debops.netbox default variables¶
Sections
- Domain name configuration
- APT packages
- Application user, group, home
- Directory paths
- Application sources and deployment
- Python virtualenv configuration
- PostgreSQL database configuration
- Redis database configuration
- LDAP environment
- LDAP connection options
- NetBox configuration options
- Initial superuser account
- Internal application settings
- Configuration variables for other Ansible roles
Domain name configuration¶
-
netbox__fqdn
¶
String or list of the Fully Qualified domain names on which the NetBox application will be available, used by the webserver. The first item will be used as the e-mail sender domain name.
netbox__fqdn: [ 'dcim.{{ netbox__domain }}', 'ipam.{{ netbox__domain }}' ]
-
netbox__domain
¶
The DNS domain used by other variables in the debops.netbox
role.
netbox__domain: '{{ ansible_domain }}'
APT packages¶
-
netbox__base_packages
¶
List of APT packages which are required by the NetBox application.
netbox__base_packages:
- 'git'
- 'build-essential'
- 'libxml2-dev'
- 'libxslt1-dev'
- 'libffi-dev'
- 'graphviz'
- 'libpq-dev'
- 'libssl-dev'
- '{{ [ "libldap2-dev", "libsasl2-dev" ]
if netbox__ldap_enabled|bool
else [] }}'
-
netbox__packages
¶
List of additional APT packages to install with NetBox.
netbox__packages: []
Application user, group, home¶
-
netbox__user
¶
Name of the UNIX system account used to manage NetBox.
netbox__user: 'netbox'
-
netbox__group
¶
Name of the UNIX primary group used to manage NetBox.
netbox__group: 'netbox'
-
netbox__gecos
¶
Contents of the GECOS field set for the NetBox account.
netbox__gecos: 'NetBox'
-
netbox__shell
¶
The default shell set on the NetBox account.
netbox__shell: '/usr/sbin/nologin'
Directory paths¶
-
netbox__home
¶
The NetBox account home directory.
netbox__home: '{{ (ansible_local.fhs.home | d("/var/local"))
+ "/" + netbox__user }}'
-
netbox__src
¶
Directory where the role stores NetBox sources from GitHub.
netbox__src: '{{ (ansible_local.fhs.src | d("/usr/local/src"))
+ "/" + netbox__user }}'
-
netbox__lib
¶
Directory where the NetBox application directory is located.
netbox__lib: '{{ (ansible_local.fhs.lib | d("/usr/local/lib"))
+ "/" + netbox__user }}'
-
netbox__data
¶
Directory where custom NetBox data (images, scripts) outside of the database is stored.
netbox__data: '{{ (ansible_local.fhs.data | d("/srv"))
+ "/" + netbox__user }}'
-
netbox__bin
¶
Directory where helper scripts for NetBox power users are stored.
netbox__bin: '{{ ansible_local.fhs.bin | d("/usr/local/bin") }}'
Application sources and deployment¶
-
netbox__git_gpg_key_id
¶
The GPG ID of the key used for signing NetBox releases. At the moment the releases are signed using GitHub GPG key.
netbox__git_gpg_key_id: '5DE3 E050 9C47 EA3C F04A 42D3 4AEE 18F8 3AFD EB23'
-
netbox__git_repo
¶
The URI of the NetBox git source repository.
netbox__git_repo: 'https://github.com/netbox-community/netbox.git'
-
netbox__git_version
¶
The git branch or tag which will be installed.
netbox__git_version: 'v3.1.6'
-
netbox__git_dest
¶
Path where the git source bare repository will be stored.
netbox__git_dest: '{{ netbox__src + "/" + netbox__git_repo.split("://")[1] }}'
-
netbox__git_checkout
¶
Path where NetBox sources will be checked out (installation path).
netbox__git_checkout: '{{ netbox__virtualenv + "/app" }}'
Python virtualenv configuration¶
-
netbox__virtualenv_version
¶
Beginning with v2.5, NetBox will no longer support Python 2. When this is set to 3 a new Python 3 virtualenv environment will be created next to the old one. Valid values are 3 or an empty string. This option is scheduled for removal in 2022-12.
