NetBox is an open-source Infrastructure Resource Modelling (IRM) software designed for network automation and infrastructure engineering. Initially created by the DigitalOcean team, NetBox is now an independent project released under the Apache 2 License. Built on the Python Django Web framework with PostgreSQL as the default database, NetBox provides a powerful platform for managing and documenting your network infrastructure.
In this guide, we will walk you through the step-by-step process of installing NetBox IRM software on a Debian 12 server. We will install NetBox with PostgreSQL as the database server and Apache2 as a reverse proxy. Additionally, we will secure your NetBox installation with SSL/TLS certificates to ensure a safe and encrypted connection.
Prerequisites
Before we begin, make sure you have the following:
- A Debian 12 server
- A non-root user with administrator privileges
- A public or local domain name pointed to the server’s IP address
Installing Dependencies
NetBox is a Python Django web application that requires several dependencies, including PostgreSQL as the database server and Redis for cache management. We will also install the Apache2 web server as a reverse proxy for NetBox.
To get started, update your Debian repository by executing the following command:
sudo apt update
Next, install the necessary package dependencies for your NetBox IRM installation:
sudo apt install apache2 postgresql postgresql-common libpq-dev redis-server git python3 python3-pip python3-venv python3-dev build-essential libxml2-dev libxslt1-dev libffi-dev libssl-dev zlib1g-dev
When prompted, type y
to proceed with the installation of the dependencies.
After the installation is complete, verify each dependency by running the following commands:
sudo systemctl is-enabled apache2
sudo systemctl status apache2
Ensure that the Apache2 service is enabled and running.
sudo systemctl is-enabled postgresql
sudo systemctl status postgresql
Verify that the PostgreSQL service is running and enabled.
sudo systemctl is-enabled redis
sudo systemctl status redis
Confirm that the Redis service is running and enabled.
python3 --version
Verify the installed version of Python. NetBox IRM supports Python versions 3.9, 3.10, and 3.11.
Configuring PostgreSQL Server
After installing the dependencies, we need to create a new PostgreSQL database and user for NetBox to use. To do this, log in to the PostgreSQL server via the psql
command line:
sudo -u postgres psql
Once logged in, run the following queries to create a new user netbox
with the password p4ssw0rd
and a new database netboxdb
with netbox
as the owner:
CREATE USER netbox LOGIN CREATEDB PASSWORD 'p4ssw0rd';
CREATE DATABASE netboxdb OWNER netbox;
Verify that the user and database have been created by running the command:
\du \l
You should see the netbox
user and netboxdb
database listed.
Exit the PostgreSQL server by typing q
.
Next, log in to PostgreSQL using the netbox
user account and connect to the netboxdb
database:
sudo -u postgres psql --username netbox --password --host localhost netboxdb
Verify your connection by running the following command:
/conninfo
You should see the connection information for the netboxdb
database.
Exit the PostgreSQL server again by typing q
.
Configuring Redis Server
With the PostgreSQL database and user set up, we can now configure the Redis server for cache management in NetBox. Open the Redis configuration file /etc/redis/redis.conf
using the following command:
sudo nano /etc/redis/redis.conf
Uncomment the line that starts with requirepass
and set a password for your Redis server. For example:
requirepass p4ssw0rd
Save and exit the file.
Restart the Redis service to apply the changes:
sudo systemctl restart redis
To verify that Redis is working properly, access the Redis server using the redis-cli
command:
redis-cli
Authenticate to the Redis server by running the following command and entering the password you set:
AUTH p4ssw0rd
If the authentication is successful, you will see the output OK
. You can also run the PING
command to ensure a successful connection:
PING
If the output is PONG
, your connection to Redis is working.
Installing NetBox IRM
Now that we have configured the database and Redis server, we can proceed with the installation of NetBox IRM.
First, create a new system user named netbox
that will be used to run the NetBox installation:
sudo useradd -r -d /opt/netbox -s /usr/sbin/nologin netbox
Next, download the NetBox IRM source code using Git and change the ownership of the /opt/netbox
directory to the netbox
user:
cd /opt sudo git clone -b master --depth 1 https://github.com/netbox-community/netbox.git sudo chown -R netbox:netbox /opt/netbox
Move to the /opt/netbox
directory and generate the NetBox secret key using the following command:
cd /opt/netbox/netbox/netbox sudo -u netbox python3 ../generate_secret_key.py
Copy the default configuration file configuration_example.py
to configuration.py
:
sudo -u netbox cp configuration_example.py configuration.py
Open configuration.py
with a text editor:
sudo -u netbox nano configuration.py
Within the ALLOWED_HOSTS
section, add your domain name or server IP address:
ALLOWED_HOSTS = ['netbox.example.com', '192.168.1.100']
In the DATABASE
section, input your PostgreSQL database details:
DATABASE = {
'NAME': 'netboxdb',
'USER': 'netbox',
'PASSWORD': 'p4ssw0rd',
'HOST': 'localhost',
'PORT': '',
'CONN_MAX_AGE': 300,
}
In the REDIS
section, input the details of your Redis server:
# Redis cache configuration REDIS = { 'tasks': { 'HOST': 'localhost', # Redis server 'PORT': 6379, # Redis port 'PASSWORD': 'p4ssw0rdNetBox', # Redis password (optional) 'DATABASE': 0, # Database ID 'SSL': False, # Use SSL (optional) }, 'caching': { 'HOST': 'localhost', 'PORT': 6379, 'PASSWORD': 'p4ssw0rdNetBox', 'DATABASE': 1, # Unique ID for second database 'SSL': False, } }
Replace p4ssw0rd
with the password you set for Redis.
