Official NixOS Wiki

NetBox: Difference between revisions

← Older editNewer edit →
VisualWikitext
imported>Vater
mNo edit summary
imported>Jeyemwey
Simplify, reformat and remove postgres code
Line 1: Line 1:
[https://netbox.dev/ {{PAGENAME}}] (<s>[[wikipedia:en:{{PAGENAME}}]]</s>) is available as a [[module]].
[https://netbox.dev/ {{PAGENAME}}] is available as a [[module]].
== configuration examples ==
== Setup ==


==== minimal configuration ====
==== Setup Secret Key ====
 
Netbox uses a secret key to derive new hashes for passwords and HTTP cookies [https://docs.netbox.dev/en/stable/configuration/required-parameters/#secret_key].
You should not share this key outside of the configuration (i.e. in /nix/store) and it must be at least 50 characters long:


: <syntaxhighlight lang="bash">mkdir -p /var/lib/netbox/</syntaxhighlight>
: <syntaxhighlight lang="bash">$EDITOR /var/lib/netbox/passwordFile</syntaxhighlight>
: <syntaxhighlight lang="bash">cat /var/lib/netbox/passwordFile</syntaxhighlight>
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
this-is-an-initial-password-for-netbox
mkdir -p /var/lib/netbox/
nix-shell -p openssl
openssl rand -hex 50 > /var/lib/netbox/secret-key-file
</syntaxhighlight>
</syntaxhighlight>
<!--


<syntaxhighlight lang="nix">
</syntaxhighlight>
<syntaxhighlight lang="nix">
# system.stateVersion = "22.05";


  services.netbox.enable = true;
==== Basic Configuration ====
  services.netbox.secretKeyFile = "/var/lib/netbox/passwordFile";


  networking.firewall.allowedTCPPorts = [ 8001 ];
</syntaxhighlight>
<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
</syntaxhighlight>
{ config, ... }: {
  system.stateVersion = "24.05";


: unencrypted http (only)
  networking.hostName = "netbox";
<s>http://hostName.domain.tld:8001</s>
  networking.domain = "domain.tld";
  networking.firewall.allowedTCPPorts = [ 80 443 ];


!-->
  services.netbox = {
 
    enable = true;
==== basic configuration ====
    secretKeyFile = "/var/lib/netbox/secret-key-file";
  };


<syntaxhighlight lang="nix">
  services.nginx = {
</syntaxhighlight>
    enable = true;
<syntaxhighlight lang="nix">
    user = "netbox";
# system.stateVersion = "22.05";
    recommendedTlsSettings = true;
    clientMaxBodySize = "25m";


# networking.hostName = "netbox";
    virtualHosts."${config.networking.fqdn}" = {
# networking.domain = "domain.tld";
      locations = {
 
        "/" = {
  services.netbox.enable = true;
          proxyPass = "http://[::1]:8001";
  services.netbox.secretKeyFile = "/var/lib/netbox/passwordFile";
          # proxyPass = "http://${config.services.netbox.listenAddress}:${config.services.netbox.port}";
 
        };
  services.nginx.enable = true;
        "/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
# services.nginx.recommendedOptimisation = true;
#  services.nginx.recommendedGzipSettings = true;
 
# services.nginx.recommendedProxySettings = true;
  services.nginx.virtualHosts."${config.networking.fqdn}" = {
    locations = {
      "/" = {
#        extraConfig = ''
##          proxy_pass http://127.0.0.1:8001;
#          proxy_pass http://[::1]:8001;
#          proxy_set_header X-Forwarded-Host $http_host;
#          proxy_set_header X-Real-IP $remote_addr;
#          proxy_set_header X-Forwarded-Proto $scheme;
#        '';
#        proxyPass = "http://127.0.0.1:8001";
        proxyPass = "http://[::1]:8001";
####        proxyPass = "http://${config.services.netbox.listenAddress}:${config.services.netbox.port}";
      };
      "/static/" = {
#        extraConfig = ''
#          alias /var/lib/netbox/static/;
#        '';
#        alias = "/var/lib/netbox/static/";
        alias = "${config.services.netbox.dataDir}/static/";
       };
       };
      forceSSL = true;
      enableACME = true;
      serverName = "${config.networking.fqdn}";
     };
     };
    forceSSL = true;
    enableACME = true;
#    serverName = "${config.networking.hostName}.${config.networking.domain}";
    serverName = "${config.networking.fqdn}";
   };
   };
  services.nginx.clientMaxBodySize = "25m";
  services.nginx.user = "netbox";
# services.nginx.recommendedTlsSettings = true;
  security.acme.defaults.email = "acme@${config.networking.domain}";
  security.acme.acceptTerms = true;


