NETBOX — различия между версиями

Материал из megapuper
Перейти к: навигация, поиск
Строка 74: Строка 74:
  
 
Готовим конфиг<br>
 
Готовим конфиг<br>
<config>
+
<spoiler>
#########################
+
ALLOWED_HOSTS = ['netbox.iwad.ru', '172.16.37.28', '172.16.37.10']
#                      #
 
#  Required settings  #
 
#                      #
 
#########################
 
 
 
# This is a list of valid fully-qualified domain names (FQDNs) for the NetBox server. NetBox will not permit write
 
# access to the server via any other hostnames. The first FQDN in the list will be treated as the preferred name.
 
#
 
# Example: ALLOWED_HOSTS = ['netbox.example.com', 'netbox.internal.local']
 
ALLOWED_HOSTS = ['netboxold.iwad.ru', '172.16.37.26', '172.16.37.10']
 
 
 
# PostgreSQL database configuration. See the Django documentation for a complete list of available parameters:
 
#  https://docs.djangoproject.com/en/stable/ref/settings/#databases
 
 
DATABASES = {
 
DATABASES = {
 
     'default': {
 
     'default': {
Строка 94: Строка 81:
 
         'NAME': 'netbox',        # Database name
 
         'NAME': 'netbox',        # Database name
 
         'USER': 'netbox',              # PostgreSQL username
 
         'USER': 'netbox',              # PostgreSQL username
         'PASSWORD': 'PvqMVVdLDb1Nz6gxZrwG',          # PostgreSQL password
+
         'PASSWORD': 'PASSWORD',          # PostgreSQL password
 
         'HOST': 'localhost',      # Database server
 
         'HOST': 'localhost',      # Database server
 
         'PORT': '',              # Database port (leave blank for default)
 
         'PORT': '',              # Database port (leave blank for default)
Строка 101: Строка 88:
 
}
 
}
  
# Redis database settings. Redis is used for caching and for queuing background tasks such as webhook events. A separate
 
# configuration exists for each. Full connection details are required in both sections, and it is strongly recommended
 
# to use two separate database IDs.
 
 
REDIS = {
 
REDIS = {
 
     'tasks': {
 
     'tasks': {
 
         'HOST': 'localhost',
 
         'HOST': 'localhost',
 
         'PORT': 6379,
 
         'PORT': 6379,
        # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
 
        # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
 
        # 'SENTINEL_SERVICE': 'netbox',
 
 
         'USERNAME': '',
 
         'USERNAME': '',
 
         'PASSWORD': '',
 
         'PASSWORD': '',
 
         'DATABASE': 0,
 
         'DATABASE': 0,
 
         'SSL': False,
 
         'SSL': False,
        # Set this to True to skip TLS certificate verification
 
        # This can expose the connection to attacks, be careful
 
        # 'INSECURE_SKIP_TLS_VERIFY': False,
 
        # Set a path to a certificate authority, typically used with a self signed certificate.
 
        # 'CA_CERT_PATH': '/etc/ssl/certs/ca.crt',
 
 
     },
 
     },
 
     'caching': {
 
     'caching': {
 
         'HOST': 'localhost',
 
         'HOST': 'localhost',
 
         'PORT': 6379,
 
         'PORT': 6379,
        # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
 
        # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
 
        # 'SENTINEL_SERVICE': 'netbox',
 
 
         'USERNAME': '',
 
         'USERNAME': '',
 
         'PASSWORD': '',
 
         'PASSWORD': '',
 
         'DATABASE': 1,
 
         'DATABASE': 1,
 
         'SSL': False,
 
         'SSL': False,
        # Set this to True to skip TLS certificate verification
 
        # This can expose the connection to attacks, be careful
 
        # 'INSECURE_SKIP_TLS_VERIFY': False,
 
        # Set a path to a certificate authority, typically used with a self signed certificate.
 
        # 'CA_CERT_PATH': '/etc/ssl/certs/ca.crt',
 
 
     }
 
     }
 
}
 
}
  
# This key is used for secure generation of random numbers and strings. It must never be exposed outside of this file.
 
# For optimal security, SECRET_KEY should be at least 50 characters in length and contain a mix of letters, numbers, and
 
# symbols. NetBox will not run without this defined. For more information, see
 
# https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-SECRET_KEY
 
 
SECRET_KEY = 'N9-)X8OWr^aLQ-BL+dpNnR2r!uqV0bs%P8bHzEYUw2xrg73Ja4'
 
SECRET_KEY = 'N9-)X8OWr^aLQ-BL+dpNnR2r!uqV0bs%P8bHzEYUw2xrg73Ja4'
  
Строка 161: Строка 125:
 
