.ecrc

@@ -2,12 +2,17 @@
   "Verbose": false,
   "Debug": false,
   "IgnoreDefaults": false,
-  "SpacesAfterTabs": false,
+  "SpacesAftertabs": false,
   "NoColor": false,
-  "Exclude": ["LICENSE", "\\.initializers", "\\.vscode"],
+  "Exclude": [
+    "LICENSE",
+    "\\.initializers",
+    "\\.vscode"
+  ],
   "AllowedContentTypes": [],
   "PassedFiles": [],
   "Disable": {
+    // set these options to true to disable specific checks
     "EndOfLine": false,
     "Indentation": false,
     "InsertFinalNewline": false,

.editorconfig

@@ -9,6 +9,3 @@ indent_size = 2
 
 [*.py]
 indent_size = 4
-
-[VERSION]
-insert_final_newline = false

.github/workflows/push.yml

@@ -23,28 +23,25 @@ jobs:
       packages: read
       statuses: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
         with:
           # Full git history is needed to get a proper
           # list of changed files within `super-linter`
           fetch-depth: 0
       - name: Lint Code Base
-        uses: super-linter/super-linter@v8
+        uses: super-linter/super-linter@v7
         env:
           DEFAULT_BRANCH: develop
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SUPPRESS_POSSUM: true
           LINTER_RULES_PATH: /
           VALIDATE_ALL_CODEBASE: false
-          VALIDATE_BIOME_FORMAT: false
           VALIDATE_CHECKOV: false
           VALIDATE_DOCKERFILE: false
-          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
           VALIDATE_GITLEAKS: false
           VALIDATE_JSCPD: false
-          VALIDATE_TRIVY: false
           FILTER_REGEX_EXCLUDE: (.*/)?(LICENSE|configuration/.*)
-          EDITORCONFIG_FILE_NAME: .editorconfig-checker.json
+          EDITORCONFIG_FILE_NAME: .ecrc
           DOCKERFILE_HADOLINT_FILE_NAME: .hadolint.yaml
           MARKDOWN_CONFIG_FILE: .markdown-lint.yml
           PYTHON_BLACK_CONFIG_FILE: pyproject.toml
@@ -73,7 +70,7 @@ jobs:
     steps:
       - id: git-checkout
         name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
       - id: buildx-setup
         name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

.github/workflows/release.yml

@@ -13,13 +13,11 @@ jobs:
   build:
     strategy:
       matrix:
-        build:
+        build_cmd:
-          - { "cmd": "./build-latest.sh", "branch": "release" }
+          - ./build-latest.sh
-          - { "cmd": "./build.sh main", "branch": "release" }
+          - PRERELEASE=true ./build-latest.sh
-          # Build pre release images from our develop branch
+          - ./build.sh feature
-          # This is used to test the latest changes before they are merged into the main branch
+          - ./build.sh main
-          - { "cmd": "PRERELEASE=true ./build-latest.sh", "branch": "develop" }
-          - { "cmd": "./build.sh feature", "branch": "develop" }
         platform:
           - linux/amd64,linux/arm64
       fail-fast: false
@@ -32,18 +30,16 @@ jobs:
     steps:
       - id: source-checkout
         name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v4
-        with:
-          ref: ${{ matrix.build.branch }}
       - id: set-netbox-docker-version
         name: Get Version of NetBox Docker
         run: echo "version=$(cat VERSION)" >>"$GITHUB_OUTPUT"
         shell: bash
       - id: check-build-needed
-        name: Check if the build is needed for '${{ matrix.build.cmd }}'
+        name: Check if the build is needed for '${{ matrix.build_cmd }}'
         env:
           CHECK_ONLY: "true"
-        run: ${{ matrix.build.cmd }}
+        run: ${{ matrix.build_cmd }}
       # docker.io
       - id: docker-io-login
         name: Login to docker.io
@@ -81,7 +77,7 @@ jobs:
         if: steps.check-build-needed.outputs.skipped != 'true'
       - id: build-and-push
         name: Push the image
-        run: ${{ matrix.build.cmd }} --push
+        run: ${{ matrix.build_cmd }} --push
         if: steps.check-build-needed.outputs.skipped != 'true'
         env:
           BUILDX_PLATFORM: ${{ matrix.platform }}

