533 lines
13 KiB
YAML
533 lines
13 KiB
YAML
# This is the main configuration file for Netdisco web and backend apps
|
|
#
|
|
# DO NOT EDIT THIS FILE
|
|
#
|
|
# Overrides should go to ~/environments/deployment.yml
|
|
#
|
|
# https://github.com/netdisco/netdisco/wiki/Configuration has
|
|
# in depth explanations about each setting.
|
|
|
|
# ----------------
|
|
# GENERAL SETTINGS
|
|
# ----------------
|
|
|
|
log: 'warning'
|
|
logger_format: '[%P] %U %L %m'
|
|
include_paths: []
|
|
template_paths: []
|
|
site_local_files: false
|
|
external_databases: []
|
|
|
|
# ------------
|
|
# WEB FRONTEND
|
|
# ------------
|
|
|
|
domain_suffix: []
|
|
no_auth: false
|
|
suggest_guest: false
|
|
navbar_autocomplete: true
|
|
trust_remote_user: false
|
|
trust_x_remote_user: false
|
|
api_token_lifetime: 3600
|
|
tacacs: {}
|
|
radius: {}
|
|
ldap: {}
|
|
# servers: []
|
|
# user_string: 'MYDOMAIN\%USER%'
|
|
# base: ""
|
|
# proxy_user: ""
|
|
# proxy_pass: ""
|
|
# opts:
|
|
# debug: 3
|
|
# tls_opts: {}
|
|
path: '/'
|
|
web_home: '/inventory'
|
|
web_plugins:
|
|
- Inventory
|
|
- Report::PortVLANMismatch
|
|
- Report::PortAdminDown
|
|
- Report::PortBlocking
|
|
- Report::PortMultiNodes
|
|
- Report::PortSsid
|
|
- Report::PortUtilization
|
|
- Report::ApChannelDist
|
|
- Report::ApClients
|
|
- Report::ApRadioChannelPower
|
|
- Report::HalfDuplex
|
|
- Report::DeviceAddrNoDNS
|
|
- Report::DeviceByLocation
|
|
- Report::InventoryByModelByOS
|
|
- Report::DeviceDnsMismatch
|
|
- Report::DevicePoeStatus
|
|
- Report::DuplexMismatch
|
|
- Report::IpInventory
|
|
- Report::ModuleInventory
|
|
- Report::Netbios
|
|
- Report::NodeMultiIPs
|
|
- Report::NodeVendor
|
|
- Report::NodesDiscovered
|
|
- Report::SsidInventory
|
|
- Report::VlanInventory
|
|
- Report::SubnetUtilization
|
|
- Report::PortLog
|
|
- AdminTask::JobQueue
|
|
- AdminTask::NodeMonitor
|
|
- AdminTask::Topology
|
|
- AdminTask::PollerPerformance
|
|
- AdminTask::PseudoDevice
|
|
- AdminTask::SlowDevices
|
|
- AdminTask::UndiscoveredNeighbors
|
|
- AdminTask::OrphanedDevices
|
|
- AdminTask::DuplicateDevices
|
|
- AdminTask::TimedOutDevices
|
|
- AdminTask::UserLog
|
|
- AdminTask::Users
|
|
- Search::Device
|
|
- Search::Node
|
|
- Search::VLAN
|
|
- Search::Port
|
|
- Device::Details
|
|
- Device::Ports
|
|
- Device::Modules
|
|
- Device::Neighbors
|
|
- Device::Addresses
|
|
- Device::Vlans
|
|
extra_web_plugins: []
|
|
sidebar_defaults:
|
|
search_node:
|
|
stamps: { default: checked }
|
|
deviceports: { default: checked }
|
|
show_vendor: { default: null }
|
|
archived: { default: null }
|
|
partial: { default: null }
|
|
age_invert: { default: null }
|
|
daterange: { default: null }
|
|
mac_format: { default: IEEE }
|
|
search_port:
|
|
partial: { default: checked }
|
|
uplink: { default: null }
|
|
ethernet: { default: checked }
|
|
search_device:
|
|
