-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmain.yml
189 lines (153 loc) · 6.99 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
---
# defaults file for ansible-netbox
netbox_hostname: "{{ ansible_fqdn }}"
netbox_allowed_hosts: "{{ netbox_hostname }}"
# Define url for NetBox API
netbox_url: http://127.0.0.1:8080
netbox_version: latest
# example for a specific version:
# netbox_version: 3.6.3
# override download url (offline-mode or no v4-connectivity) with a local path
# !important, filename needs to be: "netbox-v3.6.3.tar.gz" (example for version 3.6.3)
# original download-url is https://github.com/netbox-community/netbox/archive/refs/tags/v3.6.3.tar.gz
# netbox_download_url: /tmp/netbox-v3.6.3.tar.gz
# disable query of api.github.com (offline-mode or no v4-connectivity),
# in this case you must define a version and cannot use "latest":
netbox_disable_github_version_check: false
netbox_user: netbox
netbox_group: netbox
netbox_install_dir: /opt
netbox_home: "{{ netbox_install_dir + '/netbox' }}"
netbox_app_path: "{{ netbox_home + '/netbox/netbox' }}"
netbox_virtualenv: "{{ netbox_home + '/venv' }}"
netbox_data_dir: "{{ netbox_home + '/netbox-data' }}"
netbox_media_root: "{{ netbox_data_dir}}/media"
netbox_reports_root: "{{ netbox_data_dir}}/reports"
netbox_scripts_root: "{{ netbox_data_dir}}/scripts"
# netbox only support PostgreSQL:
netbox_db_name: netbox
netbox_db_host: localhost
netbox_db_password: netbox
netbox_db_user: netbox
# leave blank for default:
netbox_db_port: ""
netbox_db_conn_max_age: 300
netbox_listen_address: 127.0.0.1
netbox_listen_port: 8001
# Expose Prometheus monitoring metrics at the HTTP endpoint '/metrics'
netbox_metrics_enabled: false
# Redis configurations
netbox_redis_host: localhost
netbox_redis_username: ""
netbox_redis_password: ""
netbox_redis_port: 6379
netbox_redis_ssl: false
netbox_redis_sentinel_enable: false
netbox_redis_sentinel_host: "mysentinel.redis.example.com"
netbox_redis_sentinel_port: 6379
netbox_redis_sentinel_service: netbox
# Please fill with your own value (50 chars minimum) REQUIRED:
# example command: "head /dev/urandom | tr -dc a-zA-Z0-9 | head -c50"
# netbox_secret_key: "secret"
# Define your user token (exactly 40 hex chars) REQUIRED:
# example command: "head /dev/urandom | tr -dc a-f0-9 | head -c40"
# netbox_token: "secret"
netbox_superuser_username: netbox
netbox_superuser_password: netbox
netbox_superuser_email: "netbox@{{ netbox_hostname }}"
# Setting this to True will permit only authenticated users to access any part of NetBox. By default, anonymous users are permitted to access most data in NetBox (excluding secrets) but not make any changes.
netbox_login_required: true
netbox_login_timeout: 86400
netbox_max_page_size: 1000
# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour.
