progess on #18 and #17

.gitignore

@@ -1,2 +1,4 @@
 gitlab/
-.vscode/
+.vscode/
+netbox-docker/
+

dockers/build.sh

@@ -0,0 +1,39 @@
+
+#FLASK_BUILD
+cp docker-compose-flask.override.yml flask_ansible/docker-compose.override.yml
+docker-compose -f flask_ansible/docker-compose.yml up -d
+
+read -p "Press enter to continue"
+
+#ZABBIX_BUILD
+git clone https://github.com/zabbix/zabbix-docker
+# cd zabbix-docker
+# git checkout 4.2
+# cd ..
+cp docker-compose-zabbix.override.yml zabbix-docker/docker-compose.override.yml
+cp zabbix-docker/docker-compose_v3_ubuntu_mysql_latest.yaml zabbix-docker/docker-compose.yml
+docker-compose -f zabbix-docker/docker-compose.yml up -d
+
+read -p "Press enter to continue"
+
+#GITLAB_BUILD
+cp docker-compose-gitlab.override.yml gitlab/docker-compose.override.yml
+docker-compose -f gitlab/docker-compose.yml up -d
+
+read -p "Press enter to continue"
+
+#NETBOX_BUILD
+git clone https://github.com/netbox-community/netbox-docker.git
+git clone https://github.com/netbox-community/netbox.git netbox-docker/.netbox
+cp docker-compose-netbox.override.yml ./netbox-docker/docker-compose.override.yml
+sed -i "35i RUN echo \"py-zabbix\" >> /requirements.txt" netbox-docker/Dockerfile
+# sed -i 's/image: netboxcommunity\/netbox:\${VERSION-latest}/image: netbox_schyconf:1.0/g' ./docker-compose.yml
+# sed -i 's/- 8080/- 8000:8080/g' docker-compose.yml
+docker build --pull --target main -f netbox-docker/Dockerfile -t netbox_schyconf:1.0 --build-arg NETBOX_PATH=netbox-docker/.netbox --build-arg FROM=python:3.8-alpine .
+docker-compose -f netbox-docker/docker-compose.yml up -d
+#######
+
+
+
+
+

dockers/docker-compose-flask.override.yml

@@ -0,0 +1,9 @@
+version: '3.4'
+services:
+  flask:
+    networks:
+      netbox-docker_default:
+networks:
+  netbox-docker_default:
+    external: true
+    driver: bridge

dockers/docker-compose-gitlab.override.yml

@@ -0,0 +1,14 @@
+version: '3.4'
+services:
+  gitlab:
+    networks:
+      netbox-docker_default:
+        aliases:
+        - zabbix-server
+        - zabbix-server-mysql
+        - zabbix-server-ubuntu-mysql
+        - zabbix-server-mysql-ubuntu
+networks:
+  netbox-docker_default:
+    external: true
+    driver: bridge

dockers/docker-compose-netbox.override.yml

@@ -0,0 +1,8 @@
+version: '3.4'
+services:
+  netbox:
+    image: netbox_schyconf:1.0
+    ports: 8000:8080
+    volumes:
+    - ./initializers:/opt/netbox/initializers:z,ro ## <-- Replace `my_initializers` with the name of your folder
+

dockers/docker-compose-zabbix.override.yml

@@ -0,0 +1,39 @@
+version: '3.4'
+services:
+  zabbix-server:
+    networks:
+      netbox-docker_default:
+  zabbix-proxy-sqlite3:
+    networks:
+      netbox-docker_default:
+  zabbix-proxy-mysql:
+    networks:
+      netbox-docker_default:
+  zabbix-web-apache-mysql:
+    networks:
+      netbox-docker_default:
+  zabbix-web-nginx-mysql:
+    ports:
+      - 8081:80
+    networks:
+      netbox-docker_default:
+  zabbix-agent:
+    networks:
+      netbox-docker_default:
+  zabbix-java-gateway:
+    networks:
+      netbox-docker_default:
+  zabbix-snmptraps:
+    networks:
+      netbox-docker_default:
+  mysql-server:
+    networks:
+      netbox-docker_default:
+  db_data_mysql:
+    networks:
+      netbox-docker_default:
+
+networks:
+  netbox-docker_default:
+    external: true
+    driver: bridge