matchall: { default: checked }
|
|
device_ports:
|
|
c_admin: { label: 'Port Controls', default: null, idx: 0 }
|
|
c_port: { label: 'Port', default: checked, idx: 1 }
|
|
c_descr: { label: 'Description', default: null, idx: 2 }
|
|
c_comment: { label: 'Last Comment', default: null, idx: 3 }
|
|
c_type: { label: 'Type', default: null, idx: 4 }
|
|
c_duplex: { label: 'Duplex', default: null, idx: 5 }
|
|
c_lastchange: { label: 'Last Change', default: null, idx: 6 }
|
|
c_name: { label: 'Name', default: checked, idx: 7 }
|
|
c_speed: { label: 'Speed (running)', default: null, idx: 8 }
|
|
c_speed_admin: { label: 'Speed (configured)', default: null, idx: 9 }
|
|
c_error: { label: 'Error Message', default: null, idx: 10 }
|
|
c_mac: { label: 'Port MAC', default: null, idx: 11 }
|
|
c_mtu: { label: 'MTU', default: null, idx: 12 }
|
|
c_pvid: { label: 'Native VLAN', default: checked, idx: 13 }
|
|
c_vmember: { label: 'VLAN Membership', default: checked, idx: 14 }
|
|
c_power: { label: 'PoE', default: null, idx: 15 }
|
|
c_ssid: { label: 'SSID', default: null, idx: 16 }
|
|
c_nodes: { label: 'Connected Nodes', default: null, idx: 17 }
|
|
c_neighbors: { label: 'Connected Devices', default: checked, idx: 18 }
|
|
c_stp: { label: 'Spanning Tree', default: null, idx: 19 }
|
|
c_up: { label: 'Status', default: null, idx: 20 }
|
|
mac_format: { default: IEEE }
|
|
n_inventory: { label: 'Inventory Data', default: checked, idx: 0 }
|
|
n_detailed_inventory: { label: 'Detailed Inventory', default: null, idx: 1 }
|
|
n_age: { label: 'Age Stamp', default: null, idx: 2 }
|
|
n_ip4: { label: 'IPv4 Addresses', default: checked, idx: 3 }
|
|
n_ip6: { label: 'IPv6 Addresses', default: checked, idx: 4 }
|
|
n_netbios: { label: 'NetBIOS Name', default: checked, idx: 5 }
|
|
n_ssid: { label: 'SSID', default: checked, idx: 6 }
|
|
n_vendor: { label: 'Vendor', default: null, idx: 7 }
|
|
n_archived: { label: 'Archived Data', default: null, idx: 8 }
|
|
age_num: { default: 3 }
|
|
age_unit: { default: months }
|
|
device_netmap:
|
|
showips: { default: null }
|
|
showspeed: { default: null }
|
|
mapshow: { default: neighbors }
|
|
colorby: { default: speed }
|
|
dynamicsize: { default: checked }
|
|
report_moduleinventory:
|
|
fruonly: { default: checked }
|
|
matchall: { default: checked }
|
|
report_portutilization:
|
|
age_num: { default: 3 }
|
|
age_unit: { default: months }
|
|
device_port_col_idx_left: 0
|
|
device_port_col_idx_mid: 2
|
|
device_port_col_idx_right: -1
|
|
jobqueue_refresh: 10
|
|
safe_password_store: true
|
|
reports: []
|
|
system_reports:
|
|
- tag: portserrordisabled
|
|
label: 'Error Disabled Ports'
|
|
category: Port
|
|
columns:
|
|
- { ip: Device }
|
|
- { dns: DNS }
|
|
- { port: Port }
|
|
- { name: Description }
|
|
- { reason: Reason }
|
|
query: |
|
|
SELECT dp.ip, d.dns, dp.port, dp.name, properties.error_disable_cause AS reason
