home-ops
home-ops copied to clipboard
Published
20 hours ago •
axeII
axeII
refactors: netbox configuration
trafficstars
Description of the change Refactors and finally deploys the netbox
🦙 MegaLinter status: ✅ SUCCESS
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|
See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff
MegaLinter is graciously provided by 
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/netbox
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/netbox
@@ -0,0 +1,36 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1
+kind: Kustomization
+metadata:
+ labels:
+ kustomize.toolkit.fluxcd.io/name: cluster-apps
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: netbox
+ namespace: flux-system
+spec:
+ commonMetadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ decryption:
+ provider: sops
+ secretRef:
+ name: sops-age
+ dependsOn:
+ - name: cluster-apps-external-secrets-stores
+ interval: 30m
+ path: ./kubernetes/apps/networking/netbox/app
+ postBuild:
+ substituteFrom:
+ - kind: ConfigMap
+ name: cluster-settings
+ - kind: Secret
+ name: cluster-secrets
+ prune: true
+ retryInterval: 1m
+ sourceRef:
+ kind: GitRepository
+ name: home-kubernetes
+ targetNamespace: networking
+ timeout: 5m
+ wait: true
+
--- kubernetes/apps/networking/netbox/app Kustomization: flux-system/netbox HelmRelease: networking/netbox
+++ kubernetes/apps/networking/netbox/app Kustomization: flux-system/netbox HelmRelease: networking/netbox
@@ -0,0 +1,109 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ kustomize.toolkit.fluxcd.io/name: netbox
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: netbox
+ namespace: networking
+spec:
+ chart:
+ spec:
+ chart: netbox
+ interval: 5m
+ sourceRef:
+ kind: HelmRepository
+ name: bootc-charts
+ namespace: flux-system
+ version: 4.1.1
+ interval: 5m
+ values:
+ admins:
+ - - Ales Lerch
+ - ..PLACEHOLDER..
+ cachingRedis:
+ existingSecretKey: REDIS_PASSWORD
+ existingSecretName: netbox-secret
+ host: netbox-redis.default.svc.cluster.local
+ email: {}
+ existingSecret: netbox-secret
+ externalDatabase:
+ database: netbox_db
+ existingSecretKey: NETBOX_DB_PASS
+ existingSecretName: netbox-secret
+ host: postgres.database.svc.cluster.local
+ port: 5432
+ username: netbox
+ image:
+ pullPolicy: IfNotPresent
+ repository: quay.io/tgenannt/netbox
+ tag: v4.1.0
+ ingress:
+ annotations:
+ hajimari.io/icon: ip-network-outline
+ enabled: true
+ hosts:
+ - host: netbox...PLACEHOLDER..
+ paths:
+ - backend:
+ service:
+ name: netbox
+ port:
+ number: 8080
+ path: /
+ pathType: Prefix
+ ingressClassName: internal
+ tls:
+ - hosts:
+ - netbox...PLACEHOLDER..
+ init:
+ image:
+ pullPolicy: IfNotPresent
+ repository: docker.io/library/busybox
+ tag: 1.36.1
+ logging:
+ disable_existing_loggers: false
+ handlers:
+ console:
+ class: logging.StreamHandler
+ loggers:
+ netbox.authentication.*:
+ handlers:
+ - console
+ level: DEBUG
+ version: 1
+ loginRequired: false
+ metricsEnabled: true
+ persistence:
+ enabled: false
+ postgresql:
+ enabled: false
+ redis:
+ enabled: false
+ remoteAuth:
+ enabled: false
+ reportsPersistence:
+ enabled: false
+ storageBackend: storages.backends.s3boto3.S3Boto3Storage
+ storageConfig:
+ AWS_S3_ENDPOINT_URL: http://192.168.3.3:9000
+ AWS_S3_REGION_NAME: eu-east-1
+ AWS_STORAGE_BUCKET_NAME: netbox
+ superuser:
+ email: ..PLACEHOLDER..