dockers/flask_ansible/Dockerfile

@@ -0,0 +1,34 @@
+
+FROM python:3.8-alpine
+COPY flask/app.py /flask/
+RUN mkdir /root/.ansible/plugins
+RUN mkdir /root/.ansible/plugins/modules
+COPY ansible/models/ocnos/ocnos_config.py /root/.ansible/plugins/modules/
+run apk update && apk upgrade
+
+
+RUN apk add --no-cache \
+      bash \
+      build-base \
+      ca-certificates \
+      cyrus-sasl-dev \
+      graphviz \
+      jpeg-dev \
+      libevent-dev \
+      libffi-dev \
+      libxslt-dev \
+      openldap-dev \
+      postgresql-dev
+
+run apk add gcc
+
+RUN pip3 install ansible 
+
+RUN pip3 install flask
+RUN pip3 list
+RUN apk add nano
+
+
+CMD ["python3","/flask/app.py"]
+
+

dockers/flask_ansible/ansible/auto_config.rsc

@@ -0,0 +1,64 @@
+:delay 30s
+/interface bridge
+add name=b107 protocol-mode=none
+add name=b349 protocol-mode=none
+/interface ethernet
+set [ find default-name=ether1 ] name="ether1 - Internet"
+set [ find default-name=ether10 ] name="ether10 - Uplink"
+/interface vlan
+add interface="ether10 - Uplink" name=ether10v107 vlan-id=107
+add interface="ether10 - Uplink" name=ether10v349 vlan-id=349
+/interface wireless security-profiles
+set [ find default=yes ] supplicant-identity=MikroTik
+/queue type
+set 1 pfifo-limit=2048
+/queue interface
+set "ether1 - Internet" queue=ethernet-default
+set ether2 queue=ethernet-default
+set ether3 queue=ethernet-default
+set ether4 queue=ethernet-default
+set ether5 queue=ethernet-default
+set ether6 queue=ethernet-default
+set ether7 queue=ethernet-default
+set ether8 queue=ethernet-default
+set ether9 queue=ethernet-default
+set "ether10 - Uplink" queue=ethernet-default
+/interface bridge port
+add bridge=b349 interface="ether1 - Internet"
+add bridge=b107 interface=ether10v107
+add bridge=b349 interface=ether10v349
+/ip neighbor discovery-settings
+set discover-interface-list=none
+/ip address
+add address=10.0.7.5/24 interface=b107 network=10.0.7.0
+/ip firewall filter
+add action=accept chain=input comment=Management src-address=99.99.99.0/24
+add action=accept chain=output dst-address=99.99.99.0/24
+add action=accept chain=input comment=NTP protocol=udp src-address=99.99.99.2 \
+    src-port=123
+add action=accept chain=output comment=SYSLOG dst-address=99.99.99.3
+/ip route
+add distance=1 gateway=99.99.99.1
+/ip service
+set telnet disabled=yes
+set ftp disabled=yes
+set www disabled=yes
+set api disabled=yes
+set api-ssl disabled=yes
+/system identity
+set name=HardysCheckpoint
+/system logging
+add action=disk topics=critical
+/system ntp client
+set enabled=yes primary-ntp=99.99.99.2
+/tool bandwidth-server
+set enabled=no
+/tool graphing resource
+add allow-address=99.99.99.0/24
+/tool mac-server
+set allowed-interface-list=none
+/tool mac-server mac-winbox
+set allowed-interface-list=none
+/tool mac-server ping
+set enabled=no
+

