mito’s blog

IT技術メインの雑記。思い立ったが吉日。

Ubuntuでオンプレ版NetBox2.11を建てる

NetBox

はじめに

先日リリースされたNetBox2.11を触りたかったので、オンプレ版を建てました。

環境


NetBox2.11の構築

公式のインストールガイドを参照しながら進めていきます。

netbox.readthedocs.io


# apt update
# apt install -y postgresql libpq-dev
# systemctl start postgresql
# systemctl enable postgresql
# sudo -u postgres psql
psql (12.6 (Ubuntu 12.6-0ubuntu0.20.04.1))
Type "help" for help.

postgres=# CREATE DATABASE netbox;
CREATE DATABASE
postgres=# CREATE USER netbox WITH PASSWORD 'パスワード';
CREATE ROLE
postgres=# GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
GRANT
postgres=# \q

# psql --username netbox --password --host localhost netbox
Password: パスワード
psql (12.6 (Ubuntu 12.6-0ubuntu0.20.04.1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.

netbox=> \conninfo
You are connected to database "netbox" as user "netbox" on host "localhost" (address "127.0.0.1") at port "5432".
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
netbox=> \q

# apt install -y redis-server
# redis-cli ping
PONG

# apt install -y python3 python3-pip python3-venv python3-dev build-essential libxml2-dev libxslt1-dev libffi-dev libpq-dev libssl-dev zlib1g-dev
# wget https://github.com/netbox-community/netbox/archive/v2.11.0.tar.gz
--2021-04-19 14:08:46--  https://github.com/netbox-community/netbox/archive/v2.11.0.tar.gz
Resolving github.com (github.com)... 52.69.186.44
Connecting to github.com (github.com)|52.69.186.44|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/netbox-community/netbox/tar.gz/v2.11.0 [following]
--2021-04-19 14:08:47--  https://codeload.github.com/netbox-community/netbox/tar.gz/v2.11.0
Resolving codeload.github.com (codeload.github.com)... 52.68.31.213
Connecting to codeload.github.com (codeload.github.com)|52.68.31.213|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘v2.11.0.tar.gz’

v2.11.0.tar.gz                       [      <=>                                               ]   6.77M  5.59MB/s    in 1.2s    

2021-04-19 14:08:48 (5.59 MB/s) - ‘v2.11.0.tar.gz’ saved [7101381]

# tar -xzf v2.11.0.tar.gz -C /opt
# ln -s /opt/netbox-2.11.0/ /opt/netbox
# ls -l /opt | grep netbox
lrwxrwxrwx 1 root root   19 Apr 19 14:09 netbox -> /opt/netbox-2.11.0/
drwxrwxr-x 7 root root 4096 Apr 16 13:52 netbox-2.11.0

# adduser --system --group netbox
Adding system user `netbox' (UID 115) ...
Adding new group `netbox' (GID 122) ...
Adding new user `netbox' (UID 115) with group `netbox' ...
Creating home directory `/home/netbox' ...
# chown --recursive netbox /opt/netbox/netbox/media/

# cd /opt/netbox/netbox/netbox/
# cp configuration.example.py configuration.py
# python3 ../generate_secret_key.py
XXXXXXXXXXXXパスワード50文字XXXXXXXXXXXXXXXXXXXXXXX

# vim configuration.py

- ALLOWED_HOSTS = []             
+ ALLOWED_HOSTS = ['*']             

DATABASE = {
    'NAME': 'netbox',         # Database name
    'USER': 'netbox',               # PostgreSQL username

-    'PASSWORD': '',           # PostgreSQL password
+    'PASSWORD': 'XXXXXX',           # PostgreSQL password

    'HOST': 'localhost',      # Database server
    'PORT': '',               # Database port (leave blank for default)
    'CONN_MAX_AGE': 300,      # Max database connection age
}

- SECRET_KEY = ''
+ SECRET_KEY = 'XXXXXXXXXXXパスワード50文字XXXXXXXXXXXXXXXXXXX'