ALLOW_TOKEN_RETRIEVAL = False
 
ALLOW_TOKEN_RETRIEVAL = False
  
# Enable any desired validators for local account passwords below. For a list of included validators, please see the
 
# Django documentation at https://docs.djangoproject.com/en/stable/topics/auth/passwords/#password-validation.
 
AUTH_PASSWORD_VALIDATORS = [
 
    # {
 
    #    'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
 
    #    'OPTIONS': {
 
    #        'min_length': 10,
 
    #    }
 
    # },
 
]
 
  
 
# Base URL path if accessing NetBox within a directory. For example, if installed at https://example.com/netbox/, set:
 
# Base URL path if accessing NetBox within a directory. For example, if installed at https://example.com/netbox/, set:
Строка 190: Строка 144:
 
#CSRF_COOKIE_NAME = 'csrftoken'
 
#CSRF_COOKIE_NAME = 'csrftoken'
  
CSRF_TRUSTED_ORIGINS = ['https://netboxold.iwad.ru']
+
CSRF_TRUSTED_ORIGINS = ['https://netbox.iwad.ru']
 
 
# Set to True to enable server debugging. WARNING: Debugging introduces a substantial performance penalty and may reveal
 
# sensitive information about your installation. Only enable debugging while performing testing. Never enable debugging
 
# on a production system.
 
DEBUG = False
 
 
 
# Set the default preferred language/locale
 
DEFAULT_LANGUAGE = 'en-us'
 
 
 
# Email settings
 
EMAIL = {
 
    'SERVER': 'localhost',
 
    'PORT': 25,
 
    'USERNAME': '',
 
    'PASSWORD': '',
 
    'USE_SSL': False,
 
    'USE_TLS': False,
 
    'TIMEOUT': 10,  # seconds
 
    'FROM_EMAIL': '',
 
}
 
 
 
# Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and
 
# by anonymous users. List models in the form `<app>.<model>`. Add '*' to this list to exempt all models.
 
EXEMPT_VIEW_PERMISSIONS = [
 
    # 'dcim.site',
 
    # 'dcim.region',
 
    # 'ipam.prefix',
 
]
 
 
 
# HTTP proxies NetBox should use when sending outbound HTTP requests (e.g. for webhooks).
 
# HTTP_PROXIES = {
 
#    'http': 'http://10.10.1.10:3128',
 
#    'https': 'http://10.10.1.10:1080',
 
# }
 
 
 
# IP addresses recognized as internal to the system. The debugging toolbar will be available only to clients accessing
 
# NetBox from an internal IP.
 
INTERNAL_IPS = ('127.0.0.1', '::1')
 
 
 
# Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs:
 
#  https://docs.djangoproject.com/en/stable/topics/logging/
 
LOGGING = {}
 
 
 
# Automatically reset the lifetime of a valid session upon each authenticated request. Enables users to remain
 
# authenticated to NetBox indefinitely.
 
LOGIN_PERSISTENCE = False
 
 
 
# Setting this to False will permit unauthenticated users to access most areas of NetBox (but not make any changes).
 
LOGIN_REQUIRED = True
 
 
 
# The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to
 
# re-authenticate. (Default: 1209600 [14 days])
 
LOGIN_TIMEOUT = None
 
 
 
# Hide the login form. Useful when only allowing SSO authentication.
 
LOGIN_FORM_HIDDEN = False
 
 
 
# The view name or URL to which users are redirected after logging out.
 
LOGOUT_REDIRECT_URL = 'home'
 
 
 
# The file path where uploaded media such as image attachments are stored. A trailing slash is not needed. Note that
 
# the default value of this setting is derived from the installed location.
 
# MEDIA_ROOT = '/opt/netbox/netbox/media'
 
 
 
# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
 
METRICS_ENABLED = False
 
  
 
# Enable installed plugins. Add the name of each plugin to the list.
 
# Enable installed plugins. Add the name of each plugin to the list.
Строка 262: Строка 150:
 
#"netbox_ipcalculator",
 
#"netbox_ipcalculator",
 
]
 
]
 
# Plugins configuration settings. These settings are used by various plugins that the user may have installed.
 
# Each key in the dictionary is the name of an installed plugin and its value is a dictionary of settings.
 
# PLUGINS_CONFIG = {
 
#    'my_plugin': {
 
#        'foo': 'bar',
 
#        'buzz': 'bazz'
 
#    }
 
# }
 
  
 
# Remote authentication support
 
# Remote authentication support
Строка 283: Строка 162:
 
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
 
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
  
# This repository is used to check whether there is a new release of NetBox available. Set to None to disable the
+
</spoiler>
# version check or use the URL below to check for release in the official NetBox repository.
 
