# This is the main configuration file for Netdisco web and backend apps # # DO NOT EDIT THIS FILE # # Overrides should go to ~/environments/deployment.yml # # https://github.com/netdisco/netdisco/wiki/Configuration has # in depth explanations about each setting. # ---------------- # GENERAL SETTINGS # ---------------- log: 'warning' logger_format: '[%P] %U %L %m' include_paths: [] template_paths: [] site_local_files: false external_databases: [] # ------------ # WEB FRONTEND # ------------ domain_suffix: [] no_auth: false suggest_guest: false navbar_autocomplete: true trust_remote_user: false trust_x_remote_user: false api_token_lifetime: 3600 tacacs: {} radius: {} ldap: {} # servers: [] # user_string: 'MYDOMAIN\%USER%' # base: "" # proxy_user: "" # proxy_pass: "" # opts: # debug: 3 # tls_opts: {} path: '/' web_home: '/inventory' web_plugins: - Inventory - Report::PortVLANMismatch - Report::PortAdminDown - Report::PortBlocking - Report::PortMultiNodes - Report::PortSsid - Report::PortUtilization - Report::ApChannelDist - Report::ApClients - Report::ApRadioChannelPower - Report::HalfDuplex - Report::DeviceAddrNoDNS - Report::DeviceByLocation - Report::InventoryByModelByOS - Report::DeviceDnsMismatch - Report::DevicePoeStatus - Report::DuplexMismatch - Report::IpInventory - Report::ModuleInventory - Report::Netbios - Report::NodeMultiIPs - Report::NodeVendor - Report::NodesDiscovered - Report::SsidInventory - Report::VlanInventory - Report::SubnetUtilization - Report::PortLog - AdminTask::JobQueue - AdminTask::NodeMonitor - AdminTask::Topology - AdminTask::PollerPerformance - AdminTask::PseudoDevice - AdminTask::SlowDevices - AdminTask::UndiscoveredNeighbors - AdminTask::OrphanedDevices - AdminTask::DuplicateDevices - AdminTask::TimedOutDevices - AdminTask::UserLog - AdminTask::Users - Search::Device - Search::Node - Search::VLAN - Search::Port - Device::Details - Device::Ports - Device::Modules - Device::Neighbors - Device::Addresses - Device::Vlans - Device::SNMP extra_web_plugins: [] sidebar_defaults: search_node: stamps: { default: checked } deviceports: { default: checked } show_vendor: { default: null } archived: { default: null } partial: { default: null } age_invert: { default: null } daterange: { default: null } mac_format: { default: IEEE } search_port: partial: { default: checked } uplink: { default: null } ethernet: { default: checked } search_device: matchall: { default: checked } device_ports: c_admin: { label: 'Port Controls', default: null, idx: 0 } c_port: { label: 'Port', default: checked, idx: 1 } c_descr: { label: 'Description', default: null, idx: 2 } c_comment: { label: 'Last Comment', default: null, idx: 3 } c_type: { label: 'Type', default: null, idx: 4 } c_duplex: { label: 'Duplex', default: null, idx: 5 } c_lastchange: { label: 'Last Change', default: null, idx: 6 } c_name: { label: 'Name', default: checked, idx: 7 } c_speed: { label: 'Speed (running)', default: null, idx: 8 } c_speed_admin: { label: 'Speed (configured)', default: null, idx: 9 } c_error: { label: 'Error Message', default: null, idx: 10 } c_mac: { label: 'Port MAC', default: null, idx: 11 } c_mtu: { label: 'MTU', default: null, idx: 12 } c_pvid: { label: 'Native VLAN', default: checked, idx: 13 } c_vmember: { label: 'VLAN Membership', default: checked, idx: 14 } c_power: { label: 'PoE', default: null, idx: 15 } c_ssid: { label: 'SSID', default: null, idx: 16 } c_nodes: { label: 'Connected Nodes', default: null, idx: 17 } c_neighbors: { label: 'Connected Devices', default: checked, idx: 18 } c_stp: { label: 'Spanning Tree', default: null, idx: 19 } c_up: { label: 'Status', default: null, idx: 20 } mac_format: { default: IEEE } n_inventory: { label: 'Inventory Data', default: checked, idx: 0 } n_detailed_inventory: { label: 'Detailed Inventory', default: null, idx: 1 } n_age: { label: 'Age Stamp', default: null, idx: 2 } n_ip4: { label: 'IPv4 Addresses', default: checked, idx: 3 } n_ip6: { label: 'IPv6 Addresses', default: checked, idx: 4 } n_netbios: { label: 'NetBIOS Name', default: checked, idx: 5 } n_ssid: { label: 'SSID', default: checked, idx: 6 } n_vendor: { label: 'Vendor', default: null, idx: 7 } n_archived: { label: 'Archived Data', default: null, idx: 8 } age_num: { default: 3 } age_unit: { default: months } device_netmap: showips: { default: null } showspeed: { default: null } mapshow: { default: neighbors } colorby: { default: speed } dynamicsize: { default: checked } report_moduleinventory: fruonly: { default: checked } matchall: { default: checked } report_portutilization: age_num: { default: 3 } age_unit: { default: months } device_port_col_idx_left: 0 device_port_col_idx_mid: 2 device_port_col_idx_right: -1 jobqueue_refresh: 10 safe_password_store: true reports: [] system_reports: - tag: portserrordisabled label: 'Error Disabled Ports' category: Port columns: - { ip: Device } - { dns: DNS } - { port: Port } - { name: Description } - { reason: Reason } query: | SELECT dp.ip, d.dns, dp.port, dp.name, properties.error_disable_cause AS reason FROM device_port dp INNER JOIN device_port_properties properties USING (ip, port) LEFT JOIN device d USING (ip) WHERE properties.error_disable_cause IS NOT NULL ORDER BY dp.ip, dp.port table_pagesize: 10 table_showrecordsmenu: - [10, 25, 50, 100, '-1'] - [10, 25, 50, 100, 'All'] vlanctl: true portctl_nameonly: false portctl_no: [] portctl_only: [] portctl_nowaps: false portctl_nophones: false portctl_vlans: false portctl_uplinks: false system_port_control_reasons: address: 'Address Allocation Abuse' copyright: 'Copyright Violation' dos: 'Denial of Service' bandwidth: 'Excessive Bandwidth' polling: 'Excessive Polling of DNS/DHCP/SNMP' noserv: 'Not In Service' exploit: 'Remote Exploit Possible' compromised: 'System Compromised' other: 'Other' resolved: 'Issue Resolved' check_userlog: false devport_vlan_limit: 150 login_logo: "" defanged_admin: 'admin' # ------------- # NETDISCO CORE # ------------- # mibhome is discovered from environment # mibdirs defaults to contents of mibhome host_groups: __ANY__: - '0.0.0.0/0' - '::/0' __LOCAL_ADDRESSES__: - '::1' - 'fe80::/10' - '127.0.0.0/8' host_group_displaynames: {} device_identity: [] community: [] community_rw: [] device_auth: [] use_legacy_rancidexport: false use_legacy_sshcollector: false get_credentials: "" bulkwalk_off: false bulkwalk_no: [] bulkwalk_repeaters: 20 nonincreasing: false snmpver: 3 snmptimeout: 3000000 snmpretries: 2 snmp_remoteport: {} snmp_field_protection: device: serial: ['group:__ANY__'] devices_no: [] devices_only: [] discover_no: [] discover_only: [] discover_no_type: [] discover_waps: true discover_phones: false discover_min_age: 0 macsuck_no: [] macsuck_only: [] macsuck_all_vlans: false macsuck_no_unnamed: false macsuck_no_vlan: - 'fddi-default' - 'token-ring-default' - 'fddinet-default' - 'trnet-default' - 'fcoe-vsan-4048' - 'SAM-vlan-boot' - 'SAM-vlan-appliance-management' - 'SAM-vlan-management' macsuck_no_devicevlan: [] macsuck_unsupported: [] macsuck_unsupported_type: [] macsuck_bleed: false macsuck_min_age: 0 snmpforce_v1: [] snmpforce_v2: [] snmpforce_v3: [] arpnip_no: [] arpnip_only: [] arpnip_min_age: 0 nbtstat_no: [] nbtstat_only: [] nbtstat_max_age: 7 nbtstat_interval: 0.02 nbtstat_response_timeout: 1 node_freshness: 0 expire_devices: 60 expire_nodes: 90 expire_nodes_archive: 60 expire_jobs: 14 expire_userlog: 365 expire_nodeip_freshness: null store_wireless_clients: true store_modules: true ignore_interfaces: - 'EOBC' - 'unrouted VLAN(?: \d+)?' - 'StackPort' - 'Control Plane Interface' - 'SPAN (S|R)P Interface' - 'StackSub-.