefix: 192.168.11.0/24
site: AMS 2
status: active

1
.devcontainer/initializers/providers.yml
View File

@ -1,4 +1,3 @@
---
- name: Provider1
slug: provider1
asn: 121

1
.devcontainer/initializers/rack_roles.yml
View File

@ -1,4 +1,3 @@
---
- name: Role 1
slug: role-1
color: Pink

23
.devcontainer/initializers/racks.yml
View File

@ -1,16 +1,35 @@
---
## Possible Choices:
## width:
## - 19
## - 23
## types:
## - 2-post-frame
## - 4-post-frame
## - 4-post-cabinet
## - wall-frame
## - wall-cabinet
## outer_unit:
## - mm
## - in
##
## Examples:
- site: AMS 1
name: rack-01
role: Role 1
type: 4-post-cabinet
width: 19
u_height: 47
custom_field_data:
text_field: Description
- site: AMS 2
name: rack-02
role: Role 2
type: 4-post-cabinet
width: 19
u_height: 47
custom_field_data:
text_field: Description
- site: SING 1
name: rack-03
location: cage 101
@ -18,3 +37,5 @@
type: 4-post-cabinet
width: 19
u_height: 47
custom_field_data:
text_field: Description

1
.devcontainer/initializers/regions.yml
View File

@ -1,4 +1,3 @@
---
- name: Singapore
slug: singapore
- name: Amsterdam

1
.devcontainer/initializers/rirs.yml
View File

@ -1,4 +1,3 @@
---
- is_private: true
name: RFC1918
slug: rfc1918

1
.devcontainer/initializers/route_targets.yml
View File

@ -1,4 +1,3 @@
---
- name: 65000:1001
tenant: tenant1
- name: 65000:1002

1
.devcontainer/initializers/services.yml
View File

@ -1,4 +1,3 @@
---
- name: DNS
protocol: TCP
ports:

9
.devcontainer/initializers/sites.yml
View File

@ -1,23 +1,30 @@
---
- name: AMS 1
slug: ams1
region: Downtown
status: active
facility: Amsterdam 1
custom_field_data:
text_field: Description for AMS1
- name: AMS 2
slug: ams2
region: Downtown
status: active
facility: Amsterdam 2
custom_field_data:
text_field: Description for AMS2
- name: AMS 3
slug: ams3
region: Suburbs
status: active
facility: Amsterdam 3
tenant: tenant1
custom_field_data:
text_field: Description for AMS3
- name: SING 1
slug: sing1
region: Singapore
status: active
facility: Singapore 1
tenant: tenant2
custom_field_data:
text_field: Description for SING1

1
.devcontainer/initializers/tags.yml
View File

@ -1,4 +1,3 @@
---
- name: Tag 1
slug: tag-1
color: Pink

1
.devcontainer/initializers/tenant_groups.yml
View File

@ -1,4 +1,3 @@
---
- name: Tenant Group 1
slug: tenant-group-1
- name: Tenant Group 2

1
.devcontainer/initializers/tenants.yml
View File

@ -1,4 +1,3 @@
---
- name: tenant1
slug: tenant1
- name: tenant2

17
.devcontainer/initializers/users.yml
View File

@ -1,7 +1,12 @@
---
admin:
api_token: 0123456789admin789abcdef01234567admin
technical_user:
api_token: "" # a token is generated automatically unless the value is explicity set to empty
reader:
api_token: "" # a token is generated automatically unless the value is explicity set to empty
writer:
api_token: "" # a token is generated automatically unless the value is explicity set to empty
jdoe:
first_name: John
last_name: Doe
is_active: True
is_staff: True
is_superuser: True
password: admin
is_superuser: False
is_staff: False

9
.devcontainer/initializers/virtual_machines.yml
View File

@ -1,4 +1,11 @@
---
## Possible Choices:
## status:
## - active
## - offline
## - staged
##
## Examples:
- cluster: cluster1
comments: VM1
disk: 200

