netbox WIP

Dockerfiles/netbox.Dockerfile

@@ -25,34 +25,32 @@ ENV PUSER_PRIV_DROP true
 ARG BASE_PATH=assets
 ENV BASE_PATH $BASE_PATH
 
-COPY --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
-COPY --chmod=644 ./netbox/supervisord.conf /etc/supervisord.conf
-
 RUN apt-get -q update && \
     apt-get -y -q --no-install-recommends upgrade && \
     apt-get install -q -y --no-install-recommends \
-      iproute2 \
-      iputils-ping \
       procps \
       psmisc \
       python3-psycopg2 \
+      python3-pynetbox \
+      python3-slugify \
       supervisor \
-      tini \
-      vim-tiny && \
+      tini && \
     apt-get -q -y autoremove && \
       apt-get clean && \
       rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* && \
-    chmod 755 /usr/local/bin/docker-uid-gid-setup.sh && \
     groupadd --gid ${DEFAULT_GID} ${PUSER} && \
     useradd -m --uid ${DEFAULT_UID} --gid ${DEFAULT_GID} ${PUSER} && \
     usermod -a -G tty ${PUSER} && \
-    mkdir -p /opt/unit && \
+    mkdir -p /opt/unit /etc/supervisor.d && \
     chown -R $PUSER:$PGROUP /etc/netbox /opt/unit /opt/netbox && \
     if [ -n "${BASE_PATH}" ] && [ "${BASE_PATH}" != "netbox" ]; then \
         mkdir /opt/netbox/netbox/$BASE_PATH && \
         mv /opt/netbox/netbox/static /opt/netbox/netbox/$BASE_PATH/static; \
     fi
 
+COPY --chmod=755 shared/bin/docker-uid-gid-setup.sh /usr/local/bin/
+COPY --chmod=644 ./netbox/supervisord.conf /etc/supervisord.conf
+
 ENTRYPOINT [ "/usr/bin/tini", "--", "/usr/local/bin/docker-uid-gid-setup.sh" ]
 
 CMD ["/opt/netbox/docker-entrypoint.sh", "/usr/bin/supervisord", "-c", "/etc/supervisord.conf", "-n"]

README.md

@@ -171,6 +171,9 @@ Pulling freq              ... done
 Pulling htadmin           ... done
 Pulling logstash          ... done
 Pulling name-map-ui       ... done
+Pulling netbox            ... done
+Pulling netbox-postgresql ... done
+Pulling netbox-redis      ... done
 Pulling nginx-proxy       ... done
 Pulling opensearch        ... done
 Pulling pcap-capture      ... done
@@ -188,17 +191,20 @@ malcolmnetsec/api                                              6.4.0           x
 malcolmnetsec/arkime                                           6.4.0           xxxxxxxxxxxx   3 days ago   816MB
 malcolmnetsec/dashboards                                       6.4.0           xxxxxxxxxxxx   3 days ago   1.02GB
 malcolmnetsec/dashboards-helper                                6.4.0           xxxxxxxxxxxx   3 days ago   184MB
-malcolmnetsec/filebeat-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   624MB
 malcolmnetsec/file-monitor                                     6.4.0           xxxxxxxxxxxx   3 days ago   588MB
 malcolmnetsec/file-upload                                      6.4.0           xxxxxxxxxxxx   3 days ago   259MB
+malcolmnetsec/filebeat-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   624MB
 malcolmnetsec/freq                                             6.4.0           xxxxxxxxxxxx   3 days ago   132MB
 malcolmnetsec/htadmin                                          6.4.0           xxxxxxxxxxxx   3 days ago   242MB
 malcolmnetsec/logstash-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   1.35GB
 malcolmnetsec/name-map-ui                                      6.4.0           xxxxxxxxxxxx   3 days ago   143MB
+malcolmnetsec/netbox                                           6.4.0           xxxxxxxxxxxx   3 days ago   1.01GB
 malcolmnetsec/nginx-proxy                                      6.4.0           xxxxxxxxxxxx   3 days ago   121MB
 malcolmnetsec/opensearch                                       6.4.0           xxxxxxxxxxxx   3 days ago   1.17GB
 malcolmnetsec/pcap-capture                                     6.4.0           xxxxxxxxxxxx   3 days ago   121MB
 malcolmnetsec/pcap-monitor                                     6.4.0           xxxxxxxxxxxx   3 days ago   213MB
+malcolmnetsec/postgresql                                       6.4.0           xxxxxxxxxxxx   3 days ago   268MB
+malcolmnetsec/redis                                            6.4.0           xxxxxxxxxxxx   3 days ago   34.2MB
 malcolmnetsec/suricata                                         6.4.0           xxxxxxxxxxxx   3 days ago   278MB
 malcolmnetsec/zeek                                             6.4.0           xxxxxxxxxxxx   3 days ago   1GB
 ```
@@ -424,10 +430,13 @@ Then, go take a walk or something since it will be a while. When you're done, yo
 * `malcolmnetsec/htadmin` (based on `debian:11-slim`)
 * `malcolmnetsec/logstash-oss` (based on `opensearchproject/logstash-oss-with-opensearch-output-plugin`)
 * `malcolmnetsec/name-map-ui` (based on `alpine:3.16`)
+* `malcolmnetsec/netbox` (based on `netboxcommunity/netbox:latest`)
 * `malcolmnetsec/nginx-proxy` (based on `alpine:3.16`)
 * `malcolmnetsec/opensearch` (based on `opensearchproject/opensearch`)
 * `malcolmnetsec/pcap-capture` (based on `debian:11-slim`)
 * `malcolmnetsec/pcap-monitor` (based on `debian:11-slim`)
+* `malcolmnetsec/postgresql` (based on `postgres:14-alpine`)
+* `malcolmnetsec/redis` (based on `redis:7-alpine`)
 * `malcolmnetsec/suricata` (based on `debian:11-slim`)
 * `malcolmnetsec/zeek` (based on `debian:11-slim`)
 
@@ -459,6 +468,8 @@ Store username/password for secondary remote OpenSearch instance? (y/N): n
 
 Store username/password for email alert sender account? (y/N): n
 
+(Re)generate internal passwords for NetBox (Y/n): y
+
 Packaged Malcolm to "/home/user/tmp/malcolm_20190513_101117_f0d052c.tar.gz"
 
 Do you need to package docker images also [y/N]? y
@@ -1669,6 +1680,8 @@ Email account username: [email protected]
 [email protected] password: 
 [email protected] password (again): 
 Email alert sender account variables stored: opensearch.alerting.destination.email.destination_alpha.password, opensearch.alerting.destination.email.destination_alpha.username
+
+(Re)generate internal passwords for NetBox (Y/n): n
 ```
 
