parent
0484e91693
commit
d4a9ccf43d
roles/netbox
defaults
handlers
tasks
templates
@ -2,4 +2,4 @@
|
|||||||
|
|
||||||
netbox_group: netbox
|
netbox_group: netbox
|
||||||
netbox_user: netbox
|
netbox_user: netbox
|
||||||
netbox_version: 2.8.7
|
netbox_version: 2.10.1
|
||||||
|
10
roles/netbox/handlers/main.yml
Normal file
10
roles/netbox/handlers/main.yml
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
---
|
||||||
|
|
||||||
|
- name: Reload systemd
|
||||||
|
systemd: daemon_reload=yes
|
||||||
|
|
||||||
|
- name: Restart netbox
|
||||||
|
service: name=netbox state=restarted
|
||||||
|
|
||||||
|
- name: Restart netbox-rq
|
||||||
|
service: name=netbox-rq state=restarted
|
@ -62,6 +62,13 @@
|
|||||||
owner: '{{ netbox_user }}'
|
owner: '{{ netbox_user }}'
|
||||||
group: '{{ netbox_group }}'
|
group: '{{ netbox_group }}'
|
||||||
|
|
||||||
|
- name: Configure gunicorn
|
||||||
|
template:
|
||||||
|
src: gunicorn.py.j2
|
||||||
|
dest: '/opt/netbox-{{ netbox_version }}/gunicorn.py'
|
||||||
|
owner: '{{ netbox_user }}'
|
||||||
|
group: '{{ netbox_group }}'
|
||||||
|
|
||||||
- name: Install venv
|
- name: Install venv
|
||||||
pip:
|
pip:
|
||||||
requirements: '/opt/netbox-{{ netbox_version }}/requirements.txt'
|
requirements: '/opt/netbox-{{ netbox_version }}/requirements.txt'
|
||||||
@ -73,17 +80,12 @@
|
|||||||
path: '/opt/netbox-{{ netbox_version }}'
|
path: '/opt/netbox-{{ netbox_version }}'
|
||||||
owner: '{{ netbox_user }}'
|
owner: '{{ netbox_user }}'
|
||||||
group: '{{ netbox_group }}'
|
group: '{{ netbox_group }}'
|
||||||
mode: preserve
|
recurse: yes
|
||||||
state: directory
|
|
||||||
recursive: yes
|
|
||||||
create: no
|
|
||||||
|
|
||||||
# TODO - still manual work
|
# TODO - still manual work
|
||||||
# * Run Database Migrations
|
# * Run Database Migrations
|
||||||
# * Create a Super User
|
# * Create a Super User
|
||||||
# * Collect Static Files
|
# * Collect Static Files
|
||||||
# * Gunicorn Configuration
|
|
||||||
# * systemd Configuration
|
|
||||||
|
|
||||||
- name: Ensure certificates are available
|
- name: Ensure certificates are available
|
||||||
command:
|
command:
|
||||||
@ -111,6 +113,20 @@
|
|||||||
src: /etc/nginx/sites-available/netbox
|
src: /etc/nginx/sites-available/netbox
|
||||||
dest: /etc/nginx/sites-enabled/netbox
|
dest: /etc/nginx/sites-enabled/netbox
|
||||||
state: link
|
state: link
|
||||||
owner: root
|
|
||||||
mode: preserve
|
|
||||||
notify: Restart nginx
|
notify: Restart nginx
|
||||||
|
|
||||||
|
- name: Install systemd units
|
||||||
|
template: src={{ item }}.service.j2 dest=/lib/systemd/system/{{ item }}.service
|
||||||
|
with_items:
|
||||||
|
- netbox
|
||||||
|
- netbox-rq
|
||||||
|
notify:
|
||||||
|
- Reload systemd
|
||||||
|
- Restart netbox
|
||||||
|
- Restart netbox-rq
|
||||||
|
|
||||||
|
- name: Enable services
|
||||||
|
service: name={{ item }} state=started enabled=yes
|
||||||
|
with_items:
|
||||||
|
- netbox
|
||||||
|
- netbox-rq
|
||||||
|
@ -33,7 +33,6 @@ REDIS = {
|
|||||||
# 'SENTINEL_SERVICE': 'netbox',
|
# 'SENTINEL_SERVICE': 'netbox',
|
||||||
'PASSWORD': '',
|
'PASSWORD': '',
|
||||||
'DATABASE': 0,
|
'DATABASE': 0,
|
||||||
'DEFAULT_TIMEOUT': 300,
|
|
||||||
'SSL': False,
|
'SSL': False,
|
||||||
},
|
},
|
||||||
'caching': {
|
'caching': {
|
||||||
@ -44,7 +43,6 @@ REDIS = {
|
|||||||
# 'SENTINEL_SERVICE': 'netbox',
|
# 'SENTINEL_SERVICE': 'netbox',
|
||||||
'PASSWORD': '',
|
'PASSWORD': '',
|
||||||
'DATABASE': 1,
|
'DATABASE': 1,
|
||||||
'DEFAULT_TIMEOUT': 300,
|
|
||||||
'SSL': False,
|
'SSL': False,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -214,11 +212,11 @@ RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
|
|||||||
|
|
||||||
# Remote authentication support
|
# Remote authentication support
|
||||||
REMOTE_AUTH_ENABLED = False
|
REMOTE_AUTH_ENABLED = False
