The SECRET_KEY
is not used for hashing user passwords or for the encrypted storage of secret data in NetBox.
NetBox comes with a script, that you may use to generate a random key:
python3 /opt/netbox/netbox/generate_secret_key.py
NetBox is a web application designed and built to help manage and document large computer networks. It is designed for IP address management (IPAM) and data center infrastructure management (DCIM). The application runs as a web application based on the Django Python framework and uses a PostgreSQL database to store information. The open-source software was developed specifically with the needs of network and infrastructure engineers in mind.
In this tutorial, you will learn how to install and configure NetBox on an Instance running on Ubuntu 20.04 LTS and a Database for PostgreSQL.
To complete the actions presented below, you must have:
NetBox requires a PostgreSQL database. Configure your Database for PostgreSQL with a few steps from your Scaleway console
netbox
) and click Create Database to launch the database creation:
netbox
user for the database. Enter the identifier and password for the user:
netbox
table.apt
package cache and upgrade the software already installed on the Instance to the latest version available in Ubuntu’s repositories:
apt update && apt upgrade -y
apt
package manager:
apt install -y libpq-dev python3 python3-pip python3-dev python3-venv build-essential libxml2-dev libxslt1-dev libffi-dev graphviz libpq-dev libssl-dev redis-server zlib1g-dev git nginx
/opt
directory:
wget https://github.com/netbox-community/netbox/archive/refs/tags/v3.7.5.tar.gz && tar -xzf v3.7.5.tar.gz -C /opt
/opt/netbox
:
ln -s /opt/netbox-3.6.3/ /opt/netbox
adduser --system --group netbox
/opt/netbox/netbox/media/
to the netbox
user. This is important as otherwise NetBox will not be able to write in this directory and you will not be able to upload any documents or images.
chown --recursive netbox /opt/netbox/netbox/media/
cd /opt/netbox/netbox/netbox/
configuration_example.py
and name it configuration.py
:
cp configuration_example.py configuration.py
nano
:
nano configuration.py
ALLOWED_HOSTS
, DATABASE
, REDIS
, SECRET_KEY
as following:
ALLOWED_HOSTS
specifies the hostnames or IP addresses that are used for the NetBox instance:
ALLOWED_HOSTS = ['netbox.example.com', '198.51.100.35']
DATABASE
specifies the database credentials of your PostgreSQL database. Use the database netbox
with the credentials of the netbox
user previously created. You can find the required database host and port on the Instance Information in your Scaleway console.
DATABASE = {'NAME': 'netbox', # Database name'USER': 'netbox', # PostgreSQL username'PASSWORD': '<YOUR_DATABASE_USER_PASSWORD>', # PostgreSQL password'HOST': '<YOUR_RDB_IP>', # Database server IP (available in your Scaleway console)'PORT': '<YOUR_RDB_PORT>', # Database port (available in your Scaleway console)'CONN_MAX_AGE': 300, # Maximum database connection age}
REDIS
specifies the configuration parameters of Redis, an in-memory key-value store required as part of the NetBox installation. For most installations, the default configuration is good enough, and you can leave it as it is. For more information about advanced Redis configuration, refer to the official documentation.SECRET_KEY
specifies a secret cryptographic key that is used to improve the security of cookies and password resets. It should be at least 50 characters long and should not be shared outside the configuration file. You may change the value of the key at any time, resulting in a termination of all active sessions.Enter the key in the configuration file as follows, then save the file and exit your text editor:
SECRET_KEY = 'uyK5ajt-Vl$!gd2HeLbN=^6@&EhDmv8%)zT1S03kXPCsUGrI9_'
The SECRET_KEY
is not used for hashing user passwords or for the encrypted storage of secret data in NetBox.
NetBox comes with a script, that you may use to generate a random key:
python3 /opt/netbox/netbox/generate_secret_key.py
upgrade.sh
):
/opt/netbox/upgrade.sh
This script performs the following actions on your instance:
The upgrade script may warn you, that no existing virtual environment was detected. As this is a new installation, you can safely ignore this warning.
The basic configuration for NetBox is done now, several other configuration options are available but optional. Refer to the official documentation for more information on them.
NetBox does not come with any default user accounts. Create a first user by completing the following steps:
venv
created by the installation script:
source /opt/netbox/venv/bin/activate
netbox
directory:
cd /opt/netbox/netbox
manage.py
script as follows:
python3 manage.py createsuperuser
Enter the username
, email
, password
, and password confirmation
for the user and confirm by pressing Enter. The following message displays once the user is created: Superuser created successfully.
python3 manage.py runserver 0.0.0.0:8000 --insecure
http://netbox.example.com:8000
. The NetBox dashboard displays.CTRL
+ C
.gunicorn is a Python WSGI HTTP Server for UNIX which will be used to serve the NetBox application to Nginx.
contrib
directory to its final destination:
cp /opt/netbox/contrib/gunicorn.py /opt/netbox/gunicorn_config.py
The configuration file shipped with the NetBox application works for most setups, however, if you need some specific settings, refer to the gunicorn documentation.
We use systemd to start NetBox automatically during the boot process of the instance.
contrib
directory to their final location:
cp /opt/netbox/contrib/*.service /etc/systemd/system/
systemctl daemon-reload
netbox-rq
service
systemctl start netbox netbox-rq.servicesystemctl enable netbox netbox-rq.service
To provide an additional layer of security, NetBox will be running behind a NGINX reverse proxy. This proxy replies to all requests to NetBox and avoids exposing the application directly on the internet.
/etc/nginx/sites-available/netbox.conf
in a text editor of your choice, i.e. nano
:
nano /etc/nginx/sites-available/netbox.conf
/etc/nginx/sites-available/netbox.conf
. Make sure to replace netbox.example.com
with the hostname of your instance.
server {listen 80;# CHANGE THIS TO YOUR SERVER'S NAMEserver_name netbox.example.com;client_max_body_size 25m;location /static/ {alias /opt/netbox/netbox/static/;}location / {proxy_pass http://127.0.0.1:8001;proxy_set_header X-Forwarded-Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-Proto $scheme;}}
Save the file and exit the text editor. 3. Create a symlink to enable the new configuration with NGINX:
ln -s /etc/nginx/sites-available/netbox.conf /etc/nginx/sites-enabled/netbox.conf
Reload NGINX to activate the new configuration:
service nginx reload
Install certbot
to configure a TLS-encrypted connection to your NetBox instance:
apt install certbot python3-certbot-nginx
Run certbot
to request a TSL/SSL certificate for your NetBox instance, issued by the Let’s Encrypt certificate authority:
certbot --nginx
Follow our dedicated documentation about Let’s Encrypt for detailed information on how to use the certbot
tool.
Open your web browser and point it to your NetBox domain (i.e. http://netbox.example.com
). The Netbox dashboard displays:
You can log into Netbox by clicking on the Log In button in the top right corner using the username and password of the superuser configured in a previous step.
You now have successfully installed Netbox and linked it with a managed PostgreSQL database. The application is now ready to be configured. You can add your servers, racks, and other network equipment directly from the NetBox web interface.
For more information on how to add your devices to NetBox, refer to the official documentation.