Dockerfile

@@ -1,7 +1,7 @@
 ARG FROM
 FROM ${FROM} AS builder
 
-COPY --from=ghcr.io/astral-sh/uv:0.9 /uv /usr/local/bin/
+COPY --from=ghcr.io/astral-sh/uv:0.5 /uv /usr/local/bin/
 RUN export DEBIAN_FRONTEND=noninteractive \
     && apt-get update -qq \
     && apt-get upgrade \
@@ -33,8 +33,6 @@ RUN \
     # we have potential version conflicts and the build will fail.
     # That's why we just replace it in the original requirements.txt.
     sed -i -e 's/social-auth-core/social-auth-core\[all\]/g' /requirements.txt && \
-    # The same is true for 'django-storages'
-    sed -i -e 's/django-storages/django-storages\[azure,boto3,dropbox,google,libcloud,sftp\]/g' /requirements.txt && \
     /usr/local/bin/uv pip install \
       -r /requirements.txt \
       -r /requirements-container.txt
@@ -46,8 +44,6 @@ RUN \
 ARG FROM
 FROM ${FROM} AS main
 
-COPY docker/unit.list /etc/apt/sources.list.d/unit.list
-ADD --chmod=444 --chown=0:0 https://unit.nginx.org/keys/nginx-keyring.gpg /usr/share/keyrings/nginx-keyring.gpg
 RUN export DEBIAN_FRONTEND=noninteractive \
     && apt-get update -qq \
     && apt-get upgrade \
@@ -64,8 +60,15 @@ RUN export DEBIAN_FRONTEND=noninteractive \
       openssl \
       python3 \
       tini \
-      unit-python3.12=1.34.2-1~noble \
+    && curl --silent --output /usr/share/keyrings/nginx-keyring.gpg \
-      unit=1.34.2-1~noble \
+      https://unit.nginx.org/keys/nginx-keyring.gpg \
+    && echo "deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] https://packages.nginx.org/unit/ubuntu/ noble unit" \
+      > /etc/apt/sources.list.d/unit.list \
+    && apt-get update -qq \
+    && apt-get install \
+      --yes -qq --no-install-recommends \
+      unit=1.34.1-1~noble \
+      unit-python3.12=1.34.1-1~noble \
     && rm -rf /var/lib/apt/lists/*
 
 # Copy the modified 'requirements*.txt' files, to have the files actually used during installation
@@ -79,6 +82,7 @@ COPY ${NETBOX_PATH} /opt/netbox
 COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py
 COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py
 COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh
+COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh
 COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh
 COPY configuration/ /etc/netbox/config/
 COPY docker/nginx-unit.json /etc/unit/
@@ -88,7 +92,7 @@ WORKDIR /opt/netbox/netbox
 
 # Must set permissions for '/opt/netbox/netbox/media' directory
 # to g+w so that pictures can be uploaded to netbox.
-RUN mkdir -p static media /opt/unit/state/ /opt/unit/tmp/ \
+RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \
       && chown -R unit:root /opt/unit/ media reports scripts \
       && chmod -R g+w /opt/unit/ media reports scripts \
       && cd /opt/netbox/ && SECRET_KEY="dummyKeyWithMinimumLength-------------------------" /opt/netbox/venv/bin/python -m mkdocs build \

README.md

@@ -39,9 +39,12 @@ There is a more complete [_Getting Started_ guide on our wiki][wiki-getting-star
 ```bash
 git clone -b release https://github.com/netbox-community/netbox-docker.git
 cd netbox-docker
-# Copy the example override file
+tee docker-compose.override.yml <<EOF
-cp docker-compose.override.yml.example docker-compose.override.yml
+services:
-# Read and edit the file to your liking
+  netbox:
+    ports:
+      - 8000:8080
+EOF
 docker compose pull
 docker compose up
 ```