+ name: admin
+ tasksRedis:
+ existingSecretKey: REDIS_PASSWORD
+ existingSecretName: netbox-secret
+ host: netbox-redis.default.svc.cluster.local
+ updateStrategy:
+ type: RollingUpdate
+ worker:
+ enabled: true
+ nodeSelector:
+ kubernetes.io/arch: amd64
+ updateStrategy:
+ type: RollingUpdate
+
--- kubernetes/apps/networking/netbox/app Kustomization: flux-system/netbox ExternalSecret: networking/netbox
+++ kubernetes/apps/networking/netbox/app Kustomization: flux-system/netbox ExternalSecret: networking/netbox
@@ -0,0 +1,33 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ kustomize.toolkit.fluxcd.io/name: netbox
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: netbox
+ namespace: networking
+spec:
+ dataFrom:
+ - extract:
+ key: netbox
+ secretStoreRef:
+ kind: ClusterSecretStore
+ name: onepassword-connect
+ target:
+ creationPolicy: Owner
+ name: netbox-secret
+ template:
+ data:
+ AWS_ACCESS_KEY_ID: '{{ .NETBOX_AWS_ACCESS_KEY_ID }}'
+ AWS_SECRET_ACCESS_KEY: '{{ .NETBOX_AWS_SECRET_ACCESS_KEY }}'
+ NETBOX_DB_PASS: '{{ .NETBOX_POSTGRES_PASS }}'
+ REDIS_PASSWORD: '{{ .REDIS_PASSWORD }}'
+ email_password: ''
+ napalm_password: ''
+ secret_key: '{{ .NETBOX_SECRET_KEY }}'
+ superuser_api_token: '{{ .NETBOX_SUPERUSER_API_TOKEN }}'
+ superuser_password: '{{ .NETBOX_SUPERUSER_PASSWORD }}'
+ engineVersion: v2
+
![bot-akira[bot] avatar](https://avatars.githubusercontent.com/in/825512?v=4 "Published by a pub.dev verified publisher"){kind=small}
--- HelmRelease: networking/netbox ServiceAccount: networking/netbox
+++ HelmRelease: networking/netbox ServiceAccount: networking/netbox
@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: netbox
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+
--- HelmRelease: networking/netbox ConfigMap: networking/netbox
+++ HelmRelease: networking/netbox ConfigMap: networking/netbox
@@ -0,0 +1,170 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: netbox
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+data:
+ configuration.py: |
+ import re
+ import yaml
+
+ from pathlib import Path
+
+ def _deep_merge(source, destination):
+ """Inspired by https://stackoverflow.com/a/20666342"""
+ for key, value in source.items():
+ dst_value = destination.get(key)
+
+ if isinstance(value, dict) and isinstance(dst_value, dict):
+ _deep_merge(value, dst_value)
+ else:
+ destination[key] = value
+
+ return destination
+
+ def _load_yaml():
+ extraConfigBase = Path('/run/config/extra')
+ configFiles = [Path('/run/config/netbox/netbox.yaml')]
+
+ configFiles.extend(sorted(extraConfigBase.glob('*/*.yaml')))
+
+ for configFile in configFiles:
+ with open(configFile, 'r') as f:
+ config = yaml.safe_load(f)
+
+ _deep_merge(config, globals())
+
+ def _load_secret(name, key):
+ path = "/run/secrets/{name}/{key}".format(name=name, key=key)
+ with open(path, 'r') as f:
+ return f.read()
+
+ _load_yaml()
+
+ DATABASE['PASSWORD'] = _load_secret('netbox', 'db_password')
+ EMAIL['PASSWORD'] = _load_secret('netbox', 'email_password')
+ NAPALM_PASSWORD = _load_secret('netbox', 'napalm_password')
+ REDIS['tasks']['PASSWORD'] = _load_secret('netbox', 'redis_tasks_password')
+ REDIS['caching']['PASSWORD'] = _load_secret('netbox', 'redis_cache_password')
+ SECRET_KEY = _load_secret('netbox', 'secret_key')
+
+ # Post-process certain values
+ CORS_ORIGIN_REGEX_WHITELIST = [re.compile(r) for r
+ in CORS_ORIGIN_REGEX_WHITELIST]
+ netbox.yaml: |
+ ALLOWED_HOSTS: ["*"]
+
+ DATABASE:
+ HOST: "postgres.database.svc.cluster.local"
+ USER: "netbox"
+ NAME: "netbox_db"
+ PORT: 5432
+ OPTIONS:
+ sslmode: "prefer"
+ target_session_attrs: 'read-write'
+ CONN_MAX_AGE: 300
+ DISABLE_SERVER_SIDE_CURSORS: false
+
+ ADMINS: [["Ales Lerch","..PLACEHOLDER.."]]
