6a36baa961
* first steps for vlan tab * export sort_vlans, use strict/warnings * update manifest, get worker closer to functioning * remove ie 9 script & extra ./th * make it work * cleanup * readd internet explorer code * start for csv output * move things to debug logging instead of info * use message which was discussed * fix for address table sorting * link os * final touches thx to ollyg * fetch origin/master * VLAN is the preferred style for user interface usage * does a missing libexpat-dev make travis builds complain? * Revert "does a missing libexpat-dev make travis builds complain?" This reverts commit 0cebc66f42708ff0f946213aab4bcbcc1b1b1379.
501 lines
12 KiB
YAML
501 lines
12 KiB
YAML
# This is the main configuration file for Netdisco web and backend apps
|
||
#
|
||
# DO NOT EDIT THIS FILE
|
||
#
|
||
# Overrides should go to ~/environments/deployment.yml
|
||
#
|
||
# https://github.com/netdisco/netdisco/wiki/Configuration has
|
||
# in depth explanations about each setting.
|
||
|
||
# ----------------
|
||
# GENERAL SETTINGS
|
||
# ----------------
|
||
|
||
log: 'warning'
|
||
logger_format: '[%P] %U %L %m'
|
||
include_paths: []
|
||
template_paths: []
|
||
site_local_files: false
|
||
external_databases: []
|
||
|
||
# ------------
|
||
# WEB FRONTEND
|
||
# ------------
|
||
|
||
domain_suffix: ""
|
||
no_auth: false
|
||
suggest_guest: false
|
||
navbar_autocomplete: true
|
||
trust_remote_user: false
|
||
trust_x_remote_user: false
|
||
#ldap:
|
||
# servers: []
|
||
# user_string: 'MYDOMAIN\%USER%'
|
||
# base: ""
|
||
# proxy_user: ""
|
||
# proxy_pass: ""
|
||
# opts:
|
||
# debug: 3
|
||
# tls_opts: {}
|
||
path: '/'
|
||
web_plugins:
|
||
- Inventory
|
||
- Report::PortVLANMismatch
|
||
- Report::PortAdminDown
|
||
- Report::PortBlocking
|
||
- Report::PortMultiNodes
|
||
- Report::PortSsid
|
||
- Report::PortUtilization
|
||
- Report::ApChannelDist
|
||
- Report::ApClients
|
||
- Report::ApRadioChannelPower
|
||
- Report::HalfDuplex
|
||
- Report::DeviceAddrNoDNS
|
||
- Report::DeviceByLocation
|
||
- Report::InventoryByModelByOS
|
||
- Report::DeviceDnsMismatch
|
||
- Report::DevicePoeStatus
|
||
- Report::DuplexMismatch
|
||
- Report::IpInventory
|
||
- Report::ModuleInventory
|
||
- Report::Netbios
|
||
- Report::NodeMultiIPs
|
||
- Report::NodeVendor
|
||
- Report::NodesDiscovered
|
||
- Report::SsidInventory
|
||
- Report::VlanInventory
|
||
- Report::SubnetUtilization
|
||
- Report::PortLog
|
||
- AdminTask::JobQueue
|
||
- AdminTask::NodeMonitor
|
||
- AdminTask::Topology
|
||
- AdminTask::PollerPerformance
|
||
- AdminTask::PseudoDevice
|
||
- AdminTask::SlowDevices
|
||
- AdminTask::UndiscoveredNeighbors
|
||
- AdminTask::OrphanedDevices
|
||
- AdminTask::DuplicateDevices
|
||
- AdminTask::TimedOutDevices
|
||
- AdminTask::UserLog
|
||
- AdminTask::Users
|
||
- Search::Device
|
||
- Search::Node
|
||
- Search::VLAN
|
||
- Search::Port
|
||
- Device::Details
|
||
- Device::Ports
|
||
- Device::Modules
|
||
- Device::Neighbors
|
||
- Device::Addresses
|
||
- Device::Vlans
|
||
