debops.netbox default variables

Domain name configuration

netbox__fqdn

String or list of the Fully Qualified domain names on which the NetBox application will be available, used by the webserver. The first item will be used as the e-mail sender domain name.

netbox__fqdn: [ 'dcim.{{ netbox__domain }}', 'ipam.{{ netbox__domain }}' ]
netbox__domain

The DNS domain used by other variables in the debops.netbox role.

netbox__domain: '{{ ansible_domain }}'

APT packages

netbox__base_packages

List of APT packages which are required by the NetBox application.

netbox__base_packages:
  - 'git'
  - 'build-essential'
  - 'libxml2-dev'
  - 'libxslt1-dev'
  - 'libffi-dev'
  - 'graphviz'
  - 'libpq-dev'
  - 'libssl-dev'
  - '{{ [ "libldap2-dev", "libsasl2-dev" ]
        if netbox__ldap_enabled|bool
        else [] }}'
netbox__packages

List of additional APT packages to install with NetBox.

netbox__packages: []

Application user, group, home

netbox__user

Name of the UNIX system account used to manage NetBox.

netbox__user: 'netbox'
netbox__group

Name of the UNIX primary group used to manage NetBox.

netbox__group: 'netbox'
netbox__gecos

Contents of the GECOS field set for the NetBox account.

netbox__gecos: 'NetBox'
netbox__shell

The default shell set on the NetBox account.

netbox__shell: '/usr/sbin/nologin'

Directory paths

netbox__home

The NetBox account home directory.

netbox__home: '{{ (ansible_local.fhs.home | d("/var/local"))
                  + "/" + netbox__user }}'
netbox__src

Directory where the role stores NetBox sources from GitHub.

netbox__src: '{{ (ansible_local.fhs.src | d("/usr/local/src"))
                 + "/" + netbox__user }}'
netbox__lib

Directory where the NetBox application directory is located.

netbox__lib: '{{ (ansible_local.fhs.lib | d("/usr/local/lib"))
                 + "/" + netbox__user }}'
netbox__data

Directory where custom NetBox data (images, scripts) outside of the database is stored.

netbox__data: '{{ (ansible_local.fhs.data | d("/srv"))
                  + "/" + netbox__user }}'
netbox__bin

Directory where helper scripts for NetBox power users are stored.

netbox__bin: '{{ ansible_local.fhs.bin | d("/usr/local/bin") }}'

Application sources and deployment

netbox__git_gpg_key_id

The GPG ID of the key used for signing NetBox releases. At the moment the releases are signed using GitHub GPG key.

netbox__git_gpg_key_id: '5DE3 E050 9C47 EA3C F04A  42D3 4AEE 18F8 3AFD EB23'
netbox__git_repo

The URI of the NetBox git source repository.

netbox__git_repo: 'https://github.com/netbox-community/netbox.git'
netbox__git_version

The git branch or tag which will be installed.

netbox__git_version: 'v3.1.6'
netbox__git_dest

Path where the git source bare repository will be stored.

netbox__git_dest: '{{ netbox__src + "/" + netbox__git_repo.split("://")[1] }}'
netbox__git_checkout

Path where NetBox sources will be checked out (installation path).

netbox__git_checkout: '{{ netbox__virtualenv + "/app" }}'

Python virtualenv configuration

netbox__virtualenv_version

Beginning with v2.5, NetBox will no longer support Python 2. When this is set to 3 a new Python 3 virtualenv environment will be created next to the old one. Valid values are 3 or an empty string. This option is scheduled for removal in 2022-12.

netbox__virtualenv_version: '{{ ""
                                if ( netbox__git_version | regex_search("^v?[0-9\.]+")
                                  and netbox__git_version|replace("v", "") is version("2.5", "<") )
                                else "3" }}'
netbox__virtualenv

Path where the NetBox virtualenv directory will be stored.

netbox__virtualenv: '{{ netbox__lib + "/virtualenv" }}'
netbox__virtualenv_env_path

