NetBox role

• NetBox role
  • Description
  • Mandatory variables
  • Optional variables
  • Configuration
  • Additionnal packages
  • Custom scripts
  • LDAP configuration
  • Update

Description

This role installs NetBox 4.0.3 or greater. The following links were used to build this role :

• https://netbox.readthedocs.io/en/stable/
• https://docs.djangoproject.com/en/3.1/ref/settings/#databases
• https://django-auth-ldap.readthedocs.io/en/latest/index.html

Mandatory variables

Variable	Description	Type	Sample value
netbox_version	netbox version to use https://github.com/netbox-community/netbox/releases	string (github tag)	v4.0.3
netbox_superuser_email	superuser email	email	noc@cosium.com
netbox_fqdn	servername for httpd	fqdn	ipam-2.cosium.com

Optional variables

Variable	Default	Description
netbox_changelog_days_retention	0	Number of days of changelog to keep in database, 0 = unlimited.

Configuration

The configuration must be given as key: value pairs like the following:

netbox_config:
  ALLOWED_HOSTS:
    - "{{ ansible_hostname }}"
    - localhost
    - 127.0.0.1
  TIME_ZONE: "Europe/Paris"
  SECRET_KEY: "{{ netbox_secret_key }}"

The default provided configuration is sufficient for a working install.

Additionnal packages

Other Python packages can be installed using local_requirements.txt, this is useful to install packages such as NAPALM or plugins:

netbox_local_requirements:
  - django-auth-ldap
  - napalm

Custom scripts

NetBox can be extended with custom scripts/reports. Documentation to create such scripts is located here:

• https://docs.netbox.dev/en/stable/customization/reports/
• https://docs.netbox.dev/en/stable/customization/custom-scripts/

To install a custom script, you need to define the following list:

netbox_custom_scripts:
  - name: add_device_type_components.py
  - name: missing_device_type_components.py
    dest: reports

The script must exist in the files directory of this role.

dest is optional as most of the scripts go to /opt/netbox/netbox/scripts/

LDAP configuration

The following variable are required for LDAP configuration (Queries use python functions LDAPSearch() and LDAPGroupQuery() if placeholders, arguments or conditions must be passed):

netbox_ldap_user_search: LDAPSearch("dc=cosium,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
netbox_ldap_group_search: LDAPSearch("ou=divisions,ou=groups,dc=cosium,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)")
netbox_ldap_require_group: LDAPGroupQuery("cn=Infrastructure,ou=divisions,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com")
netbox_ldap_group_assignation:
  is_active: (LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com"))
  is_staff: (LDAPGroupQuery("cn=sysop,ou=system,ou=groups,dc=cosium,dc=com")|LDAPGroupQuery("cn=outsourcing,ou=divisions,ou=groups,dc=cosium,dc=com"))
  is_superuser: "\"cn=sysop,ou=system,ou=groups,dc=cosium,dc=com\""

Update

To perform an update, change the variable netbox_version to the new version, then run this role.

Always review the release notes

NetBox can generally be upgraded directly to any newer release with no interim steps, with the one exception being incrementing major versions. This can be done only from the most recent minor release of the major version.