Netbox is a service to document server-infrastrucure
# apt install postgresql libpq-dev
$ sudo -u posgres psql psql (9.4.5) Type "help" for help. postgres=# CREATE DATABASE netbox; CREATE DATABASE postgres=# CREATE USER netbox WITH PASSWORD '<password>'; CREATE ROLE postgres=# GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox; GRANT postgres=# \q
# apt install -y python3 python3-pip python3-dev build-essential libxml2-dev libxslt1-dev libffi-dev graphviz libpq-dev libs
$ wget https://github.com/digitalocean/netbox/archive/v2.5.10.tar.gz $ sudo tar -xzf v2.5.10.tar.gz -C /opt
# ln -s /opt/netbox-2.5.10/ /opt/netbox
$ cd /opt/netbox/ $ sudo pip3 install -r requirements.txt
# cp netbox/netbox/configuration.example.py netbox/netbox/configuration.py
# cd netbox # python3 generate_secret_key.py
/opt/netbox/netbox/netbox/configuration.py ALLOWED_HOSTS = ['netbox.cm.in.tum.de', '172.24.25.68']
DATABASE = {
'NAME': 'netbox', # Database name
'USER': 'netbox', # PostgreSQL username
'PASSWORD': '<psql password>', # PostgreSQL password
'HOST': 'localhost', # Database server
'PORT': '', # Database port (leave blank for default)
}
SECRET_KEY = '<secret key>'
# cd /opt/netbox/netbox # python3 manage.py migrate
# python3 manage.py creeatesuperuser
# python3 manage.py collectstatic --no-input
# apt install nginx
/etc/nginx/sites-available/netbox with the following content:server {
listen 80;
server_name netbox.cm.in.tum.de;
client_max_body_size 25m;
location /static/ {
alias /opt/netbox/netbox/static/;
}
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';
}
}
/etc/nginx/sites-enabled/default and create a symlink to the just created file # rm /etc/nginx/sites-enabled/default # ln -s /etc/nginx/sites-available/netbox /etc/nginx/sites-available/
# service nginx restart
# pip3 install gunicorn # apt install supervisor
/opt/netbox/gunicorn_config.py with the following content: command = '/usr/local/bin/gunicorn' pythonpath = '/opt/netbox/netbox' bind = '127.0.0.1:8001' workers = 3 user = 'www-data'
/etc/supervisor/conf.d/netbox.conf with the following content: [program:netbox] command = gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi directory = /opt/netbox/netbox/ user = www-data [program:netbox-rqworker] command = python3 /opt/netbox/netbox/manage.py rqworker directory = /opt/netbox/netbox/ user = www-data
# service supervisor restart
# apt install libldap2-dev libsasl2-dev libssl-dev # pip3 install django-auth-ldap
/opt/netbox/netbox/netbox/ldap_config.py with the following content: import ldap
AUTH_LDAP_SERVER_URI = "ldaps://ldap.in.tum.de:636"
from django_auth_ldap.config import LDAPSearch
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=Personen, ou=IN, o=TUM, c=de", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
from django_auth_ldap.config import LDAPSearch, PosixGroupType
# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group
# hierarchy.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Gruppen, ou=IN, o=TUM, c=de", ldap.SCOPE_SUBTREE,
"(objectClass=posixGroup)")
AUTH_LDAP_GROUP_TYPE = PosixGroupType()
# Define a group required to login.
AUTH_LDAP_REQUIRE_GROUP = "cn=il11admin, ou=Gruppen, ou=IN, o=TUM, c=de"
# Mirror LDAP group assignments.
AUTH_LDAP_MIRROR_GROUPS = True
# Define special user types using groups. Exercise great caution when assigning superuser status.
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "cn=il11admin,ou=Gruppen,ou=IN,o=TUM,c=de",
"is_staff": "cn=il11admin,ou=Gruppen,ou=IN,o=TUM,c=de",
"is_superuser": "cn=il11admin,ou=Gruppen,ou=IN,o=TUM,c=de"
}
# For more granular permissions, we can map LDAP groups to Django groups.
AUTH_LDAP_FIND_GROUP_PERMS = True
# Cache groups for one hour to reduce LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
# supervisorctl restart netbox