 This action should only be performed while Malcolm is [stopped](#StopAndRestart): otherwise the credentials will not be stored correctly.
@@ -3876,6 +3889,8 @@ Store username/password for primary remote OpenSearch instance? (y/N): n
 Store username/password for secondary remote OpenSearch instance? (y/N): n
 
 Store username/password for email alert sender account? (y/N): n
+
+(Re)generate internal passwords for NetBox (Y/n): y
 ```
 
 For now, rather than [build Malcolm from scratch](#Build), we'll pull images from [Docker Hub](https://hub.docker.com/u/malcolmnetsec):
@@ -3891,6 +3906,9 @@ Pulling freq              ... done
 Pulling htadmin           ... done
 Pulling logstash          ... done
 Pulling name-map-ui       ... done
+Pulling netbox            ... done
+Pulling netbox-postgresql ... done
+Pulling netbox-redis      ... done
 Pulling nginx-proxy       ... done
 Pulling opensearch        ... done
 Pulling pcap-capture      ... done
@@ -3905,17 +3923,20 @@ malcolmnetsec/api                                              6.4.0           x
 malcolmnetsec/arkime                                           6.4.0           xxxxxxxxxxxx   3 days ago   816MB
 malcolmnetsec/dashboards                                       6.4.0           xxxxxxxxxxxx   3 days ago   1.02GB
 malcolmnetsec/dashboards-helper                                6.4.0           xxxxxxxxxxxx   3 days ago   184MB
-malcolmnetsec/filebeat-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   624MB
 malcolmnetsec/file-monitor                                     6.4.0           xxxxxxxxxxxx   3 days ago   588MB
 malcolmnetsec/file-upload                                      6.4.0           xxxxxxxxxxxx   3 days ago   259MB
+malcolmnetsec/filebeat-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   624MB
 malcolmnetsec/freq                                             6.4.0           xxxxxxxxxxxx   3 days ago   132MB
 malcolmnetsec/htadmin                                          6.4.0           xxxxxxxxxxxx   3 days ago   242MB
 malcolmnetsec/logstash-oss                                     6.4.0           xxxxxxxxxxxx   3 days ago   1.35GB
 malcolmnetsec/name-map-ui                                      6.4.0           xxxxxxxxxxxx   3 days ago   143MB
+malcolmnetsec/netbox                                           6.4.0           xxxxxxxxxxxx   3 days ago   1.01GB
 malcolmnetsec/nginx-proxy                                      6.4.0           xxxxxxxxxxxx   3 days ago   121MB
 malcolmnetsec/opensearch                                       6.4.0           xxxxxxxxxxxx   3 days ago   1.17GB
 malcolmnetsec/pcap-capture                                     6.4.0           xxxxxxxxxxxx   3 days ago   121MB
 malcolmnetsec/pcap-monitor                                     6.4.0           xxxxxxxxxxxx   3 days ago   213MB
+malcolmnetsec/postgresql                                       6.4.0           xxxxxxxxxxxx   3 days ago   268MB
+malcolmnetsec/redis                                            6.4.0           xxxxxxxxxxxx   3 days ago   34.2MB
 malcolmnetsec/suricata                                         6.4.0           xxxxxxxxxxxx   3 days ago   278MB
 malcolmnetsec/zeek                                             6.4.0           xxxxxxxxxxxx   3 days ago   1GB
 ```
@@ -3932,26 +3953,30 @@ In a few minutes, Malcolm services will be accessible via the following URLs:
   - Host and subnet name mapping editor: https://localhost/name-map-ui/
   - Account management: https://localhost:488/
 