|
|
FROM device_port dp
|
|
INNER JOIN device_port_properties properties USING (ip, port)
|
|
LEFT JOIN device d USING (ip)
|
|
WHERE properties.error_disable_cause IS NOT NULL
|
|
ORDER BY dp.ip, dp.port
|
|
table_pagesize: 10
|
|
table_showrecordsmenu:
|
|
- [10, 25, 50, 100, '-1']
|
|
- [10, 25, 50, 100, 'All']
|
|
vlanctl: true
|
|
portctl_nameonly: false
|
|
portctl_nophones: false
|
|
portctl_vlans: false
|
|
portctl_uplinks: false
|
|
port_control_reasons:
|
|
address: 'Address Allocation Abuse'
|
|
copyright: 'Copyright Violation'
|
|
dos: 'Denial of Service'
|
|
bandwidth: 'Excessive Bandwidth'
|
|
polling: 'Excessive Polling of DNS/DHCP/SNMP'
|
|
noserv: 'Not In Service'
|
|
exploit: 'Remote Exploit Possible'
|
|
compromised: 'System Compromised'
|
|
other: 'Other'
|
|
resolved: 'Issue Resolved'
|
|
check_userlog: false
|
|
devport_vlan_limit: 150
|
|
login_logo: ""
|
|
defanged_admin: 'admin'
|
|
|
|
# -------------
|
|
# NETDISCO CORE
|
|
# -------------
|
|
|
|
# mibhome is discovered from environment
|
|
# mibdirs defaults to contents of mibhome
|
|
host_groups:
|
|
__ANY__:
|
|
- '0.0.0.0/0'
|
|
- '::/0'
|
|
__LOCAL_ADDRESSES__:
|
|
- '::1'
|
|
- 'fe80::/10'
|
|
- '127.0.0.0/8'
|
|
host_group_displaynames: {}
|
|
device_identity: []
|
|
community: []
|
|
community_rw: []
|
|
device_auth: []
|
|
use_legacy_rancidexport: false
|
|
use_legacy_sshcollector: false
|
|
get_credentials: ""
|
|
bulkwalk_off: false
|
|
bulkwalk_no: []
|
|
bulkwalk_repeaters: 20
|
|
nonincreasing: false
|
|
snmpver: 3
|
|
snmptimeout: 3000000
|
|
snmpretries: 2
|
|
snmp_remoteport: {}
|
|
snmp_field_protection:
|
|
device:
|
|
serial: ['group:__ANY__']
|
|
devices_no: []
|
|
devices_only: []
|
|
discover_no: []
|
|
discover_only: []
|
|
discover_no_type: []
|
|
discover_waps: true
|
|
discover_phones: false
|
|
discover_min_age: 0
|
|
macsuck_no: []
|
|
macsuck_only: []
|
|
macsuck_all_vlans: false
|
|
macsuck_no_unnamed: false
|
|
macsuck_no_vlan:
|
|
- 'fddi-default'
|
|
- 'token-ring-default'
|
|
- 'fddinet-default'
|
|
- 'trnet-default'
|
|
- 'fcoe-vsan-4048'
|
|
- 'SAM-vlan-boot'
|
|
- 'SAM-vlan-appliance-management'
|
|
- 'SAM-vlan-management'
|
|
macsuck_no_devicevlan: []
|
|
macsuck_unsupported: []
|
|
macsuck_unsupported_type: []
|
|
macsuck_bleed: false
|
|
macsuck_min_age: 0
|
|
snmpforce_v1: []
|
|
snmpforce_v2: []
|
|
snmpforce_v3: []
|
|
arpnip_no: []
|
|
arpnip_only: []
|
|
arpnip_min_age: 0
|
|
nbtstat_no: []
|
|
nbtstat_only: []
|
|
nbtstat_max_age: 7
|
|
nbtstat_interval: 0.02
|
|
nbtstat_response_timeout: 1
|
|
node_freshness: 0
|
|
expire_devices: 60
|
|
expire_nodes: 90
|
|
expire_nodes_archive: 60
|
|
expire_jobs: 14
|
|
expire_userlog: 365
|
|
expire_nodeip_freshness: null
|
|
store_wireless_clients: true
|
|
store_modules: true
|
|
ignore_interfaces:
|
|
- 'EOBC'
|
|
- 'unrouted VLAN(?: \d+)?'
