debops.netbox default variables¶
Sections
- Domain name configuration
- APT packages
- Application user, group, home
- Directory paths
- Application sources and deployment
- Python virtualenv configuration
- PostgreSQL database configuration
- Redis database configuration
- NetBox configuration options
- Initial superuser account
- Internal application settings
- Configuration variables for other Ansible roles
Domain name configuration¶
-
netbox__fqdn¶
String or list of the Fully Qualified domain names on which the NetBox application will be available, used by the webserver. The first item will be used as the e-mail sender domain name.
netbox__fqdn: [ 'dcim.{{ netbox__domain }}', 'ipam.{{ netbox__domain }}' ]
-
netbox__domain¶
The DNS domain used by other variables in the debops.netbox role.
netbox__domain: '{{ ansible_local.core.domain
if (ansible_local|d() and ansible_local.core|d() and
ansible_local.core.domain|d())
else ansible_domain }}'
APT packages¶
-
netbox__base_packages¶
List of APT packages which are required by the NetBox application.
netbox__base_packages:
- 'git'
- 'build-essential'
- 'libxml2-dev'
- 'libxslt1-dev'
- 'libffi-dev'
- 'graphviz'
- 'libpq-dev'
- 'libssl-dev'
-
netbox__packages¶
List of additional APT packages to install with NetBox.
netbox__packages: []
Application user, group, home¶
-
netbox__user¶
Name of the UNIX system account used to manage NetBox.
netbox__user: 'netbox'
-
netbox__group¶
Name of the UNIX primary group used to manage NetBox.
netbox__group: 'netbox'
-
netbox__gecos¶
Contents of the GECOS field set for the NetBox account.
netbox__gecos: 'NetBox'
-
netbox__shell¶
The default shell set on the NetBox account.
netbox__shell: '/usr/sbin/nologin'
Directory paths¶
-
netbox__home¶
The NetBox account home directory.
netbox__home: '{{ (ansible_local.root.home
if (ansible_local|d() and ansible_local.root|d() and
ansible_local.root.home|d())
else "/var/local") + "/" + netbox__user }}'
-
netbox__src¶
Directory where the role stores NetBox sources from GitHub.
netbox__src: '{{ (ansible_local.root.src
if (ansible_local|d() and ansible_local.root|d() and
ansible_local.root.src|d())
else "/usr/local/src") + "/" + netbox__user }}'
-
netbox__lib¶
Directory where the NetBox application directory is located.
netbox__lib: '{{ (ansible_local.root.lib
if (ansible_local|d() and ansible_local.root|d() and
ansible_local.root.lib|d())
else "/usr/local/lib") + "/" + netbox__user }}'
-
netbox__data¶
Directory where custom Netbox data (images, scripts) outside of the database is stored.
netbox__data: '{{ (ansible_local.root.data
if (ansible_local|d() and ansible_local.root|d() and
ansible_local.root.data|d())
else "/srv") + "/" + netbox__user }}'
Application sources and deployment¶
-
netbox__git_gpg_key_id¶
The GPG ID of the key used for signing NetBox releases. At the moment the releases are signed using GitHub GPG key.
netbox__git_gpg_key_id: '5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23'
-
netbox__git_repo¶
The URI of the NetBox git source repository.
netbox__git_repo: 'https://github.com/netbox-community/netbox.git'
-
netbox__git_version¶
The git branch or tag which will be installed.
netbox__git_version: 'v2.6.3'
-
netbox__git_dest¶
Path where the git source bare repository will be stored.
netbox__git_dest: '{{ netbox__src + "/" + netbox__git_repo.split("://")[1] }}'
-
netbox__git_checkout¶
Path where NetBox sources will be checked out (installation path).
netbox__git_checkout: '{{ netbox__virtualenv + "/app" }}'
Python virtualenv configuration¶
-
netbox__virtualenv_version¶
Beginning with v2.5, NetBox will no longer support Python 2. When this is set to 3 a new Python 3 virtualenv environment will be created next to the old one. Valid values are 3 or an empty string.
