idaholab#530, work in progress on netbox plugin installation

.dockerignore

@@ -42,3 +42,5 @@ suricata-logs
 netbox/netbox/media
 netbox/netbox/postgres
 netbox/netbox/redis
+netbox/custom-plugins
+zeek/custom

Dockerfiles/netbox.Dockerfile

@@ -76,6 +76,7 @@ RUN export BINARCH=$(uname -m | sed 's/x86_64/amd64/' | sed 's/aarch64/arm64/')
       procps \
       psmisc \
       python3-dev \
+      ripgrep \
       rsync \
       supervisor \
       tini && \

docker-compose-dev.yml

@@ -1105,7 +1105,7 @@ services:
       bind:
         create_host_path: false
       source: ./netbox/config
-      target: /etc/netbox/config
+      target: /etc/netbox/config/configmap
       read_only: true
     - type: bind
       bind:
@@ -1118,6 +1118,12 @@ services:
       source: ./netbox/preload
       target: /opt/netbox-preload/configmap
       read_only: true
+    - type: bind
+      bind:
+        create_host_path: false
+      source: ./netbox/custom-plugins
+      target: /opt/netbox-custom-plugins
+      read_only: true
     healthcheck:
       test: ["CMD", "curl", "--silent", "http://localhost:8080/netbox/api/"]
       interval: 60s

docker-compose.yml

@@ -979,7 +979,7 @@ services:
       bind:
         create_host_path: false
       source: ./netbox/config
-      target: /etc/netbox/config
+      target: /etc/netbox/config/configmap
       read_only: true
     - type: bind
       bind:
@@ -992,6 +992,12 @@ services:
       source: ./netbox/preload
       target: /opt/netbox-preload/configmap
       read_only: true
+    - type: bind
+      bind:
+        create_host_path: false
+      source: ./netbox/custom-plugins
+      target: /opt/netbox-custom-plugins
+      read_only: true
     healthcheck:
       test: ["CMD", "curl", "--silent", "http://localhost:8080/netbox/api/"]
       interval: 60s

docs/contributing-local-modifications.md

@@ -463,6 +463,12 @@ services:
         source: ./netbox/preload
         target: /opt/netbox-preload/configmap
         read_only: true
+      - type: bind
+        bind:
+          create_host_path: false
+        source: ./netbox/custom-plugins
+        target: /opt/netbox-custom-plugins
+        read_only: true
   netbox-postgres:
     volumes:
       - type: bind

docs/custom-rules.md

@@ -1,8 +1,9 @@
-# <a name="CustomRulesAndScripts"></a>Custom Rules and Scripts
+# <a name="CustomRulesAndScripts"></a>Custom Rules, Scripts and Plugins
 
 * [Suricata](#Suricata)
 * [Zeek](#Zeek)
 * [YARA](#YARA)
+* [NetBox](#NetBox)
 * [Other Customizations](#Other)
 
 Much of Malcolm's behavior can be adjusted through [environment variable files](malcolm-config.md#MalcolmConfigEnvVars). However, some components allow further customization through the use of custom scripts, configuration files, and rules.
@@ -73,6 +74,10 @@ docker compose exec file-monitor supervisorctl restart yara
 
 If the `EXTRACTED_FILE_YARA_CUSTOM_ONLY` [environment variable](malcolm-config.md#MalcolmConfigEnvVars) is set to `true`, Malcolm will bypass the default Yara rulesets ([Neo23x0/signature-base](https://github.com/Neo23x0/signature-base), [reversinglabs/reversinglabs-yara-rules](https://github.com/reversinglabs/reversinglabs-yara-rules), and [bartblaze/Yara-rules](https://github.com/bartblaze/Yara-rules)) and use only user-defined rules in `./yara/rules`.
 
+## <a name="NetBox"></a>NetBox
+
+TODO documentation
+
 ## <a name="Other"></a>Other Customizations
 
 There are other areas of Malcolm that can be modified and customized to fit users' needs. Please see these other sections of the documentation for more information.

malcolm-iso/build.sh

@@ -100,6 +100,7 @@ if [ -d "$WORKDIR" ]; then
   mkdir -p "$MALCOLM_DEST_DIR/htadmin/"
   mkdir -p "$MALCOLM_DEST_DIR/logstash/certs/"
   mkdir -p "$MALCOLM_DEST_DIR/logstash/maps/"
+  mkdir -p "$MALCOLM_DEST_DIR/netbox/custom-plugins/requirements/"
   mkdir -p "$MALCOLM_DEST_DIR/netbox/media/"
   mkdir -p "$MALCOLM_DEST_DIR/netbox/postgres/"
   mkdir -p "$MALCOLM_DEST_DIR/netbox/redis/"

netbox/custom-plugins/requirements/.gitignore

@@ -0,0 +1,3 @@
+*
+!.gitignore
+