Official NixOS Wiki

NetBox: Difference between revisions

← Older edit
VisualWikitext
imported>Jeyemwey
Simplify, reformat and remove postgres code
Cobalt (talk | contribs)
2 edits
m Fixed inline code and added note about plugin id name difference
 
(5 intermediate revisions by 3 users not shown)
Line 2: Line 2:
== Setup ==
== Setup ==


==== Setup Secret Key ====
=== Setup Secret Key ===
Netbox uses a secret key to derive new hashes for passwords and HTTP cookies [https://docs.netbox.dev/en/stable/configuration/required-parameters/#secret_key].


Netbox uses a secret key to derive new hashes for passwords and HTTP cookies [https://docs.netbox.dev/en/stable/configuration/required-parameters/#secret_key].
You should '''NOT''' share this key outside the configuration (i.e. in /nix/store) and it must be at least 50 characters long:
You should not share this key outside of the configuration (i.e. in /nix/store) and it must be at least 50 characters long:


<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 13: Line 13:
</syntaxhighlight>
</syntaxhighlight>


=== Configuration ===


==== Basic Configuration ====
==== Basic Configuration ====
The module will automatically set up a Redis instance and a PostgreSQL database.<syntaxhighlight lang="nix">
{ config, ... }: {
  networking.firewall.allowedTCPPorts = [ 80 ];
  services.netbox = {
    enable = true;
    secretKeyFile = "/var/lib/netbox/secret-key-file";
  };
  services.nginx = {
    enable = true;
    user = "netbox"; # otherwise nginx cant access netbox files
    recommendedProxySettings = true; # otherwise you will get CSRF error while login
    virtualHosts.<name> = {
      locations = {
        "/" = {
          proxyPass = "http://[::1]:8001";
          # proxyPass = "http://${config.services.netbox.listenAddress}:${config.services.netbox.port}";
        };
        "/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
      };
    };
  };
}
</syntaxhighlight>


==== With Transport encryption ====
<syntaxhighlight lang="nix">
<syntaxhighlight lang="nix">
{ config, ... }: {
{ config, ... }: {
  system.stateVersion = "24.05";


  networking.hostName = "netbox";
  networking.domain = "domain.tld";
   networking.firewall.allowedTCPPorts = [ 80 443 ];
   networking.firewall.allowedTCPPorts = [ 80 443 ];


Line 31: Line 56:
   services.nginx = {
   services.nginx = {
     enable = true;
     enable = true;
     user = "netbox";
    forceSSL = true;
     user = "netbox"; # otherwise nginx cant access netbox files
    recommendedProxySettings = true; # otherwise you will get CSRF error while login
     recommendedTlsSettings = true;
     recommendedTlsSettings = true;
     clientMaxBodySize = "25m";
     enableACME = true;
 
     virtualHosts.<name> = {
     virtualHosts."${config.networking.fqdn}" = {
       locations = {
       locations = {
         "/" = {
         "/" = {
Line 43: Line 69:
         "/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
         "/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
       };
       };
      forceSSL = true;
      enableACME = true;
      serverName = "${config.networking.fqdn}";
     };
     };
   };
   };


   security.acme = {
   security.acme = {
     defaults.email = "acme@${config.networking.domain}";
     [ ... ]
     acceptTerms = true;
     acceptTerms = true;
   };
   };
}  
}  
</syntaxhighlight>
</syntaxhighlight>For more acme settings and further instruction, please look here [[ACME]].


The module will automatically setup a redis instance and a PostgreSQL database. Your [[{{PAGENAME}}]] instance is now available at: https://netbox.domain.tld
For more nginx settings and further instruction, please look here  [[Nginx|Nginx.]]


<!--
=== Plugins ===
The NixOS module supports plugins from nixpkgs. However, at the moment only a small set of plugins is packaged in nixpkgs and is available as part of [https://search.nixos.org/packages?type=packages&query=python3Packages+netbox python3Packages]. The documentation for plugins is being worked on and discussed in [https://github.com/NixOS/nixpkgs/issues/261522 #261522].


==== small configuration ====
To include a plugin:<syntaxhighlight lang="nix">
with some (working (and maybe non working)) plugins
{ pkgs, ... }: {
  services.netbox = {
    plugins = ps: with ps; [ ps.netbox-reorder-rack ];
    settings.PLUGINS = ["netbox_reorder_rack"];
  };
}
</syntaxhighlight>The plugin identifier for <source lang="nix" enclose="none">services.netbox.settings.PLUGINS</source> is usually contained in the official documentation for the plugin. It usually is slightly different from the package name.


<syntaxhighlight lang="nix">
=== Setup Superuser ===
</syntaxhighlight>


-->
There will be no user after the installation, so you need to register one manually.
<!--


== database ==
-->
<!--
== web server ==
-->
<!--
== accounts ==
: groups and privileges
==== LDAP ====
==== OpenID ====
==== OAuth ====
-->
=== Setup Superuser ===
There will be no user after the installation, so you need to install one manually.
To do this, run:  
To do this, run:  
<syntaxhighlight lang="bash">
<syntaxhighlight lang="bash">
Line 104: Line 110:
</syntaxhighlight>
</syntaxhighlight>


You can now log in with the given credentials.
=== Troubleshooting ===


You can now login with the given credentials at https://netbox.domain.tld/login/
==== CSRF aborted message at login ====
If you still get an CSRF aborted message while trying to log in after doing everything above, please try to use another browser.


It could be these problem https://stackoverflow.com/questions/11516635/django-does-not-send-csrf-token-again-after-browser-cookies-has-been-cleared but I'm not sure.


== Documentation ==
== Documentation ==
Retrieved from "https://wiki.nixos.org/wiki/NetBox"