The contents of the $PATH environment variable set for the Ansible tasks which are executed inside of the NetBox Python environment.

netbox__virtualenv_env_path: '{{ netbox__virtualenv }}/bin:/usr/local/bin:/usr/bin:/bin'
netbox__virtualenv_pip_packages

List of additional Python modules installed inside of the NetBox virtualenv environment. See netbox__virtualenv_pip_packages for more details.

netbox__virtualenv_pip_packages:
  - name: 'gunicorn'
    version: '{{ ansible_local.gunicorn.version|d(omit) }}'
  - 'setproctitle'
  - name: 'napalm'
    state: '{{ "present"
               if (netbox__config_napalm_username|d() or netbox__napalm_ssh_generate|bool)
               else "ignore" }}'
  - name: 'django-auth-ldap'
    state: '{{ "present" if netbox__ldap_enabled|bool else "ignore" }}'

PostgreSQL database configuration

The NetBox database configuration is managed by the debops.postgresql Ansible role. See its documentation for details about the default variable values used in the NetBox role.

netbox__database_host

The hostname or IP address of the PostgreSQL database server to use for the NetBox database.

netbox__database_host: '{{ ansible_local.postgresql.server|d("localhost") }}'
netbox__database_port

The TCP port of the PostgreSQL database server which should be used by NetBox.

netbox__database_port: '{{ ansible_local.postgresql.port|d("5432") }}'
netbox__database_name

Name of the PostgreSQL database and its corresponding role used by NetBox. This role won't be able to login to the database server directly.

netbox__database_name: 'netbox_production'
netbox__database_user

Name of the PostgreSQL role used by NetBox. This role will be able to login to the PostgreSQL server and access the NetBox database.

netbox__database_user: '{{ netbox__user }}'
netbox__database_password

Autogenerated password to the NetBox PostgreSQL user role.

netbox__database_password: '{{ lookup("password", secret + "/postgresql/" +
                               (ansible_local.postgresql.delegate_to|d("localhost")) + "/" +
                               (ansible_local.postgresql.port|d("5432")) + "/credentials/" +
                               netbox__database_user + "/password") }}'
netbox__load_initial_data

If True, the role will populate the NetBox database with the initial data provided with the application on installation.

netbox__load_initial_data: True

Redis database configuration

The Redis database configuration is managed by the debops.redis_server Ansible role. See its documentation for details about the default variable values used in the NetBox role.

netbox__redis_host

Define hostname of the Redis server to use.

netbox__redis_host: '{{ ansible_local.redis_server.host|d("localhost") }}'
netbox__redis_port

Define port of Redis server to use.

netbox__redis_port: '{{ ansible_local.redis_server.port|d("6379") }}'
netbox__redis_password

Define the Redis authentication password to use.

netbox__redis_password: '{{ ansible_local.redis_server.password|d("") }}'
netbox__redis_database

Specify which Redis database to use for NetBox.

netbox__redis_database: '0'
netbox__redis_cache_database

Specify which Redis database to use for NetBox cache.

netbox__redis_cache_database: '{{ (netbox__redis_database|int + 1) }}'
netbox__redis_ssl

Enable or disable support for encrypted connections to Redis. Currently this option has no support in DebOps.

netbox__redis_ssl: False

LDAP environment

netbox__ldap_enabled

Enable or disable support for LDAP authentication in NetBox.

netbox__ldap_enabled: '{{ True
                          if (ansible_local|d() and ansible_local.ldap|d() and
                              (ansible_local.ldap.enabled|d())|bool)
                          else False }}'
netbox__ldap_base_dn

The base Distinguished Name which should be used to create Distinguished Names of the LDAP directory objects, defined as a YAML list. If this variable is empty, LDAP configuration will not be performed.

netbox__ldap_base_dn: '{{ ansible_local.ldap.base_dn|d([]) }}'
netbox__ldap_device_dn