VERSION

@@ -1 +1 @@
-3.4.2
+3.2.1

build.sh

@@ -62,7 +62,7 @@ DOCKERFILE  The name of Dockerfile to use.
 DOCKER_FROM The base image to use.
             ${_GREEN}Default:${_CLEAR} 'ubuntu:24.04'
 
-BUILDX_PLATFORM
+BUILDX_PLATFORMS
             Specifies the platform(s) to build the image for.
             ${_CYAN}Example:${_CLEAR} 'linux/amd64,linux/arm64'
             ${_GREEN}Default:${_CLEAR} 'linux/amd64'
@@ -223,7 +223,7 @@ fi
 ###
 # Variables for labelling the docker image
 ###
-BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M:%S+00:00')"
+BUILD_DATE="$(date -u '+%Y-%m-%dT%H:%M+00:00')"
 
 if [ -d ".git" ] && [ -z "${SKIP_GIT}" ]; then
   GIT_REF="$(git rev-parse HEAD)"

configuration/configuration.py

@@ -64,8 +64,7 @@ if '*' not in ALLOWED_HOSTS and 'localhost' not in ALLOWED_HOSTS:
 
 # PostgreSQL database configuration. See the Django documentation for a complete list of available parameters:
 #   https://docs.djangoproject.com/en/stable/ref/settings/#databases
-DATABASES = {
+DATABASE = {
-    'default': {
     'NAME': environ.get('DB_NAME', 'netbox'),       # Database name
     'USER': environ.get('DB_USER', ''),             # PostgreSQL username
     'PASSWORD': _read_secret('db_password', environ.get('DB_PASSWORD', '')),
@@ -79,7 +78,6 @@ DATABASES = {
     'DISABLE_SERVER_SIDE_CURSORS': _environ_get_and_map('DB_DISABLE_SERVER_SIDE_CURSORS', 'False', _AS_BOOL),
                                                     # Disable the use of server-side cursors transaction pooling
 }
-}
 
 # Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate
 # configuration exists for each. Full connection details are required in both sections, and it is strongly recommended
@@ -116,11 +114,6 @@ REDIS = {
 # https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
 SECRET_KEY = _read_secret('secret_key', environ.get('SECRET_KEY', ''))
 
-API_TOKEN_PEPPERS = {}
-if api_token_pepper := _read_secret('api_token_pepper_1', environ.get('API_TOKEN_PEPPER_1', '')):
-    API_TOKEN_PEPPERS.update({1: api_token_pepper})
-
-
 
 #########################
 #                       #

configuration/ldap/ldap_config.py

@@ -109,6 +109,3 @@ AUTH_LDAP_USER_ATTR_MAP = {
     "last_name": environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'),
     "email": environ.get('AUTH_LDAP_ATTR_MAIL', 'mail')
 }
-
-# Update user object with the latest values from the LDAP directory every time the user logs in.
-AUTH_LDAP_ALWAYS_UPDATE_USER = environ.get('AUTH_LDAP_ALWAYS_UPDATE_USER', 'True').lower() == 'true'

docker-compose.test.yml

@@ -28,6 +28,15 @@ services:
       start_period: 40s
       timeout: 3s
       interval: 15s
+  netbox-housekeeping:
+    <<: *netbox
+    command:
+      - /opt/netbox/housekeeping.sh
+    healthcheck:
+      test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
+      start_period: 40s
+      timeout: 3s
+      interval: 15s
 
   postgres:
     image: docker.io/postgres:17-alpine
@@ -40,7 +49,7 @@ services:
       retries: 5
 
   redis: &redis
-    image: docker.io/valkey/valkey:8.1-alpine
+    image: docker.io/valkey/valkey:8.0-alpine
     command:
       - sh
       - -c # this is to evaluate the $REDIS_PASSWORD from the env

docker-compose.yml

@@ -1,6 +1,6 @@
 services:
   netbox: &netbox
-    image: docker.io/netboxcommunity/netbox:${VERSION-v4.4-3.4.1}
+    image: docker.io/netboxcommunity/netbox:${VERSION-v4.2-3.2.1}
     depends_on:
       - postgres
       - redis
@@ -31,6 +31,18 @@ services:
       start_period: 20s
       timeout: 3s
       interval: 15s
+  netbox-housekeeping:
+    <<: *netbox
+    depends_on:
+      netbox:
+        condition: service_healthy
+    command:
+      - /opt/netbox/housekeeping.sh
+    healthcheck:
+      test: ps -aux | grep -v grep | grep -q housekeeping || exit 1
+      start_period: 20s
+      timeout: 3s
+      interval: 15s
 