netbox__virtualenv_version: '{{ ""
if ( netbox__git_version | regex_search("^v?[0-9\.]+")
and netbox__git_version|replace("v", "") is version("2.5", "<") )
else "3" }}'
-
netbox__virtualenv¶
Path where the NetBox virtualenv directory will be stored.
netbox__virtualenv: '{{ netbox__lib + "/virtualenv" }}'
-
netbox__virtualenv_env_path¶
The contents of the $PATH environment variable set for the Ansible tasks
which are executed inside of the NetBox Python environment.
netbox__virtualenv_env_path: '{{ netbox__virtualenv }}/bin:/usr/local/bin:/usr/bin:/bin'
-
netbox__virtualenv_pip_packages¶
List of additional Python modules installed inside of the NetBox
virtualenv environment. See netbox__virtualenv_pip_packages
for more details.
netbox__virtualenv_pip_packages:
- name: 'gunicorn'
version: '{{ ansible_local.gunicorn.version
if (ansible_local|d() and ansible_local.gunicorn|d() and
ansible_local.gunicorn.version|d())
else omit }}'
- 'setproctitle'
- name: 'napalm'
state: '{{ "present"
if (netbox__config_napalm_password != "")
else "ignore" }}'
PostgreSQL database configuration¶
The NetBox database configuration is managed by the debops.postgresql Ansible role. See its documentation for details about the default variable values used in the NetBox role.
-
netbox__database_host¶
The hostname or IP address of the PostgreSQL database server to use for the NetBox database.
netbox__database_host: '{{ ansible_local.postgresql.server
if (ansible_local|d() and ansible_local.postgresql|d() and
ansible_local.postgresql.server|d())
else "localhost" }}'
-
netbox__database_port¶
The TCP port of the PostgreSQL database server which should be used by Netbox.
netbox__database_port: '{{ ansible_local.postgresql.port
if (ansible_local|d() and ansible_local.postgresql|d() and
ansible_local.postgresql.port|d())
else "5432" }}'
-
netbox__database_name¶
Name of the PostgreSQL database and its corresponding role used by NetBox. This role won't be able to login to the database server directly.
netbox__database_name: 'netbox_production'
-
netbox__database_user¶
Name of the PostgreSQL role used by NetBox. This role will be able to login to the PostgreSQL server and access the NetBox database.
netbox__database_user: '{{ netbox__user }}'
-
netbox__database_password¶
Autogenerated password to the NetBox PostgreSQL user role.
netbox__database_password: '{{ lookup("password", secret + "/postgresql/" +
(ansible_local.postgresql.delegate_to
if (ansible_local|d() and ansible_local.postgresql|d() and
ansible_local.postgresql.delegate_to|d())
else "localhost") + "/" +
(ansible_local.postgresql.port
if (ansible_local|d() and ansible_local.postgresql|d() and
ansible_local.postgresql.port|d())
else "5432") + "/credentials/" +
netbox__database_user + "/password") }}'
-
netbox__load_initial_data¶
If True, the role will populate the NetBox database with the initial data
provided with the application on installation.
netbox__load_initial_data: True
Redis database configuration¶
The Redis database configuration is managed by the debops.redis_server Ansible role. See its documentation for details about the default variable values used in the NetBox role.
-
netbox__redis_host¶
Define hostname of the Redis server to use.
netbox__redis_host: '{{ ansible_local.redis_server.host
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.host|d())
else "localhost" }}'
-
netbox__redis_port¶
Define port of Redis server to use.
netbox__redis_port: '{{ ansible_local.redis_server.port
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.port|d())
else "6379" }}'
-
netbox__redis_password¶
Define the Redis authentication password to use.
netbox__redis_password: '{{ ansible_local.redis_server.password
if (ansible_local|d() and ansible_local.redis_server|d() and
ansible_local.redis_server.password|d())
else "" }}'
-
netbox__redis_database¶
Specify which Redis database to use for NetBox.
netbox__redis_database: '0'
-
netbox__redis_cache_database¶
Specify which Redis database to use for NetBox chache.
netbox__redis_cache_database: '{{ (netbox__redis_database|int + 1) }}'
-
netbox__redis_ssl¶
Enable or disable support for encrypted connections to Redis. Currently this option has no support in DebOps.
