blob: cdd8531b66fdf69f1785e281d4f9cb894a60d575 [file] [log] [blame]
Zack Williams048c6832020-08-02 21:14:35 -07001{#
2SPDX-FileCopyrightText: © 2020 Open Networking Foundation <support@opennetworking.org>
3SPDX-License-Identifier: Apache-2.0
4#}
5#########################
6# #
7# Required settings #
8# #
9#########################
10
11# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write
12# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name.
13#
14# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local']
15ALLOWED_HOSTS = [ {{ netbox_allowed_hosts | map('regex_replace', '^(.*)$', '"\\1"') | join(', ') }} ]
16
17# PostgreSQL database configuration. See the Django documentation for a complete list of available parameters:
18# https://docs.djangoproject.com/en/stable/ref/settings/#databases
19DATABASE = {
20 'NAME': '{{ netbox_pg_db }}', # Database name
21 'USER': '{{ netbox_pg_db_username }}', # PostgreSQL username
22 'PASSWORD': '{{ netbox_pg_db_password }}', # PostgreSQL password
23 'HOST': 'localhost', # Database server
24 'PORT': '', # Database port (leave blank for default)
25 'CONN_MAX_AGE': 300, # Max database connection age
26}
27
28# Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate
29# configuration exists for each. Full connection details are required in both sections, and it is strongly recommended
30# to use two separate database IDs.
31REDIS = {
32 'tasks': {
33 'HOST': 'localhost',
34 'PORT': 6379,
35 # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
36 # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
37 # 'SENTINEL_SERVICE': 'netbox',
38 'PASSWORD': '',
39 'DATABASE': 0,
40 'DEFAULT_TIMEOUT': 300,
41 'SSL': False,
42 },
43 'caching': {
44 'HOST': 'localhost',
45 'PORT': 6379,
46 # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
47 # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
48 # 'SENTINEL_SERVICE': 'netbox',
49 'PASSWORD': '',
50 'DATABASE': 1,
51 'DEFAULT_TIMEOUT': 300,
52 'SSL': False,
53 }
54}
55
56# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file.
57# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and
58# symbols. NetBox will not run without this defined. For more information, see
59# https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
60SECRET_KEY = '{{ netbox_secret_key }}'
61
62
63#########################
64# #
65# Optional settings #
66# #
67#########################
68
69# Specify one or more name and email address tuples representing NetBox administrators. These people will be notified of
70# application errors (assuming correct email settings are provided).
71ADMINS = [
72 # ['John Doe', 'jdoe@example.com'],
73]
74
75# URL schemes that are allowed within links in NetBox
76ALLOWED_URL_SCHEMES = (
77 'file', 'ftp', 'ftps', 'http', 'https', 'irc', 'mailto', 'sftp', 'ssh', 'tel', 'telnet', 'tftp', 'vnc', 'xmpp',
78)
79
80# Optionally display a persistent banner at the top and/or bottom of every page. HTML is allowed. To display the same
81# content in both banners, define BANNER_TOP and set BANNER_BOTTOM = BANNER_TOP.
82BANNER_TOP = ''
83BANNER_BOTTOM = ''
84
85# Text to include on the login page above the login form. HTML is allowed.
86BANNER_LOGIN = ''
87
88# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
89# BASE_PATH = 'netbox/'
90BASE_PATH = ''
91
92# Cache timeout in seconds. Set to 0 to dissable caching. Defaults to 900 (15 minutes)
93CACHE_TIMEOUT = 900
94
95# Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. (Default: 90)
96CHANGELOG_RETENTION = 90
97
98# API Cross-Origin Resource Sharing (CORS) settings. If CORS_ORIGIN_ALLOW_ALL is set to True, all origins will be
99# allowed. Otherwise, define a list of allowed origins using either CORS_ORIGIN_WHITELIST or
100# CORS_ORIGIN_REGEX_WHITELIST. For more information, see https://github.com/ottoyiu/django-cors-headers
101CORS_ORIGIN_ALLOW_ALL = False
102CORS_ORIGIN_WHITELIST = [
103 # 'https://hostname.example.com',
104]
105CORS_ORIGIN_REGEX_WHITELIST = [
106 # r'^(https?://)?(\w+\.)?example\.com$',
107]
108
109# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal
110# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging
111# on a production system.