extra_web_plugins: []
|
||
sidebar_defaults:
|
||
search_node:
|
||
stamps: { default: checked }
|
||
deviceports: { default: checked }
|
||
show_vendor: { default: null }
|
||
archived: { default: null }
|
||
partial: { default: null }
|
||
age_invert: { default: null }
|
||
daterange: { default: null }
|
||
mac_format: { default: IEEE }
|
||
search_port:
|
||
partial: { default: null }
|
||
uplink: { default: null }
|
||
ethernet: { default: checked }
|
||
search_device:
|
||
matchall: { default: checked }
|
||
device_ports:
|
||
c_admin: { label: 'Port Controls', default: null, idx: 0 }
|
||
c_port: { label: 'Port', default: checked, idx: 1 }
|
||
c_descr: { label: 'Description', default: null, idx: 2 }
|
||
c_comment: { label: 'Last Comment', default: null, idx: 3 }
|
||
c_type: { label: 'Type', default: null, idx: 4 }
|
||
c_duplex: { label: 'Duplex', default: null, idx: 5 }
|
||
c_lastchange: { label: 'Last Change', default: null, idx: 6 }
|
||
c_name: { label: 'Name', default: checked, idx: 7 }
|
||
c_speed: { label: 'Speed', default: null, idx: 8 }
|
||
c_error: { label: 'Error Message', default: null, idx: 9 }
|
||
c_mac: { label: 'Port MAC', default: null, idx: 10 }
|
||
c_mtu: { label: 'MTU', default: null, idx: 11 }
|
||
c_pvid: { label: 'Native VLAN', default: checked, idx: 12 }
|
||
c_vmember: { label: 'VLAN Membership', default: checked, idx: 13 }
|
||
c_power: { label: 'PoE', default: null, idx: 14 }
|
||
c_ssid: { label: 'SSID', default: null, idx: 15 }
|
||
c_nodes: { label: 'Connected Nodes', default: null, idx: 16 }
|
||
c_neighbors: { label: 'Connected Devices', default: checked, idx: 17 }
|
||
c_stp: { label: 'Spanning Tree', default: null, idx: 18 }
|
||
c_up: { label: 'Status', default: null, idx: 19 }
|
||
mac_format: { default: IEEE }
|
||
n_inventory: { label: 'Inventory Data', default: checked, idx: 0 }
|
||
n_detailed_inventory: { label: 'Detailed Inventory', default: null, idx: 1 }
|
||
n_age: { label: 'Age Stamp', default: null, idx: 2 }
|
||
n_ip4: { label: 'IPv4 Addresses', default: checked, idx: 3 }
|
||
n_ip6: { label: 'IPv6 Addresses', default: checked, idx: 4 }
|
||
n_netbios: { label: 'NetBIOS Name', default: checked, idx: 5 }
|
||
n_ssid: { label: 'SSID', default: checked, idx: 6 }
|
||
n_vendor: { label: 'Vendor', default: null, idx: 7 }
|
||
n_archived: { label: 'Archived Data', default: null, idx: 8 }
|
||
age_num: { default: 3 }
|
||
age_unit: { default: months }
|
||
device_netmap:
|
||
showips: { default: null }
|
||
showspeed: { default: null }
|
||
mapshow: { default: neighbors }
|
||
colorby: { default: speed }
|
||
dynamicsize: { default: checked }
|
||
report_moduleinventory:
|
||
fruonly: { default: checked }
|
||
matchall: { default: checked }
|
||
report_portutilization:
|
||
age_num: { default: 3 }
|
||
age_unit: { default: months }
|
||
device_port_col_idx_left: 0
|
||
device_port_col_idx_mid: 2
|
||
device_port_col_idx_right: -1
|
||
jobqueue_refresh: 10
|
||
safe_password_store: true
|
||
reports: []
|
||
system_reports:
|
||
- tag: portserrordisabled
|
||