The Distinguished Name of the current host LDAP object, defined as a YAML list. It will be used as a base for the NetBox service account LDAP object. If the list is empty, the role will not create the account LDAP object automatically.

netbox__ldap_device_dn: '{{ ansible_local.ldap.device_dn|d([]) }}'
netbox__ldap_self_rdn

The Relative Distinguished Name of the account LDAP object used by the NetBox service to access the LDAP directory.

netbox__ldap_self_rdn: 'uid=netbox'
netbox__ldap_self_object_classes

List of the LDAP object classes which will be used to create the LDAP object used by the NetBox service to access the LDAP directory.

netbox__ldap_self_object_classes: [ 'account', 'simpleSecurityObject' ]
netbox__ldap_self_attributes

YAML dictionary that defines the attributes of the LDAP object used by the NetBox service to access the LDAP directory.

netbox__ldap_self_attributes:
  uid: '{{ netbox__ldap_self_rdn.split("=")[1] }}'
  userPassword: '{{ netbox__ldap_bindpw }}'
  host: '{{ [ ansible_fqdn, ansible_hostname ] | unique }}'
  description: 'Account used by the "NetBox" service to access the LDAP directory'
netbox__ldap_binddn

The Distinguished Name of the account LDAP object used by the NetBox service to bind to the LDAP directory.

netbox__ldap_binddn: '{{ ([ netbox__ldap_self_rdn ] + netbox__ldap_device_dn) | join(",") }}'
netbox__ldap_bindpw

The password stored in the account LDAP object used by the NetBox service to bind to the LDAP directory.

netbox__ldap_bindpw: '{{ (lookup("password", secret + "/ldap/credentials/"
                                 + netbox__ldap_binddn | to_uuid + ".password length=32"))
                         if netbox__ldap_enabled|bool
                         else "" }}'
netbox__ldap_people_rdn

The Relative Distinguished Name of the LDAP object which contains the user accounts stored in LDAP.

netbox__ldap_people_rdn: '{{ ansible_local.ldap.people_rdn|d("ou=People") }}'
netbox__ldap_people_dn

The Distinguished Name of the LDAP object which contains the user accounts used by NetBox.

netbox__ldap_people_dn: '{{ [ netbox__ldap_people_rdn ] + netbox__ldap_base_dn }}'
netbox__ldap_group_authentication_enabled

Enable or disable user authentication using LDAP groups.

netbox__ldap_group_authentication_enabled: True
netbox__ldap_private_groups

When this variable is enabled, the debops.ldap role will create a separate LDAP objects that manage the NetBox groups as subtree of the NetBox service LDAP object. If you set this parameter to False, the role will use the global ou=Groups,dc=example,dc=org subtree instead.

netbox__ldap_private_groups: True
netbox__ldap_groups_rdn

The Relative Distinguished Name of the LDAP object which contains the groups stored in LDAP.

netbox__ldap_groups_rdn: '{{ ansible_local.ldap.groups_rdn|d("ou=Groups") }}'
netbox__ldap_groups_dn

The Distinguished Name of the LDAP object which contains the groups used by NetBox. If private groups are enabled, this object will be created automatically.

netbox__ldap_groups_dn: '{{ ([ netbox__ldap_groups_rdn, netbox__ldap_self_rdn ]
                               + netbox__ldap_device_dn)
                              if netbox__ldap_private_groups|bool
                              else ([ netbox__ldap_groups_rdn ] + netbox__ldap_base_dn) }}'
netbox__ldap_user_group_rdn

The Relative Distinguished Name of the LDAP object which defines the group of NetBox users on a given NetBox instance.

netbox__ldap_user_group_rdn: 'cn=NetBox Users'
netbox__ldap_user_group_dn

The Distinguished Name of the LDAP object which defines who defines the group of NetBox users on a given NetBox instance.

