initial swag at netbox integration

idaholab · Sep 19, 2022 · 382d8ea · 382d8ea
1 parent 639d251
commit 382d8ea
Show file tree

Hide file tree

Showing 19 changed files with 1,010 additions and 1 deletion.
diff --git a/docker-compose-standalone.yml b/docker-compose-standalone.yml
@@ -882,6 +882,100 @@ services:
       timeout: 15s
       retries: 3
       start_period: 60s
+  netbox:
+    image: ghcr.io/mmguero/netbox:latest
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox.malcolm.local'
+    env_file: ./netbox/env/netbox.env
+    depends_on:
+    - netbox-postgres
+    - netbox-redis
+    - netbox-redis-cache
+    volumes:
+    - ./netbox/config/configuration:/etc/netbox/config:ro
+    - ./netbox/config/reports:/etc/netbox/reports:ro
+    - ./netbox/config/scripts:/etc/netbox/scripts:ro
+    - ./netbox/config/unit:/etc/unit:ro
+    - ./netbox/media:/opt/netbox/netbox/media:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "http://localhost:8080/assets/api/" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 120s
+  netbox-postgres:
+    image: ghcr.io/mmguero/postgres:14-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-postgres
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-postgres.malcolm.local'
+    env_file: ./netbox/env/postgres.env
+    volumes:
+    - ./netbox/postgres:/var/lib/postgresql/data:rw
+    healthcheck:
+      test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
+  netbox-redis:
+    image: ghcr.io/mmguero/redis:7-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-redis
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-redis.malcolm.local'
+    env_file: ./netbox/env/redis.env
+    command:
+    - sh
+    - -c
+    - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD
+    volumes:
+    - ./netbox/redis:/data
+    healthcheck:
+      test: ["CMD-SHELL", "pidof redis-server || exit 1" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
+  netbox-redis-cache:
+    image: ghcr.io/mmguero/redis:7-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-redis-cache
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-redis-cache.malcolm.local'
+      env_file: ./netbox/env/redis-cache.env
+    command:
+    - sh
+    - -c
+    - redis-server --requirepass $$REDIS_PASSWORD
+    healthcheck:
+      test: ["CMD-SHELL", "pidof redis-server || exit 1" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
   api:
     image: malcolmnetsec/api:6.4.0
     command: gunicorn --bind 0:5000 manage:app

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -942,6 +942,100 @@ services:
       timeout: 15s
       retries: 3
       start_period: 60s
+  netbox:
+    image: ghcr.io/mmguero/netbox:latest
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox.malcolm.local'
+    env_file: ./netbox/env/netbox.env
+    depends_on:
+    - netbox-postgres
+    - netbox-redis
+    - netbox-redis-cache
+    volumes:
+    - ./netbox/config/configuration:/etc/netbox/config:ro
+    - ./netbox/config/reports:/etc/netbox/reports:ro
+    - ./netbox/config/scripts:/etc/netbox/scripts:ro
+    - ./netbox/config/unit:/etc/unit:ro
+    - ./netbox/media:/opt/netbox/netbox/media:rw
+    healthcheck:
+      test: ["CMD", "curl", "--silent", "http://localhost:8080/assets/api/" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 120s
+  netbox-postgres:
+    image: ghcr.io/mmguero/postgres:14-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-postgres
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-postgres.malcolm.local'
+    env_file: ./netbox/env/postgres.env
+    volumes:
+    - ./netbox/postgres:/var/lib/postgresql/data:rw
+    healthcheck:
+      test: [ "CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
+  netbox-redis:
+    image: ghcr.io/mmguero/redis:7-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-redis
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-redis.malcolm.local'
+    env_file: ./netbox/env/redis.env
+    command:
+    - sh
+    - -c
+    - redis-server --appendonly yes --requirepass $$REDIS_PASSWORD
+    volumes:
+    - ./netbox/redis:/data
+    healthcheck:
+      test: ["CMD-SHELL", "pidof redis-server || exit 1" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
+  netbox-redis-cache:
+    image: ghcr.io/mmguero/redis:7-alpine
+    restart: "no"
+    stdin_open: false
+    tty: true
+    hostname: netbox-redis-cache
+    networks:
+      - default
+    environment:
+      << : *process-variables
+      VIRTUAL_HOST : 'netbox-redis-cache.malcolm.local'
+      env_file: ./netbox/env/redis-cache.env
+    command:
+    - sh
+    - -c
+    - redis-server --requirepass $$REDIS_PASSWORD
+    healthcheck:
+      test: ["CMD-SHELL", "pidof redis-server || exit 1" ]
+      interval: 60s
+      timeout: 15s
+      retries: 3
+      start_period: 45s
   api:
     image: malcolmnetsec/api:6.4.0
     build:

diff --git a/malcolm-iso/build.sh b/malcolm-iso/build.sh
@@ -96,6 +96,9 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p "$MALCOLM_DEST_DIR/htadmin/"
   mkdir -p "$MALCOLM_DEST_DIR/logstash/certs/"
   mkdir -p "$MALCOLM_DEST_DIR/logstash/maps/"
+  mkdir -p "$MALCOLM_DEST_DIR/netbox/media/"
+  mkdir -p "$MALCOLM_DEST_DIR/netbox/postgres/"
+  mkdir -p "$MALCOLM_DEST_DIR/netbox/redis/"
   mkdir -p "$MALCOLM_DEST_DIR/nginx/ca-trust/"
   mkdir -p "$MALCOLM_DEST_DIR/nginx/certs/"
   mkdir -p "$MALCOLM_DEST_DIR/opensearch-backup/"
@@ -108,8 +111,8 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p "$MALCOLM_DEST_DIR/yara/rules/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/current/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/extract_files/"
-  mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/processed/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/live/"
+  mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/processed/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek-logs/upload/"
   mkdir -p "$MALCOLM_DEST_DIR/zeek/intel/MISP"
   mkdir -p "$MALCOLM_DEST_DIR/zeek/intel/STIX"

diff --git a/netbox/.gitignore b/netbox/.gitignore
@@ -0,0 +1,3 @@
+media
+postgres
+redis