1
.devcontainer/initializers/virtualization_interfaces.yml
View File

@ -1,4 +1,3 @@
---
- description: Network Interface 1
enabled: true
mac_address: 00:77:77:77:77:77

1
.devcontainer/initializers/vlan_groups.yml
View File

@ -1,4 +1,3 @@
---
- name: VLAN group 1
scope_type: dcim.region
scope: Amsterdam

9
.devcontainer/initializers/vlans.yml
View File

@ -1,4 +1,11 @@
---
## Possible Choices:
## status:
## - active
## - reserved
## - deprecated
##
## Examples:
- name: vlan1
site: AMS 1
status: active

1
.devcontainer/initializers/vrfs.yml
View File

@ -1,4 +1,3 @@
---
- enforce_unique: true
name: vrf1
tenant: tenant1

12
.devcontainer/initializers/webhooks.yml
View File

@ -1,4 +1,14 @@
---
## Possible Choices:
## object_types:
## - device
## - site
## - any-other-content-type
## types:
## - type_create
## - type_update
## - type_delete
## Examples:
- name: device_creation
payload_url: 'http://localhost:8080'
object_types:

8
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,8 @@
version: 2
updates:
- package-ecosystem: pip
directory: "/"
schedule:
interval: daily
time: "04:00"
open-pull-requests-limit: 10

3
.github/linters/.flake8 vendored Normal file
View File

@ -0,0 +1,3 @@
[flake8]
max-line-length = 160
extend-ignore = E203

8
.github/linters/.isort.cfg vendored Normal file
View File

@ -0,0 +1,8 @@
[settings]
profile = black
; vertical hanging indent mode also used in black configuration
multi_line_output = 3
; necessary because black expect the trailing comma
include_trailing_comma = true

2
.isort.cfg
View File

@ -1,5 +1,5 @@
[settings]
profile = "black"
profile = black
; vertical hanging indent mode also used in black configuration
multi_line_output = 3

22
.pre-commit-config.yaml
View File

@ -18,12 +18,12 @@ repos:
args:
- "--profile=black"
- repo: https://github.com/psf/black
rev: 22.6.0
rev: 22.10.0
hooks:
- id: black
language_version: python3
- repo: https://github.com/asottile/add-trailing-comma
rev: v2.2.3
rev: v2.3.0
hooks:
- id: add-trailing-comma
args:
@ -33,7 +33,7 @@ repos:
hooks:
- id: flake8
- repo: https://github.com/asottile/pyupgrade
rev: v2.37.3
rev: v3.0.0
hooks:
- id: pyupgrade
args:
@ -43,16 +43,16 @@ repos:
# hooks:
# - id: yamllint
- repo: https://github.com/psf/black
rev: 22.6.0
rev: 22.10.0
hooks:
- id: black
- repo: https://github.com/Lucas-C/pre-commit-hooks-nodejs
rev: v1.1.2
hooks:
- id: htmlhint
args: [--config, .htmlhintrc]
#- repo: https://github.com/Lucas-C/pre-commit-hooks-nodejs
# rev: v1.1.2
# hooks:
# - id: htmlhint
# args: [--config, .htmlhintrc]
- repo: https://github.com/igorshubovych/markdownlint-cli
rev: v0.32.1
rev: v0.32.2
hooks:
- id: markdownlint
#- repo: local
@ -62,4 +62,4 @@ repos:
# entry: wily diff
# verbose: true
# language: python
# additional_dependencies: [wily]
# additional_dependencies: [wily]

