diff --git a/netbox/main.yaml b/netbox/main.yaml index af56eed..02d242e 100644 --- a/netbox/main.yaml +++ b/netbox/main.yaml @@ -170,15 +170,15 @@ data: DEFAULT_LANGUAGE: "en-us" EMAIL: - SERVER: "localhost" - PORT: 25 - USERNAME: "" - USE_SSL: false + SERVER: "mxe965.netcup.net" + PORT: 587 + USERNAME: "philip.haupt@borninpain.de" + USE_SSL: true USE_TLS: false SSL_CERTFILE: "" SSL_KEYFILE: "" TIMEOUT: 10 - FROM_EMAIL: "" + FROM_EMAIL: "noreply@borninpain.de" ENFORCE_GLOBAL_UNIQUE: true EXEMPT_VIEW_PERMISSIONS: [] @@ -208,8 +208,8 @@ data: PREFER_IPV4: false RACK_ELEVATION_DEFAULT_UNIT_HEIGHT: 22 RACK_ELEVATION_DEFAULT_UNIT_WIDTH: 220 - REMOTE_AUTH_ENABLED: false - REMOTE_AUTH_BACKEND: ["netbox.authentication.RemoteUserBackend"] + REMOTE_AUTH_ENABLED: true + REMOTE_AUTH_BACKEND: ["social_core.backends.open_id_connect.OpenIdConnectAuth"] REMOTE_AUTH_HEADER: "HTTP_REMOTE_USER" REMOTE_AUTH_USER_FIRST_NAME: "HTTP_REMOTE_USER_FIRST_NAME" REMOTE_AUTH_USER_LAST_NAME: "HTTP_REMOTE_USER_LAST_NAME" @@ -251,7 +251,7 @@ data: CSRF_COOKIE_NAME: "csrftoken" SESSION_COOKIE_NAME: sessionid ENABLE_LOCALIZATION: false - TIME_ZONE: "UTC" + TIME_ZONE: "CET" DATE_FORMAT: "N j, Y" SHORT_DATE_FORMAT: "Y-m-d" TIME_FORMAT: "g:i a" @@ -271,8 +271,7 @@ metadata: --- apiVersion: v1 data: - email_password: "" - secret_key: Ym9JSkxAeXJYcW1YakxuMCIhK3JaclJqIScpM2RtS2kxTD4+VlIqXlg6OVtVMDQ9M2lrXHZLNWhbdDU3 + secret_key: R19RQGVZSy1+dG9we3w6PVZEY0tVOHAnQjRkUShQLDsrVGFSc259WXNdIzBCUiFcJlZrN3MjIDxvPDpr kind: Secret metadata: labels: @@ -287,25 +286,9 @@ type: Opaque --- apiVersion: v1 data: - cache_password: "" - tasks_password: Ymx1YmJlcg== -kind: Secret -metadata: - labels: - app.kubernetes.io/instance: netbox - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: netbox - app.kubernetes.io/version: v4.4.4 - helm.sh/chart: netbox-7.1.11 - name: netbox-kv - namespace: netbox -type: Opaque ---- -apiVersion: v1 -data: - api_token: YjcwNzI5MGMtYmE3MC00MmMzLTg2MWYtMzUyMzU5YzIyNzc5 - email: YWRtaW5AZXhhbXBsZS5jb20= - password: a0FCT2JxUTFJUA== + api_token: YzI4ZmQyZDUtYjhhMS00M2MxLWJiZWQtNTNiYzRmNzQzZDg0 + email: YWRtaW5AYm9ybmlucGFpbi5kZQ== + password: OGhSTktFVnRkQg== username: YWRtaW4= kind: Secret metadata: @@ -388,8 +371,8 @@ spec: template: metadata: annotations: - checksum/config: 700ca816c994c518b5ab4d10edb328a359017172480d4199d5860a4713b4c091 - checksum/secret: ac76943039914a3d7a2e7234a2fed36ba39dd6f42d379734eb6a6bc5a448944a + checksum/config: 518377a27b37c4f3eaae50680f5306472640fbac84f2ddca358fafe23f25ca7e + checksum/secret: 348f4ad1c8feaaef20c677da4b4914417ec4b430856cdbb4aebcec63b0d9bcf0 labels: app.kubernetes.io/component: netbox app.kubernetes.io/instance: netbox @@ -486,6 +469,9 @@ spec: - mountPath: /run/secrets/netbox name: secrets readOnly: true + - mountPath: /run/config/extra/0 + name: extra-config-0 + readOnly: true - mountPath: /tmp name: netbox-tmp - mountPath: /opt/netbox/netbox/media @@ -553,9 +539,9 @@ spec: name: netbox-config - secret: items: - - key: email_password + - key: email-password path: email_password - name: netbox-config + name: netbox - secret: items: - key: password @@ -570,14 +556,21 @@ spec: name: cnpg-netbox-cluster-app - secret: items: - - key: tasks_password + - key: kv-password path: tasks_password - name: netbox-kv + name: netbox - secret: items: - - key: cache_password + - key: kv-password path: cache_password - name: netbox-kv + name: netbox + - name: extra-config-0 + secret: + items: + - key: oidc-secret + path: oidc_secret.yaml + optional: false + secretName: netbox - emptyDir: medium: Memory name: netbox-tmp @@ -613,8 +606,8 @@ spec: template: metadata: annotations: - checksum/config: b6611b66943044288475e05c9f4bf368a95203cd197dda8a35d9ed7498ac56b9 - checksum/secret: d20d6403cee6e39c20d0033c4fe21c5311f96719861582c79d7030e48bf17e41 + checksum/config: 02de8b4c4a16f16fcc43e93fab33e80bb92c925c4d6cbea6b1161ea8920fca4d + checksum/secret: 8ba4f922187d43cd5c28126ada22d47851885c3eec144599f72b10c7868d9d04 labels: app.kubernetes.io/component: worker app.kubernetes.io/instance: netbox @@ -656,6 +649,9 @@ spec: - mountPath: /run/secrets/netbox name: secrets readOnly: true + - mountPath: /run/config/extra/0 + name: extra-config-0 + readOnly: true - mountPath: /tmp name: netbox-tmp - mountPath: /opt/netbox/netbox/media @@ -718,9 +714,9 @@ spec: name: netbox-config - secret: items: - - key: email_password + - key: email-password path: email_password - name: netbox-config + name: netbox - secret: items: - key: password @@ -735,14 +731,21 @@ spec: name: cnpg-netbox-cluster-app - secret: items: - - key: tasks_password + - key: kv-password path: tasks_password - name: netbox-kv + name: netbox - secret: items: - - key: cache_password + - key: kv-password path: cache_password - name: netbox-kv + name: netbox + - name: extra-config-0 + secret: + items: + - key: oidc-secret + path: oidc_secret.yaml + optional: false + secretName: netbox - emptyDir: medium: Memory name: netbox-tmp @@ -818,6 +821,9 @@ spec: - mountPath: /run/secrets/netbox name: secrets readOnly: true + - mountPath: /run/config/extra/0 + name: extra-config-0 + readOnly: true - mountPath: /tmp name: netbox-tmp - mountPath: /opt/netbox/netbox/media @@ -845,9 +851,9 @@ spec: name: netbox-config - secret: items: - - key: email_password + - key: email-password path: email_password - name: netbox-config + name: netbox - secret: items: - key: password @@ -855,14 +861,21 @@ spec: name: cnpg-netbox-cluster-app - secret: items: - - key: tasks_password + - key: kv-password path: tasks_password - name: netbox-kv + name: netbox - secret: items: - - key: cache_password + - key: kv-password path: cache_password - name: netbox-kv + name: netbox + - name: extra-config-0 + secret: + items: + - key: oidc-secret + path: oidc_secret.yaml + optional: false + secretName: netbox - emptyDir: medium: Memory name: netbox-tmp diff --git a/netbox/src/values.yaml b/netbox/src/values.yaml index 595830b..9185655 100644 --- a/netbox/src/values.yaml +++ b/netbox/src/values.yaml @@ -85,7 +85,7 @@ image: # See `existingSecret` for details superuser: name: admin - email: admin@example.com + email: admin@borninpain.de password: "" apiToken: "" existingSecret: "" @@ -364,9 +364,9 @@ rackElevationDefaultUnitWidth: 220 # Remote authentication support remoteAuth: - enabled: false + enabled: true backends: - - netbox.authentication.RemoteUserBackend + - social_core.backends.open_id_connect.OpenIdConnectAuth header: HTTP_REMOTE_USER userFirstName: HTTP_REMOTE_USER_FIRST_NAME userLastName: HTTP_REMOTE_USER_LAST_NAME @@ -467,7 +467,13 @@ shortDateTimeFormat: "Y-m-d H:i" # secretName: netbox-extra # items: [] # optional: false -extraConfig: [] +extraConfig: + - secret: + secretName: netbox + items: + - key: oidc-secret + path: oidc_secret.yaml + optional: false # If provided, this should be a 50+ character string of random characters. It # will be randomly generated if left blank.