label: 'Error Disabled Ports'
|
||
category: Port
|
||
columns:
|
||
- { ip: Device }
|
||
- { dns: DNS }
|
||
- { port: Port }
|
||
- { name: Description }
|
||
- { reason: Reason }
|
||
query: |
|
||
SELECT dp.ip, d.dns, dp.port, dp.name, properties.error_disable_cause AS reason
|
||
FROM device_port dp
|
||
INNER JOIN device_port_properties properties USING (ip, port)
|
||
LEFT JOIN device d USING (ip)
|
||
WHERE properties.error_disable_cause IS NOT NULL
|
||
ORDER BY dp.ip, dp.port
|
||
table_pagesize: 10
|
||
table_showrecordsmenu:
|
||
- [10, 25, 50, 100, '-1']
|
||
- [10, 25, 50, 100, 'All']
|
||
vlanctl: true
|
||
portctl_nameonly: false
|
||
portctl_nophones: false
|
||
portctl_vlans: false
|
||
portctl_uplinks: false
|
||
port_control_reasons:
|
||
address: 'Address Allocation Abuse'
|
||
copyright: 'Copyright Violation'
|
||
dos: 'Denial of Service'
|
||
bandwidth: 'Excessive Bandwidth'
|
||
polling: 'Excessive Polling of DNS/DHCP/SNMP'
|
||
noserv: 'Not In Service'
|
||
exploit: 'Remote Exploit Possible'
|
||
compromised: 'System Compromised'
|
||
other: 'Other'
|
||
resolved: 'Issue Resolved'
|
||
check_userlog: true
|
||
devport_vlan_limit: 150
|
||
login_logo: ""
|
||
defanged_admin: 'admin'
|
||
|
||
# -------------
|
||
# NETDISCO CORE
|
||
# -------------
|
||
|
||
# mibhome is discovered from environment
|
||
# mibdirs defaults to contents of mibhome
|
||
host_groups:
|
||
__ANY__:
|
||
- 'any'
|
||
__LOCAL_ADDRESSES__:
|
||
- '::1'
|
||
- 'fe80::/10'
|
||
- '127.0.0.0/8'
|
||
host_group_displaynames: {}
|
||
device_identity: []
|
||
community: []
|
||
community_rw: []
|
||
device_auth: []
|
||
get_community: ""
|
||
bulkwalk_off: false
|
||
bulkwalk_no: []
|
||
bulkwalk_repeaters: 20
|
||
nonincreasing: false
|
||
snmpver: 3
|
||
snmptimeout: 3000000
|
||
snmpretries: 2
|
||
snmp_remoteport: {}
|
||
devices_no: []
|
||
devices_only: []
|
||
discover_no: []
|
||
discover_only: []
|
||
discover_no_type:
|
||
- '(?i)phone'
|
||
- '(?i)(?:wap|wireless)'
|
||
discover_min_age: 0
|
||
macsuck_no: []
|
||
macsuck_only: []
|
||
macsuck_all_vlans: false
|
||
macsuck_no_unnamed: false
|
||
macsuck_no_vlan:
|
||
- 'fddi-default'
|
||
- 'token-ring-default'
|
||
- 'fddinet-default'
|
||
- 'trnet-default'
|
||
- 'fcoe-vsan-4048'
|
||
- 'SAM-vlan-boot'
|
||
- 'SAM-vlan-appliance-management'
|
||
- 'SAM-vlan-management'
|
||
macsuck_no_devicevlan: []
|
||
macsuck_unsupported: []
|
||
macsuck_unsupported_type: []
|
||
macsuck_bleed: false
|
||
macsuck_min_age: 0
|
||
snmpforce_v1: []
|
||
snmpforce_v2: []
|
||
snmpforce_v3: []
|
||
arpnip_no: []
|
||
arpnip_only: []
|
||
arpnip_min_age: 0
|
||
nbtstat_no: []
|
||
nbtstat_only: []
|
||
nbtstat_max_age: 7
|
||
nbtstat_interval: 0.02
|
||
nbtstat_response_timeout: 1
|
||
node_freshness: 0
|
||
expire_devices: 60
|
||
expire_nodes: 90
|
||
expire_nodes_archive: 60
|
||
expire_jobs: 14
|
||
expire_userlog: 365
|
||
expire_nodeip_freshness: null
|
||
store_wireless_clients: true
|
||
store_modules: true
|
||
ignore_interfaces:
|
||
- 'EOBC'
|
||
- 'unrouted VLAN(?: \d+)?'
