Netbox 4.0.0 container unhealthy with LOGIN_REQUIRED set to true
Fredouye opened this issue · comments
Current Behavior
Hi
after upgrading from 3.7.8 to 4.0.0, Netbox container is unhealthy if LOGIN_REQUIRED is set to true.
Update was done using :
[root@forge01 netbox]# git checkout release
Already on 'release'
Your branch is up to date with 'origin/release'.
[root@forge01 netbox]# git pull -p origin release
remote: Enumerating objects: 152, done.
remote: Counting objects: 100% (99/99), done.
remote: Compressing objects: 100% (11/11), done.
remote: Total 152 (delta 89), reused 91 (delta 87), pack-reused 53
Receiving objects: 100% (152/152), 45.34 KiB | 1.51 MiB/s, done.
Resolving deltas: 100% (90/90), completed with 15 local objects.
From https://github.com/netbox-community/netbox-docker
* branch release -> FETCH_HEAD
f1ca9ab..6d25a54 release -> origin/release
Updating f1ca9ab..6d25a54
Fast-forward
.github/workflows/push.yml | 30 +++++++++++++++++++-----------
Dockerfile | 10 ++++------
README.md | 1 -
VERSION | 2 +-
build.sh | 4 ++--
configuration/configuration.py | 37 +++++++++++++++++++++++++++++--------
docker-compose.override.yml.example | 1 -
docker-compose.test.override.yml | 1 -
docker-compose.test.yml | 1 -
docker-compose.yml | 3 +--
docker/docker-entrypoint.sh | 7 +++----
requirements-container.txt | 10 +++++-----
12 files changed, 64 insertions(+), 43 deletions(-)After removing LOGIN_REQUIRED from docker-compose.override.yml, Netbox container is healthy.
Expected Behavior
Netbox 4.0.0 shoud be up and running.
Docker Compose Version
Docker Compose version v2.27.0
Docker Version
Client: Docker Engine - Community
Version: 26.1.1
API version: 1.45
Go version: go1.21.9
Git commit: 4cf5afa
Built: Tue Apr 30 11:49:35 2024
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 26.1.1
API version: 1.45 (minimum version 1.24)
Go version: go1.21.9
Git commit: ac2de55
Built: Tue Apr 30 11:47:50 2024
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.31
GitCommit: e377cd56a71523140ca6ae87e30244719194a521
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.19.0
GitCommit: de40ad0
The git Revision
The git Status
On branch release
Your branch is up to date with 'origin/release'.
Untracked files:
(use "git add <file>..." to include in what will be committed)
.env
my-extra-config.py
my-extra-ldap-config.py
netbox.log
nothing added to commit but untracked files present (use "git add" to track)
Startup Command
docker compose up -d
NetBox Logs
netbox | ↩️ Skip creating the superuser
netbox | 🧬 loaded config '/etc/netbox/config/configuration.py'
netbox | 🧬 loaded config '/etc/netbox/config/extra.py'
netbox | 🧬 loaded config '/etc/netbox/config/logging.py'
netbox | 🧬 loaded config '/etc/netbox/config/plugins.py'
netbox | ✅ Initialisation is done.
netbox | ⏳ Waiting for control socket to be created... (1/10)
netbox | 2024/05/07 06:55:09 [warn] 7#7 Unit is running unprivileged, then it cannot use arbitrary user and group.