112DEBUG = False
113
114# Email settings
115EMAIL = {
116 'SERVER': 'localhost',
117 'PORT': 25,
118 'USERNAME': '',
119 'PASSWORD': '',
120 'USE_SSL': False,
121 'USE_TLS': False,
122 'TIMEOUT': 10, # seconds
123 'FROM_EMAIL': '',
124}
125
126# Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce unique IP space within the global table
127# (all prefixes and IP addresses not assigned to a VRF), set ENFORCE_GLOBAL_UNIQUE to True.
128ENFORCE_GLOBAL_UNIQUE = False
129
130# Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and
131# by anonymous users. List models in the form `<app>.<model>`. Add '*' to this list to exempt all models.
Zack Williams3cfdc002021-09-19 13:34:13 -0700132#
133# FIXME - this should be a more complete list, but one isn't available from the Netbox docs
Zack Williams048c6832020-08-02 21:14:35 -0700134EXEMPT_VIEW_PERMISSIONS = [
Zack Williams3cfdc002021-09-19 13:34:13 -0700135 'dcim.cable',
136 'dcim.cablepath',
137 'dcim.connecteddevice',
138 'dcim.consoleconnection',
139 'dcim.console-port-templates',
140 'dcim.consoleport',
141 'dcim.consoleserver-port-templates',
142 'dcim.consoleserver-port',
143 'dcim.devicebaytemplates',
144 'dcim.devicebays',
145 'dcim.devicerole',
146 'dcim.devicetype',
147 'dcim.device',
148 'dcim.front-port-templates',
149 'dcim.front-ports',
150 'dcim.interface-connection',
151 'dcim.interface-templates',
152 'dcim.interface',
153 'dcim.inventoryitem',
154 'dcim.manufacturer',
155 'dcim.platform',
156 'dcim.powerconnections',
157 'dcim.powerfeed',
158 'dcim.poweroutlet-templates',
159 'dcim.poweroutlet',
160 'dcim.powerpanel',
161 'dcim.powerport-templates',
162 'dcim.powerports',
163 'dcim.rackgroups',
164 'dcim.rackreservation',
165 'dcim.rackrole',
166 'dcim.rack',
167 'dcim.rearporttemplate',
168 'dcim.rearport',
169 'dcim.region',
170 'dcim.site',
171 'dcim.sitegroup',
172 'dcim.virtualchassis',
173 'ipam.aggregate',
174 'ipam.ipaddress',
175 'ipam.prefix',
176 'ipam.rir',
177 'ipam.role',
178 'ipam.service',
179 'ipam.vlangroup',
180 'ipam.vlan',
181 'ipam.vrf',
182 'tenancy.tenant-groups',
183 'tenancy.tenant',
184 'virtualization.virtual-machine',
185 'extras.tags',
Zack Williams048c6832020-08-02 21:14:35 -0700186]
187
188# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
189# HTTP_PROXIES = {
190# 'http': 'http://10.10.1.10:3128',
191# 'https': 'http://10.10.1.10:1080',
192# }
193
194# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
195# NetBox from an internal IP.
196INTERNAL_IPS = ('127.0.0.1', '::1')
197
198# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs:
199# https://docs.djangoproject.com/en/stable/topics/logging/
200LOGGING = {}
201
202# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users
203# are permitted to access most data in NetBox (excluding secrets) but not make any changes.
204LOGIN_REQUIRED = False
205
206# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
207# re-authenticate. (Default: 1209600 [14 days])
208LOGIN_TIMEOUT = None
209
210# Setting this to True will display a "maintenance mode" banner at the top of every page.