-NAME                          COMMAND                  SERVICE             STATUS               PORTS
-malcolm-api-1                 "/usr/local/bin/dock…"   api                 running (starting)   …
-malcolm-arkime-1              "/usr/local/bin/dock…"   arkime              running (starting)   …
-malcolm-dashboards-1          "/usr/local/bin/dock…"   dashboards          running (starting)   …
-malcolm-dashboards-helper-1   "/usr/local/bin/dock…"   dashboards-helper   running (starting)   …
-malcolm-file-monitor-1        "/usr/local/bin/dock…"   file-monitor        running (starting)   …
-malcolm-filebeat-1            "/usr/local/bin/dock…"   filebeat            running (starting)   …
-malcolm-freq-1                "/usr/local/bin/dock…"   freq                running (starting)   …
-malcolm-htadmin-1             "/usr/local/bin/dock…"   htadmin             running (starting)   …
-malcolm-logstash-1            "/usr/local/bin/dock…"   logstash            running (starting)   …
-malcolm-name-map-ui-1         "/usr/local/bin/dock…"   name-map-ui         running (starting)   …
-malcolm-nginx-proxy-1         "/usr/local/bin/dock…"   nginx-proxy         running (starting)   …
-malcolm-opensearch-1          "/usr/local/bin/dock…"   opensearch          running (starting)   …
-malcolm-pcap-capture-1        "/usr/local/bin/dock…"   pcap-capture        running              …
-malcolm-pcap-monitor-1        "/usr/local/bin/dock…"   pcap-monitor        running (starting)   …
-malcolm-suricata-1            "/usr/local/bin/dock…"   suricata            running (starting)   …
-malcolm-suricata-live-1       "/usr/local/bin/dock…"   suricata-live       running              …
-malcolm-upload-1              "/usr/local/bin/dock…"   upload              running (starting)   …
-malcolm-zeek-1                "/usr/local/bin/dock…"   zeek                running (starting)   …
-malcolm-zeek-live-1           "/usr/local/bin/dock…"   zeek-live           running              …
+NAME                           COMMAND                  SERVICE              STATUS               PORTS
+malcolm-api-1                  "/usr/local/bin/dock…"   api                  running (starting)   …
+malcolm-arkime-1               "/usr/local/bin/dock…"   arkime               running (starting)   …
+malcolm-dashboards-1           "/usr/local/bin/dock…"   dashboards           running (starting)   …
+malcolm-dashboards-helper-1    "/usr/local/bin/dock…"   dashboards-helper    running (starting)   …
+malcolm-file-monitor-1         "/usr/local/bin/dock…"   file-monitor         running (starting)   …
+malcolm-filebeat-1             "/usr/local/bin/dock…"   filebeat             running (starting)   …
+malcolm-freq-1                 "/usr/local/bin/dock…"   freq                 running (starting)   …
+malcolm-htadmin-1              "/usr/local/bin/dock…"   htadmin              running (starting)   …
+malcolm-logstash-1             "/usr/local/bin/dock…"   logstash             running (starting)   …
+malcolm-name-map-ui-1          "/usr/local/bin/dock…"   name-map-ui          running (starting)   …
+malcolm-netbox-1               "/usr/bin/tini -- /u…"   netbox               running (starting)   …
+malcolm-netbox-postgres-1      "/usr/bin/docker-uid…"   netbox-postgres      running (starting)   …
+malcolm-netbox-redis-1         "/sbin/tini -- /usr/…"   netbox-redis         running (starting)   …
+malcolm-netbox-redis-cache-1   "/sbin/tini -- /usr/…"   netbox-redis-cache   running (starting)   …
+malcolm-nginx-proxy-1          "/usr/local/bin/dock…"   nginx-proxy          running (starting)   …
+malcolm-opensearch-1           "/usr/local/bin/dock…"   opensearch           running (starting)   …
+malcolm-pcap-capture-1         "/usr/local/bin/dock…"   pcap-capture         running              …
+malcolm-pcap-monitor-1         "/usr/local/bin/dock…"   pcap-monitor         running (starting)   …
+malcolm-suricata-1             "/usr/local/bin/dock…"   suricata             running (starting)   …
+malcolm-suricata-live-1        "/usr/local/bin/dock…"   suricata-live        running              …
+malcolm-upload-1               "/usr/local/bin/dock…"   upload               running (starting)   …
+malcolm-zeek-1                 "/usr/local/bin/dock…"   zeek                 running (starting)   …
+malcolm-zeek-live-1            "/usr/local/bin/dock…"   zeek-live            running              …
 …
 ```
 

netbox/supervisord.conf

@@ -58,3 +58,7 @@ stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 stdout_logfile_backups=0
 redirect_stderr=true
+
+
+[include]
+files = /etc/supervisor.d/*.conf