66471934af
Knowledge base of ~80+ markdown files across 14 domains (00-13), Logseq graph, hardware design files (KiCAD), infrastructure configs, and talas-wiki static site. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| defaults | ||
| files | ||
| handlers | ||
| meta | ||
| tasks | ||
| templates | ||
| readme.md | ||
NetBox role
Description
This role installs NetBox 4.0.3 or greater. The following links were used to build this role :
- https://netbox.readthedocs.io/en/stable/
- https://docs.djangoproject.com/en/3.1/ref/settings/#databases
- https://django-auth-ldap.readthedocs.io/en/latest/index.html
Mandatory variables
| Variable | Description | Type | Sample value |
|---|---|---|---|
| netbox_version | netbox version to use https://github.com/netbox-community/netbox/releases | string (github tag) | v4.0.3 |
| netbox_superuser_email | superuser email | noc@cosium.com |
|
| netbox_fqdn | servername for httpd | fqdn | ipam-2.cosium.com |
Optional variables
| Variable | Default | Description |
|---|---|---|
| netbox_changelog_days_retention | 0 | Number of days of changelog to keep in database, 0 = unlimited. |
Configuration
The configuration must be given as key: value pairs like the following:
netbox_config:
ALLOWED_HOSTS:
- "{{ ansible_hostname }}"
- localhost
- 127.0.0.1
TIME_ZONE: "Europe/Paris"
SECRET_KEY: "{{ netbox_secret_key }}"
The default provided configuration is sufficient for a working install.
Additionnal packages
Other Python packages can be installed using local_requirements.txt, this is useful to install packages such as NAPALM or plugins:
netbox_local_requirements:
- django-auth-ldap
- napalm
Custom scripts
NetBox can be extended with custom scripts/reports. Documentation to create such scripts is located here:
- https://docs.netbox.dev/en/stable/customization/reports/
- https://docs.netbox.dev/en/stable/customization/custom-scripts/
To install a custom script, you need to define the following list:
netbox_custom_scripts:
- name: add_device_type_components.py
- name: missing_device_type_components.py
dest: reports
The script must exist in the files directory of this role.
dest is optional as most of the scripts go to /opt/netbox/netbox/scripts/
LDAP configuration
The following variable are required for LDAP configuration (Queries use python functions LDAPSearch() and LDAPGroupQuery() if placeholders, arguments or conditions must be passed):
netbox_ldap_user_search: LDAPSearch("dc=cosium,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
netbox_ldap_group_search: LDAPSearch("ou=divisions,ou=groups,dc=cosium,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)")
netbox_ldap_require_group: LDAPGroupQuery("cn=Infrastructure,ou=divisions,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com")
netbox_ldap_group_assignation:
is_active: (LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com"))
is_staff: (LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com"))
is_superuser: "\"cn=sysop,ou=system,ou=groups,dc=cosium,dc=com\""
Update
To perform an update, change the variable netbox_version to the new version, then run this role.
Always review the release notes
NetBox can generally be upgraded directly to any newer release with no interim steps, with the one exception being incrementing major versions. This can be done only from the most recent minor release of the major version.