10
Makefile
View File

@ -34,6 +34,14 @@ setup:
-${VENV_PY_PATH} -m pip install --disable-pip-version-check --no-cache-dir -e ${REPO_PATH}
#-python3 setup.py develop
.PHONY: example_initializers ## Run initializers
example_initializers:
-${VENV_PY_PATH} ${NETBOX_MANAGE_PATH} copy_initializers_examples --path /opt/netbox/netbox/netbox-acls/.devcontainer/initializers
.PHONY: load_initializers ## Run initializers
load_initializers:
-${VENV_PY_PATH} ${NETBOX_MANAGE_PATH} load_initializer_data --path /opt/netbox/netbox/netbox-acls/.devcontainer/initializers
.PHONY: makemigrations ## Run makemigrations
makemigrations:
-${VENV_PY_PATH} ${NETBOX_MANAGE_PATH} makemigrations --name ${PLUGIN_NAME}
@ -55,7 +63,7 @@ start:
- cd /opt/netbox/netbox/ && /opt/netbox/docker-entrypoint.sh && /opt/netbox/launch-netbox.sh
.PHONY: all ## Run all PLUGIN DEV targets
all: setup makemigrations migrate collectstatic startup_scripts start
all: setup makemigrations migrate collectstatic start
#.PHONY: test
#test:

18
README.md
View File

@ -1,6 +1,16 @@
# netbox-acls
# NetBox Access Lists Plugin
A NetBox plugin for Access List management
A [Netbox](https://github.com/netbox-community/netbox) plugin for Access List management.
## Features
This plugin provides the following models:
- Access Lists
- Access List to Interface Assignment
- Access List Rules (abstract model bassis for other rules)
- Access List Standard Rules
- Access List Extended Rules
## Origin
@ -15,11 +25,11 @@ This project just looks to build on top of this framework and model presented.
## Compatibility
This plugin was first developed using 3.2.5, and tested with all of 3.2.0.
This plugin was first developed using 3.2.5, and tested with all of 3.2.
| NetBox Version | Plugin Version |
|----------------|----------------|
| 3.2 | 1.0.0 |
| 3.2 | 1.0.1 |
| 3.3 | TBD |
## Installing