Finally, input your secret key in the SECRET_KEY
section:
SECRET_KEY = 'your_secret_key_here'
Save and close the file.
Execute the upgrade script to start the NetBox installation:
sudo -u netbox /opt/netbox/upgrade.sh
This script will create a new Python virtual environment, install necessary packages and libraries, perform database migrations, and generate static files for NetBox.
After the installation is complete, create an administrator user for NetBox by running the following commands:
source /opt/netbox/venv/bin/activate cd /opt/netbox/netbox python3 manage.py createsuperuser
Follow the prompts to enter your admin email address, username, and password.
To verify your NetBox installation, run NetBox on your local IP address with port 8000:
python3 manage.py runserver0.0.0.0:8000 --insecure
Open your web browser and visit http://your_server_ip:8000/
. If the installation is successful, you should see the NetBox IRM index page. Click the “Login” button at the top right to access the login page.
Enter your admin username and password, then click “Sign In”. If everything is working correctly, you should see the NetBox dashboard.
Terminate the NetBox server by pressing Ctrl+C
in the terminal.
Running NetBox as a Systemd Service
To simplify the management of NetBox, we will configure it to run as a systemd service. This allows you to control NetBox using the systemctl
utility.
Copy the gunicorn.py
file to the NetBox directory:
sudo -u netbox cp /opt/netbox/contrib/gunicorn.py /opt/netbox/gunicorn.py
Open the gunicorn.py
file with a text editor:
sudo -u netbox nano /opt/netbox/gunicorn.py
Change the bind
option to run NetBox on localhost port 8001:
bind = '127.0.0.1:8001'
Save and close the file.
Copy the systemd service files for NetBox to the /etc/systemd/system/
directory:
sudo cp -v /opt/netbox/contrib/*.service /etc/systemd/system/
Reload the systemd manager to apply the new changes:
sudo systemctl daemon-reload
Start and enable the NetBox services:
sudo systemctl start netbox netbox-rq netbox-housekeeping sudo systemctl enable netbox netbox-rq netbox-housekeeping
Verify that the services are running:
sudo systemctl status netbox
sudo systemctl status netbox-rq
Configuring Apache as a Reverse Proxy
In this step, we will configure Apache2 as a reverse proxy for NetBox. If you are using a local domain, you can generate self-signed SSL certificates. For a public domain, you can use Certbot to obtain SSL certificates from Let’s Encrypt.
If using a local domain, generate SSL certificates with the following command:
openssl req -x509 -newkey rsa:4096 -sha256 -days 365 -nodes -keyout /etc/ssl/private/netbox.key -out /etc/ssl/certs/netbox.crt -subj "/CN=netbox.example.com" -addext "subjectAltName=DNS:netbox.example.com,IP:192.168.1.100"
Replace netbox.example.com
with your domain name and 192.168.1.100
with your server’s IP address.
Copy the Apache virtual host configuration example for NetBox:
sudo cp /opt/netbox/contrib/apache.conf /etc/apache2/sites-available/netbox.conf
Open the netbox.conf
file with a text editor:
sudo nano /etc/apache2/sites-available/netbox.conf
Change the domain name and SSL/TLS certificate paths in the <VirtualHost>
blocks:
<VirtualHost *:80>
ServerName netbox.example.com
...
</VirtualHost>
<VirtualHost *:443>
ProxyPreserveHost On
ServerName netbox.example.com
SSLEngine on
SSLCertificateFile /etc/ssl/certs/netbox.crt
SSLCertificateKeyFile /etc/ssl/private/netbox.key
...
</VirtualHost>
Save and close the file.
Enable the required Apache2 modules:
sudo a2enmod ssl proxy proxy_http headers rewrite
Activate the virtual host configuration and verify the Apache2 syntax:
sudo a2ensite netbox.conf
sudo apachectl configtest
If there are no syntax errors, you should see Syntax OK
.
Restart the Apache2 service to apply the changes:
sudo systemctl restart apache2
Your NetBox installation should now be accessible via your domain name. Open your web browser and visit https://netbox.example.com/
. If everything is working correctly, you should see the NetBox index page.
After logging in, you will have access to the NetBox IRM dashboard running under the Apache2 reverse proxy.
Conclusion
Congratulations! You have successfully installed NetBox IRM on your Debian 12 server. By following this guide, you have set up NetBox with PostgreSQL as the database server and Apache2 as a reverse proxy. Your NetBox installation is now secured with SSL/TLS certificates, ensuring a safe and encrypted connection.
NetBox provides powerful network automation and infrastructure engineering capabilities, allowing you to manage and document your network infrastructure efficiently. With its user-friendly interface and extensive features, NetBox is a valuable tool for organizations of all sizes.
If you are looking for reliable and scalable cloud hosting solutions, consider Shape.host’s SSD Linux VPS services. Shape.host offers high-performance virtual private servers with SSD storage, ensuring fast and efficient operations for your NetBox installation.
By installing NetBox IRM on your Debian 12 server, you are taking a significant step towards optimizing your network infrastructure management. Enjoy the benefits of NetBox and streamline your network automation processes with ease.