+ AUTH_PASSWORD_VALIDATORS: []
+ ALLOWED_URL_SCHEMES: ["file","ftp","ftps","http","https","irc","mailto","sftp","ssh","tel","telnet","tftp","vnc","xmpp"]
+ BANNER_TOP: ""
+ BANNER_BOTTOM: ""
+ BANNER_LOGIN: ""
+ BASE_PATH: ""
+ CHANGELOG_RETENTION: 90
+ CUSTOM_VALIDATORS: {}
+ DEFAULT_USER_PREFERENCES: {}
+ CORS_ORIGIN_ALLOW_ALL: false
+ CORS_ORIGIN_WHITELIST: []
+ CORS_ORIGIN_REGEX_WHITELIST: []
+ CSRF_TRUSTED_ORIGINS: []
+ DEBUG: false
+
+ EMAIL:
+ SERVER: "localhost"
+ PORT: 25
+ USERNAME: ""
+ USE_SSL: false
+ USE_TLS: false
+ SSL_CERTFILE: ""
+ SSL_KEYFILE: ""
+ TIMEOUT: 10
+ FROM_EMAIL: ""
+
+ ENFORCE_GLOBAL_UNIQUE: false
+ EXEMPT_VIEW_PERMISSIONS: []
+ FIELD_CHOICES: {}
+ GRAPHQL_ENABLED: true
+ HTTP_PROXIES: null
+ INTERNAL_IPS: ["127.0.0.1","::1"]
+ JOBRESULT_RETENTION: 90
+ LOGGING: {"disable_existing_loggers":false,"handlers":{"console":{"class":"logging.StreamHandler"}},"loggers":{"netbox.authentication.*":{"handlers":["console"],"level":"DEBUG"}},"version":1}
+ LOGIN_PERSISTENCE: false
+ LOGIN_REQUIRED: false
+ LOGIN_TIMEOUT: 1209600
+ MAINTENANCE_MODE: false
+ MAPS_URL: "https://maps.google.com/?q="
+ MAX_PAGE_SIZE: 1000
+ MEDIA_ROOT: /opt/netbox/netbox/media
+ STORAGE_BACKEND: "storages.backends.s3boto3.S3Boto3Storage"
+ STORAGE_CONFIG: {"AWS_S3_ENDPOINT_URL":"http://192.168.3.3:9000","AWS_S3_REGION_NAME":"eu-east-1","AWS_STORAGE_BUCKET_NAME":"netbox"}
+ METRICS_ENABLED: true
+ NAPALM_USERNAME: ""
+ NAPALM_TIMEOUT: 30
+ NAPALM_ARGS: {}
+ PAGINATE_COUNT: 50
+ PLUGINS: []
+ PLUGINS_CONFIG: {}
+ POWERFEED_DEFAULT_AMPERAGE: 15
+ POWERFEED_DEFAULT_MAX_UTILIZATION: 80
+ POWERFEED_DEFAULT_VOLTAGE: 120
+ PREFER_IPV4: false
+ RACK_ELEVATION_DEFAULT_UNIT_HEIGHT: 22
+ RACK_ELEVATION_DEFAULT_UNIT_WIDTH: 220
+ REMOTE_AUTH_ENABLED: false
+ REMOTE_AUTH_BACKEND: "netbox.authentication.RemoteUserBackend"
+ REMOTE_AUTH_HEADER: "HTTP_REMOTE_USER"
+ REMOTE_AUTH_AUTO_CREATE_USER: true
+ REMOTE_AUTH_DEFAULT_GROUPS: []
+ REMOTE_AUTH_DEFAULT_PERMISSIONS: {}
+ REMOTE_AUTH_GROUP_SYNC_ENABLED: false
+ REMOTE_AUTH_GROUP_HEADER: "HTTP_REMOTE_USER_GROUP"
+ REMOTE_AUTH_SUPERUSER_GROUPS: []
+ REMOTE_AUTH_SUPERUSERS: []
+ REMOTE_AUTH_STAFF_GROUPS: []
+ REMOTE_AUTH_STAFF_USERS: []
+ REMOTE_AUTH_GROUP_SEPARATOR: "|"
+ RELEASE_CHECK_URL: null
+
+ REDIS:
+ tasks:
+ HOST: "netbox-redis.default.svc.cluster.local"
+ PORT: 6379
+ DATABASE: 0
+ SSL: false
+ INSECURE_SKIP_TLS_VERIFY: false
+ caching:
+ HOST: "netbox-redis.default.svc.cluster.local"
+ PORT: 6379
+ DATABASE: 1
+ SSL: false
+ INSECURE_SKIP_TLS_VERIFY: false
+
+ REPORTS_ROOT: /opt/netbox/netbox/reports
+ RQ_DEFAULT_TIMEOUT: 300
+ SCRIPTS_ROOT: /opt/netbox/netbox/scripts
+ CSRF_COOKIE_NAME: "csrftoken"
+ SESSION_COOKIE_NAME: sessionid
+ TIME_ZONE: "UTC"
+ DATE_FORMAT: "N j, Y"
+ SHORT_DATE_FORMAT: "Y-m-d"
+ TIME_FORMAT: "g:i a"
+ SHORT_TIME_FORMAT: "H:i:s"
+ DATETIME_FORMAT: "N j, Y g:i a"
+ SHORT_DATETIME_FORMAT: "Y-m-d H:i"
+
--- HelmRelease: networking/netbox Service: networking/netbox
+++ HelmRelease: networking/netbox Service: networking/netbox
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: netbox
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+spec:
+ type: ClusterIP
+ ports:
+ - port: 80
+ targetPort: http
+ protocol: TCP
+ name: http
+ selector:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: netbox
+
--- HelmRelease: networking/netbox Deployment: networking/netbox
+++ HelmRelease: networking/netbox Deployment: networking/netbox
@@ -0,0 +1,150 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: netbox
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/component: netbox