netbox__ldap_user_group_dn: '{{ [ netbox__ldap_user_group_rdn ]
                                + netbox__ldap_groups_dn }}'
netbox__ldap_user_active_group_rdn

The Relative Distinguished Name of the LDAP object which defines who has active access to a given NetBox instance.

netbox__ldap_user_active_group_rdn: 'cn=NetBox Active Users'
netbox__ldap_user_active_group_dn

The Distinguished Name of the LDAP object which defines who has access to a given NetBox instance.

netbox__ldap_user_active_group_dn: '{{ [ netbox__ldap_user_active_group_rdn ]
                                       + netbox__ldap_groups_dn }}'
netbox__ldap_user_staff_group_rdn

The Relative Distinguished Name of the LDAP object which defines who has staff access level to a given NetBox instance and can have permissions in NetBox ACL system.

netbox__ldap_user_staff_group_rdn: 'cn=NetBox Staff'
netbox__ldap_user_staff_group_dn

The Distinguished Name of the LDAP object which defines who has staff access level to a given NetBox instance and can have premissions in NetBox ACL system.

netbox__ldap_user_staff_group_dn: '{{ [ netbox__ldap_user_staff_group_rdn ]
                                      + netbox__ldap_groups_dn }}'
netbox__ldap_user_admin_group_rdn

The Relative Distinguished Name of the LDAP object which defines who has superuser access level to a given NetBox instance.

netbox__ldap_user_admin_group_rdn: 'cn=NetBox Administrators'
netbox__ldap_user_admin_group_dn

The Distinguished Name of the LDAP object which defines who has superuser access level to a given NetBox instance.

netbox__ldap_user_admin_group_dn: '{{ [ netbox__ldap_user_admin_group_rdn ]
                                      + netbox__ldap_groups_dn }}'
netbox__ldap_object_owner_rdn

The Relative Distinguished Name of the LDAP object of the person who installed a given NetBox instance and is used as the owner of the "NetBox Administrators" group.

netbox__ldap_object_owner_rdn: 'uid={{ lookup("env", "USER") }}'
netbox__ldap_object_ownerdn

The Distinguished Name of the LDAP object of the person who installed a given NetBox instance and is used as the owner of the "NetBox Administrators" group, defined as a string.

netbox__ldap_object_ownerdn: '{{ ([ netbox__ldap_object_owner_rdn, netbox__ldap_people_rdn ]
                                    + netbox__ldap_base_dn) | join(",") }}'

LDAP connection options

netbox__ldap_server_uri

The URI address of the LDAP server used by NetBox.

netbox__ldap_server_uri: '{{ ansible_local.ldap.uri|d([""]) | first }}'
netbox__ldap_server_port

The TCP port which should be used for connections to the LDAP server.

netbox__ldap_server_port: '{{ ansible_local.ldap.port|d("389" if netbox__ldap_start_tls|bool else "636") }}'
netbox__ldap_start_tls

If True, NetBox will use STARTTLS extension to make encrypted connections to the LDAP server.

netbox__ldap_start_tls: '{{ ansible_local.ldap.start_tls
                            if (ansible_local|d() and ansible_local.ldap|d() and
                                (ansible_local.ldap.start_tls|d())|bool)
                            else True }}'
netbox__ldap_user_filter

The LDAP filter used to look up user accounts in the directory.

netbox__ldap_user_filter: '(uid=%(user)s)'

NetBox configuration options

netbox__config_allowed_hosts

List of domain names under which the NetBox application will accept connections. Specify * to accept connections to any domain name.

netbox__config_allowed_hosts: '{{ netbox__fqdn }}'
netbox__config_secret_key

The Django secret key used by the NetBox application. It will be shared by all hosts on the same domain.

netbox__config_secret_key: '{{ lookup("password", secret + "/netbox/" +
                               netbox__domain + "/config/secret_key length=64") }}'
netbox__config_admins

A YAML list of tuples, [ 'Name', 'email' ], of the NetBox administrators. They will receive e-mail messages about NetBox application errors.