netbox__virtualenv_version: '{{ ""
if ( netbox__git_version | regex_search("^v?[0-9\.]+")
and netbox__git_version|replace("v", "") is version("2.5", "<") )
else "3" }}'
-
netbox__virtualenv
¶
Path where the NetBox virtualenv
directory will be stored.
netbox__virtualenv: '{{ netbox__lib + "/virtualenv" }}'
-
netbox__virtualenv_env_path
¶
The contents of the $PATH
environment variable set for the Ansible tasks
which are executed inside of the NetBox Python environment.
netbox__virtualenv_env_path: '{{ netbox__virtualenv }}/bin:/usr/local/bin:/usr/bin:/bin'
-
netbox__virtualenv_pip_packages
¶
List of additional Python modules installed inside of the NetBox
virtualenv
environment. See netbox__virtualenv_pip_packages
for more details.
netbox__virtualenv_pip_packages:
- name: 'gunicorn'
version: '{{ ansible_local.gunicorn.version|d(omit) }}'
- 'setproctitle'
- name: 'napalm'
state: '{{ "present"
if (netbox__config_napalm_username|d() or netbox__napalm_ssh_generate|bool)
else "ignore" }}'
- name: 'django-auth-ldap'
state: '{{ "present" if netbox__ldap_enabled|bool else "ignore" }}'
PostgreSQL database configuration¶
The NetBox database configuration is managed by the debops.postgresql Ansible role. See its documentation for details about the default variable values used in the NetBox role.
-
netbox__database_host
¶
The hostname or IP address of the PostgreSQL database server to use for the NetBox database.
netbox__database_host: '{{ ansible_local.postgresql.server|d("localhost") }}'
-
netbox__database_port
¶
The TCP port of the PostgreSQL database server which should be used by NetBox.
netbox__database_port: '{{ ansible_local.postgresql.port|d("5432") }}'
-
netbox__database_name
¶
Name of the PostgreSQL database and its corresponding role used by NetBox. This role won't be able to login to the database server directly.
netbox__database_name: 'netbox_production'
-
netbox__database_user
¶
Name of the PostgreSQL role used by NetBox. This role will be able to login to the PostgreSQL server and access the NetBox database.
netbox__database_user: '{{ netbox__user }}'
-
netbox__database_password
¶
Autogenerated password to the NetBox PostgreSQL user role.
netbox__database_password: '{{ lookup("password", secret + "/postgresql/" +
(ansible_local.postgresql.delegate_to|d("localhost")) + "/" +
(ansible_local.postgresql.port|d("5432")) + "/credentials/" +
netbox__database_user + "/password") }}'
-
netbox__load_initial_data
¶
If True
, the role will populate the NetBox database with the initial data
provided with the application on installation.
netbox__load_initial_data: True
Redis database configuration¶
The Redis database configuration is managed by the debops.redis_server Ansible role. See its documentation for details about the default variable values used in the NetBox role.
-
netbox__redis_host
¶
Define hostname of the Redis server to use.
netbox__redis_host: '{{ ansible_local.redis_server.host|d("localhost") }}'
-
netbox__redis_port
¶
Define port of Redis server to use.
netbox__redis_port: '{{ ansible_local.redis_server.port|d("6379") }}'
-
netbox__redis_password
¶
Define the Redis authentication password to use.
netbox__redis_password: '{{ ansible_local.redis_server.password|d("") }}'
-
netbox__redis_database
¶
Specify which Redis database to use for NetBox.
netbox__redis_database: '0'
-
netbox__redis_cache_database
¶
Specify which Redis database to use for NetBox cache.
netbox__redis_cache_database: '{{ (netbox__redis_database|int + 1) }}'
-
netbox__redis_ssl
¶
Enable or disable support for encrypted connections to Redis. Currently this option has no support in DebOps.
netbox__redis_ssl: False
LDAP environment¶
-
netbox__ldap_enabled
¶
Enable or disable support for LDAP authentication in NetBox.
