CCCHH/ansible-infra
CCCHH/ansible-infra
4
2
Fork 1
Code Issues 4 Pull requests 1 Wiki Activity Actions

add option to NetBox role for patch. NetBox for OIDC group and role map.
Some checks failed
/ Ansible Lint (push) Failing after 1m10s
Details
/ Ansible Lint (pull_request) Successful in 1m39s
Details

Browse source 
Add option to NetBox role to make it patch NetBox to add custom pipeline
code for OIDC group and role mapping.

The custom pipeline code is licensed under the Creative Commons: CC
BY-SA 4.0 license.

See:
https://github.com/goauthentik/authentik/blob/main/LICENSE
https://github.com/goauthentik/authentik/blob/main/website/integrations/services/netbox/index.md
https://docs.goauthentik.io/integrations/services/netbox/
5676b1a468
This commit is contained in:
June 2025-02-15 04:20:29 +01:00
commit a71071dfcc
Signed by: june
SSH key fingerprint: SHA256:o9EAq4Y9N9K0pBQeBTqhSDrND5E7oB+60ZNx0U1yPe0
6 changed files with 87 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
roles/netbox/README.md
View file

@ -18,7 +18,9 @@ Should work on Debian-based distributions.
## Optional Arguments
None.
- `netbox__patch_oidc_group_and_role_mapping_custom_pipeline`: Whether or not to patch NetBox to add custom pipeline code for OIDC group and role mapping.
See [Custom Pipeline Code for OIDC Group and Role Mapping](#custom-pipeline-code-for-oidc-group-and-role-mapping) for more infos.
Defaults to `false`.
## NetBox Configuration
@ -71,6 +73,14 @@ The relevant documentation on how to do that can be found here:
- Web server setup docs: <https://netboxlabs.com/docs/netbox/en/stable/installation/5-http-server/>
- Example base nginx config: <https://github.com/netbox-community/netbox/blob/main/contrib/nginx.conf>
## Custom Pipeline Code for OIDC Group and Role Mapping
Setting the option `netbox__patch_oidc_group_and_role_mapping_custom_pipeline` to `true` makes this role patch NetBox to add custom pipeline code for OIDC group and role mapping.
Note that this role uses a patch for NetBox >= 4.0.0.
The patch is available in `files/0001_oidc_group_and_role_mapping_custom_pipeline.patch`, licensed under the CC BY-SA 4.0 license and taken from [this authentik NetBox documentation](https://docs.goauthentik.io/integrations/services/netbox/).
The documentation also shows how to use the pipeline code by defining a custom `SOCIAL_AUTH_PIPELINE`, which you also need to do, as the configuration isn't provided by this role.
See also [the default settings.py](https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py) for the default `SOCIAL_AUTH_PIPELINE`.
## Links & Resources
- The NetBox Git Repo: <https://github.com/netbox-community/netbox>