By default the role uses the list of private admin e-mails from the debops.core Ansible role.

netbox__config_admins: '{{ lookup("template", "lookup/netbox__config_admins.j2") | from_yaml }}'
netbox__config_changelog_retention

Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. This overwrites potentially existing dynamic configuration settings.

netbox__config_changelog_retention: 90
netbox__config_cors_origin_allow_all

API Cross-Origin Resource Sharing configuration. If True, all origins are allowed. See https://github.com/ottoyiu/django-cors-headers for more details.

netbox__config_cors_origin_allow_all: False
netbox__config_cors_origin_whitelist

List of allowed CORS origin hostnames.

netbox__config_cors_origin_whitelist: []
netbox__config_cors_origin_regex_whitelist

List of allowed OCRS origin regex hostnames.

netbox__config_cors_origin_regex_whitelist: []
netbox__config_email_server

The address of the SMTP server used by NetBox. By default the application uses a locally-installed SMTP server.

netbox__config_email_server: 'localhost'
netbox__config_email_port

The TCP port of the SMTP server used by NetBox.

netbox__config_email_port: '25'
netbox__config_email_username

The username used to login to the SMTP server.

netbox__config_email_username: ''
netbox__config_email_password

The password used to login to the SMTP server.

netbox__config_email_password: ''
netbox__config_email_use_tls

Use TLS (previously known as SSL) when connecting to the SMTP server.

netbox__config_email_use_tls: True
netbox__config_email_timeout

The SMTP server connection timeout, in seconds.

netbox__config_email_timeout: '10'
netbox__config_email_from

The e-mail address for the NetBox application, it will be used in the From: header of the NetBox e-mail messages.

netbox__config_email_from: '{{ netbox__user }}@{{ netbox__fqdn
                                                  if netbox__fqdn is string
                                                  else netbox__fqdn[0] }}'
netbox__config_logging

Optional, custom logging configuration specified as YAML dictionary. See https://docs.djangoproject.com/en/1.11/topics/logging for more details.

netbox__config_logging: {}
netbox__config_login_required

If True, access to NetBox is only allowed for logged-in users. If False, some information stored in the NetBox database is accessible in the read-only mode for anonymous users.

netbox__config_login_required: True
netbox__config_login_timeout

The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to re-authenticate. (Default: 14 days)

netbox__config_login_timeout: '{{ (60 * 60 * 24 * 14) }}'
netbox__config_base_path

Set the "base path" of the NetBox application if it's installed in a subdirectory of the webserver.

netbox__config_base_path: ''
netbox__config_maintenance_mode

Enable or disable maintenance mode banner. This overwrites potentially existing dynamic configuration settings.

netbox__config_maintenance_mode: False
netbox__config_napalm_username

Specify the username which should be used by NetBox to access live devices using the NAPALM library. This overwrites potentially existing dynamic configuration settings.

netbox__config_napalm_username: ''
netbox__config_napalm_password

Specify the password which should be used by NetBox to access live devices using the NAPALM library. This overwrites potentially existing dynamic configuration settings.

netbox__config_napalm_password: ''
netbox__napalm_ssh_generate

Generate ~/.ssh/id_rsa SSH private and public key if it doesn't exist.

netbox__napalm_ssh_generate: False
netbox__napalm_ssh_generate_bits

Size of the generated SSH key.

netbox__napalm_ssh_generate_bits: '2048'
netbox__config_napalm_timeout

NAPALM request timeout, in seconds. This overwrites potentially existing dynamic configuration settings.

netbox__config_napalm_timeout: '30'
netbox__config_napalm_args

Optional NAPALM arguments, specified as a YAML dictionary. This overwrites potentially existing dynamic configuration settings.

netbox__config_napalm_args: {}
netbox__config_paginate_count

Specify maximum number of list items per page. This overwrites potentially existing dynamic configuration settings.