*' - 'StackPort\d+' - 'netflow' - 'Vlan\d+-mpls layer' - 'BRI\S+-Bearer Channel' - 'BRI\S+-Physical' - 'BRI\S+-Signalling' - 'BRI\S+-Signaling' - 'Embedded-Service-Engine\d+\/\d+' - 'Virtual-Template\d+' - 'Virtual-Access\d+' - '(E|T)\d \d\/\d\/\d' - 'InLoopback0' - 'NULL\d' - 'Register-Tunnel\d' - 'Blade-Aggregation\d' - 'M-GigabitEthernet\d\/\d\/\d' - 'Ethernet(?:-| )QOS Packet Scheduler' - 'Ethernet(?:-| )WFP (?:802\.3|Native) MAC Layer Lightweight Filter' - 'ii\d\/\d\/\d+' ignore_interface_types: [] ignore_notpresent_types: - 'ethernetCsmacd' - 'tunnel' - 'ieee8023adLag' ignore_private_nets: false reverse_sysname: false phone_capabilities: - '(?i:phone)' phone_platforms: - '(?i:mitel.5\d{3})' wap_capabilities: - 'wlanAccessPoint' wap_platforms: - '(?i:\bwap\b)' - 'cisco\s+AIR-[L|C]?AP' - '-K9W8-' # -------------- # BACKEND DAEMON # -------------- workers: tasks: 'AUTO * 2' timeout: 600 sleep_time: 1 min_runtime: 0 max_deferrals: 10 retry_after: '7 days' queue: PostgreSQL # 50 minutes jobs_stale_after: 3000 jobs_qdepth: 50 dns: max_outstanding: 50 hosts_file: '/etc/hosts' no: ['group:__LOCAL_ADDRESSES__','169.254.0.0/16'] hooks: [] schedule: discoverall: when: '5 7 * * *' macwalk: when: min: 20 arpwalk: when: min: 50 nbtwalk: when: '0 8,13,21 * * *' expire: when: '30 23 * * *' makerancidconf: null job_prio: high: - hook::exec - hook::http - location - contact - portcontrol - portname - vlan - power normal: - discoverall - discover - arpwalk - arpnip - macwalk - macsuck - nbtwalk - nbtstat - expire - stats worker_plugins: - 'Arpnip' - 'Arpnip::Hooks' - 'Arpnip::Nodes' - 'Arpnip::Subnets' - 'Arpwalk' - 'Contact' - 'Delete' - 'Discover' - 'Discover::CanonicalIP' - 'Discover::Entities' - 'Discover::Hooks' - 'Discover::Neighbors' - 'Discover::Neighbors::DOCSIS' - 'Discover::Neighbors::Routed' - 'Discover::PortPower' - 'Discover::PortProperties' - 'Discover::Properties' - 'Discover::VLANs' - 'Discover::Wireless' - 'Discover::WithNodes' - 'DiscoverAll' - 'DumpConfig' - 'Expire' - 'ExpireNodes' - 'GetAPIKey' - 'Graph' - 'Hook' - 'Hook::Exec' - 'Hook::HTTP' - 'LoadMIBs' - 'Location' - 'Macsuck' - 'Macsuck::Hooks' - 'Macsuck::Nodes' - 'Macsuck::WirelessNodes' - 'Macwalk' - 'MakeRancidConf' - 'Nbtstat' - 'Nbtstat::Core' - 'Nbtwalk' - 'NodeMonitor' - 'PortControl' - 'PortName' - 'Power' - 'Psql' - 'Renumber' - 'Show' - 'Snapshot' - 'Stats' - 'Vlan' - 'Vlan::Core' extra_worker_plugins: [] driver_priority: restconf: 500 netconf: 400 eapi: 300 cli: 200 snmp: 100 # --------------- # GraphViz Export # --------------- graph: # ---- Graph Settings ---- edge_color : wheat graph : 'graph/netmap.gif' graph_png : 'graph/netmap.png' graph_bg : black graph_clusters : false # try fdp layout graph_color : white graph_default : png #graph_dir : net_dir.gif graph_epsilon : 6 graph_layout : twopi # try neato or fdp too graph_map : 'graph/netmap.map' graph_overlap : scale graph_nodesep : 2 graph_ranksep : .3 graph_raw : 'graph/graph_raw.dot' graph_splines : false graph_svg : 'graph/netmap.svg' graph_timeout : 90 graph_x : 30 graph_y : 30 node_fillcolor : dimgrey node_font : lucon node_fontsize : 46.0 node_fontcolor : white node_problem : red node_shape : box node_style : filled #edge_style : setlinewidth(10) # ---- Node Maps ---- # variable:matching pattern:node attribute:attribute value:key:key name #node_map: # - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device' # - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router' # - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet' # --------------- # DANCER INTERNAL # --------------- charset: 'UTF-8' warnings: false show_errors: false logger: 'console' engines: netdisco_template_toolkit: subclass: 'Template::AutoFilter' encoding: 'utf8' start_tag: '[%' end_tag: '%]' ANYCASE: 1 ABSOLUTE: 1 PRE_CHOMP: 1 INCLUDE_PATH: [] AUTO_FILTER: 'html_entity' layout: 'noop' plugins: Swagger: main_api_module: 'App::Netdisco' ui_url: '/swagger-ui' show_ui: false ui_dir: '/dev/null' Auth::Extensible: no_api_change_warning: true no_default_pages: true no_login_handler: true realms: users: provider: 'App::Netdisco::Web::Auth::Provider::DBIC' schema_name: 'netdisco' session: 'cookie' session_cookie_key: 'this_will_be_overridden_on_webapp_startup' template: 'netdisco_template_toolkit' route_cache: true appname: 'Netdisco' behind_proxy: false HTTP-Header-X-Frame-Options: 'DENY' HTTP-Header-Content-Security-Policy: 'frame-ancestors none;'