Fix NetBox NGINX deployment for IPv4-only environments (#333)

* Mount IPv4-only nginx-unit config in vCluster to avoid IPv6 socket error

Added nginx-unit.json as a ConfigMap and patched the NetBox deployment to mount it,
bypassing IPv6 listener issues ([::]:8080) inside vClusters where IPv6 is not enabled.

---------

Co-authored-by: Pablo Garcia Miranda <pablo.garciamiranda@swisscom.com>

Author: pablogarciamiranda

kind/deploy-netbox.sh

@@ -20,6 +20,9 @@ VERSION=$2
 # The specified namespace will be used for both the NetBox deployment and the vCluster creation
 NAMESPACE=$3
 
+# Force IPv4-only config for environments lacking IPv6
+FORCE_NETBOX_NGINX_IPV4="${FORCE_NETBOX_NGINX_IPV4:-false}"
+
 # Treat the optional fourth argument "--vcluster" as a boolean flag
 IS_VCLUSTER=false
 if [[ "${4:-}" == "--vcluster" ]]; then
@@ -201,6 +204,35 @@ ${HELM} upgrade --install netbox ${NETBOX_HELM_CHART} \
   --set resources.limits.memory="2Gi" \
   $REGISTRY_ARG
 
+if [[ "$FORCE_NETBOX_NGINX_IPV4" == "true" ]]; then
+  echo "Creating nginx-unit ConfigMap and patching deployment"
+
+  ${KUBECTL} apply -f "$SCRIPT_DIR/nginx-unit-config.yaml" -n "$NAMESPACE"
+
+  ${KUBECTL} patch deployment netbox -n "$NAMESPACE" --type=json -p='[
+    {
+      "op": "add",
+      "path": "/spec/template/spec/volumes/-",
+      "value": {
+        "name": "unit-config",
+        "configMap": {
+          "name": "nginx-unit-config"
+        }
+      }
+    },
+    {
+      "op": "add",
+      "path": "/spec/template/spec/containers/0/volumeMounts/-",
+      "value": {
+        "mountPath": "/etc/unit/nginx-unit.json",
+        "subPath": "nginx-unit.json",
+        "name": "unit-config"
+      }
+    }
+  ]'
+
+fi
+
 ${KUBECTL} rollout status --namespace="${NAMESPACE}" deployment netbox
 
 # Create ConfigMap for the Python script

kind/nginx-unit-config.yaml

@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-unit-config
+data:
+  nginx-unit.json: |
+    {
+      "listeners": {
+        "0.0.0.0:8080": { "pass": "routes/main" },
+        "0.0.0.0:8081": { "pass": "routes/status" }
+      },
+      "routes": {
+        "main": [
+          {
+            "match": { "uri": "/static/*" },
+            "action": { "share": "/opt/netbox/netbox${uri}" }
+          },
+          {
+            "action": { "pass": "applications/netbox" }
+          }
+        ],
+        "status": [
+          {
+            "match": { "uri": "/status/*" },
+            "action": { "proxy": "http://unix:/opt/unit/unit.sock" }
+          }
+        ]
+      },
+      "applications": {
+        "netbox": {
+          "type": "python 3",
+          "path": "/opt/netbox/netbox/",
+          "module": "netbox.wsgi",
+          "home": "/opt/netbox/venv",
+          "processes": {
+            "max": 4,
+            "spare": 1,
+            "idle_timeout": 120
+          }
+        }
+      },
+      "access_log": "/dev/stdout"
+    }