netbox__ldap_enabled: '{{ True
if (ansible_local|d() and ansible_local.ldap|d() and
(ansible_local.ldap.enabled|d())|bool)
else False }}'
-
netbox__ldap_base_dn
¶
The base Distinguished Name which should be used to create Distinguished Names of the LDAP directory objects, defined as a YAML list. If this variable is empty, LDAP configuration will not be performed.
netbox__ldap_base_dn: '{{ ansible_local.ldap.base_dn|d([]) }}'
-
netbox__ldap_device_dn
¶
The Distinguished Name of the current host LDAP object, defined as a YAML list. It will be used as a base for the NetBox service account LDAP object. If the list is empty, the role will not create the account LDAP object automatically.
netbox__ldap_device_dn: '{{ ansible_local.ldap.device_dn|d([]) }}'
-
netbox__ldap_self_rdn
¶
The Relative Distinguished Name of the account LDAP object used by the NetBox service to access the LDAP directory.
netbox__ldap_self_rdn: 'uid=netbox'
-
netbox__ldap_self_object_classes
¶
List of the LDAP object classes which will be used to create the LDAP object used by the NetBox service to access the LDAP directory.
netbox__ldap_self_object_classes: [ 'account', 'simpleSecurityObject' ]
-
netbox__ldap_self_attributes
¶
YAML dictionary that defines the attributes of the LDAP object used by the NetBox service to access the LDAP directory.
netbox__ldap_self_attributes:
uid: '{{ netbox__ldap_self_rdn.split("=")[1] }}'
userPassword: '{{ netbox__ldap_bindpw }}'
host: '{{ [ ansible_fqdn, ansible_hostname ] | unique }}'
description: 'Account used by the "NetBox" service to access the LDAP directory'
-
netbox__ldap_binddn
¶
The Distinguished Name of the account LDAP object used by the NetBox service to bind to the LDAP directory.
netbox__ldap_binddn: '{{ ([ netbox__ldap_self_rdn ] + netbox__ldap_device_dn) | join(",") }}'
-
netbox__ldap_bindpw
¶
The password stored in the account LDAP object used by the NetBox service to bind to the LDAP directory.
netbox__ldap_bindpw: '{{ (lookup("password", secret + "/ldap/credentials/"
+ netbox__ldap_binddn | to_uuid + ".password length=32"))
if netbox__ldap_enabled|bool
else "" }}'
-
netbox__ldap_people_rdn
¶
The Relative Distinguished Name of the LDAP object which contains the user accounts stored in LDAP.
netbox__ldap_people_rdn: '{{ ansible_local.ldap.people_rdn|d("ou=People") }}'
-
netbox__ldap_people_dn
¶
The Distinguished Name of the LDAP object which contains the user accounts used by NetBox.
netbox__ldap_people_dn: '{{ [ netbox__ldap_people_rdn ] + netbox__ldap_base_dn }}'
-
netbox__ldap_group_authentication_enabled
¶
Enable or disable user authentication using LDAP groups.
netbox__ldap_group_authentication_enabled: True
-
netbox__ldap_private_groups
¶
When this variable is enabled, the debops.ldap role will create
a separate LDAP objects that manage the NetBox groups as subtree of the
NetBox service LDAP object. If you set this parameter to False
, the
role will use the global ou=Groups,dc=example,dc=org
subtree instead.
netbox__ldap_private_groups: True
-
netbox__ldap_groups_rdn
¶
The Relative Distinguished Name of the LDAP object which contains the groups stored in LDAP.
netbox__ldap_groups_rdn: '{{ ansible_local.ldap.groups_rdn|d("ou=Groups") }}'
-
netbox__ldap_groups_dn
¶
The Distinguished Name of the LDAP object which contains the groups used by NetBox. If private groups are enabled, this object will be created automatically.
netbox__ldap_groups_dn: '{{ ([ netbox__ldap_groups_rdn, netbox__ldap_self_rdn ]
+ netbox__ldap_device_dn)
if netbox__ldap_private_groups|bool
else ([ netbox__ldap_groups_rdn ] + netbox__ldap_base_dn) }}'
-
netbox__ldap_user_group_rdn
¶
The Relative Distinguished Name of the LDAP object which defines the group of NetBox users on a given NetBox instance.
