| 273 | |
| 274 | === HTTP Server Setup === |
| 275 | ''' Obtain an SSL Certificate ''' |
| 276 | |
| 277 | To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from Let's Encrypt, or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the netbox user. |
| 278 | |
| 279 | The command below can be used to generate a self-signed certificate for testing purposes, however it is strongly recommended to use a certificate from a trusted authority in production. Two files will be created: the public certificate ''' (netbox.crt) ''' and the private key ''' (netbox.key).''' The certificate is published to the world, whereas the private key must be kept secret at all times. |
| 280 | {{{ |
| 281 | # sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \ |
| 282 | -keyout /etc/ssl/private/netbox.key \ |
| 283 | -out /etc/ssl/certs/netbox.crt |
| 284 | }}} |
| 285 | The above command will prompt you for additional details of the certificate; all of these are optional. So you can press Enter and keep continue. |
| 286 | |
| 287 | ''' HTTP Server Installation ''' |
| 288 | |
| 289 | ''' Installing nginx ''' |
| 290 | |
| 291 | Begin by installing nginx: |
| 292 | {{{ |
| 293 | # sudo apt install -y nginx |
| 294 | }}} |
| 295 | |
| 296 | Once nginx is installed, copy the nginx configuration file provided by NetBox to '''/etc/nginx/sites-available/netbox. ''' Be sure to replace ''' netbox.example.com ''' with the domain name or IP address of your installation. (This should match the value configured for ALLOWED_HOSTS in configuration.py.) |
| 297 | {{{ |
| 298 | # sudo cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox |
| 299 | }}} |
| 300 | Then, delete ''' /etc/nginx/sites-enabled/default ''' and create a symlink in the sites-enabled directory to the configuration file you just created. |
| 301 | {{{ |
| 302 | # sudo rm /etc/nginx/sites-enabled/default |
| 303 | # sudo ln -s /etc/nginx/sites-available/netbox /etc/nginx/sites-enabled/netbox |
| 304 | }}} |
| 305 | Finally, restart the ''' nginx ''' service to use the new configuration. |
| 306 | {{{ |
| 307 | # sudo systemctl restart nginx |
| 308 | }}} |
| 309 | At this point, you should be able to connect to the HTTPS service at the server name or IP address you provided. |