netbox__config_paginate_count: '50'
netbox__config_max_page_size

Maximum number of objects returned in an API call. This overwrites potentially existing dynamic configuration settings.

netbox__config_max_page_size: '1000'
netbox__config_maps_url

The URL to use when mapping physical addresses or GPS coordinates. Note that NetBox defaults to Google Maps and has no interest in changing or even documenting OpenStreetMap. See PR 6272. This overwrites potentially existing dynamic configuration settings.

netbox__config_maps_url: 'https://www.openstreetmap.org/search?query='
netbox__config_time_zone

Specify the timezone used by NetBox.

netbox__config_time_zone: '{{ ansible_local.tzdata.timezone | d("Etc/UTC") }}'
netbox__config_date_format

Specify the date format which NetBox uses to display information. See https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date for more details.

netbox__config_date_format: 'N j, Y'
netbox__config_short_date_format

Specify the short date format used by NetBox to display information.

netbox__config_short_date_format: 'Y-m-d'
netbox__config_time_format

Specify the time format used by NetBox to display information.

netbox__config_time_format: 'g:i a'
netbox__config_short_time_format

Specify the short time format used by NetBox to display information.

netbox__config_short_time_format: 'H:i:s'
netbox__config_datetime_format

Specify the date and time format used by NetBox to display information.

netbox__config_datetime_format: 'N j, Y g:i a'
netbox__config_short_datetime_format

Specify the short date and time format used by NetBox to display information.

netbox__config_short_datetime_format: 'Y-m-d H:i'
netbox__config_banner_top

Specify a custom message displayed on the top of every page. This overwrites potentially existing dynamic configuration settings.

netbox__config_banner_top: ''
netbox__config_banner_bottom

Specify a custom message displayed on the bottom of every page. This overwrites potentially existing dynamic configuration settings.

netbox__config_banner_bottom: ''
netbox__config_banner_login

Specify a custom message displayed on the login page above the login from. This overwrites potentially existing dynamic configuration settings.

netbox__config_banner_login: ''
netbox__config_prefer_ipv4

By default NetBox prefers to use IPv6 addresses as primary device addresses. Set this variable to True to change that to IPv4 instead. This overwrites potentially existing dynamic configuration settings.

netbox__config_prefer_ipv4: False
netbox__config_enforce_global_unique

If enabled, NetBox will enforce unique IP space in the "global" table (all prefixes and IP addresses not included in a VRF). This overwrites potentially existing dynamic configuration settings.

netbox__config_enforce_global_unique: False
netbox__config_exempt_view_permissions

Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and by anonymous users. List models in the form <app>.<model>. Add '*' to this list to exempt all models.

netbox__config_exempt_view_permissions: []
netbox__config_metrics_enabled

When enabled, expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'.

netbox__config_metrics_enabled: False
netbox__config_session_file_path

By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only database access.) Note that the user as which NetBox runs must have read and write permissions to this path.

netbox__config_session_file_path: False
netbox__config_media_root

Absolute path where NetBox stores uploaded media files.

netbox__config_media_root: '{{ netbox__data + "/media" }}'
netbox__config_reports_root

Absolute path where NetBox reports (Python modules) are stored.

netbox__config_reports_root: '{{ netbox__data + "/reports" }}'
netbox__config_scripts_root

Absolute path where NetBox scripts (Python modules) are stored.

netbox__config_scripts_root: '{{ netbox__data + "/scripts" }}'
netbox__config_plugins

List of NetBox plugins.

netbox__config_plugins: []
netbox__config_plugins_config

NetBox plugins configuration settings. See netbox__config_plugins_config for more details.

netbox__config_plugins_config: {}
netbox__config_custom

Additional configuration not directly supported by this role can be specified with this string variable.

netbox__config_custom: ''

Initial superuser account

netbox__superuser_name

Name of the initial admin account created by the role.

netbox__superuser_name: '{{ ansible_local.core.admin_users[0]|d("admin") }}'
netbox__superuser_email