netbox__ldap_user_group_rdn: 'cn=NetBox Users'
-
netbox__ldap_user_group_dn
¶
The Distinguished Name of the LDAP object which defines who defines the group of NetBox users on a given NetBox instance.
netbox__ldap_user_group_dn: '{{ [ netbox__ldap_user_group_rdn ]
+ netbox__ldap_groups_dn }}'
-
netbox__ldap_user_active_group_rdn
¶
The Relative Distinguished Name of the LDAP object which defines who has active access to a given NetBox instance.
netbox__ldap_user_active_group_rdn: 'cn=NetBox Active Users'
-
netbox__ldap_user_active_group_dn
¶
The Distinguished Name of the LDAP object which defines who has access to a given NetBox instance.
netbox__ldap_user_active_group_dn: '{{ [ netbox__ldap_user_active_group_rdn ]
+ netbox__ldap_groups_dn }}'
-
netbox__ldap_user_staff_group_rdn
¶
The Relative Distinguished Name of the LDAP object which defines who has staff access level to a given NetBox instance and can have permissions in NetBox ACL system.
netbox__ldap_user_staff_group_rdn: 'cn=NetBox Staff'
-
netbox__ldap_user_staff_group_dn
¶
The Distinguished Name of the LDAP object which defines who has staff access level to a given NetBox instance and can have premissions in NetBox ACL system.
netbox__ldap_user_staff_group_dn: '{{ [ netbox__ldap_user_staff_group_rdn ]
+ netbox__ldap_groups_dn }}'
-
netbox__ldap_user_admin_group_rdn
¶
The Relative Distinguished Name of the LDAP object which defines who has superuser access level to a given NetBox instance.
netbox__ldap_user_admin_group_rdn: 'cn=NetBox Administrators'
-
netbox__ldap_user_admin_group_dn
¶
The Distinguished Name of the LDAP object which defines who has superuser access level to a given NetBox instance.
netbox__ldap_user_admin_group_dn: '{{ [ netbox__ldap_user_admin_group_rdn ]
+ netbox__ldap_groups_dn }}'
-
netbox__ldap_object_owner_rdn
¶
The Relative Distinguished Name of the LDAP object of the person who installed a given NetBox instance and is used as the owner of the "NetBox Administrators" group.
netbox__ldap_object_owner_rdn: 'uid={{ lookup("env", "USER") }}'
-
netbox__ldap_object_ownerdn
¶
The Distinguished Name of the LDAP object of the person who installed a given NetBox instance and is used as the owner of the "NetBox Administrators" group, defined as a string.
netbox__ldap_object_ownerdn: '{{ ([ netbox__ldap_object_owner_rdn, netbox__ldap_people_rdn ]
+ netbox__ldap_base_dn) | join(",") }}'
LDAP connection options¶
-
netbox__ldap_server_uri
¶
The URI address of the LDAP server used by NetBox.
netbox__ldap_server_uri: '{{ ansible_local.ldap.uri|d([""]) | first }}'
-
netbox__ldap_server_port
¶
The TCP port which should be used for connections to the LDAP server.
netbox__ldap_server_port: '{{ ansible_local.ldap.port|d("389" if netbox__ldap_start_tls|bool else "636") }}'
-
netbox__ldap_start_tls
¶
If True
, NetBox will use STARTTLS extension to make encrypted
connections to the LDAP server.
netbox__ldap_start_tls: '{{ ansible_local.ldap.start_tls
if (ansible_local|d() and ansible_local.ldap|d() and
(ansible_local.ldap.start_tls|d())|bool)
else True }}'
-
netbox__ldap_user_filter
¶
The LDAP filter used to look up user accounts in the directory.
netbox__ldap_user_filter: '(uid=%(user)s)'
NetBox configuration options¶
-
netbox__config_allowed_hosts
¶
List of domain names under which the NetBox application will accept
connections. Specify *
to accept connections to any domain name.
netbox__config_allowed_hosts: '{{ netbox__fqdn }}'
-
netbox__config_secret_key
¶
The Django secret key used by the NetBox application. It will be shared by all hosts on the same domain.
netbox__config_secret_key: '{{ lookup("password", secret + "/netbox/" +
netbox__domain + "/config/secret_key length=64") }}'
-
netbox__config_admins
¶
A YAML list of tuples, [ 'Name', 'email' ]
, of the NetBox administrators.