netbox_release_check_timeout: "24 * 3600"
# Text to include (HTML is allowed):
netbox_banner_login: ""
netbox_banner_bottom: ""
netbox_banner_top: ""
# Base URL path if accessing NetBox within a directory. For example, if installed at http://example.com/netbox/, set:
# netbox_base_path: "netbox/"
netbox_time_zone: UTC
netbox_date_format: "N j, Y"
netbox_short_date_format: "Y-m-d"
netbox_time_format: "g:i a"
netbox_short_time_format: "H:i:s"
netbox_datetime_format: "N j, Y g:i a"
netbox_short_datetime_format: "Y-m-d H:i"
# url or "None":
netbox_release_check_url: "https://api.github.com/repos/netbox-community/netbox/releases"
netbox_paginate_count: 50
netbox_changelog_retention: 90
# FIXME (json-format)
netbox_plugins_config: ""
netbox_email_server: localhost
netbox_email_port: 25
netbox_email_username: ""
netbox_email_password: ""
# timeout in seconds:
netbox_email_timeout: 10
netbox_email_from_email: ""
# proxy for outgoing requests (example values):
# netbox_http_proxy: "http://10.10.1.10:3128"
# netbox_https_proxy: "http://10.10.1.10:1080"
netbox_pid_file: "/var/tmp/netbox.pid"
netbox_service_main_name: "netbox"
netbox_service_main_file_template: "systemd-unit-netbox.j2"
netbox_service_main_file_target: "/lib/systemd/system/netbox.service"
netbox_service_housekeeping_name: "netbox-housekeeping"
netbox_service_housekeeping_file_template: "systemd-unit-netbox-housekeeping.j2"
netbox_service_housekeeping_file_target: "/etc/systemd/system/netbox-housekeeping.service"
netbox_systemd_housekeeping_timer_name: "netbox-housekeeping"
netbox_systemd_housekeeping_timer_template: "systemd-timer-housekeeping.j2"
netbox_systemd_housekeeping_timer_target: "/etc/systemd/system/netbox-housekeeping.timer"
netbox_service_rq_name: "netbox-rq"
netbox_service_rq_file_template: "systemd-unit-netbox-rq.j2"
netbox_service_rq_file_target: "/etc/systemd/system/netbox-rq.service"
netbox_configuration_file_template: "configuration.py.j2"
netbox_unicorn_configuration_file_template: "gunicorn.py.j2"
# reverse-proxy-config, use nginx to make a ssl reverse-proxy-config:
netbox_nginx_deploy_reverseconfig: true
netbox_nginx_template: "nginx-netbox.conf.j2"
# only on debian:
netbox_nginx_remove_default_config: false
# debian includes everything, centos only *.conf:
netbox_nginx_config_filename: netbox.conf
# if you use our nginx_common role, use "true" here:
netbox_nginx_use_nginx_common_snippet: false
netbox_nginx_snippet_directory: "{{ nginx_snippet_directory | default('/etc/nginx/snippets') }}"
netbox_nginx_tls_hardening_snippet: "{{ netbox_nginx_snippet_directory }}/tls-hardening.conf"
# enable HSTS (not used when netbox_nginx_use_nginx_common_snippet: true):
netbox_tls_hsts_enable: true
netbox_tls_hsts_time: 31536000
# path to ssl certificates, defaults to letsencrypt paths:
netbox_nginx_ssl_certificate: "/etc/letsencrypt/live/{{ netbox_hostname }}/fullchain.pem"
netbox_nginx_ssl_certificate_key: "/etc/letsencrypt/live/{{ netbox_hostname }}/privkey.pem"
# hide nginx version number from server-header ("server: nginx" will still be present):
# remove others vhosts to prevent leaking the version number from them (i.e. with var "netbox_nginx_remove_default_config")
netbox_hide_nginx_version: true
# https://github.com/lae/ansible-role-netbox/blob/master/vars/main.yml
netbox_superuser_script: |
from django.contrib.auth.models import User
from base64 import b64decode
from users.models import Token
password = b64decode("{{ netbox_superuser_password | b64encode }}").decode("UTF-8")
query = User.objects.filter(username="{{ netbox_superuser_username }}")
if not query.exists():
User.objects.create_superuser("{{ netbox_superuser_username }}", "{{ netbox_superuser_email }}", password)
user = User.objects.get(username="{{ netbox_superuser_username }}")
Token.objects.create(user=user, key="{{ netbox_token }}")
print("changed")
else:
user = User.objects.get(username="{{ netbox_superuser_username }}")
if not user.is_superuser or user.email != "{{ netbox_superuser_email }}" or not user.check_password(password):
user.is_superuser = True
user.is_staff = True
user.email = "{{ netbox_superuser_email }}"
user.set_password(password)
user.save()
print("changed")
# put any of additional config lines (not already covered) in here:
# netbox_extra_config: +|
# config1
# config2
netbox_extra_config: ""