E-mail address of the initial admin account created by the role.

netbox__superuser_email: '{{ ansible_local.core.admin_private_email[0]
                             |d("root@" + netbox__domain) }}'
netbox__superuser_password

Password set for the initial admin account created by the role.

netbox__superuser_password: '{{ lookup("password", secret + "/netbox/" +
                                netbox__domain + "/superuser/" +
                                netbox__superuser_name + "/password") }}'

Internal application settings

netbox__app_internal_appserver

Enable or disable support for internal gunicorn application server.

netbox__app_internal_appserver: '{{ ansible_local.gunicorn.installed
                                    |d(ansible_service_mgr == "systemd")|bool }}'
netbox__app_name

Name of the NetBox application processes (workers) set by the master process.

netbox__app_name: '{{ netbox__user }}'
netbox__app_runtime_dir

Name of the subdirectory in the /run/ directory where the NetBox application will bind its UNIX socket. The default is selected so that configuration of the gunicorn service is idempotent.

netbox__app_runtime_dir: '{{ "gunicorn"
                             if (ansible_distribution_release in
                                 [ "wheezy", "jessie", "precise", "trusty", "xenial" ])
                             else "gunicorn-netbox" }}'
netbox__app_bind

Specify either an UNIX or TCP socket on which the NetBox application should bind and listen for connections.

netbox__app_bind: 'unix:/run/{{ netbox__app_runtime_dir }}/netbox.sock'
netbox__app_workers

Number of worker threads to start for NetBox application.

netbox__app_workers: '{{ ansible_processor_vcpus|int + 1 }}'
netbox__app_timeout

Number of seconds after which non-responsive worker threads will be killed and restarted. NetBox installations with lots of objects might require longer timeouts for API access.

netbox__app_timeout: '900'
netbox__app_params

List of parameters passed to the gunicorn process manager.

netbox__app_params:
  - '--name={{ netbox__app_name }}'
  - '--bind={{ netbox__app_bind }}'
  - '--workers={{ netbox__app_workers }}'
  - '--timeout={{ netbox__app_timeout }}'
  - 'netbox.wsgi'

Configuration variables for other Ansible roles

netbox__keyring__dependent_gpg_keys

Configuration for the debops.keyring Ansible role.

netbox__keyring__dependent_gpg_keys:

  - user: '{{ netbox__user }}'
    group: '{{ netbox__group }}'
    home: '{{ netbox__home }}'
    id: '{{ netbox__git_gpg_key_id }}'
netbox__python__dependent_packages3

Configuration for the debops.python Ansible role.

netbox__python__dependent_packages3:

  - 'python3-dev'
netbox__python__dependent_packages2

Configuration for the debops.python Ansible role.

netbox__python__dependent_packages2:

  - 'python-dev'
netbox__ldap__dependent_tasks

Configuration for the debops.ldap Ansible role.

netbox__ldap__dependent_tasks:

  - name: 'Create NetBox account for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_binddn }}'
    objectClass: '{{ netbox__ldap_self_object_classes }}'
    attributes: '{{ netbox__ldap_self_attributes }}'
    no_log: '{{ debops__no_log | d(True) }}'
    state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'

  - name: 'Create NetBox group container for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_groups_dn }}'
    objectClass: 'organizationalStructure'
    attributes:
      ou: '{{ netbox__ldap_groups_rdn.split("=")[1] }}'
      description: 'User groups used in NetBox'
    state: '{{ "present"
               if (netbox__ldap_device_dn|d() and
                   netbox__ldap_private_groups|bool)
               else "ignore" }}'

  - name: 'Create NetBox user group for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_user_group_dn }}'
    objectClass: 'groupOfNames'
    attributes:
      cn: '{{ netbox__ldap_user_group_rdn.split("=")[1] }}'
      owner: '{{ netbox__ldap_object_ownerdn }}'
      member: '{{ netbox__ldap_object_ownerdn }}'
    state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'