|
||||||
REMOTE_AUTH_BACKEND = 'utilities.auth_backends.RemoteUserBackend'
|
REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
|
||||||
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
|
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
|
||||||
REMOTE_AUTH_AUTO_CREATE_USER = True
|
REMOTE_AUTH_AUTO_CREATE_USER = True
|
||||||
REMOTE_AUTH_DEFAULT_GROUPS = []
|
REMOTE_AUTH_DEFAULT_GROUPS = []
|
||||||
REMOTE_AUTH_DEFAULT_PERMISSIONS = []
|
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
|
||||||
|
|
||||||
# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
|
# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
|
||||||
RELEASE_CHECK_TIMEOUT = 24 * 3600
|
RELEASE_CHECK_TIMEOUT = 24 * 3600
|
||||||
@ -232,6 +230,9 @@ RELEASE_CHECK_URL = None
|
|||||||
# this setting is derived from the installed location.
|
# this setting is derived from the installed location.
|
||||||
# REPORTS_ROOT = '/opt/netbox/netbox/reports'
|
# REPORTS_ROOT = '/opt/netbox/netbox/reports'
|
||||||
|
|
||||||
|
# Maximum execution time for background tasks, in seconds.
|
||||||
|
RQ_DEFAULT_TIMEOUT = 300
|
||||||
|
|
||||||
# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
|
# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
|
||||||
# this setting is derived from the installed location.
|
# this setting is derived from the installed location.
|
||||||
# SCRIPTS_ROOT = '/opt/netbox/netbox/scripts'
|
# SCRIPTS_ROOT = '/opt/netbox/netbox/scripts'
|
||||||
|
16
roles/netbox/templates/gunicorn.py.j2
Normal file
16
roles/netbox/templates/gunicorn.py.j2
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
# The IP address (typically localhost) and port that the Netbox WSGI process should listen on
|
||||||
|
bind = '127.0.0.1:8001'
|
||||||
|
|
||||||
|
# Number of gunicorn workers to spawn. This should typically be 2n+1, where
|
||||||
|
# n is the number of CPU cores present.
|
||||||
|
workers = 5
|
||||||
|
|
||||||
|
# Number of threads per worker process
|
||||||
|
threads = 3
|
||||||
|
|
||||||
|
# Timeout (in seconds) for a request to complete
|
||||||
|
timeout = 120
|
||||||
|
|
||||||
|
# The maximum number of requests a worker can handle before being respawned
|
||||||
|
max_requests = 5000
|
||||||
|
max_requests_jitter = 500
|
21
roles/netbox/templates/netbox-rq.service.j2
Normal file
21
roles/netbox/templates/netbox-rq.service.j2
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=NetBox Request Queue Worker
|
||||||
|
Documentation=https://netbox.readthedocs.io/en/stable/
|
||||||
|
After=network-online.target
|
||||||
|
Wants=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
|
||||||
|
User=netbox
|
||||||
|
Group=netbox
|
||||||
|
WorkingDirectory=/opt/netbox-2.10.1
|
||||||
|
|
||||||
|
ExecStart=/opt/netbox-2.10.1/venv/bin/python3 /opt/netbox-2.10.1/netbox/manage.py rqworker
|
||||||
|
|
||||||
|
Restart=on-failure
|
||||||
|
RestartSec=30
|
||||||
|
PrivateTmp=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
22
roles/netbox/templates/netbox.service.j2
Normal file
22
roles/netbox/templates/netbox.service.j2
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=NetBox WSGI Service
|
||||||
|
Documentation=https://netbox.readthedocs.io/en/stable/
|
||||||
|
After=network-online.target
|
||||||
|
Wants=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
|
||||||
|
User=netbox
|
||||||
|
Group=netbox
|
||||||
|
PIDFile=/var/tmp/netbox.pid
|
||||||
|
WorkingDirectory=/opt/netbox-{{ netbox_version }}
|
||||||
|
|
||||||
|
ExecStart=/opt/netbox-{{ netbox_version }}/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /opt/netbox-{{ netbox_version }}/netbox --config /opt/netbox-{{ netbox_version }}/gunicorn.py netbox.wsgi
|
||||||
|
|
||||||
|
Restart=on-failure
|
||||||
|
RestartSec=30
|
||||||
|
PrivateTmp=true
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user