dockers/flask_ansible/ansible/create_configuration.yml

@@ -0,0 +1,77 @@
+---
+- hosts: "{{ device_name }}"
+  connection: network_cli
+  become: no
+  gather_facts: no
+  vars:
+    netbox_url: "http://netbox"
+    netbox_token: 0123456789abcdef0123456789abcdef01234567
+    working_folder: "/optimizing_cpes/gitlab"
+
+  tasks:
+    - name: Get config context from Netbox
+      uri:
+        url: "{{netbox_url}}/api/extras/config-contexts/"
+        validate_certs: no
+        method: GET
+        return_content: yes
+        headers:
+          accept: "application/json"
+          Authorization: "Token {{netbox_token}}"
+      register: nb_contexts
+
+    - name: Get device from Netbox
+      uri:
+        url: "{{ netbox_url }}/api/dcim/devices/?name={{inventory_hostname}}"
+
+        validate_certs: no
+        method: GET
+        return_content: yes
+        headers:
+          accept: "application/json"
+          Authorization: "Token {{netbox_token}}"
+      register: nb_device
+
+    - name: Get interfaces for host
+      uri:
+        url: "{{netbox_url}}/api/dcim/interfaces/?device={{inventory_hostname}}"
+        validate_certs: no
+        method: GET
+        return_content: yes
+        headers:
+          accept: "application/json"
+          Authorization: "Token {{netbox_token}}"
+      register: nb_interfaces
+
+    - name: Get ip addresses for host
+      uri:
+        url: "{{netbox_url}}/api/ipam/ip-addresses/?device={{inventory_hostname}}"
+        validate_certs: no
+        method: GET
+        return_content: yes
+        headers:
+          accept: "application/json"
+          Authorization: "Token {{netbox_token}}"
+      register: nb_ips
+
+    - name: Create temp folder for {{ inventory_hostname }}
+      file:
+        dest: "{{working_folder }}/{{inventory_hostname}}"
+        state: directory
+
+    - name: Create configuration file for {{ inventory_hostname }}
+      template:
+          src: "/optimizing_cpes/ansible/templates/{{nb_device['json']['results'][0]['platform']['name']}}.j2"
+          dest: "{{working_folder}}/{{inventory_hostname}}/{{inventory_hostname}}.conf"
+
+- import_playbook: uplink_configuration.yml
+
+
+
+
+
+
+
+
+
+

dockers/flask_ansible/ansible/example.rsc

@@ -0,0 +1,64 @@
+:delay 30s
+/interface bridge
+add name=b107 protocol-mode=none
+add name=b349 protocol-mode=none
+/interface ethernet
+set [ find default-name=ether1 ] name="ether1 - Internet"
+set [ find default-name=ether10 ] name="ether10 - Uplink"
+/interface vlan
+add interface="ether10 - Uplink" name=ether10v107 vlan-id=107
+add interface="ether10 - Uplink" name=ether10v349 vlan-id=349
+/interface wireless security-profiles
+set [ find default=yes ] supplicant-identity=MikroTik
+/queue type
+set 1 pfifo-limit=2048
+/queue interface
+set "ether1 - Internet" queue=ethernet-default
+set ether2 queue=ethernet-default
+set ether3 queue=ethernet-default
+set ether4 queue=ethernet-default
+set ether5 queue=ethernet-default
+set ether6 queue=ethernet-default
+set ether7 queue=ethernet-default
+set ether8 queue=ethernet-default
+set ether9 queue=ethernet-default
+set "ether10 - Uplink" queue=ethernet-default
+/interface bridge port
+add bridge=b349 interface="ether1 - Internet"
+add bridge=b107 interface=ether10v107
+add bridge=b349 interface=ether10v349
+/ip neighbor discovery-settings
+set discover-interface-list=none
+/ip address
+add address=10.0.7.5/24 interface=b107 network=10.0.7.0
+/ip firewall filter
+add action=accept chain=input comment=Management src-address=99.99.99.0/24
+add action=accept chain=output dst-address=99.99.99.0/24
+add action=accept chain=input comment=NTP protocol=udp src-address=99.99.99.2 \
+    src-port=123
+add action=accept chain=output comment=SYSLOG dst-address=99.99.99.3
+/ip route
+add distance=1 gateway=99.99.99.1
+/ip service
+set telnet disabled=yes
+set ftp disabled=yes
+set www disabled=yes
+set api disabled=yes
+set api-ssl disabled=yes
+/system identity
+set name=HardysCheckpoint
+/system logging
+add action=disk topics=critical
+/system ntp client
+set enabled=yes primary-ntp=99.99.99.2
+/tool bandwidth-server
+set enabled=no
+/tool graphing resource
+add allow-address=99.99.99.0/24
+/tool mac-server
+set allowed-interface-list=none
+/tool mac-server mac-winbox
+set allowed-interface-list=none
+/tool mac-server ping
+set enabled=no
+