netbox__redis_ssl: False
NetBox configuration options¶
-
netbox__config_allowed_hosts¶
List of domain names under which the NetBox application will accept
connections. Specify * to accept connections to any domain name.
netbox__config_allowed_hosts: '{{ netbox__fqdn }}'
-
netbox__config_secret_key¶
The Django secret key used by the NetBox application. It will be shared by all hosts on the same domain.
netbox__config_secret_key: '{{ lookup("password", secret + "/netbox/" +
netbox__domain + "/config/secret_key length=64") }}'
-
netbox__config_admins¶
A YAML list of tuples, [ 'Name', 'email' ], of the NetBox administrators.
They will receive e-mail messages about NetBox application errors.
By default the role uses the list of private admin e-mails from the debops.core Ansible role.
netbox__config_admins: '{{ lookup("template", "lookup/netbox__config_admins.j2") | from_yaml }}'
-
netbox__config_cache_timeout¶
Cache timeout in seconds. Set to 0 to disable caching.
netbox__config_cache_timeout: 3600
-
netbox__config_changelog_retention¶
Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely.
netbox__config_changelog_retention: 90
-
netbox__config_cors_origin_allow_all¶
API Cross-Origin Resource Sharing configuration. If True, all origins are
allowed. See https://github.com/ottoyiu/django-cors-headers for more details.
netbox__config_cors_origin_allow_all: False
-
netbox__config_cors_origin_whitelist¶
List of allowed OCRS origin hostnames.
netbox__config_cors_origin_whitelist: []
-
netbox__config_cors_origin_regex_whitelist¶
List of allowed OCRS origin regex hostnames.
netbox__config_cors_origin_regex_whitelist: []
-
netbox__config_email_server¶
The address of the SMTP server used by NetBox. By default the application uses locally-installed SMTP server.
netbox__config_email_server: 'localhost'
-
netbox__config_email_port¶
The TCP port of the SMTP server used by NetBox.
netbox__config_email_port: '25'
-
netbox__config_email_username¶
The username used to login to the SMTP server.
netbox__config_email_username: ''
-
netbox__config_email_password¶
The password used to login to the SMTP server.
netbox__config_email_password: ''
-
netbox__config_email_timeout¶
The SMTP server connection timeout, in seconds.
netbox__config_email_timeout: '10'
-
netbox__config_email_from¶
The e-mail address for the NetBox application, it will be used in the
From: header of the NetBox e-mail messages.
netbox__config_email_from: '{{ netbox__user }}@{{ netbox__fqdn
if netbox__fqdn is string
else netbox__fqdn[0] }}'
-
netbox__config_logging¶
Optional, custom logging configuration specified as YAML dictionary. See https://docs.djangoproject.com/en/1.11/topics/logging for more details.
netbox__config_logging: {}
-
netbox__config_login_required¶
If True, access to NetBox is only allowed for logged-in users. If
False, some information stored in the NetBox database is accessible in
the read-only mode for anonymous users.
netbox__config_login_required: True
-
netbox__config_login_timeout¶
The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to re-authenticate. (Default: 14 days)
netbox__config_login_timeout: '{{ (60 * 60 * 24 * 14) }}'
-
netbox__config_base_path¶
Set the "base path" of the NetBox application if it's installed in a subdirectory of the webserver.
netbox__config_base_path: ''
-
netbox__config_maintenance_mode¶
Enable or disable maintenance mode banner.
netbox__config_maintenance_mode: False
-
netbox__config_napalm_username¶
Specify the username which should be used by NetBox to access live devices using the NAPALM library.
netbox__config_napalm_username: ''
-
netbox__config_napalm_password¶
Specify the password which should be used by NetBox to access live devices using the NAPALM library.
netbox__config_napalm_password: ''
-
netbox__config_napalm_timeout¶
NAPALM request timeout, in seconds.
netbox__config_napalm_timeout: '30'
-
netbox__config_napalm_args¶
Optional NAPALM arguments, specified as a YAML dictionary.
netbox__config_napalm_args: {}
-
netbox__config_paginate_count¶
Specify maximum number of list items per page.