|
||
- 'StackPort'
|
||
- 'Control Plane Interface'
|
||
- 'SPAN (S|R)P Interface'
|
||
- 'StackSub-.*'
|
||
- 'StackPort\d+'
|
||
- 'netflow'
|
||
- 'Vlan\d+-mpls layer'
|
||
- 'BRI\S+-Bearer Channel'
|
||
- 'BRI\S+-Physical'
|
||
- 'BRI\S+-Signalling'
|
||
- 'BRI\S+-Signaling'
|
||
- 'Embedded-Service-Engine\d+\/\d+'
|
||
- 'Virtual-Template\d+'
|
||
- 'Virtual-Access\d+'
|
||
- '(E|T)\d \d\/\d\/\d'
|
||
- 'InLoopback0'
|
||
- 'NULL\d'
|
||
- 'Register-Tunnel\d'
|
||
- 'Blade-Aggregation\d'
|
||
- 'M-GigabitEthernet\d\/\d\/\d'
|
||
- 'Ethernet(?:-| )QOS Packet Schedu?ler'
|
||
- 'Ethernet(?:-| )WFP (?:802\.3|Native) MAC Layer Lightweight Filter'
|
||
- 'ii\d\/\d\/\d+'
|
||
ignore_notpresent_types:
|
||
- 'ethernetCsmacd'
|
||
- 'tunnel'
|
||
- 'ieee8023adLag'
|
||
ignore_private_nets: false
|
||
reverse_sysname: false
|
||
phone_capabilities:
|
||
- '(?i:phone)'
|
||
phone_platforms:
|
||
- '(?i:mitel.5\d{3})'
|
||
wap_capabilities:
|
||
- 'wlanAccessPoint'
|
||
wap_platforms:
|
||
- '(?i:\bw?ap\b)'
|
||
- 'cisco\s+AIR-[L|C]?AP'
|
||
- '-K9W8-'
|
||
|
||
# --------------
|
||
# BACKEND DAEMON
|
||
# --------------
|
||
|
||
workers:
|
||
tasks: 'AUTO * 2'
|
||
timeout: 600
|
||
sleep_time: 1
|
||
min_runtime: 0
|
||
max_deferrals: 10
|
||
retry_after: '7 days'
|
||
queue: PostgreSQL
|
||
|
||
# 50 minutes
|
||
jobs_stale_after: 3000
|
||
jobs_qdepth: 50
|
||
|
||
dns:
|
||
max_outstanding: 50
|
||
hosts_file: '/etc/hosts'
|
||
no: ['group:__LOCAL_ADDRESSES__','169.254.0.0/16']
|
||
|
||
schedule:
|
||
discoverall:
|
||
when: '5 7 * * *'
|
||
macwalk:
|
||
when:
|
||
min: 20
|
||
arpwalk:
|
||
when:
|
||
min: 50
|
||
nbtwalk:
|
||
when: '0 8,13,21 * * *'
|
||
expire:
|
||
when: '30 23 * * *'
|
||
|
||
job_prio:
|
||
high:
|
||
- location
|
||
- contact
|
||
- portcontrol
|
||
- portname
|
||
- vlan
|
||
- power
|
||
normal:
|
||
- discoverall
|
||
- discover
|
||
- arpwalk
|
||
- arpnip
|
||
- macwalk
|
||
- macsuck
|
||
- nbtwalk
|
||
- nbtstat
|
||
- expire
|
||
- stats
|
||
|
||
worker_plugins:
|
||
- 'Arpnip'
|
||
- 'Arpnip::Nodes'
|
||
- 'Arpnip::Subnets'
|
||
- 'Arpwalk'
|
||
- 'Contact'
|
||
- 'Delete'
|
||
- 'Discover'
|
||
- 'Discover::CanonicalIP'
|
||
- 'Discover::Entities'
|
||
- 'Discover::Neighbors'
|
||
- 'Discover::Neighbors::Routed'
|
||
- 'Discover::PortPower'
|
||
- 'Discover::PortProperties'
|
||
- 'Discover::Properties'
|
||
- 'Discover::VLANs'
|
||
- 'Discover::Wireless'
|
||
- 'Discover::WithNodes'
|
||
- 'DiscoverAll'
|
||
- 'DumpConfig'
|
||
- 'Expire'
|
||
- 'ExpireNodes'
|
||
- 'Graph'
|
||
- 'Location'