   # postgres
   postgres:
@@ -47,7 +59,7 @@ services:
 
   # redis
   redis:
-    image: docker.io/valkey/valkey:8.1-alpine
+    image: docker.io/valkey/valkey:8.0-alpine
     command:
       - sh
       - -c # this is to evaluate the $REDIS_PASSWORD from the env
@@ -62,7 +74,7 @@ services:
     volumes:
       - netbox-redis-data:/data
   redis-cache:
-    image: docker.io/valkey/valkey:8.1-alpine
+    image: docker.io/valkey/valkey:8.0-alpine
     command:
       - sh
       - -c # this is to evaluate the $REDIS_PASSWORD from the env

docker/housekeeping.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+SLEEP_SECONDS=${HOUSEKEEPING_INTERVAL:=86400}
+echo "Interval set to ${SLEEP_SECONDS} seconds"
+while true; do
+  date
+  /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py housekeeping
+  sleep "${SLEEP_SECONDS}s"
+done

docker/launch-netbox.sh

@@ -36,7 +36,7 @@ load_configuration() {
       http://localhost/config
   )
   if [ "$RESP_CODE" != "200" ]; then
-    echo "⚠️ Could not load Unit configuration"
+    echo "⚠️ Could no load Unit configuration"
     kill "$(cat /opt/unit/unit.pid)"
     return 1
   fi

docker/nginx-unit.json

@@ -73,10 +73,5 @@
       }
     }
   },
-  "access_log": "/dev/stdout",
+  "access_log": "/dev/stdout"
-  "settings": {
-    "http": {
-      "max_body_size": 104857600
-    }
-  }
 }

docker/unit.list

@@ -1 +0,0 @@
-deb [signed-by=/usr/share/keyrings/nginx-keyring.gpg] http://packages.nginx.org/unit/ubuntu/ noble unit

env/netbox.env

@@ -1,4 +1,3 @@
-API_TOKEN_PEPPER_1=Qy+F=OTeGskWQ(wTMgjc+NPPlz6YwFXY=KHIIg=wpYXT&e(6u8
 CORS_ORIGIN_ALLOW_ALL=True
 DB_HOST=postgres
 DB_NAME=netbox
@@ -16,6 +15,7 @@ EMAIL_USERNAME=netbox
 EMAIL_USE_SSL=false
 EMAIL_USE_TLS=false
 GRAPHQL_ENABLED=true
+HOUSEKEEPING_INTERVAL=86400
 MEDIA_ROOT=/opt/netbox/netbox/media
 METRICS_ENABLED=false
 REDIS_CACHE_DATABASE=1

requirements-container.txt

@@ -1,6 +1,7 @@
-django-auth-ldap==5.2.0
+django-auth-ldap==5.1.0
-dulwich==0.24.8
+django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.14.6
+dulwich==0.22.7
 python3-saml==1.16.0
 --no-binary lxml
 --no-binary xmlsec
-sentry-sdk[django]==2.43.0
+sentry-sdk[django]==2.27.0

test-configuration/test_config.py

@@ -3,14 +3,4 @@ LOGGING = {
     'disable_existing_loggers': True
 }
 
-PLUGINS = [
-    'netbox.tests.dummy_plugin',
-]
-
-ALLOW_TOKEN_RETRIEVAL = True
-
 DEFAULT_PERMISSIONS = {}
-
-API_TOKEN_PEPPERS = {
-    1: 'TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE-TEST-VALUE-DO-NOT-USE',
-}