Changes between Version 11 and Version 12 of Nmm2022/Agenda/Netbox


Ignore:
Timestamp:
Jun 2, 2022, 4:08:58 AM (2 years ago)
Author:
geethike
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Nmm2022/Agenda/Netbox

    v11 v12  
    271271
    272272Once you've verified that the WSGI workers are up and running, move on to HTTP server setup.
     273
     274=== HTTP Server Setup ===
     275''' Obtain an SSL Certificate '''
     276
     277To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from Let's Encrypt, or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the netbox user.
     278
     279The command below can be used to generate a self-signed certificate for testing purposes, however it is strongly recommended to use a certificate from a trusted authority in production. Two files will be created: the public certificate ''' (netbox.crt) ''' and the private key ''' (netbox.key).''' The certificate is published to the world, whereas the private key must be kept secret at all times.
     280{{{
     281# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
     282-keyout /etc/ssl/private/netbox.key \
     283-out /etc/ssl/certs/netbox.crt
     284}}}
     285The above command will prompt you for additional details of the certificate; all of these are optional. So you can press Enter and keep continue.
     286
     287''' HTTP Server Installation '''
     288
     289''' Installing nginx '''
     290
     291Begin by installing nginx:
     292{{{
     293# sudo apt install -y nginx
     294}}}
     295
     296Once nginx is installed, copy the nginx configuration file provided by NetBox to '''/etc/nginx/sites-available/netbox. ''' Be sure to replace ''' netbox.example.com ''' with the domain name or IP address of your installation. (This should match the value configured for ALLOWED_HOSTS in configuration.py.)
     297{{{
     298# sudo cp /opt/netbox/contrib/nginx.conf /etc/nginx/sites-available/netbox
     299}}}
     300Then, delete ''' /etc/nginx/sites-enabled/default ''' and create a symlink in the sites-enabled directory to the configuration file you just created.
     301{{{
     302# sudo rm /etc/nginx/sites-enabled/default
     303# sudo ln -s /etc/nginx/sites-available/netbox /etc/nginx/sites-enabled/netbox
     304}}}
     305Finally, restart the ''' nginx ''' service to use the new configuration.
     306{{{
     307# sudo systemctl restart nginx
     308}}}
     309At this point, you should be able to connect to the HTTPS service at the server name or IP address you provided.