|
||
- 'Macsuck'
|
||
- 'Macsuck::Nodes'
|
||
- 'Macsuck::WirelessNodes'
|
||
- 'Macwalk'
|
||
- 'MakeRancidConf'
|
||
- 'NodeMonitor'
|
||
- 'Nbtstat'
|
||
- 'Nbtstat::Core'
|
||
- 'Nbtwalk'
|
||
- 'PortControl'
|
||
- 'PortName'
|
||
- 'Power'
|
||
- 'Psql'
|
||
- 'Renumber'
|
||
- 'Show'
|
||
- 'Stats'
|
||
- 'Vlan'
|
||
- 'Vlan::Core'
|
||
|
||
extra_worker_plugins: []
|
||
# - Discover::ConfigBackup::CLI
|
||
|
||
driver_priority:
|
||
restconf: 500
|
||
netconf: 400
|
||
eapi: 300
|
||
cli: 200
|
||
snmp: 100
|
||
|
||
# ---------------
|
||
# GraphViz Export
|
||
# ---------------
|
||
|
||
graph:
|
||
# ---- Graph Settings ----
|
||
edge_color : wheat
|
||
|
||
graph : 'graph/netmap.gif'
|
||
graph_png : 'graph/netmap.png'
|
||
graph_bg : black
|
||
graph_clusters : false # try fdp layout
|
||
graph_color : white
|
||
graph_default : png
|
||
#graph_dir : net_dir.gif
|
||
graph_epsilon : 6
|
||
graph_layout : twopi # try neato or fdp too
|
||
graph_map : 'graph/netmap.map'
|
||
graph_overlap : scale
|
||
graph_nodesep : 2
|
||
graph_ranksep : .3
|
||
graph_raw : 'graph/graph_raw.dot'
|
||
graph_splines : false
|
||
graph_svg : 'graph/netmap.svg'
|
||
graph_timeout : 90
|
||
graph_x : 30
|
||
graph_y : 30
|
||
|
||
node_fillcolor : dimgrey
|
||
node_font : lucon
|
||
node_fontsize : 46.0
|
||
node_fontcolor : white
|
||
node_problem : red
|
||
node_shape : box
|
||
node_style : filled
|
||
#edge_style : setlinewidth(10)
|
||
|
||
# ---- Node Maps ----
|
||
# variable:matching pattern:node attribute:attribute value:key:key name
|
||
#node_map:
|
||
# - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device'
|
||
# - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router'
|
||
# - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet'
|
||
|
||
# ---------------
|
||
# DANCER INTERNAL
|
||
# ---------------
|
||
|
||
charset: 'UTF-8'
|
||
warnings: false
|
||
show_errors: false
|
||
logger: 'console'
|
||
engines:
|
||
netdisco_template_toolkit:
|
||
encoding: 'utf8'
|
||
start_tag: '[%'
|
||
end_tag: '%]'
|
||
PRE_CHOMP: 1
|
||
INCLUDE_PATH: []
|
||
layout: 'main'
|
||
plugins:
|
||
Auth::Extensible:
|
||
no_api_change_warning: true
|
||
no_default_pages: true
|
||
no_login_handler: true
|
||
realms:
|
||
users:
|
||
provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
|
||
schema_name: 'netdisco'
|
||
session: 'cookie'
|
||
session_cookie_key: 'this_will_be_overridden_on_webapp_startup'
|
||
template: 'netdisco_template_toolkit'
|
||
route_cache: true
|
||
appname: 'Netdisco'
|
||
behind_proxy: false
|