They will receive e-mail messages about NetBox application errors.
By default the role uses the list of private admin e-mails from the debops.core Ansible role.
netbox__config_admins: '{{ lookup("template", "lookup/netbox__config_admins.j2") | from_yaml }}'
-
netbox__config_changelog_retention
¶
Maximum number of days to retain logged changes. Set to 0 to retain changes indefinitely. This overwrites potentially existing dynamic configuration settings.
netbox__config_changelog_retention: 90
-
netbox__config_cors_origin_allow_all
¶
API Cross-Origin Resource Sharing configuration. If True
, all origins are
allowed. See https://github.com/ottoyiu/django-cors-headers for more details.
netbox__config_cors_origin_allow_all: False
-
netbox__config_cors_origin_whitelist
¶
List of allowed CORS origin hostnames.
netbox__config_cors_origin_whitelist: []
-
netbox__config_cors_origin_regex_whitelist
¶
List of allowed CORS origin regex hostnames.
netbox__config_cors_origin_regex_whitelist: []
-
netbox__config_email_server
¶
The address of the SMTP server used by NetBox. By default the application uses a locally-installed SMTP server.
netbox__config_email_server: 'localhost'
-
netbox__config_email_port
¶
The TCP port of the SMTP server used by NetBox.
netbox__config_email_port: '25'
-
netbox__config_email_username
¶
The username used to login to the SMTP server.
netbox__config_email_username: ''
-
netbox__config_email_password
¶
The password used to login to the SMTP server.
netbox__config_email_password: ''
-
netbox__config_email_use_tls
¶
Use TLS (previously known as SSL) when connecting to the SMTP server.
netbox__config_email_use_tls: True
-
netbox__config_email_timeout
¶
The SMTP server connection timeout, in seconds.
netbox__config_email_timeout: '10'
-
netbox__config_email_from
¶
The e-mail address for the NetBox application, it will be used in the
From:
header of the NetBox e-mail messages.
netbox__config_email_from: '{{ netbox__user }}@{{ netbox__fqdn
if netbox__fqdn is string
else netbox__fqdn[0] }}'
-
netbox__config_logging
¶
Optional, custom logging configuration specified as YAML dictionary. See https://docs.djangoproject.com/en/1.11/topics/logging for more details.
netbox__config_logging: {}
-
netbox__config_login_required
¶
If True
, access to NetBox is only allowed for logged-in users. If
False
, some information stored in the NetBox database is accessible in
the read-only mode for anonymous users.
netbox__config_login_required: True
-
netbox__config_login_timeout
¶
The length of time (in seconds) for which a user will remain logged into the web UI before being prompted to re-authenticate. (Default: 14 days)
netbox__config_login_timeout: '{{ (60 * 60 * 24 * 14) }}'
-
netbox__config_base_path
¶
Set the "base path" of the NetBox application if it's installed in a subdirectory of the webserver.
netbox__config_base_path: ''
-
netbox__config_maintenance_mode
¶
Enable or disable maintenance mode banner. This overwrites potentially existing dynamic configuration settings.
netbox__config_maintenance_mode: False
-
netbox__config_napalm_username
¶
Specify the username which should be used by NetBox to access live devices using the NAPALM library. This overwrites potentially existing dynamic configuration settings.
netbox__config_napalm_username: ''
-
netbox__config_napalm_password
¶
Specify the password which should be used by NetBox to access live devices using the NAPALM library. This overwrites potentially existing dynamic configuration settings.
netbox__config_napalm_password: ''
-
netbox__napalm_ssh_generate
¶
Generate ~/.ssh/id_rsa
SSH private and public key if it doesn't
exist.
netbox__napalm_ssh_generate: False
-
netbox__napalm_ssh_generate_bits
¶
Size of the generated SSH key.
