Added remote authentication environment variables

Author: mattycourtney

readme-vars.yml

@@ -32,6 +32,12 @@ param_env_vars:
   - { env_var: "REDIS_HOST", env_value: "<REDIS_HOST>", desc: "Redis host (optional, default: redis" }
   - { env_var: "REDIS_PORT", env_value: "<REDIS_PORT>", desc: "Redis port number (optional, default: 6379)" }
   - { env_var: "REDIS_PASSWORD", env_value: "<REDIS_PASSWORD>", desc: "Redis password (optional, default: none)" }
+  - { env_var: "REMOTE_AUTH_ENABLED", env_value: "<REMOTE_AUTH_ENABLED>", desc: "Enable remote authentication (optional, default: False" }
+  - { env_var: "REMOTE_AUTH_BACKEND", env_value: "<REMOTE_AUTH_BACKEND>", desc: "Python path to the custom Django authentication backend to use for external user authentication (optional, default: netbox.authentication.RemoteUserBackend" }
+  - { env_var: "REMOTE_AUTH_HEADER", env_value: "<REMOTE_AUTH_HEADER>", desc: "Name of the HTTP header which informs NetBox of the currently authenticated user. (optional, default: HTTP_REMOTE_USER" }
+  - { env_var: "REMOTE_AUTH_AUTO_CREATE_USER", env_value: "<REMOTE_AUTH_AUTO_CREATE_USER>", desc: "If true, NetBox will automatically create local accounts for users authenticated via a remote service (optional, default: False" }
+  - { env_var: "REMOTE_AUTH_DEFAULT_GROUPS", env_value: "<REMOTE_AUTH_DEFAULT_GROUPS>", desc: "The list of groups to assign a new user account when created using remote authentication (optional, default: []" }
+  - { env_var: "REMOTE_AUTH_DEFAULT_PERMISSIONS", env_value: "<REMOTE_AUTH_DEFAULT_PERMISSIONS>", desc: "A mapping of permissions to assign a new user account when created using remote authentication (optional, default: {}" }
   - { env_var: "TZ", env_value: "<TZ>", desc: "Timezone (i.e., America/New_York)" }
 
 param_usage_include_ports: true
@@ -45,4 +51,5 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "03.02.21:", desc: "Added remote authentication environment variables." }
   - { date: "23.08.20:", desc: "Initial Release." }

root/defaults/configuration.py

@@ -213,12 +213,12 @@
 RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
 
 # Remote authentication support
-REMOTE_AUTH_ENABLED = False
-REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
-REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
-REMOTE_AUTH_AUTO_CREATE_USER = True
-REMOTE_AUTH_DEFAULT_GROUPS = []
-REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
+REMOTE_AUTH_ENABLED = {{REMOTE_AUTH_ENABLED}}
+REMOTE_AUTH_BACKEND = '{{REMOTE_AUTH_BACKEND}}'
+REMOTE_AUTH_HEADER = '{{REMOTE_AUTH_HEADER}}'
+REMOTE_AUTH_AUTO_CREATE_USER = {{REMOTE_AUTH_AUTO_CREATE_USER}}
+REMOTE_AUTH_DEFAULT_GROUPS = {{REMOTE_AUTH_DEFAULT_GROUPS}}
+REMOTE_AUTH_DEFAULT_PERMISSIONS = {{REMOTE_AUTH_DEFAULT_PERMISSIONS}}
 
 # This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
 RELEASE_CHECK_TIMEOUT = 24 * 3600

root/etc/cont-init.d/50-config

@@ -12,6 +12,12 @@ NETBOX_CONF[DB_PORT]=${DB_PORT:-}
 NETBOX_CONF[REDIS_HOST]=${REDIS_HOST:-redis}
 NETBOX_CONF[REDIS_PORT]=${REDIS_PORT:-6379}
 NETBOX_CONF[REDIS_PASSWORD]=${REDIS_PASSWORD:-}
+NETBOX_CONF[REMOTE_AUTH_ENABLED]=${REMOTE_AUTH_ENABLED:-False}
+NETBOX_CONF[REMOTE_AUTH_BACKEND]=${REMOTE_AUTH_BACKEND:-netbox.authentication.RemoteUserBackend}
+NETBOX_CONF[REMOTE_AUTH_HEADER]=${REMOTE_AUTH_HEADER:-HTTP_REMOTE_USER}
+NETBOX_CONF[REMOTE_AUTH_AUTO_CREATE_USER]=${REMOTE_AUTH_AUTO_CREATE_USER:-False}
+NETBOX_CONF[REMOTE_AUTH_DEFAULT_GROUPS]=${REMOTE_AUTH_DEFAULT_GROUPS:-[]}
+NETBOX_CONF[REMOTE_AUTH_DEFAULT_PERMISSIONS]=${REMOTE_AUTH_DEFAULT_PERMISSIONS:-{}}
 
 cd /app/netbox/netbox/netbox
 NETBOX_CONF[SECRET_KEY]=${SECRET_KEY:-$(python3 ../generate_secret_key.py)}