69
netbox_acls/forms/models.py
View File

@ -176,18 +176,18 @@ class AccessListForm(NetBoxModelForm):
if device:
host_type = "device"
existing_acls = AccessList.objects.filter(name=name, device=device).exists()
elif virtual_chassis:
host_type = "virtual_chassis"
existing_acls = AccessList.objects.filter(
name=name,
virtual_chassis=virtual_chassis,
).exists()
elif virtual_machine:
host_type = "virtual_machine"
existing_acls = AccessList.objects.filter(
name=name,
virtual_machine=virtual_machine,
).exists()
else:
host_type = "virtual_chassis"
existing_acls = AccessList.objects.filter(
name=name,
virtual_chassis=virtual_chassis,
).exists()
# Check if duplicate entry.
if (
@ -233,9 +233,9 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
device = DynamicModelChoiceField(
queryset=Device.objects.all(),
required=False,
query_params={
# Need to pass ACL device to it
},
# query_params={
# Need to pass ACL device to it
# },
)
interface = DynamicModelChoiceField(
queryset=Interface.objects.all(),
@ -247,6 +247,9 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
virtual_machine = DynamicModelChoiceField(
queryset=VirtualMachine.objects.all(),
required=False,
# query_params={
# Need to pass ACL device to it
# },
label="Virtual Machine",
)
vminterface = DynamicModelChoiceField(
@ -330,34 +333,14 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
interface = cleaned_data.get("interface")
vminterface = cleaned_data.get("vminterface")
assigned_object = cleaned_data.get("assigned_object")
if interface:
assigned_object = interface
assigned_object_type = "interface"
host_type = "device"
host = Interface.objects.get(pk=assigned_object.pk).device
elif vminterface:
assigned_object = vminterface
assigned_object_type = "vminterface"
host_type = "virtual_machine"
host = VMInterface.objects.get(pk=assigned_object.pk).virtual_machine
if interface or vminterface:
assigned_object_id = VMInterface.objects.get(pk=assigned_object.pk).pk
assigned_object_type_id = ContentType.objects.get_for_model(
assigned_object,
).pk
access_list_host = AccessList.objects.get(pk=access_list.pk).assigned_object
# Check if both interface and vminterface are set.
if interface and vminterface:
error_too_many_interfaces = "Access Lists must be assigned to one type of interface at a time (VM interface or physical interface)"
error_too_many_hosts = "Access Lists must be assigned to one type of device at a time (VM or physical device)."
error_message |= {
"device": [error_too_many_hosts],
"interface": [error_too_many_interfaces],
"virtual_machine": [error_too_many_hosts],
"vminterface": [error_too_many_interfaces],
}
# Check if neither interface or vminterface are set.
elif not (interface or vminterface):
error_no_interface = (
"An Access List assignment but specify an Interface or VM Interface."
@ -366,8 +349,27 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
"interface": [error_no_interface],
"vminterface": [error_no_interface],
}
else:
if interface:
assigned_object = interface
assigned_object_type = "interface"
host_type = "device"
host = Interface.objects.get(pk=assigned_object.pk).device
assigned_object_id = Interface.objects.get(pk=assigned_object.pk).pk
else:
assigned_object = vminterface
assigned_object_type = "vminterface"
host_type = "virtual_machine"
host = VMInterface.objects.get(pk=assigned_object.pk).virtual_machine
assigned_object_id = VMInterface.objects.get(pk=assigned_object.pk).pk
assigned_object_type_id = ContentType.objects.get_for_model(
assigned_object,
).pk
access_list_host = AccessList.objects.get(pk=access_list.pk).assigned_object
# Check that an interface's parent device/virtual_machine is assigned to the Access List.
elif access_list_host != host:
if access_list_host != host:
error_acl_not_assigned_to_host = "Access List not present on selected host."
error_message |= {
"access_list": [error_acl_not_assigned_to_host],
@ -375,7 +377,7 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
host_type: [error_acl_not_assigned_to_host],
}
# Check for duplicate entry.
elif ACLInterfaceAssignment.objects.filter(
if ACLInterfaceAssignment.objects.filter(
access_list=access_list,
assigned_object_id=assigned_object_id,
assigned_object_type=assigned_object_type_id,
@ -388,7 +390,7 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
assigned_object_type: [error_duplicate_entry],
}
# Check that the interface does not have an existing ACL applied in the direction already.
elif ACLInterfaceAssignment.objects.filter(
if ACLInterfaceAssignment.objects.filter(
assigned_object_id=assigned_object_id,
assigned_object_type=assigned_object_type_id,
direction=direction,
@ -408,9 +410,8 @@ class ACLInterfaceAssignmentForm(NetBoxModelForm):
def save(self, *args, **kwargs):
# Set assigned object
self.instance.assigned_object = self.cleaned_data.get(
"interface",
"interface"
) or self.cleaned_data.get("vminterface")
return super().save(*args, **kwargs)

36
setup.py
View File

@ -1,31 +1,21 @@
# import codecs
# import os.path
#
import codecs
import os.path
from setuptools import find_packages, setup
#
# with open("README.md", "r") as fh:
# long_description = fh.read()
#
#
# def read(rel_path):
# here = os.path.abspath(os.path.dirname(__file__))
# with codecs.open(os.path.join(here, rel_path), "r") as fp:
# return fp.read()
#
#
# def get_version(rel_path):
# for line in read(rel_path).splitlines():
# if line.startswith('__version__'):
# delim = '"' if '"' in line else "'"
# return line.split(delim)[1]
# else:
# raise RuntimeError("Unable to find version string.")
#
with open("README.md", "r") as fh:
long_description = fh.read()
def read(rel_path):
here = os.path.abspath(os.path.dirname(__file__))
with codecs.open(os.path.join(here, rel_path), "r") as fp:
return fp.read()
setup(
name="netbox-acls",
version="1.0.0",
version="1.1.1",
# version=get_version("netbox_acls/version.py"),
description="A NetBox plugin for Access List management",
# long_description=long_description,