netbox__napalm_ssh_generate_bits: '2048'
-
netbox__config_napalm_timeout
¶
NAPALM request timeout, in seconds. This overwrites potentially existing dynamic configuration settings.
netbox__config_napalm_timeout: '30'
-
netbox__config_napalm_args
¶
Optional NAPALM arguments, specified as a YAML dictionary. This overwrites potentially existing dynamic configuration settings.
netbox__config_napalm_args: {}
-
netbox__config_paginate_count
¶
Specify maximum number of list items per page. This overwrites potentially existing dynamic configuration settings.
netbox__config_paginate_count: '50'
-
netbox__config_max_page_size
¶
Maximum number of objects returned in an API call. This overwrites potentially existing dynamic configuration settings.
netbox__config_max_page_size: '1000'
-
netbox__config_maps_url
¶
The URL to use when mapping physical addresses or GPS coordinates. Note that NetBox defaults to Google Maps and has no interest in changing or even documenting OpenStreetMap. See PR 6272. This overwrites potentially existing dynamic configuration settings.
netbox__config_maps_url: 'https://www.openstreetmap.org/search?query='
-
netbox__config_time_zone
¶
Specify the timezone used by NetBox.
netbox__config_time_zone: '{{ ansible_local.tzdata.timezone | d("Etc/UTC") }}'
-
netbox__config_date_format
¶
Specify the date format which NetBox uses to display information. See https://docs.djangoproject.com/en/dev/ref/templates/builtins/#date for more details.
netbox__config_date_format: 'N j, Y'
-
netbox__config_short_date_format
¶
Specify the short date format used by NetBox to display information.
netbox__config_short_date_format: 'Y-m-d'
-
netbox__config_time_format
¶
Specify the time format used by NetBox to display information.
netbox__config_time_format: 'g:i a'
-
netbox__config_short_time_format
¶
Specify the short time format used by NetBox to display information.
netbox__config_short_time_format: 'H:i:s'
-
netbox__config_datetime_format
¶
Specify the date and time format used by NetBox to display information.
netbox__config_datetime_format: 'N j, Y g:i a'
-
netbox__config_short_datetime_format
¶
Specify the short date and time format used by NetBox to display information.
netbox__config_short_datetime_format: 'Y-m-d H:i'
Specify a custom message displayed on the top of every page. This overwrites potentially existing dynamic configuration settings.
netbox__config_banner_top: ''
Specify a custom message displayed on the bottom of every page. This overwrites potentially existing dynamic configuration settings.
netbox__config_banner_bottom: ''
Specify a custom message displayed on the login page above the login from. This overwrites potentially existing dynamic configuration settings.
netbox__config_banner_login: ''
-
netbox__config_prefer_ipv4
¶
By default NetBox prefers to use IPv6 addresses as primary device addresses.
Set this variable to True
to change that to IPv4 instead.
This overwrites potentially existing dynamic configuration settings.
netbox__config_prefer_ipv4: False
-
netbox__config_enforce_global_unique
¶
If enabled, NetBox will enforce unique IP space in the "global" table (all prefixes and IP addresses not included in a VRF). This overwrites potentially existing dynamic configuration settings.
netbox__config_enforce_global_unique: False
-
netbox__config_exempt_view_permissions
¶
Exempt certain models from the enforcement of view permissions. Models listed here will be viewable by all users and by anonymous users. List models in the form <app>.<model>. Add '*' to this list to exempt all models.
netbox__config_exempt_view_permissions: []
-
netbox__config_metrics_enabled
¶
When enabled, expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'.
netbox__config_metrics_enabled: False
-
netbox__config_session_file_path
¶
By default, NetBox will store session data in the database. Alternatively, a file path can be specified here to use local file storage instead. (This can be useful for enabling authentication on a standby instance with read-only database access.) Note that the user as which NetBox runs must have read and write permissions to this path.
netbox__config_session_file_path: False
-
netbox__config_media_root
¶
Absolute path where NetBox stores uploaded media files.
netbox__config_media_root: '{{ netbox__data + "/media" }}'
-
netbox__config_reports_root
¶
Absolute path where NetBox reports (Python modules) are stored.