|
|
- 'StackPort'
|
|
- 'Control Plane Interface'
|
|
- 'SPAN (S|R)P Interface'
|
|
- 'StackSub-.*'
|
|
- 'StackPort\d+'
|
|
- 'netflow'
|
|
- 'Vlan\d+-mpls layer'
|
|
- 'BRI\S+-Bearer Channel'
|
|
- 'BRI\S+-Physical'
|
|
- 'BRI\S+-Signalling'
|
|
- 'BRI\S+-Signaling'
|
|
- 'Embedded-Service-Engine\d+\/\d+'
|
|
- 'Virtual-Template\d+'
|
|
- 'Virtual-Access\d+'
|
|
- '(E|T)\d \d\/\d\/\d'
|
|
- 'InLoopback0'
|
|
- 'NULL\d'
|
|
- 'Register-Tunnel\d'
|
|
- 'Blade-Aggregation\d'
|
|
- 'M-GigabitEthernet\d\/\d\/\d'
|
|
- 'Ethernet(?:-| )QOS Packet Scheduler'
|
|
- 'Ethernet(?:-| )WFP (?:802\.3|Native) MAC Layer Lightweight Filter'
|
|
- 'ii\d\/\d\/\d+'
|
|
ignore_notpresent_types:
|
|
- 'ethernetCsmacd'
|
|
- 'tunnel'
|
|
- 'ieee8023adLag'
|
|
ignore_private_nets: false
|
|
reverse_sysname: false
|
|
phone_capabilities:
|
|
- '(?i:phone)'
|
|
phone_platforms:
|
|
- '(?i:mitel.5\d{3})'
|
|
wap_capabilities:
|
|
- 'wlanAccessPoint'
|
|
wap_platforms:
|
|
- '(?i:\bwap\b)'
|
|
- 'cisco\s+AIR-[L|C]?AP'
|
|
- '-K9W8-'
|
|
|
|
# --------------
|
|
# BACKEND DAEMON
|
|
# --------------
|
|
|
|
workers:
|
|
tasks: 'AUTO * 2'
|
|
timeout: 600
|
|
sleep_time: 1
|
|
min_runtime: 0
|
|
max_deferrals: 10
|
|
retry_after: '7 days'
|
|
queue: PostgreSQL
|
|
|
|
# 50 minutes
|
|
jobs_stale_after: 3000
|
|
jobs_qdepth: 50
|
|
|
|
dns:
|
|
max_outstanding: 50
|
|
hosts_file: '/etc/hosts'
|
|
no: ['group:__LOCAL_ADDRESSES__','169.254.0.0/16']
|
|
|
|
hooks: []
|
|
|
|
schedule:
|
|
discoverall:
|
|
when: '5 7 * * *'
|
|
macwalk:
|
|
when:
|
|
min: 20
|
|
arpwalk:
|
|
when:
|
|
min: 50
|
|
nbtwalk:
|
|
when: '0 8,13,21 * * *'
|
|
expire:
|
|
when: '30 23 * * *'
|
|
makerancidconf: null
|
|
|
|
job_prio:
|
|
high:
|
|
- hook::exec
|
|
- hook::http
|
|
- location
|
|
- contact
|
|
- portcontrol
|
|
- portname
|
|
- vlan
|
|
- power
|
|
normal:
|
|
- discoverall
|
|
- discover
|
|
- arpwalk
|
|
- arpnip
|
|
- macwalk
|
|
- macsuck
|
|
- nbtwalk
|
|
- nbtstat
|
|
- expire
|
|
- stats
|
|
|
|
worker_plugins:
|
|
- 'Arpnip'
|
|
- 'Arpnip::Nodes'
|
|
- 'Arpnip::Subnets'
|
|
- 'Arpnip::Hooks'
|
|
- 'Arpwalk'
|
|
- 'Contact'
|
|
- 'Delete'
|
|
- 'Discover'
|
|
- 'Discover::CanonicalIP'
|
|
- 'Discover::Entities'
|
|
- 'Discover::Neighbors'
|
|
- 'Discover::Neighbors::Routed'
|
|
- 'Discover::Neighbors::DOCSIS'
|
|
- 'Discover::PortPower'
|
|
- 'Discover::PortProperties'
|
|
- 'Discover::Properties'
|
|
- 'Discover::VLANs'
|
|
- 'Discover::Wireless'
|
|
- 'Discover::WithNodes'
|
|
- 'Discover::Hooks'
|
|
- 'DiscoverAll'
|
|
- 'DumpConfig'
|
|
- 'Expire'
|
|
- 'ExpireNodes'
|
|
- 'Graph'
|
|
- 'Hook'
|
|
- 'Hook::Exec'
|
|
- 'Hook::HTTP'
|
|
- 'Location'
|
|
- 'Macsuck'