- TIME_ZONE = 'UTC'
+ TIME_ZONE = 'Asia/Tokyo'







# /opt/netbox/upgrade.sh

# source /opt/netbox/venv/bin/activate
(venv) # cd /opt/netbox/netbox
(venv) # python3 manage.py createsuperuser
Username (leave blank to use 'root'): admin
Email address: 
Password: パスワード
Password (again): パスワード
Superuser created successfully.
(venv) # deactivate

# cp /opt/netbox/contrib/gunicorn.py /opt/netbox/gunicorn.py
# cp -v /opt/netbox/contrib/*.service /etc/systemd/system/
'/opt/netbox/contrib/netbox-rq.service' -> '/etc/systemd/system/netbox-rq.service'
'/opt/netbox/contrib/netbox.service' -> '/etc/systemd/system/netbox.service'

# systemctl daemon-reload
# systemctl start netbox netbox-rq
# systemctl enable netbox netbox-rq
Created symlink /etc/systemd/system/multi-user.target.wants/netbox.service → /etc/systemd/system/netbox.service.
Created symlink /etc/systemd/system/multi-user.target.wants/netbox-rq.service → /etc/systemd/system/netbox-rq.service.

# systemctl enable netbox netbox-rq
Created symlink /etc/systemd/system/multi-user.target.wants/netbox.service → /etc/systemd/system/netbox.service.
Created symlink /etc/systemd/system/multi-user.target.wants/netbox-rq.service → /etc/systemd/system/netbox-rq.service.
# systemctl status netbox.service
● netbox.service - NetBox WSGI Service
     Loaded: loaded (/etc/systemd/system/netbox.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2021-04-19 14:32:11 UTC; 18s ago
       Docs: https://netbox.readthedocs.io/en/stable/
   Main PID: 11299 (gunicorn)
      Tasks: 6 (limit: 4706)
     Memory: 336.5M
     CGroup: /system.slice/netbox.service
             ├─11299 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>
             ├─11316 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>
             ├─11317 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>
             ├─11318 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>
             ├─11319 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>
             └─11320 /opt/netbox-2.11.0/venv/bin/python3 /opt/netbox/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /o>

Apr 19 14:32:11 XXXXXXXXXX systemd[1]: Started NetBox WSGI Service.
Apr 19 14:32:11 XXXXXXXXXX gunicorn[11299]: [2021-04-19 14:32:11 +0000] [11299] [INFO] Starting gunicorn 20.1.0
Apr 19 14:32:11 XXXXXXXXXX gunicorn[11299]: [2021-04-19 14:32:11 +0000] [11299] [INFO] Listening at: http://127.0.0.1:8001>
Apr 19 14:32:11 XXXXXXXXXX gunicorn[11299]: [2021-04-19 14:32:11 +0000] [11299] [INFO] Using worker: threads

# apt install -y nginx
# cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox
# vim /etc/nginx/sites-available/netbox
server {







-    listen 443 ssl;
+ #    listen 443 ssl;







    # CHANGE THIS TO YOUR SERVER'S NAME







-     server_name netbox.example.com;
-     ssl_certificate /etc/ssl/certs/netbox.crt;
-     ssl_certificate_key /etc/ssl/private/netbox.key;
+ #    server_name netbox.example.com;
+ #    ssl_certificate /etc/ssl/certs/netbox.crt;
+ #    ssl_certificate_key /etc/ssl/private/netbox.key;







    client_max_body_size 25m;

    location /static/ {
        alias /opt/netbox/netbox/static/;
    }

    location / {
        proxy_pass http://127.0.0.1:8001;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

server {
    # Redirect HTTP traffic to HTTPS
    listen 80;
    server_name _;
    return 301 https://$host$request_uri;
}

# rm /etc/nginx/sites-enabled/default
# ln -s /etc/nginx/sites-available/netbox /etc/nginx/sites-enabled/netbox
# systemctl restart nginx







ブラウザで以下に接続します。



http://(IPアドレス)/







雑記



docker-compose版が待ち遠しい。