wanderer/infra
1
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
Files
development
infra/nix/modules/netbox.nix
T

91 lines
2.1 KiB
Nix
Raw Permalink Blame History

{
config,
lib,
pkgs,
...
}:
{
sops.secrets = {
netbox = lib.mkIf config.services.netbox.enable {
owner = "netbox";
group = "netbox";
restartUnits = [
"netbox.service"
"netbox-rq.service"
"redis-netbox.service"
];
};
};
services = {
netbox = {
# oidc:
# https://goauthentik.io/integrations/services/netbox/
# https://smuth.me/posts/netbox-with-authentik/
# https://hull.au/blog/netbox-authentik-oidc-sso/
enable = true;
# XXX: explicit due to migration instructions in 24.11.
# package = pkgs.netbox_4_1; # XXX aaand will have to migrate further for 25.05
# package = pkgs.netbox; # 4.2.9
package = pkgs.netbox_4_4;
listenAddress = "localhost";
secretKeyFile = config.sops.secrets.netbox.path;
extraConfig = ''
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
METRICS_ENABLED = True
plugins = [
'netbox-dns',
'netbox-reorder-rack',
'netbox-attachments',
'netbox-plugin-prometheus-sd',
]
'';
plugins =
python3Packages: with python3Packages; [
netbox-dns
netbox-routing
netbox-floorplan-plugin
netbox-topology-views
netbox-interface-synchronization
netbox-contextmenus
netbox-reorder-rack
netbox-documents
netbox-attachments
netbox-plugin-prometheus-sd
];
};
postgresqlBackup = {
enable = true;
databases = [
"netbox"
];
compression = "zstd";
compressionLevel = 19;
};
sanoid = {
datasets = {
"zroot/userdata/services/netbox" = {
useTemplate = [ "production" ];
# recursive = "zfs";
recursive = true;
};
};
};
};
systemd.services = {
netbox = lib.mkIf config.services.netbox.enable {
upholds = [
"caddy.service"
"redis-netbox.service"
];
wantedBy = [ "multi-user.target" ];
};
};
users.users.caddy.extraGroups = [ "netbox" ];
}
Reference in New Issue View Git Blame Copy Permalink