|
|
- 'Macsuck::Nodes'
|
|
- 'Macsuck::WirelessNodes'
|
|
- 'Macsuck::Hooks'
|
|
- 'Macwalk'
|
|
- 'MakeRancidConf'
|
|
- 'NodeMonitor'
|
|
- 'Nbtstat'
|
|
- 'Nbtstat::Core'
|
|
- 'Nbtwalk'
|
|
- 'PortControl'
|
|
- 'PortName'
|
|
- 'Power'
|
|
- 'Psql'
|
|
- 'Renumber'
|
|
- 'GetAPIKey'
|
|
- 'Show'
|
|
- 'Stats'
|
|
- 'Vlan'
|
|
- 'Vlan::Core'
|
|
|
|
extra_worker_plugins: []
|
|
|
|
driver_priority:
|
|
restconf: 500
|
|
netconf: 400
|
|
eapi: 300
|
|
cli: 200
|
|
snmp: 100
|
|
|
|
# ---------------
|
|
# GraphViz Export
|
|
# ---------------
|
|
|
|
graph:
|
|
# ---- Graph Settings ----
|
|
edge_color : wheat
|
|
|
|
graph : 'graph/netmap.gif'
|
|
graph_png : 'graph/netmap.png'
|
|
graph_bg : black
|
|
graph_clusters : false # try fdp layout
|
|
graph_color : white
|
|
graph_default : png
|
|
#graph_dir : net_dir.gif
|
|
graph_epsilon : 6
|
|
graph_layout : twopi # try neato or fdp too
|
|
graph_map : 'graph/netmap.map'
|
|
graph_overlap : scale
|
|
graph_nodesep : 2
|
|
graph_ranksep : .3
|
|
graph_raw : 'graph/graph_raw.dot'
|
|
graph_splines : false
|
|
graph_svg : 'graph/netmap.svg'
|
|
graph_timeout : 90
|
|
graph_x : 30
|
|
graph_y : 30
|
|
|
|
node_fillcolor : dimgrey
|
|
node_font : lucon
|
|
node_fontsize : 46.0
|
|
node_fontcolor : white
|
|
node_problem : red
|
|
node_shape : box
|
|
node_style : filled
|
|
#edge_style : setlinewidth(10)
|
|
|
|
# ---- Node Maps ----
|
|
# variable:matching pattern:node attribute:attribute value:key:key name
|
|
#node_map:
|
|
# - 'label:cat(?!-g):fillcolor:blue:cat:Blue Box - Catalyst Device'
|
|
# - 'label:-g:fillcolor:darkgreen:dev-g:Green Box - Gateway / Router'
|
|
# - 'ip:^192.168\.:color:yellow:dev:Yellow Border - ResNet'
|
|
|
|
# ---------------
|
|
# DANCER INTERNAL
|
|
# ---------------
|
|
|
|
charset: 'UTF-8'
|
|
warnings: false
|
|
show_errors: false
|
|
logger: 'console'
|
|
engines:
|
|
netdisco_template_toolkit:
|
|
subclass: 'Template::AutoFilter'
|
|
encoding: 'utf8'
|
|
start_tag: '[%'
|
|
end_tag: '%]'
|
|
ANYCASE: 1
|
|
ABSOLUTE: 1
|
|
PRE_CHOMP: 1
|
|
INCLUDE_PATH: []
|
|
AUTO_FILTER: 'html_entity'
|
|
layout: 'noop'
|
|
plugins:
|
|
Swagger:
|
|
main_api_module: 'App::Netdisco'
|
|
ui_url: '/swagger-ui'
|
|
show_ui: false
|
|
ui_dir: '/dev/null'
|
|
Auth::Extensible:
|
|
no_api_change_warning: true
|
|
no_default_pages: true
|
|
no_login_handler: true
|
|
realms:
|
|
users:
|
|
provider: 'App::Netdisco::Web::Auth::Provider::DBIC'
|
|
schema_name: 'netdisco'
|
|
session: 'cookie'
|
|
session_cookie_key: 'this_will_be_overridden_on_webapp_startup'
|
|
template: 'netdisco_template_toolkit'
|
|
route_cache: true
|
|
appname: 'Netdisco'
|
|
behind_proxy: false
|