RELEASE_CHECK_URL = None
 
# RELEASE_CHECK_URL = 'https://api.github.com/repos/netbox-community/netbox/releases'
 
 
 
# The file path where custom reports will be stored. A trailing slash is not needed. Note that the default value of
 
# this setting is derived from the installed location.
 
# REPORTS_ROOT = '/opt/netbox/netbox/reports'
 
 
 
# Maximum execution time for background tasks, in seconds.
 
RQ_DEFAULT_TIMEOUT = 300
 
 
 
# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
 
# this setting is derived from the installed location.
 
# SCRIPTS_ROOT = '/opt/netbox/netbox/scripts'
 
 
 
# The name to use for the session cookie.
 
SESSION_COOKIE_NAME = 'sessionid'
 
 
 
# By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use
 
# local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only
 
# database access.) Note that the user as which NetBox runs must have read and write permissions to this path.
 
SESSION_FILE_PATH = None
 
 
 
# By default the memory and disk sizes are displayed using base 10 (e.g. 1000 MB = 1 GB).
 
# If you would like to use base 2 (e.g. 1024 MB = 1 GB) set this to 1024.
 
# DISK_BASE_UNIT = 1024
 
# RAM_BASE_UNIT = 1024
 
 
 
# Within the STORAGES dictionary, "default" is used for image uploads, "staticfiles" is for static files and "scripts"
 
# is used for custom scripts. See django-storages and django-storage-swift libraries for more details. By default the
 
# following configuration is used:
 
# STORAGES = {
 
#    "default": {
 
#        "BACKEND": "django.core.files.storage.FileSystemStorage",
 
#    },
 
#    "staticfiles": {
 
#        "BACKEND": "django.contrib.staticfiles.storage.StaticFilesStorage",
 
#    },
 
#    "scripts": {
 
#        "BACKEND": "extras.storage.ScriptFileSystemStorage",
 
#    },
 
# }
 
 
 
# Time zone (default: UTC)
 
TIME_ZONE = 'UTC'
 
 
 
</config>
 
  
  

Версия 02:29, 21 февраля 2026

The following sections detail how to set up a new instance of NetBox:

PostgreSQL database

Ставим PostgreSQL в данном случае версия 17 

apt install -y postgresql
sudo -u postgres psql

Создаём базу и пользователя 

CREATE DATABASE netbox;
CREATE USER netbox WITH PASSWORD 'пароль';
ALTER DATABASE netbox OWNER TO netbox;
-- the next two commands are needed on PostgreSQL 15 and later
\connect netbox;
GRANT CREATE ON SCHEMA public TO netbox;

Проверяем подключение 

root@netbox ~ # psql --username netbox --password --host localhost netbox
Password: 
psql (17.8 (Debian 17.8-1.pgdg13+1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, compression: off, ALPN: postgresql)
Type "help" for help.

netbox=> \conninfo
You are connected to database "netbox" as user "netbox" on host "localhost" (address "127.0.0.1") at port "5432".
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, compression: off, ALPN: postgresql)


Redis

Устанавливаем редис сервер 

apt install -y redis-server

Проверяем 

# redis-server -v
Redis server v=8.0.2 sha=00000000:0 malloc=jemalloc-5.3.0 bits=64 build=3951f4e1c0288395
# redis-cli ping
PONG


NetBox components

Переходим к установке Netbox. Устанавливаемая версия 4.5 поддерживает Python 3.12 и выше


Устанавливаем зависимости 

apt install -y python3 python3-pip python3-venv python3-dev build-essential libxml2-dev libxslt1-dev libffi-dev libpq-dev libssl-dev zlib1g-dev


Проверяем версию Python после установки 

python3 -V
Python 3.13.5


Определяемся с версией Netbox https://github.com/netbox-community/netbox/releases и скачиваем 

wget https://github.com/netbox-community/netbox/archive/refs/tags/vX.Y.Z.tar.gz
tar -xzf vX.Y.Z.tar.gz -C /opt
ln -s /opt/netbox-X.Y.Z/ /opt/netbox

Рекомендуется устанавливать NetBox в каталог, названный в соответствии с номером его версии. Например, NetBox v4.5.0 следует установить в /opt/netbox-4.5.0, а симлинк из /opt/netbox/ будет указывать на это местоположение. Это позволяет устанавливать будущие версии параллельно, не прерывая текущую установку. При переходе на новую версию необходимо обновить только симлинк.

Создаём пользователя и даём ему права 

adduser --system --group netbox
chown --recursive netbox /opt/netbox/netbox/media/
chown --recursive netbox /opt/netbox/netbox/reports/
chown --recursive netbox /opt/netbox/netbox/scripts/


Переходим к конфигурационному файлу 

cd /opt/netbox/netbox/netbox/
cp configuration_example.py configuration.py


Готовим конфиг
Spoiler









uWSGI
HTTP server
LDAP authentication (optional)










https://nixhub.ru/posts/netbox-install/
https://netboxlabs.com/docs/netbox/installation/

Источник — «http://megapuper.ru/index.php?title=NETBOX&oldid=160248»