Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/jalmargyyk/ripe-updater/llms.txt

Use this file to discover all available pages before exploring further.

All settings in RIPE Updater are controlled through environment variables. When running in a container, supply them via an .env file or your orchestrator’s secret management. For a bare-metal installation you can instead edit ripeupdater/configuration.py directly and set the values as Python literals — the configuration module reads each variable with os.getenv() and falls back to the default when the variable is absent.

General

DEBUG
yes | no
default:"no"
Enables verbose logging output. Set to yes during initial setup or troubleshooting to see detailed request and response information in the application logs.
UPDATE_TOKEN
string
A shared secret that every incoming NetBox webhook must carry in its Authorisation header (e.g. Token mysecretvalue). When this variable is set, requests that lack the header or supply a wrong value are rejected. Leave unset to disable token validation.

NetBox connection

NETBOX_URL
string
required
The base URL of your NetBox instance, for example https://netbox.example.com. No trailing slash.
NETBOX_TOKEN
string
required
A NetBox API token that has read access to prefixes, aggregates, regions, and sites.
DEFAULT_COUNTRY
string
ISO 3166-1 alpha-2 country code (e.g. DE, NL) used as a fallback when the country cannot be determined from the prefix’s site region hierarchy. Required if any of your prefixes belong to sites that lack a region chain leading to a known country name.

RIPE database

RIPE_MNT_PASSWORD
string
required
Password for your RIPE maintainer object. The maintainer must have write permissions on your INETNUM and INET6NUM objects. This is passed as the password query parameter on every RIPE REST API call.
RIPE_DB
RIPE | TEST
default:"TEST"
Selects which RIPE database to write to. Use TEST (the default) while validating your templates, and switch to RIPE only when you are ready for production. When set to TEST, the application rewrites several attributes automatically — see the TEST database variables below.
RIPE_TEST_MNT
string
default:"TEST-DBM-MNT"
Maintainer handle substituted into every mnt-by, mnt-ref, mnt-lower, mnt-domains, mnt-routes, and mnt-irt attribute when RIPE_DB=TEST. Your production maintainer is unlikely to exist in the test database.
RIPE_TEST_ORG
string
default:"ORG-EIPB1-TEST"
Organisation handle substituted into the org attribute when RIPE_DB=TEST. Your production organisation is unlikely to exist in the test database.
RIPE_TEST_PERSON
string
default:"AA1-TEST"
NIC handle substituted into every admin-c, tech-c, and abuse-c attribute when RIPE_DB=TEST.
RIPE_TEST_STATUS_V4
string
default:"ALLOCATED PA"
Status value written to IPv4 INETNUM objects when RIPE_DB=TEST. The parent INETNUM with mnt-lower set to your maintainer may not exist in the test database, so a permissive status is required.
RIPE_TEST_STATUS_V6
string
default:"ALLOCATED PA"
Status value written to IPv6 INET6NUM objects when RIPE_DB=TEST. Same rationale as RIPE_TEST_STATUS_V4.

Prefix limits

SMALLEST_PREFIX_V4
integer
default:"31"
Any IPv4 prefix whose prefix length is greater than this value is silently ignored. The default of 31 means that /32 host routes are never pushed to the RIPE database. Accepts values in the range 0–32.
SMALLEST_PREFIX_V6
integer
default:"127"
Any IPv6 prefix whose prefix length is greater than this value is silently ignored. The default of 127 means that /128 host routes are never pushed to the RIPE database. Accepts values in the range 0–128.

Templates

TEMPLATES_DIR
string
default:"/opt/ripeupdater/templates"
Filesystem path to the directory that contains lir_org.json, templates.json, and your base_*.json files. Mount this directory into the container if you are using Docker. The trailing slash is not required.

Email reporting

MAIL_REPORT
yes | no
default:"no"
Enables email notifications after every create, update, or delete operation. Set to yes and configure the remaining SMTP variables to receive reports.
SMTP
string
default:"127.0.0.1"
Hostname or IP address of your SMTP server. Include the port with a colon when it differs from the default, for example smtp.example.com:587.
SMTP_STARTTLS
yes | no
default:"no"
Upgrades the SMTP connection with STARTTLS before authentication. Enable this when your SMTP server requires it (typically on port 587).
SENDER_MAIL
string
The From: address used in email reports, for example ripe-updater@example.com. Required when MAIL_REPORT=yes.
RECIPIENT_MAIL
string
The To: address that receives email reports, for example noc@example.com. Required when MAIL_REPORT=yes.

S3 backups

Before any create or update operation, RIPE Updater saves a JSON snapshot of the existing RIPE object. When S3 backup is enabled, these snapshots are uploaded to your bucket and browsable at http(s)://your-ripe-updater-host/backups.
S3_BACKUP
yes | no
default:"no"
Enables S3 backup uploads. Set to yes and configure the remaining S3 variables.
S3_ENDPOINT_URL
string
Full URL of your S3-compatible endpoint, for example https://s3.example.com. Required when S3_BACKUP=yes.
S3_ACCESS_KEY
string
Access key ID for your S3 storage. Required when S3_BACKUP=yes.
S3_SECRET_ACCESS_KEY
string
Secret access key for your S3 storage. Required when S3_BACKUP=yes.
S3_BUCKET
string
Name of the S3 bucket where backup files are stored. Required when S3_BACKUP=yes.

Complete .env example

The following file is the .env.example shipped with the repository. Copy it to .env and edit the values before starting the application.
.env
S3_BACKUP=no
S3_ENDPOINT_URL=https://s3.example.com
S3_BUCKET=example-bucket
S3_ACCESS_KEY=123456abcdef
S3_SECRET_ACCESS_KEY=123456abcdef
SMALLEST_PREFIX_V4=31
SMALLEST_PREFIX_V6=127
MAIL_REPORT=no
SMTP=smtp.example.com:587
SENDER_MAIL=ripe-updater@example.com
RECIPIENT_MAIL=noc@example.com
NETBOX_URL=https://netbox.local
NETBOX_TOKEN=123456abcdef
DEFAULT_COUNTRY=DE
RIPE_MNT_PASSWORD=emptypassword
RIPE_DB=TEST
UPDATE_TOKEN=Token 123456abcdef
DEBUG=no
TEMPLATE_DIR=./templates
The bundled .env.example file contains TEMPLATE_DIR (without the trailing S), but the application reads TEMPLATES_DIR. Use TEMPLATES_DIR in your .env file. The example entry above is reproduced verbatim from the source for reference, but the correct variable name is TEMPLATES_DIR.
For bare-metal deployments, you can set all of the above values directly in ripeupdater/configuration.py as the second argument to each getenv() call, rather than using environment variables.

Build docs developers (and LLMs) love

Get started for freeTalk to us