netbox__config_reports_root: '{{ netbox__data + "/reports" }}'
-
netbox__config_scripts_root
¶
Absolute path where NetBox scripts (Python modules) are stored.
netbox__config_scripts_root: '{{ netbox__data + "/scripts" }}'
-
netbox__config_plugins
¶
List of NetBox plugins.
netbox__config_plugins: []
-
netbox__config_plugins_config
¶
NetBox plugins configuration settings. See netbox__config_plugins_config for more details.
netbox__config_plugins_config: {}
-
netbox__config_custom
¶
Additional configuration not directly supported by this role can be specified with this string variable.
netbox__config_custom: ''
Initial superuser account¶
-
netbox__superuser_name
¶
Name of the initial admin account created by the role.
netbox__superuser_name: '{{ ansible_local.core.admin_users[0]|d("admin") }}'
-
netbox__superuser_email
¶
E-mail address of the initial admin account created by the role.
netbox__superuser_email: '{{ ansible_local.core.admin_private_email[0]
|d("root@" + netbox__domain) }}'
-
netbox__superuser_password
¶
Password set for the initial admin account created by the role.
netbox__superuser_password: '{{ lookup("password", secret + "/netbox/" +
netbox__domain + "/superuser/" +
netbox__superuser_name + "/password") }}'
Internal application settings¶
-
netbox__app_internal_appserver
¶
Enable or disable support for internal gunicorn
application server.
netbox__app_internal_appserver: '{{ ansible_local.gunicorn.installed
|d(ansible_service_mgr == "systemd")|bool }}'
-
netbox__app_name
¶
Name of the NetBox application processes (workers) set by the master process.
netbox__app_name: '{{ netbox__user }}'
-
netbox__app_runtime_dir
¶
Name of the subdirectory in the /run/
directory where the NetBox
application will bind its UNIX socket. The default is selected so that
configuration of the gunicorn
service is idempotent.
netbox__app_runtime_dir: '{{ "gunicorn"
if (ansible_distribution_release in
[ "wheezy", "jessie", "precise", "trusty", "xenial" ])
else "gunicorn-netbox" }}'
-
netbox__app_bind
¶
Specify either an UNIX or TCP socket on which the NetBox application should bind and listen for connections.
netbox__app_bind: 'unix:/run/{{ netbox__app_runtime_dir }}/netbox.sock'
-
netbox__app_workers
¶
Number of worker threads to start for NetBox application.
netbox__app_workers: '{{ ansible_processor_vcpus|int + 1 }}'
-
netbox__app_timeout
¶
Number of seconds after which non-responsive worker threads will be killed and restarted. NetBox installations with lots of objects might require longer timeouts for API access.
netbox__app_timeout: '900'
-
netbox__app_params
¶
List of parameters passed to the gunicorn
process manager.
netbox__app_params:
- '--name={{ netbox__app_name }}'
- '--bind={{ netbox__app_bind }}'
- '--workers={{ netbox__app_workers }}'
- '--timeout={{ netbox__app_timeout }}'
- 'netbox.wsgi'
Configuration variables for other Ansible roles¶
-
netbox__keyring__dependent_gpg_keys
¶
Configuration for the debops.keyring Ansible role.
netbox__keyring__dependent_gpg_keys:
- user: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
id: '{{ netbox__git_gpg_key_id }}'
-
netbox__python__dependent_packages3
¶
Configuration for the debops.python Ansible role.
netbox__python__dependent_packages3:
- 'python3-dev'
-
netbox__python__dependent_packages2
¶
Configuration for the debops.python Ansible role.
netbox__python__dependent_packages2:
- 'python-dev'
-
netbox__ldap__dependent_tasks
¶
Configuration for the debops.ldap Ansible role.
