Merge 39d2b726af into 1d8a31be83

Support new DATABASES syntax in Netbox 4.3

configuration/configuration.py

@@ -64,7 +64,8 @@ if '*' not in ALLOWED_HOSTS and 'localhost' not in ALLOWED_HOSTS:
 
 # PostgreSQL database configuration. See the Django documentation for a complete list of available parameters:
 #   https://docs.djangoproject.com/en/stable/ref/settings/#databases
-DATABASE = {
+DATABASES = {
+    'default': {
         'NAME': environ.get('DB_NAME', 'netbox'),       # Database name
         'USER': environ.get('DB_USER', ''),             # PostgreSQL username
         'PASSWORD': _read_secret('db_password', environ.get('DB_PASSWORD', '')),
@@ -77,6 +78,7 @@ DATABASE = {
                                                         # Max database connection age
         'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _AS_BOOL),
                                                         # Disable the use of server-side cursors transaction pooling
+    }
 }
 
 # Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate
@@ -303,6 +305,12 @@ REMOTE_AUTH_SUPERUSER_GROUPS = _environ_get_and_map('REMOTE_AUTH_SUPERUSER_GROUP
 REMOTE_AUTH_SUPERUSERS = _environ_get_and_map('REMOTE_AUTH_SUPERUSERS', '', _AS_LIST)
 REMOTE_AUTH_STAFF_GROUPS = _environ_get_and_map('REMOTE_AUTH_STAFF_GROUPS', '', _AS_LIST)
 REMOTE_AUTH_STAFF_USERS = _environ_get_and_map('REMOTE_AUTH_STAFF_USERS', '', _AS_LIST)
+# SSO Configuration
+SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY')
+SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET = _read_secret('okta_openidconnect_secret', environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET', ''))
+SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL = environ.get('SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL')
+SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY')
+SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = _read_secret('google_oauth2_secret', environ.get('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', ''))
 
 # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
 # version check or use the URL below to check for release in the official NetBox repository.

docker-compose.override.yml.example

@@ -19,4 +19,17 @@ services:
       # SUPERUSER_EMAIL: ""
       # SUPERUSER_NAME: ""
       # SUPERUSER_PASSWORD: ""
+      # SSO Configuration
+      # SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY: "your_okta_client_id"
+      # SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL: "https://your-domain.okta.com"
+      # SOCIAL_AUTH_GOOGLE_OAUTH2_KEY: "your_google_client_id"
+    # secrets:
+      # - okta_openidconnect_secret
+      # - google_oauth2_secret
 
+# Uncomment to use Docker secrets for SSO credentials
+# secrets:
+#   okta_openidconnect_secret:
+#     file: ./secrets/okta_secret.txt
+#   google_oauth2_secret:
+#     file: ./secrets/google_secret.txt

env/netbox.env

@@ -31,4 +31,12 @@ REDIS_SSL=false
 RELEASE_CHECK_URL=https://api.github.com/repos/netbox-community/netbox/releases
 SECRET_KEY='r(m)9nLGnz$(_q3N4z1k(EFsMCjjjzx08x9VhNVcfd%6RF#r!6DE@+V5Zk2X'
 SKIP_SUPERUSER=true
+# SSO Configuration (uncomment and configure as needed)
+# OKTA OpenID Connect
+# SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY=your_okta_client_id
+# SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET=your_okta_client_secret
+# SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL=https://your-domain.okta.com
+# Google OAuth2
+# SOCIAL_AUTH_GOOGLE_OAUTH2_KEY=your_google_client_id
+# SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET=your_google_client_secret
 WEBHOOKS_ENABLED=true