search

felbinger / netbox_cybex

Features for cyber exercises in NetBox
2 stars 0 forks source link
netbox netbox-plugin

readme

Netbox Plugin: CybEx

This plugin adds features for cyber exercises to your  NetBox instance. It should be used exclusively for IT security trainings and cyber exercises where applications such as Netbox are out of scope. Do not use parts of this plugin (e.g., the credentials section) in a non-training environment!

Preview

Deployment

Docker

COPY ./plugin_requirements.txt /opt/netbox/ RUN /opt/netbox/venv/bin/pip install --no-warn-script-location -r /opt/netbox/plugin_requirements.txt

These lines are only required if your plugin has its own static files.

COPY configuration/configuration.py /etc/netbox/config/configuration.py COPY configuration/plugins.py /etc/netbox/config/plugins.py RUN SECRET_KEY="dummydummydummydummydummydummydummydummydummydummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input

- override mountpoint for templates:
```yaml
# docker-compose.override.yml
version: '3.4'

services:
  netbox:
    image: netbox:latest-plugins
    ports:
      - 8000:8080
    build:
      context: .
      dockerfile: Dockerfile-Plugins
    volumes:
      - "./netbox_cybex/netbox_cybex/templates/dcim/device.html:/opt/netbox/netbox/templates/dcim/device.html"
      - "./netbox_cybex/netbox_cybex/templates/virtualization/virtualmachine.html:/opt/netbox/netbox/templates/virtualization/virtualmachine.html"
      - "./netbox_cybex/netbox_cybex/templates/netbox_cyber:/opt/netbox/netbox/templates/netbox_cyber/"

  netbox-worker:
    image: netbox:latest-plugins
    build:
      context: .
      dockerfile: Dockerfile-Plugins

  netbox-housekeeping:
    image: netbox:latest-plugins
    build:
      context: .
      dockerfile: Dockerfile-Plugins

NixOS

A default netbox deployment for NixOS can be found on github:secshellnet/nixos, you can add plugins like this:

{ lib
, ...
}: let
  netbox_cybex = ps: ps.buildPythonPackage rec {
    pname = "netbox_cybex";
    version = "0.1";
    format = "pyproject";

    src = ps.fetchPypi {
      inherit pname version;
      hash = "sha256-YfC5aOHQQqjTCv2mac+p/1zX/8M+TemYyoim9YSXJPs=";
    };

    nativeBuildInputs = with ps; [
      setuptools
    ];

    meta = with lib; {
      description = "Features for cyber exercises in NetBox";
      homepage = "https://github.com/felbinger/netbox_cybex";
      license = licenses.mpl20;
      platforms = platforms.linux;
    };
  };
in {

  # Your NetBox configuration
  # ...

  services.netbox.plugins = (ps: [ (netbox_cybex ps) ]);
  services.netbox.settings.PLUGINS = [ "netbox_cybex" ];
}

Development Environment

git clone --branch v3.7.2 --single-branch https://github.com/netbox-community/netbox ~/netbox
python3 -m venv ~/netbox/venv
source ~/netbox/venv/bin/activate
pip3 install -r ~/netbox/requirements.txt

# create configuration from example
cat ~/netbox/netbox/netbox/configuration_example.py | \
  sed -e "s/^DEBUG.*/DEBUG = True/" | \
  sed -e "s/^SECRET_KEY.*/SECRET_KEY = '$(~/netbox/netbox/generate_secret_key.py)'/" | \
  sed -e "s/^ALLOWED_HOSTS.*/ALLOWED_HOSTS = \[\'127.0.0.1\'\]/" | \
  sed -e "s/'USER': ''/'USER': 'postgres'/" > ~/netbox/netbox/netbox/configuration.py

# start database and redis
docker compose up -d

~/netbox/netbox/manage.py migrate
~/netbox/netbox/manage.py createsuperuser \
  --username admin \
  --email admin@localhost.localdomain
~/netbox/netbox/manage.py runserver

# netbox should now reachable on: http://127.0.0.1:8000/

# build plugin
python3 setup.py develop

# add plugin to configuration
sed -i -e "s/^PLUGINS.*/PLUGINS = \['netbox_cybex'\]/" ~/netbox/netbox/netbox/configuration.py

# enable developer mode to enable usage of makemigrations
echo "DEVELOPER=True" >> ~/netbox/netbox/netbox/configuration.py

# Building the app
~/netbox/netbox/manage.py makemigrations
~/netbox/netbox/manage.py migrate

# Publish
python3 -m pip install --upgrade build twine
python3 -m build
python3 -m twine upload --repository pypi dist/*

TODO