netbox__config_paginate_count: '64'
-
netbox__config_max_page_size¶
Maximum number of objects returned in an API call.
netbox__config_max_page_size: '1000'
-
netbox__config_time_zone¶
Specify the timezone used by NetBox.
netbox__config_time_zone: '{{ ansible_local.timezone
if (ansible_local|d() and
ansible_local.timezone|d())
else "Etc/UTC" }}'
-
netbox__config_date_format¶
Specify the date format which NetBox uses to display information. See https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date for more details.
netbox__config_date_format: 'N j, Y'
-
netbox__config_short_date_format¶
Specify the short date format used by NetBox to display information.
netbox__config_short_date_format: 'Y-m-d'
-
netbox__config_time_format¶
Specify the time format used by NetBox to display information.
netbox__config_time_format: 'g:i a'
-
netbox__config_short_time_format¶
Specify the short time format used by NetBox to display information.
netbox__config_short_time_format: 'H:i:s'
-
netbox__config_datetime_format¶
Specify the date and time format used by NetBox to display information.
netbox__config_datetime_format: 'N j, Y g:i a'
-
netbox__config_short_datetime_format¶
Specify the short date and time format used by NetBox to display information.
netbox__config_short_datetime_format: 'Y-m-d H:i'
Specify a custom message displayed on the top of every page.
netbox__config_banner_top: ''
Specify a custom message displayed on the bottom of every page.
netbox__config_banner_bottom: ''
Specify a custom message displayed on the login page above the login from.
netbox__config_banner_login: ''
-
netbox__config_prefer_ipv4¶
By default NetBox prefers to use IPv6 addresses as primary device addresses.
Set this variable to True to change that to IPv4 instead.
netbox__config_prefer_ipv4: False
-
netbox__config_enforce_global_unique¶
If enabled, NetBox will enforce unique IP space in the "global" table (all prefixes and IP addresses not included in a VRF).
netbox__config_enforce_global_unique: False
-
netbox__config_exempt_view_permissions¶
Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and by anonymous users. List models in the form <app>.<model>. Add '*' to this list to exempt all models.
netbox__config_exempt_view_permissions: []
-
netbox__config_metrics_enabled¶
When enabled, expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'.
netbox__config_metrics_enabled: False
-
netbox__config_webhooks_enabled¶
The webhooks backend is disabled by default. Set this to True to enable it. Note that this requires a Redis # database be configured and accessible by NetBox.
netbox__config_webhooks_enabled: False
-
netbox__config_session_file_path¶
By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only database access.) Note that the user as which NetBox runs must have read and write permissions to this path.
netbox__config_session_file_path: False
-
netbox__config_media_root¶
Absolute path where Nebox stores upladed media files.
netbox__config_media_root: '{{ netbox__data + "/media" }}'
-
netbox__config_reports_root¶
Absolute path where Netbox reports (Python modules) are stored.
netbox__config_reports_root: '{{ netbox__data + "/reports" }}'
Initial superuser account¶
-
netbox__superuser_name¶
Name of the initial admin account created by the role.
netbox__superuser_name: '{{ ansible_local.core.admin_users[0]
if (ansible_local|d() and ansible_local.core|d() and
ansible_local.core.admin_users|d())
else "admin" }}'
-
netbox__superuser_email¶
E-mail address of the initial admin account created by the role.
netbox__superuser_email: '{{ ansible_local.core.admin_private_email[0]
if (ansible_local|d() and ansible_local.core|d() and
ansible_local.core.admin_private_email|d())
else ("root@" + netbox__domain) }}'
-
netbox__superuser_password¶
Password set for the initial admin account created by the role.
netbox__superuser_password: '{{ lookup("password", secret + "/netbox/" +
netbox__domain + "/superuser/" +
netbox__superuser_name + "/password") }}'
Internal application settings¶
-
netbox__app_internal_appserver¶
Enable or disable support for internal gunicorn application server.
netbox__app_internal_appserver: '{{ False
if (ansible_local|d() and ansible_local.gunicorn|d() and
ansible_local.gunicorn.installed|bool)
else (True if ansible_service_mgr == "systemd" else False) }}'
-
netbox__app_name¶
Name of the NetBox application processes (workers) set by the master process.