  - name: 'Create NetBox active user group for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_user_active_group_dn }}'
    objectClass: 'groupOfNames'
    attributes:
      cn: '{{ netbox__ldap_user_active_group_rdn.split("=")[1] }}'
      owner: '{{ netbox__ldap_object_ownerdn }}'
      member: '{{ netbox__ldap_object_ownerdn }}'
    state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'

  - name: 'Create NetBox staff group for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_user_staff_group_dn }}'
    objectClass: 'groupOfNames'
    attributes:
      cn: '{{ netbox__ldap_user_staff_group_rdn.split("=")[1] }}'
      owner: '{{ netbox__ldap_object_ownerdn }}'
      member: '{{ netbox__ldap_object_ownerdn }}'
    state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'

  - name: 'Create NetBox admin group for {{ netbox__ldap_device_dn | join(",") }}'
    dn: '{{ netbox__ldap_user_admin_group_dn }}'
    objectClass: 'groupOfNames'
    attributes:
      cn: '{{ netbox__ldap_user_admin_group_rdn.split("=")[1] }}'
      owner: '{{ netbox__ldap_object_ownerdn }}'
      member: '{{ netbox__ldap_object_ownerdn }}'
    state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
netbox__gunicorn__dependent_applications

Configuration for the debops.gunicorn Ansible role.

netbox__gunicorn__dependent_applications:
  - name: 'netbox'
    mode: 'wsgi'
    working_dir: '{{ netbox__git_checkout + "/netbox" }}'
    python: '{{ netbox__virtualenv + "/bin/python" }}'
    user: '{{ netbox__user }}'
    group: '{{ netbox__group }}'
    home: '{{ netbox__home }}'
    system: True
    timeout: '{{ netbox__app_timeout }}'
    workers: '{{ netbox__app_workers }}'
    args: '{{ netbox__app_params }}'
netbox__postgresql__dependent_roles

Role configuration for the debops.postgresql Ansible role.

netbox__postgresql__dependent_roles:
  - name: '{{ netbox__database_user }}'
  - name: '{{ netbox__database_name }}'
    flags: [ 'NOLOGIN' ]
netbox__postgresql__dependent_groups

Group configuration for the debops.postgresql Ansible role.

netbox__postgresql__dependent_groups:
  - roles: [ '{{ netbox__database_user }}' ]
    groups: [ '{{ netbox__database_name }}' ]
    database: '{{ netbox__database_name }}'
netbox__postgresql__dependent_databases

Database configuration for the debops.postgresql Ansible role.

netbox__postgresql__dependent_databases:
  - name: '{{ netbox__database_name }}'
    owner: '{{ netbox__database_name }}'
netbox__postgresql__dependent_pgpass

~/.pgpass configuration for the debops.postgresql Ansible role.

netbox__postgresql__dependent_pgpass:
  - owner: '{{ netbox__user }}'
    group: '{{ netbox__group }}'
    home: '{{ netbox__home }}'
    system: True
netbox__nginx__dependent_upstreams

Upstream configuration for the debops.nginx Ansible role.

netbox__nginx__dependent_upstreams:
  - name: 'netbox'
    server: '{{ netbox__app_bind }}'
netbox__nginx__dependent_servers

Server configuration for the debops.nginx Ansible role.

netbox__nginx__dependent_servers:
  - name: '{{ netbox__fqdn }}'
    by_role: 'debops.netbox'
    filename: 'debops.netbox'
    options: |
      client_max_body_size 25m;
    location:
      '/static/': |
        alias {{ netbox__git_checkout }}/netbox/static/;

      '/': |
        proxy_pass http://netbox;
        proxy_set_header X-Forwarded-Host $server_name;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_connect_timeout {{ netbox__app_timeout }};
        proxy_send_timeout {{ netbox__app_timeout }};
        proxy_read_timeout {{ netbox__app_timeout }};
        add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';