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: netbox
+ strategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: netbox
+ spec:
+ serviceAccountName: netbox
+ securityContext:
+ fsGroup: 1000
+ runAsNonRoot: true
+ initContainers:
+ - name: init-dirs
+ image: docker.io/library/busybox:1.36.1
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sh
+ - -c
+ - mkdir -p /opt/unit/state /opt/unit/tmp
+ securityContext:
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsGroup: 1000
+ runAsNonRoot: true
+ runAsUser: 1000
+ volumeMounts:
+ - name: optunit
+ mountPath: /opt/unit
+ containers:
+ - name: netbox
+ securityContext:
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsGroup: 1000
+ runAsNonRoot: true
+ runAsUser: 1000
+ image: quay.io/tgenannt/netbox:v4.1.0
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: SUPERUSER_NAME
+ value: admin
+ - name: SUPERUSER_EMAIL
+ value: ..PLACEHOLDER..
+ - name: SKIP_STARTUP_SCRIPTS
+ value: 'true'
+ ports:
+ - name: http
+ containerPort: 8080
+ protocol: TCP
+ readinessProbe:
+ httpGet:
+ path: /login/
+ port: http
+ initialDelaySeconds: 0
+ timeoutSeconds: 1
+ successThreshold: 1
+ periodSeconds: 10
+ volumeMounts:
+ - name: config
+ mountPath: /etc/netbox/config/configuration.py
+ subPath: configuration.py
+ readOnly: true
+ - name: config
+ mountPath: /run/config/netbox
+ readOnly: true
+ - name: secrets
+ mountPath: /run/secrets/netbox
+ readOnly: true
+ - name: netbox-tmp
+ mountPath: /tmp
+ - name: media
+ mountPath: /opt/netbox/netbox/media
+ subPath: ''
+ - name: optunit
+ mountPath: /opt/unit
+ - name: secrets
+ mountPath: /run/secrets/superuser_password
+ subPath: superuser_password
+ readOnly: true
+ - name: secrets
+ mountPath: /run/secrets/superuser_api_token
+ subPath: superuser_api_token
+ readOnly: true
+ volumes:
+ - name: config
+ configMap:
+ name: netbox
+ - name: secrets
+ projected:
+ sources:
+ - secret:
+ name: netbox-secret
+ items:
+ - key: superuser_password
+ path: superuser_password
+ - key: superuser_api_token
+ path: superuser_api_token
+ - key: email_password
+ path: email_password
+ - key: napalm_password
+ path: napalm_password
+ - key: secret_key
+ path: secret_key
+ - secret:
+ name: netbox-secret
+ items:
+ - key: NETBOX_DB_PASS
+ path: db_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_tasks_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_cache_password
+ - name: netbox-tmp
+ emptyDir:
+ medium: Memory
+ - name: optunit
+ emptyDir:
+ medium: Memory
+ - name: media
+ emptyDir: {}
+
--- HelmRelease: networking/netbox Deployment: networking/netbox-worker
+++ HelmRelease: networking/netbox Deployment: networking/netbox-worker
@@ -0,0 +1,101 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: netbox-worker
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/component: worker
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: worker
+ strategy:
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: worker
+ spec:
+ serviceAccountName: netbox
+ securityContext:
+ fsGroup: 1000
+ runAsNonRoot: true
+ containers:
+ - name: netbox-worker
+ securityContext:
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsGroup: 1000
+ runAsNonRoot: true
+ runAsUser: 1000
+ image: quay.io/tgenannt/netbox:v4.1.0
+ command:
+ - /opt/netbox/venv/bin/python
+ - /opt/netbox/netbox/manage.py
+ - rqworker
+ imagePullPolicy: IfNotPresent
+ volumeMounts:
+ - name: config
+ mountPath: /etc/netbox/config/configuration.py
+ subPath: configuration.py
+ readOnly: true
+ - name: config