#  networking.firewall.allowedTCPPorts = [ 80 443 8001 ];
  security.acme = {
  networking.firewall.allowedTCPPorts = [ 80 443 ];
    defaults.email = "acme@${config.networking.domain}";
</syntaxhighlight>
    acceptTerms = true;
<syntaxhighlight lang="nix">
  };
}
</syntaxhighlight>
</syntaxhighlight>


https://netbox.domain.tld
The module will automatically setup a redis instance and a PostgreSQL database. Your [[{{PAGENAME}}]] instance is now available at: https://netbox.domain.tld


<!--
<!--
Line 120: Line 89:
-->
-->


== login ==
=== Setup Superuser ===
 
=== no (initial) account is create by default ===
 
tl;dr: No login is possible after installing and running [[{{PAGENAME}}]]. No account is created. You have to [[#create an initial account]].
 
==== reenact that there is no initial account created by default ====
 
<syntaxhighlight lang="bash">su postgres</syntaxhighlight>
 
----
 
<syntaxhighlight lang="bash">psql</syntaxhighlight>
 
----
----


postgres=# <syntaxhighlight lang="bash">\l</syntaxhighlight>
There will be no user after the installation, so you need to install one manually.
To do this, run:
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
                                  List of databases                                                                                                                                                                                         
$ netbox-manage createsuperuser
  Name    |  Owner  | Encoding |  Collate  |    Ctype    |  Access privileges                                                                                                                                                           
-----------+----------+----------+-------------+-------------+-----------------------                                                                                                                                                       
netbox   | postgres | UTF8    | en_US.UTF-8 | en_US.UTF-8 | =Tc/postgres        +                                                                                                                                                       
          |          |          |            |            | postgres=CTc/postgres+                                                                                                                                                       
          |          |          |            |            | netbox=CTc/postgres                                                                                                                                                           
postgres  | postgres | UTF8    | en_US.UTF-8 | en_US.UTF-8 |                                                       
template0 | postgres | UTF8    | en_US.UTF-8 | en_US.UTF-8 | =c/postgres          +                                 
          |          |          |            |            | postgres=CTc/postgres                                 
template1 | postgres | UTF8    | en_US.UTF-8 | en_US.UTF-8 | =c/postgres          +                                 
          |          |          |            |            | postgres=CTc/postgres                                 
(4 rows)                                                 
</syntaxhighlight>


postgres=# <syntaxhighlight lang="bash">\c netbox</syntaxhighlight>
<syntaxhighlight lang="bash">
You are now connected to database "netbox" as user "postgres".
</syntaxhighlight>
netbox=# <syntaxhighlight lang="bash">\dt</syntaxhighlight>
<syntaxhighlight lang="bash">
</syntaxhighlight>
netbox=# <syntaxhighlight lang="bash">SELECT * FROM auth_user;</syntaxhighlight>
<syntaxhighlight lang="bash">
id | password | last_login | is_superuser | username | first_name | last_name | email | is_staff | is_active | date_joined                                                                                                                 
----+----------+------------+--------------+----------+------------+-----------+-------+----------+-----------+-------------                                                                                                                 
(0 rows)                                                                                                             
</syntaxhighlight>
netbox=# <syntaxhighlight lang="bash">\q</syntaxhighlight>
----
----
<syntaxhighlight lang="bash">exit</syntaxhighlight>
----
=== create an initial account ===
(first you have to) create an initial account (on the cli)
: this initial account will get highest privileges
<syntaxhighlight lang="bash">netbox-manage createsuperuser</syntaxhighlight>
<syntaxhighlight lang="bash">
Username (leave blank to use 'netbox'):  
Username (leave blank to use 'netbox'):  
</syntaxhighlight>
<syntaxhighlight lang="bash">
Email address:  
Email address:  
Password:  
Password:  
Password (again):  
Password (again):  
</syntaxhighlight>
 
<syntaxhighlight lang="bash">
Superuser created successfully.
Superuser created successfully.
</syntaxhighlight>
</syntaxhighlight>


=== first login ===


https://netbox.domain.tld/login/
You can now login with the given credentials at https://netbox.domain.tld/login/


:; Login: ''netbox''
:; Password: ''…''
: <tt>Sign In</tt>


== documentation ==
== Documentation ==


* https://netbox.dev/
* https://netbox.dev/
Retrieved from "https://wiki.nixos.org/wiki/NetBox"