https://github.com/stellaraf/netbox-to-nfa
Synchronize NetBox prefixes with Noction NFA Query Filters
https://github.com/stellaraf/netbox-to-nfa
Last synced: 2 months ago
JSON representation
Synchronize NetBox prefixes with Noction NFA Query Filters
- Host: GitHub
- URL: https://github.com/stellaraf/netbox-to-nfa
- Owner: stellaraf
- License: bsd-3-clause-clear
- Created: 2021-06-30T00:50:24.000Z (about 5 years ago)
- Default Branch: main
- Last Pushed: 2023-11-17T17:01:08.000Z (over 2 years ago)
- Last Synced: 2023-11-18T17:46:59.837Z (over 2 years ago)
- Language: Go
- Size: 32.2 KB
- Stars: 1
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
netbox-to-nfa
Synchronize [NetBox](https://github.com/netbox-community/netbox) prefixes with Noction NFA Query Filters
## Usage
### Download the latest [release](https://github.com/stellaraf/netbox-to-nfa/releases/latest)
There are multiple builds of the release, for different CPU architectures/platforms:
There are multiple builds of the release, for different CPU architectures/platforms. Download and unpack the release for your platform:
```shell
wget
tar xvfz nb2nfa
```
### Run the binary
```console
$ ./nb2nfa --help
nb2nfa 0.2.0
Synchronize Netbox Prefixes with Noction NFA
Options:
-h, --help display help information
Commands:
help display help information
purge Purge all NFA Filters Managed by netbox-to-nfa
sync Run synchronization
prefixes List prefixes from NetBox that should be synced to NFA
filters List all NFA filters
config Get validated configuration variables
```
### Environment Variables
All of the below environment variables are required for netbox-to-nfa to run.
| Name | Description |
| :----------------------- | :----------------------------------------------------------------------------------------------- |
| `NETBOX_URL` | NetBox URL, e.g. `https://netbox.example.com` |
| `NETBOX_TOKEN` | NetBox API Token |
| `NETBOX_NFA_ROLE` | NetBox prefix role. A prefix must be assigned this role for it to be picked up. |
| `NFA_URL` | NFA URL, e.g. `https://nfa.example.com` |
| `NFA_USERNAME` | NFA admin username |
| `NB2NFA_EXCLUDED_RANGES` | Comma-separated list of prefixes for which traffic to/from will be excluded from each NFA filter |
#### `NB2NFA_EXCLUDED_RANGES` Detail
For example, if you had a prefix from NetBox of `203.0.113.0/24`, and set:
```bash
export NB2NFA_EXCLUDED_RANGES="192.0.2.0/24,2001:db8::/32"
```
The resulting NFA filter logic would look something like:
- Anything **from** `203.0.113.0/24`, unless the destination is `192.0.2.0/24` or `2001:db8::/32`
- Anything **to** `203.0.113.0/24`, unless the source is `192.0.2.0/24` or `2001:db8::/32`
## Creating a New Release
This project uses [GoReleaser](https://goreleaser.com/) to manage releases. After completing code changes and committing them via Git, be sure to tag the release before pushing:
```
git tag
```
Once a new tag is pushed, GoReleaser will automagically create a new build & release.