+ mountPath: /run/config/netbox
+ readOnly: true
+ - name: secrets
+ mountPath: /run/secrets/netbox
+ readOnly: true
+ - name: netbox-tmp
+ mountPath: /tmp
+ - name: media
+ mountPath: /opt/netbox/netbox/media
+ subPath: ''
+ volumes:
+ - name: config
+ configMap:
+ name: netbox
+ - name: secrets
+ projected:
+ sources:
+ - secret:
+ name: netbox-secret
+ items:
+ - key: email_password
+ path: email_password
+ - key: napalm_password
+ path: napalm_password
+ - key: secret_key
+ path: secret_key
+ - secret:
+ name: netbox-secret
+ items:
+ - key: NETBOX_DB_PASS
+ path: db_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_tasks_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_cache_password
+ - name: netbox-tmp
+ emptyDir:
+ medium: Memory
+ - name: media
+ emptyDir: {}
+ nodeSelector:
+ kubernetes.io/arch: amd64
+
--- HelmRelease: networking/netbox CronJob: networking/netbox-housekeeping
+++ HelmRelease: networking/netbox CronJob: networking/netbox-housekeeping
@@ -0,0 +1,106 @@
+---
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: netbox-housekeeping
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/component: housekeeping
+spec:
+ concurrencyPolicy: Forbid
+ failedJobsHistoryLimit: 5
+ schedule: 0 0 * * *
+ successfulJobsHistoryLimit: 5
+ suspend: false
+ jobTemplate:
+ metadata:
+ labels:
+ helm.sh/chart: netbox-4.1.1
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/version: v4.1.0
+ app.kubernetes.io/managed-by: Helm
+ spec:
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/component: housekeeping
+ spec:
+ serviceAccountName: netbox
+ securityContext:
+ fsGroup: 1000
+ runAsNonRoot: true
+ containers:
+ - name: netbox-housekeeping
+ securityContext:
+ capabilities:
+ drop:
+ - ALL
+ readOnlyRootFilesystem: true
+ runAsGroup: 1000
+ runAsNonRoot: true
+ runAsUser: 1000
+ image: quay.io/tgenannt/netbox:v4.1.0
+ command:
+ - /opt/netbox/venv/bin/python
+ - /opt/netbox/netbox/manage.py
+ - housekeeping
+ imagePullPolicy: IfNotPresent
+ volumeMounts:
+ - name: config
+ mountPath: /etc/netbox/config/configuration.py
+ subPath: configuration.py
+ readOnly: true
+ - name: config
+ mountPath: /run/config/netbox
+ readOnly: true
+ - name: secrets
+ mountPath: /run/secrets/netbox
+ readOnly: true
+ - name: netbox-tmp
+ mountPath: /tmp
+ - name: media
+ mountPath: /opt/netbox/netbox/media
+ subPath: ''
+ volumes:
+ - name: config
+ configMap:
+ name: netbox
+ - name: secrets
+ projected:
+ sources:
+ - secret:
+ name: netbox-secret
+ items:
+ - key: email_password
+ path: email_password
+ - key: napalm_password
+ path: napalm_password
+ - key: secret_key
+ path: secret_key
+ - secret:
+ name: netbox-secret
+ items:
+ - key: NETBOX_DB_PASS
+ path: db_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_tasks_password
+ - secret:
+ name: netbox-secret
+ items:
+ - key: REDIS_PASSWORD
+ path: redis_cache_password
+ - name: netbox-tmp
+ emptyDir:
+ medium: Memory
+ - name: media
+ emptyDir: {}
+ restartPolicy: OnFailure
+
--- HelmRelease: networking/netbox Ingress: networking/netbox
+++ HelmRelease: networking/netbox Ingress: networking/netbox
@@ -0,0 +1,28 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: netbox
+ labels:
+ app.kubernetes.io/name: netbox
+ app.kubernetes.io/instance: netbox
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ hajimari.io/icon: ip-network-outline
+spec:
+ tls:
+ - hosts:
+ - netbox...PLACEHOLDER..
+ secretName: null
+ rules:
+ - host: netbox...PLACEHOLDER..
+ http:
+ paths:
+ - backend:
+ service:
+ name: netbox
+ port:
+ number: 8080
+ path: /
+ pathType: Prefix
+