netbox__ldap__dependent_tasks:
- name: 'Create NetBox account for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_binddn }}'
objectClass: '{{ netbox__ldap_self_object_classes }}'
attributes: '{{ netbox__ldap_self_attributes }}'
no_log: '{{ debops__no_log | d(True) }}'
state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
- name: 'Create NetBox group container for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_groups_dn }}'
objectClass: 'organizationalStructure'
attributes:
ou: '{{ netbox__ldap_groups_rdn.split("=")[1] }}'
description: 'User groups used in NetBox'
state: '{{ "present"
if (netbox__ldap_device_dn|d() and
netbox__ldap_private_groups|bool)
else "ignore" }}'
- name: 'Create NetBox user group for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_user_group_dn }}'
objectClass: 'groupOfNames'
attributes:
cn: '{{ netbox__ldap_user_group_rdn.split("=")[1] }}'
owner: '{{ netbox__ldap_object_ownerdn }}'
member: '{{ netbox__ldap_object_ownerdn }}'
state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
- name: 'Create NetBox active user group for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_user_active_group_dn }}'
objectClass: 'groupOfNames'
attributes:
cn: '{{ netbox__ldap_user_active_group_rdn.split("=")[1] }}'
owner: '{{ netbox__ldap_object_ownerdn }}'
member: '{{ netbox__ldap_object_ownerdn }}'
state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
- name: 'Create NetBox staff group for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_user_staff_group_dn }}'
objectClass: 'groupOfNames'
attributes:
cn: '{{ netbox__ldap_user_staff_group_rdn.split("=")[1] }}'
owner: '{{ netbox__ldap_object_ownerdn }}'
member: '{{ netbox__ldap_object_ownerdn }}'
state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
- name: 'Create NetBox admin group for {{ netbox__ldap_device_dn | join(",") }}'
dn: '{{ netbox__ldap_user_admin_group_dn }}'
objectClass: 'groupOfNames'
attributes:
cn: '{{ netbox__ldap_user_admin_group_rdn.split("=")[1] }}'
owner: '{{ netbox__ldap_object_ownerdn }}'
member: '{{ netbox__ldap_object_ownerdn }}'
state: '{{ "present" if netbox__ldap_device_dn|d() else "ignore" }}'
-
netbox__gunicorn__dependent_applications
¶
Configuration for the debops.gunicorn Ansible role.
netbox__gunicorn__dependent_applications:
- name: 'netbox'
mode: 'wsgi'
working_dir: '{{ netbox__git_checkout + "/netbox" }}'
python: '{{ netbox__virtualenv + "/bin/python" }}'
user: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
system: True
timeout: '{{ netbox__app_timeout }}'
workers: '{{ netbox__app_workers }}'
args: '{{ netbox__app_params }}'
-
netbox__postgresql__dependent_roles
¶
Role configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_roles:
- name: '{{ netbox__database_user }}'
- name: '{{ netbox__database_name }}'
flags: [ 'NOLOGIN' ]
-
netbox__postgresql__dependent_groups
¶
Group configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_groups:
- roles: [ '{{ netbox__database_user }}' ]
groups: [ '{{ netbox__database_name }}' ]
database: '{{ netbox__database_name }}'
-
netbox__postgresql__dependent_databases
¶
Database configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_databases:
- name: '{{ netbox__database_name }}'
owner: '{{ netbox__database_name }}'
-
netbox__postgresql__dependent_pgpass
¶
~/.pgpass
configuration for the debops.postgresql Ansible role.
netbox__postgresql__dependent_pgpass:
- owner: '{{ netbox__user }}'
group: '{{ netbox__group }}'
home: '{{ netbox__home }}'
system: True
-
netbox__nginx__dependent_upstreams
¶
Upstream configuration for the debops.nginx Ansible role.
netbox__nginx__dependent_upstreams:
- name: 'netbox'
server: '{{ netbox__app_bind }}'
-
netbox__nginx__dependent_servers
¶
Server configuration for the debops.nginx Ansible role.
netbox__nginx__dependent_servers:
- name: '{{ netbox__fqdn }}'
by_role: 'debops.netbox'
filename: 'debops.netbox'
options: |
client_max_body_size 25m;
location:
'/static/': |
alias {{ netbox__git_checkout }}/netbox/static/;
'/': |
proxy_pass http://netbox;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout {{ netbox__app_timeout }};
proxy_send_timeout {{ netbox__app_timeout }};
proxy_read_timeout {{ netbox__app_timeout }};
add_header P3P 'CP="ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV"';