From c2c566f265db8cff77724d6e582d973b6d6dd093 Mon Sep 17 00:00:00 2001 From: Kenneth Joss Date: Fri, 8 Sep 2023 13:58:57 +0200 Subject: [PATCH] Add functionality to have netbox in primary (active) or secondary (read-only) mode --- ansible/roles/netbox/defaults/main.yml | 20 ++++++- ansible/roles/netbox/tasks/main.yml | 55 ++++++++++++++++++- .../usr/local/lib/netbox/configuration.py.j2 | 2 +- 3 files changed, 72 insertions(+), 5 deletions(-) diff --git a/ansible/roles/netbox/defaults/main.yml b/ansible/roles/netbox/defaults/main.yml index 21e96bec17..fe4bdd7cd2 100644 --- a/ansible/roles/netbox/defaults/main.yml +++ b/ansible/roles/netbox/defaults/main.yml @@ -34,6 +34,22 @@ netbox__domain: '{{ ansible_domain }}' # ]]] # ]]] +# Primary/Standby configuration [[[ +# ----------------------------- + +# .. envvar:: netbox__primary [[[ +# +# Boolean to define if the instance of NetBox will be primary or not. +# True: This instance will become primary and needs read and write +# database access. +# False: This instance will become standby, +# "netbox__config_maintenance_mode" will be set to True and +# "netbox__config_session_file_path" will be populated. +netbox__primary: True + + # ]]] + # ]]] + # APT packages [[[ # ---------------- @@ -660,7 +676,7 @@ netbox__config_base_path: '' # # Enable or disable maintenance mode banner. # This overwrites potentially existing `dynamic configuration settings `__. -netbox__config_maintenance_mode: False +netbox__config_maintenance_mode: '{{ not netbox__primary }}' # ]]] # .. envvar:: netbox__config_napalm_username [[[ @@ -833,7 +849,7 @@ netbox__config_metrics_enabled: False # can be useful for enabling authentication on a standby instance with # read-only database access.) Note that the user as which NetBox runs must have # read and write permissions to this path. -netbox__config_session_file_path: False +netbox__config_session_file_path: '{{ "" if netbox__primary else netbox__data + "/sessions" }}' # ]]] # .. envvar:: netbox__config_media_root [[[ diff --git a/ansible/roles/netbox/tasks/main.yml b/ansible/roles/netbox/tasks/main.yml index 8ab9f0536f..493e3b6548 100644 --- a/ansible/roles/netbox/tasks/main.yml +++ b/ansible/roles/netbox/tasks/main.yml @@ -214,9 +214,60 @@ become: True become_user: '{{ netbox__user }}' when: (netbox__register_checkout is changed and - netbox__primary|d(True)) + netbox__primary|bool) register: netbox__register_migration +- name: Generate static content + ## Since we do not run the manage.py file on secondary sites + ## we need to generate those files in an extra task. + shell: # noqa no-handler + cmd: | + set -o nounset -o pipefail -o errexit + ./manage.py collectstatic --no-input + chdir: '{{ netbox__git_checkout + "/netbox" }}' + executable: 'bash' + environment: + VIRTUAL_ENV: '{{ netbox__virtualenv }}' + PATH: '{{ netbox__virtualenv_env_path }}' + become: True + become_user: '{{ netbox__user }}' + when: (netbox__register_checkout is changed and + not netbox__primary|bool) + register: netbox__register_collectstatic + changed_when: not netbox__register_collectstatic.stdout is search('0 static files copied') + +- name: Create local session directory + file: + path: '{{ netbox__data + "/sessions" }}' + owner: '{{ netbox__user }}' + group: '{{ netbox__group }}' + mode: '0770' + access_time: preserve + modification_time: preserve + state: directory + become: True + become_user: '{{ netbox__user }}' + when: (not netbox__primary|bool) + +- name: Cleanup stale contenttypes and sessions + ## Since we do not run the manage.py file on secondary sites + ## we need to run the cleanup in an extra task. + shell: # noqa no-handler + cmd: | + set -o nounset -o pipefail -o errexit + ./manage.py remove_stale_contenttypes --no-input + ./manage.py clearsessions + chdir: '{{ netbox__git_checkout + "/netbox" }}' + executable: 'bash' + environment: + VIRTUAL_ENV: '{{ netbox__virtualenv }}' + PATH: '{{ netbox__virtualenv_env_path }}' + become: True + become_user: '{{ netbox__user }}' + when: (netbox__register_checkout is changed and + not netbox__primary|bool) + changed_when: false + - name: Create Django superuser account environment: DJANGO_SUPERUSER_PASSWORD: '{{ netbox__superuser_password }}' @@ -226,7 +277,7 @@ virtualenv: '{{ netbox__virtualenv }}' become: True become_user: '{{ netbox__user }}' - when: (netbox__primary|d(True) and + when: (netbox__primary|bool and not netbox__register_installed.stat.exists|bool and not netbox__register_migration.stdout is search('No migrations to apply.')) no_log: '{{ debops__no_log | d(True) }}' diff --git a/ansible/roles/netbox/templates/usr/local/lib/netbox/configuration.py.j2 b/ansible/roles/netbox/templates/usr/local/lib/netbox/configuration.py.j2 index e57b0f9b43..39664647ce 100644 --- a/ansible/roles/netbox/templates/usr/local/lib/netbox/configuration.py.j2 +++ b/ansible/roles/netbox/templates/usr/local/lib/netbox/configuration.py.j2 @@ -230,7 +230,7 @@ SCRIPTS_ROOT = '{{ netbox__config_scripts_root }}' # By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use # local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only # database access.) Note that the user as which NetBox runs must have read and write permissions to this path. -SESSION_FILE_PATH = {{ netbox__config_session_file_path }} +SESSION_FILE_PATH = '{{ netbox__config_session_file_path }}' # Time zone (default: UTC) TIME_ZONE = '{{ netbox__config_time_zone }}'