First, create a directory for netbox and all its data to reside in. In this example, we’ll use /opt/services/netbox.mydomain.com. Place all files (unless mentioned otherwise) in said directory.
.env
Obviously, generate new passwords and enter the correct domain name.
[email protected] SUPERUSER_PASSWORD=Soogohki0eidaQu4zaW9EjaBiuseeW POSTGRES_PASSWORD=chied2EatoZ1EFeish1OixaiVee7ae DOMAIN=netbox.mydomain.com
docker-compose.yml
You shouldn’t need to modify anything here (except for the port)
version: "3.7"
services:
netbox-db:
image: postgres:15-alpine
restart: unless-stopped
volumes:
- ./pg_data:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
- POSTGRES_DB=netbox
- POSTGRES_USER=netbox
netbox-redis:
image: redis:7-alpine
user: 1000:1000
command: redis-server
restart: always
volumes:
- ./redis_data:/data
netbox:
image: lscr.io/linuxserver/netbox:latest
container_name: netbox
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- SUPERUSER_EMAIL=${SUPERUSER_EMAIL}
- SUPERUSER_PASSWORD=${SUPERUSER_PASSWORD}
- ALLOWED_HOST=${DOMAIN}
- DB_NAME=netbox
- DB_USER=netbox
- DB_PASSWORD=${POSTGRES_PASSWORD}
- DB_HOST=netbox-db
- DB_PORT=5432
- REDIS_HOST=netbox-redis
- REDIS_PORT=6379
#- REDIS_PASSWORD=<REDIS_PASSWORD>
- REDIS_DB_TASK=0 # Database ID for tasks
- REDIS_DB_CACHE=1 # Database ID for cache
#- BASE_PATH=<BASE_PATH> #optional
#- REMOTE_AUTH_ENABLED=<REMOTE_AUTH_ENABLED> #optional
#- REMOTE_AUTH_BACKEND=<REMOTE_AUTH_BACKEND> #optional
#- REMOTE_AUTH_HEADER=<REMOTE_AUTH_HEADER> #optional
#- REMOTE_AUTH_AUTO_CREATE_USER=<REMOTE_AUTH_AUTO_CREATE_USER> #optional
#- REMOTE_AUTH_DEFAULT_GROUPS=<REMOTE_AUTH_DEFAULT_GROUPS> #optional
#- REMOTE_AUTH_DEFAULT_PERMISSIONS=<REMOTE_AUTH_DEFAULT_PERMISSIONS> #optional
volumes:
- ./netbox_config:/config
ports:
- 13031:8000
depends_on:
- netbox-db
- netbox-redis
restart: unless-stoppednginx config
Place this e.g. in /etc/nginx/sites-enabled/netbox-mydomain.conf.
server {
server_name netbox.mydomain.com;
location / {
proxy_pass http://localhost:13031/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_redirect default;
}
listen [::]:443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
}
server {
if ($host = netbox.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name netbox.mydomain.com;
listen [::]:80; # managed by Certbot
return 404; # managed by Certbot
}
After that, use our script to automatically create a systemd service & autostart Netbox on boot:
curl -fsSL https://techoverflow.net/scripts/create-docker-compose-service.sh | sudo bash /dev/stdin
Also, reload the nginx config:
sudo service nginx reload