netbox-docker icon indicating copy to clipboard operation
netbox-docker copied to clipboard

Published 20 hours ago verified publisher icon netbox-community

Data source sync fails with ssh with netbox-docker

Open rasanentimo opened this issue 1 year ago • 6 comments

Current Behavior

I added the the needed SSH related configuration to the container (ssh config, ssh known hosts and ssh private key). I added git data source to netbox via GUI with url and try to sync the data. The sync fails with error ERROR:root:Fetching remote data failed (FileNotFoundError): [Errno 2] No such file or directory: 'ssh' and data source is not synced.

I think there are 2 options for solving this; either add openssh-client to the netbox-docker image or make changes on the netbox code to support ssh data sync with paramiko.

Expected Behavior

I expected the data source to sync.

Docker Compose Version

Docker Compose version v2.4.1

Docker Version

Client: Docker Engine - Community
 Version:           23.0.5
 API version:       1.42
 Go version:        go1.19.8
 Git commit:        bc4487a
 Built:             Wed Apr 26 16:21:07 2023
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          23.0.5
  API version:      1.42 (minimum version 1.12)
  Go version:       go1.19.8
  Git commit:       94d3ad6
  Built:            Wed Apr 26 16:21:07 2023
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.20
  GitCommit:        2806fc1057397dbaeefbea0e4e17bddfbd388f38
 runc:
  Version:          1.1.5
  GitCommit:        v1.1.5-0-gf19387a
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

The git Revision

22486fefb5c4cc326bd091abeac5314eb7acd37f

The git Status

On branch main
nothing to commit, working tree clean

Startup Command

docker compose up

NetBox Logs

ERROR:root:Fetching remote data failed (FileNotFoundError): [Errno 2] No such file or directory: 'ssh'

Content of docker-compose.override.yml

version: '3.4'
services:
  netbox:
    ports:
      - "8000:8080"

rasanentimo avatar Aug 29 '23 06:08 rasanentimo

According to the documentation of dulwich the paramiko SSH client is not fully tested. So I think we should install openssh-client in the image.

tobiasge avatar Aug 29 '23 11:08 tobiasge

Thanks! I think the current default user doesn't have home directory. What would be the ideal way to store the ssh config, ssh key and known hosts file? I think the easiest way would be to define the home directory for that user but there might be some other solutions for this as well

unit@d9887d85629d:/opt/netbox/netbox$ whoami
unit
unit@d9887d85629d:/opt/netbox/netbox$ echo $HOME
/nonexistent

rasanentimo avatar Aug 30 '23 10:08 rasanentimo

I think we could change the default user to have a home directory in /opt/unit/home or something like that. But you would still need to mount the SSH configuration into this directory, because I don't want to provide a default configuration that disables StrictHostKeyChecking.

@cimnine What do you think?

tobiasge avatar Aug 30 '23 11:08 tobiasge

This might be related to this issue: https://github.com/netbox-community/netbox/issues/13573

chuegel avatar Sep 01 '23 08:09 chuegel

I've run in to the lack of $HOME too. I'm working around it by bin mounting /nonexistent and using it as a home dir but that's not ideal so a normal home dir would be a good start I think. It would be easy to mount private keys in to it.

Regarding StrictHostKeyChecking, it would be great if you could pass command line options for the ssh client to disable it (or accept-new) for chosen data sources. Managing known_hosts files could get quite hard.

jacobw avatar Sep 19 '23 08:09 jacobw

@tobiasge any chance you could progress with just giving the unit user a home, such as /opt/unit/home as you suggested.

Happy to mount config files in there for the time being, will need to manage an ssh key anyway.

jacobw avatar Oct 17 '23 07:10 jacobw