NetBox: Difference between revisions
m added a sentence about what it is, added 2 categories Server and Web Applications |
m plugins: fix newline |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 83: | Line 83: | ||
=== Plugins === | === Plugins === | ||
The NixOS module supports plugins from nixpkgs | The NixOS module supports plugins from nixpkgs; currently about half of the existing NetBox plugins are packaged there. Until 26.05 these plugins are available as part of [https://search.nixos.org/packages?type=packages&query=python3Packages+netbox python3Packages]. Since 26.05 plugins can be found in the [https://search.nixos.org/packages?type=packages&query=netboxPlugins. netboxPlugins] package set. The documentation for plugins is being worked on and discussed in [https://github.com/NixOS/nixpkgs/issues/261522 #261522]. | ||
To include a plugin:<syntaxhighlight lang="nix"> | To include a plugin:<syntaxhighlight lang="nix"> | ||
Latest revision as of 00:06, 25 May 2026
NetBox is a network infrastructure documentation tool. It is a web application and this Module can be installed and configured via several options.
Setup
Setup Secret Key
Netbox uses a secret key to derive new hashes for passwords and HTTP cookies [1].
You should NOT share this key outside the configuration (i.e. in /nix/store) and it must be at least 50 characters long:
mkdir -p /var/lib/netbox/
nix-shell -p openssl
openssl rand -hex 50 > /var/lib/netbox/secret-key-file
Configuration
Basic Configuration
The module will automatically set up a Redis instance and a PostgreSQL database.
{ config, ... }: {
networking.firewall.allowedTCPPorts = [ 80 ];
services.netbox = {
enable = true;
secretKeyFile = "/var/lib/netbox/secret-key-file";
};
services.nginx = {
enable = true;
user = "netbox"; # otherwise nginx cant access netbox files
recommendedProxySettings = true; # otherwise you will get CSRF error while login
virtualHosts.<name> = {
locations = {
"/" = {
proxyPass = "http://[::1]:8001";
# proxyPass = "http://${config.services.netbox.listenAddress}:${toString config.services.netbox.port}";
};
"/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
};
};
};
}
With Transport encryption
{ config, ... }: {
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.netbox = {
enable = true;
secretKeyFile = "/var/lib/netbox/secret-key-file";
};
services.nginx = {
enable = true;
forceSSL = true;
user = "netbox"; # otherwise nginx cant access netbox files
recommendedProxySettings = true; # otherwise you will get CSRF error while login
recommendedTlsSettings = true;
enableACME = true;
virtualHosts.<name> = {
locations = {
"/" = {
proxyPass = "http://[::1]:8001";
# proxyPass = "http://${config.services.netbox.listenAddress}:${toString config.services.netbox.port}";
};
"/static/" = { alias = "${config.services.netbox.dataDir}/static/"; };
};
};
};
security.acme = {
[ ... ]
acceptTerms = true;
};
}
For more acme settings and further instruction, please look here ACME.
For more nginx settings and further instruction, please look here Nginx.
Plugins
The NixOS module supports plugins from nixpkgs; currently about half of the existing NetBox plugins are packaged there. Until 26.05 these plugins are available as part of python3Packages. Since 26.05 plugins can be found in the netboxPlugins package set. The documentation for plugins is being worked on and discussed in #261522.
To include a plugin:
{ pkgs, ... }: {
services.netbox = {
plugins = ps: with ps; [ ps.netbox-reorder-rack ];
settings.PLUGINS = ["netbox_reorder_rack"];
};
}
The plugin identifier for services.netbox.settings.PLUGINS is usually contained in the official documentation for the plugin. It usually is slightly different from the package name.
Setup Superuser
There will be no user after the installation, so you need to register one manually.
To do this, run:
$ netbox-manage createsuperuser
Username (leave blank to use 'netbox'):
Email address:
Password:
Password (again):
Superuser created successfully.
You can now log in with the given credentials.
Troubleshooting
CSRF aborted message at login
If you still get an CSRF aborted message while trying to log in after doing everything above, please try to use another browser.
It could be these problem https://stackoverflow.com/questions/11516635/django-does-not-send-csrf-token-again-after-browser-cookies-has-been-cleared but I'm not sure.