netbox: bump to 2.10.1 and add systemd service

This commit is contained in:
Markus 2020-12-16 19:32:58 +01:00
parent 0484e91693
commit d4a9ccf43d
7 changed files with 99 additions and 13 deletions

View File

@ -2,4 +2,4 @@
netbox_group: netbox netbox_group: netbox
netbox_user: netbox netbox_user: netbox
netbox_version: 2.8.7 netbox_version: 2.10.1

View File

@ -0,0 +1,10 @@
---
- name: Reload systemd
systemd: daemon_reload=yes
- name: Restart netbox
service: name=netbox state=restarted
- name: Restart netbox-rq
service: name=netbox-rq state=restarted

View File

@ -62,6 +62,13 @@
owner: '{{ netbox_user }}' owner: '{{ netbox_user }}'
group: '{{ netbox_group }}' group: '{{ netbox_group }}'
- name: Configure gunicorn
template:
src: gunicorn.py.j2
dest: '/opt/netbox-{{ netbox_version }}/gunicorn.py'
owner: '{{ netbox_user }}'
group: '{{ netbox_group }}'
- name: Install venv - name: Install venv
pip: pip:
requirements: '/opt/netbox-{{ netbox_version }}/requirements.txt' requirements: '/opt/netbox-{{ netbox_version }}/requirements.txt'
@ -73,17 +80,12 @@
path: '/opt/netbox-{{ netbox_version }}' path: '/opt/netbox-{{ netbox_version }}'
owner: '{{ netbox_user }}' owner: '{{ netbox_user }}'
group: '{{ netbox_group }}' group: '{{ netbox_group }}'
mode: preserve recurse: yes
state: directory
recursive: yes
create: no
# TODO - still manual work # TODO - still manual work
# * Run Database Migrations # * Run Database Migrations
# * Create a Super User # * Create a Super User
# * Collect Static Files # * Collect Static Files
# * Gunicorn Configuration
# * systemd Configuration
- name: Ensure certificates are available - name: Ensure certificates are available
command: command:
@ -111,6 +113,20 @@
src: /etc/nginx/sites-available/netbox src: /etc/nginx/sites-available/netbox
dest: /etc/nginx/sites-enabled/netbox dest: /etc/nginx/sites-enabled/netbox
state: link state: link
owner: root
mode: preserve
notify: Restart nginx notify: Restart nginx
- name: Install systemd units
template: src={{ item }}.service.j2 dest=/lib/systemd/system/{{ item }}.service
with_items:
- netbox
- netbox-rq
notify:
- Reload systemd
- Restart netbox
- Restart netbox-rq
- name: Enable services
service: name={{ item }} state=started enabled=yes
with_items:
- netbox
- netbox-rq

View File

@ -33,7 +33,6 @@ REDIS = {
# 'SENTINEL_SERVICE': 'netbox', # 'SENTINEL_SERVICE': 'netbox',
'PASSWORD': '', 'PASSWORD': '',
'DATABASE': 0, 'DATABASE': 0,
'DEFAULT_TIMEOUT': 300,
'SSL': False, 'SSL': False,
}, },
'caching': { 'caching': {
@ -44,7 +43,6 @@ REDIS = {
# 'SENTINEL_SERVICE': 'netbox', # 'SENTINEL_SERVICE': 'netbox',
'PASSWORD': '', 'PASSWORD': '',
'DATABASE': 1, 'DATABASE': 1,
'DEFAULT_TIMEOUT': 300,
'SSL': False, 'SSL': False,
} }
} }
@ -214,11 +212,11 @@ RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220
# Remote authentication support # Remote authentication support
REMOTE_AUTH_ENABLED = False REMOTE_AUTH_ENABLED = False
REMOTE_AUTH_BACKEND = 'utilities.auth_backends.RemoteUserBackend' REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER' REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
REMOTE_AUTH_AUTO_CREATE_USER = True REMOTE_AUTH_AUTO_CREATE_USER = True
REMOTE_AUTH_DEFAULT_GROUPS = [] REMOTE_AUTH_DEFAULT_GROUPS = []
REMOTE_AUTH_DEFAULT_PERMISSIONS = [] REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour. # This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
RELEASE_CHECK_TIMEOUT = 24 * 3600 RELEASE_CHECK_TIMEOUT = 24 * 3600
@ -232,6 +230,9 @@ RELEASE_CHECK_URL = None
# this setting is derived from the installed location. # this setting is derived from the installed location.
# REPORTS_ROOT = '/opt/netbox/netbox/reports' # REPORTS_ROOT = '/opt/netbox/netbox/reports'
# Maximum execution time for background tasks, in seconds.
RQ_DEFAULT_TIMEOUT = 300
# The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of # The file path where custom scripts will be stored. A trailing slash is not needed. Note that the default value of
# this setting is derived from the installed location. # this setting is derived from the installed location.
# SCRIPTS_ROOT = '/opt/netbox/netbox/scripts' # SCRIPTS_ROOT = '/opt/netbox/netbox/scripts'

View File

@ -0,0 +1,16 @@
# The IP address (typically localhost) and port that the Netbox WSGI process should listen on
bind = '127.0.0.1:8001'
# Number of gunicorn workers to spawn. This should typically be 2n+1, where
# n is the number of CPU cores present.
workers = 5
# Number of threads per worker process
threads = 3
# Timeout (in seconds) for a request to complete
timeout = 120
# The maximum number of requests a worker can handle before being respawned
max_requests = 5000
max_requests_jitter = 500

View File

@ -0,0 +1,21 @@
[Unit]
Description=NetBox Request Queue Worker
Documentation=https://netbox.readthedocs.io/en/stable/
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=netbox
Group=netbox
WorkingDirectory=/opt/netbox-2.10.1
ExecStart=/opt/netbox-2.10.1/venv/bin/python3 /opt/netbox-2.10.1/netbox/manage.py rqworker
Restart=on-failure
RestartSec=30
PrivateTmp=true
[Install]
WantedBy=multi-user.target

View File

@ -0,0 +1,22 @@
[Unit]
Description=NetBox WSGI Service
Documentation=https://netbox.readthedocs.io/en/stable/
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
User=netbox
Group=netbox
PIDFile=/var/tmp/netbox.pid
WorkingDirectory=/opt/netbox-{{ netbox_version }}
ExecStart=/opt/netbox-{{ netbox_version }}/venv/bin/gunicorn --pid /var/tmp/netbox.pid --pythonpath /opt/netbox-{{ netbox_version }}/netbox --config /opt/netbox-{{ netbox_version }}/gunicorn.py netbox.wsgi
Restart=on-failure
RestartSec=30
PrivateTmp=true
[Install]
WantedBy=multi-user.target