211MAINTENANCE_MODE = False
212
213# An API consumer can request an arbitrary number of objects =by appending the "limit" parameter to the URL (e.g.
214# "?limit=1000"). This setting defines the maximum limit. Setting it to 0 or None will allow an API consumer to request
215# all objects by specifying "?limit=0".
216MAX_PAGE_SIZE = 1000
217
218# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that
219# the default value of this setting is derived from the installed location.
220MEDIA_ROOT = '{{ netbox_media_dir }}'
221
222# By default uploaded media is stored on the local filesystem. Using Django-storages is also supported. Provide the
223# class path of the storage driver in STORAGE_BACKEND and any configuration options in STORAGE_CONFIG. For example:
224# STORAGE_BACKEND = 'storages.backends.s3boto3.S3Boto3Storage'
225# STORAGE_CONFIG = {
226# 'AWS_ACCESS_KEY_ID': 'Key ID',
227# 'AWS_SECRET_ACCESS_KEY': 'Secret',
228# 'AWS_STORAGE_BUCKET_NAME': 'netbox',
229# 'AWS_S3_REGION_NAME': 'eu-west-1',
230# }
231
232# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
233METRICS_ENABLED = False
234
235# Credentials that NetBox will uses to authenticate to devices when connecting via NAPALM.
236NAPALM_USERNAME = ''
237NAPALM_PASSWORD = ''
238
239# NAPALM timeout (in seconds). (Default: 30)
240NAPALM_TIMEOUT = 30
241
242# NAPALM optional arguments (see http://napalm.readthedocs.io/en/latest/support/#optional-arguments). Arguments must
243# be provided as a dictionary.
244NAPALM_ARGS = {}
245
246# Determine how many objects to display per page within a list. (Default: 50)
247PAGINATE_COUNT = 50
248
249# Enable installed plugins. Add the name of each plugin to the list.
250PLUGINS = [
251 'netbox_qrcode',
252]
253
254# Plugins configuration settings. These settings are used by various plugins that the user may have installed.
255# Each key in the dictionary is the name of an installed plugin and its value is a dictionary of settings.
256# PLUGINS_CONFIG = {
257# 'my_plugin': {
258# 'foo': 'bar',
259# 'buzz': 'bazz'
260# }
261# }
262
263# When determining the primary IP address for a device, IPv6 is preferred over IPv4 by default. Set this to True to
264# prefer IPv4 instead.
265PREFER_IPV4 = False
266
267# Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1.
268RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = 22
269RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
270
271# Remote authentication support
272REMOTE_AUTH_ENABLED = False
273REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
274REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
275REMOTE_AUTH_AUTO_CREATE_USER = True
276REMOTE_AUTH_DEFAULT_GROUPS = []
277REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
278
279# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
280RELEASE_CHECK_TIMEOUT = 24 * 3600
281
282# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
283# version check or use the URL below to check for release in the official NetBox repository.
284RELEASE_CHECK_URL = None
285# RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases'
286
287# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of
288# this setting is derived from the installed location.
289# REPORTS_ROOT = '/opt/netbox/netbox/reports'
290
291# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
292# this setting is derived from the installed location.
293# SCRIPTS_ROOT = '/opt/netbox/netbox/scripts'
294
295# By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use
296# local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only
297# database access.) Note that the user as which NetBox runs must have read and write permissions to this path.
298SESSION_FILE_PATH = None
299
300# Time zone (default: UTC)
301TIME_ZONE = 'UTC'
302
303# Date/time formatting. See the following link for supported formats:
304# https://docs.djangoproject.com/en/stable/ref/templates/builtins/#date
305DATE_FORMAT = 'N j, Y'
306SHORT_DATE_FORMAT = 'Y-m-d'
307TIME_FORMAT = 'g:i a'
308SHORT_TIME_FORMAT = 'H:i:s'
309DATETIME_FORMAT = 'N j, Y g:i a'
310SHORT_DATETIME_FORMAT = 'Y-m-d H:i'