netbox | 2024/05/07 06:55:09 [info] 7#7 unit 1.32.0 started
netbox | 2024/05/07 06:55:09 [info] 94#94 discovery started
netbox | 2024/05/07 06:55:09 [notice] 94#94 module: python 3.11.6 "/usr/lib/unit/modules/python3.11.unit.so"
netbox | 2024/05/07 06:55:09 [info] 7#7 controller started
netbox | 2024/05/07 06:55:09 [notice] 7#7 process 94 exited with code 0
netbox | 2024/05/07 06:55:09 [info] 96#96 router started
netbox | 2024/05/07 06:55:09 [info] 96#96 OpenSSL 3.0.10 1 Aug 2023, 300000a0
netbox | ⚙️ Applying configuration from /etc/unit/nginx-unit.json
netbox | 2024/05/07 06:55:10 [info] 99#99 "netbox" prototype started
netbox | 2024/05/07 06:55:10 [info] 100#100 "netbox" application started
netbox | ✅ Unit configuration loaded successfully
netbox | 2024/05/07 06:55:13 [notice] 7#7 process 92 exited with code 0
netbox | 2024/05/07 06:55:18 [info] 134#134 "netbox" application started
netbox | ::1 - - [07/May/2024:06:55:32 +0200] "GET /api/ HTTP/1.1" 403 58 "-" "curl/8.2.1"
netbox | ::1 - - [07/May/2024:06:55:36 +0200] "GET /api/ HTTP/1.1" 403 58 "-" "curl/8.2.1"
netbox | ::1 - - [07/May/2024:06:55:51 +0200] "GET /api/ HTTP/1.1" 403 58 "-" "curl/8.2.1"
Content of docker-compose.override.yml
services:
netbox:
container_name: netbox
image: netboxcommunity/netbox:v4.0.0
networks:
- netbox
- traefik
restart: always
volumes:
- ./my-extra-config.py:/etc/netbox/config/extra.py:z,ro
- ./my-extra-ldap-config.py:/etc/netbox/config/ldap/extra.py
- ./scripts:/etc/netbox/reports:z,ro
labels:
traefik.enable: "true"
traefik.http.routers.netbox.rule: "Host(`netbox.demo.corp`)"
traefik.http.routers.netbox.service: "netbox"
traefik.http.routers.netbox.entrypoints: "websecure"
traefik.http.services.netbox.loadbalancer.server.port: "8080"
traefik.http.routers.netbox.middlewares: "my-securedheaders@file"
traefik.http.routers.netbox.tls: "true"
environment:
TZ: Europe/Paris
BANNER_LOGIN: '<p><span style="color: #1BB23B;">Please use your Active Directory credentials to login.</span></p>'
PREFER_IPV4: "True"
TIME_ZONE: "UTC"
CHANGELOG_RETENTION: "365"
POWERFEED_DEFAULT_VOLTAGE: "220"
LOGIN_REQUIRED: "True"
METRICS_ENABLED: "True"
MAINTENANCE_MODE: "False"
PAGINATE_COUNT: "100"
ENFORCE_GLOBAL_UNIQUE: "False"
ALLOW_TOKEN_RETRIEVAL: "True"
HTTP_PROXY: 192.168.3.254:3128
HTTPS_PROXY: 192.168.3.254:3128
NO_PROXY: .demo.corp
REMOTE_AUTH_ENABLED: "True"
REMOTE_AUTH_BACKEND: "netbox.authentication.LDAPBackend"
AUTH_LDAP_SERVER_URI: "ldap://dc01.demo.corp"
AUTH_LDAP_BIND_DN: "CN=Bind,CN=Users,DC=demo,DC=corp"
AUTH_LDAP_BIND_PASSWORD: ${LDAP_BIND_PASSWORD}
AUTH_LDAP_USER_SEARCH_BASEDN: "DC=demo,DC=corp"
AUTH_LDAP_GROUP_SEARCH_BASEDN: "DC=demo,DC=corp"
AUTH_LDAP_REQUIRE_GROUP_DN: "CN=Netbox,CN=Users,DC=demo,DC=corp"
AUTH_LDAP_GROUP_TYPE: "NestedActiveDirectoryGroupType"
AUTH_LDAP_IS_ADMIN_DN: "CN=Netbox_Admins,CN=Users,DC=demo,DC=corp"
AUTH_LDAP_IS_SUPERUSER_DN: "CN=Netbox_Superusers,CN=Users,DC=demo,DC=corp"
LDAP_IGNORE_CERT_ERRORS: "True"
netbox-worker:
container_name: netbox-worker
image: netboxcommunity/netbox:v4.0.0
networks:
- netbox
restart: always
volumes:
- /indus/pki/ca.crt:/etc/ssl/certs/ca.crt:ro
environment:
TZ: Europe/Paris
SSL_CERT_FILE: /etc/ssl/certs/ca.crt
netbox-housekeeping:
container_name: netbox-housekeeping
image: netboxcommunity/netbox:v4.0.0
networks:
- netbox
restart: always
environment:
TZ: Europe/Paris
postgres:
container_name: netbox-db
networks:
- netbox
restart: always
environment:
TZ: Europe/Paris
redis:
container_name: netbox-redis
image: redis:7-alpine
networks:
- netbox
restart: always
environment:
TZ: Europe/Paris
redis-cache:
container_name: netbox-redis-cache
image: redis:7-alpine
networks:
- netbox
restart: always
environment:
TZ: Europe/Paris
networks:
netbox:
external: true
traefik:
external: true