netbox__app_name: '{{ netbox__user }}'
-
netbox__app_runtime_dir¶
Name of the subdirectory in the /run/ directory where the NetBox
application will bind its UNIX socket. The default is selected so that
configuration of the gunicorn service is idempotent.
netbox__app_runtime_dir: '{{ "gunicorn"
if (ansible_distribution_release in
[ "wheezy", "jessie", "precise", "trusty", "xenial" ])
else "gunicorn-netbox" }}'
-
netbox__app_bind¶
Specify either an UNIX or TCP socket on which the NetBox application should bind and listen for connections.
netbox__app_bind: 'unix:/run/{{ netbox__app_runtime_dir }}/netbox.sock'
-
netbox__app_workers¶
Number of worker threads to start for NetBox application.
netbox__app_workers: '{{ ansible_processor_vcpus|int + 1 }}'
-
netbox__app_timeout¶
Number of seconds after which non-responsive worker threads will be killed and restarted. Netbox installations with lots of objects might require longer timeouts for API access.
netbox__app_timeout: '900'
-
netbox__app_params¶
List of parameters passed to the gunicorn process manager.
netbox__app_params:
- '--name={{ netbox__app_name }}'
- '--bind={{ netbox__app_bind }}'
- '--workers={{ netbox__app_workers }}'
- '--timeout={{ netbox__app_timeout }}'
- 'netbox.wsgi'
Configuration variables for other Ansible roles¶
-
netbox__keyring__dependent_gpg_keys¶
Configuration for the debops.keyring Ansible role.
netbox__keyring__dependent_gpg_keys:
- user: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
id: '{{ netbox__git_gpg_key_id }}'
-
netbox__python__dependent_packages3¶
Configuration for the debops.python Ansible role.
netbox__python__dependent_packages3:
- 'python3-dev'
-
netbox__python__dependent_packages2¶
Configuration for the debops.python Ansible role.
netbox__python__dependent_packages2:
- 'python-dev'
-
netbox__gunicorn__dependent_applications¶
Configuration for the debops.gunicorn Ansible role.
netbox__gunicorn__dependent_applications:
- name: 'netbox'
mode: 'wsgi'
working_dir: '{{ netbox__git_checkout + "/netbox" }}'
python: '{{ netbox__virtualenv + "/bin/python" }}'
user: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
system: True
timeout: '{{ netbox__app_timeout }}'
workers: '{{ netbox__app_workers }}'
args: '{{ netbox__app_params }}'
-
netbox__postgresql__dependent_roles¶
Role configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_roles:
- name: '{{ netbox__database_user }}'
- name: '{{ netbox__database_name }}'
flags: [ 'NOLOGIN' ]
-
netbox__postgresql__dependent_groups¶
Group configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_groups:
- roles: [ '{{ netbox__database_user }}' ]
groups: [ '{{ netbox__database_name }}' ]
database: '{{ netbox__database_name }}'
-
netbox__postgresql__dependent_databases¶
Database configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_databases:
- name: '{{ netbox__database_name }}'
owner: '{{ netbox__database_name }}'
-
netbox__postgresql__dependent_pgpass¶
~/.pgpass configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_pgpass:
- owner: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
system: True
-
netbox__nginx__dependent_upstreams¶
Upstream configuration for the debops.nginx Ansible role.
netbox__nginx__dependent_upstreams:
- name: 'netbox'
server: '{{ netbox__app_bind }}'
-
netbox__nginx__dependent_servers¶
Server configuration for the debops.nginx Ansible role.
netbox__nginx__dependent_servers:
- name: '{{ netbox__fqdn }}'
by_role: 'debops.netbox'
filename: 'debops.netbox'
location:
'/static/': |
alias {{ netbox__git_checkout }}/netbox/static/;
'/': |
proxy_pass http://netbox;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout {{ netbox__app_timeout }};
proxy_send_timeout {{ netbox__app_timeout }};
proxy_read_timeout {{ netbox__app_timeout }};
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';