# NetBox — DCIM / IPAM **Data Center Infrastructure Management & IP Address Management** ## Service Overview | Property | Value | |----------|-------| | **Host** | homelab-vm (192.168.0.210) | | **Port** | 8443 (-> 8000 internal) | | **URL** | https://nb.vish.gg | | **Local URL** | http://192.168.0.210:8443 | | **Image** | `linuxserver/netbox:latest` | | **Stack** | `hosts/vms/homelab-vm/netbox.yaml` | | **Data** | `/home/homelab/docker/netbox/{config,db,redis}` | ## Credentials | Property | Value | |----------|-------| | **Superuser Email** | your-email@example.com | | **Superuser Password** | Set via env var `SUPERUSER_PASSWORD` at deploy time | | **DB Password** | Set via env var `DB_PASSWORD` | | **Redis Password** | Set via env var `REDIS_PASSWORD` | ## Architecture ``` Internet | Cloudflare (proxied) | nb.vish.gg | NPM (calypso:8443) --- SSL: *.vish.gg origin cert | http://100.67.40.126:8443 (Tailscale) | +-------+-------+ | | | netbox-db redis netbox (pg:16) (redis:7) (uwsgi) ``` NPM reaches homelab-vm via its **Tailscale IP** (100.67.40.126), not the LAN IP -- calypso routes through Tailscale to reach homelab-vm services. ## Components | Container | Image | Purpose | |-----------|-------|---------| | `netbox` | linuxserver/netbox:latest | Web UI + API + background worker | | `netbox-db` | postgres:16-alpine | PostgreSQL database | | `netbox-redis` | redis:7-alpine | Caching and task queue | ## DNS & Reverse Proxy - **Cloudflare**: `nb.vish.gg` A record (proxied), auto-updated by DDNS - **DDNS**: Listed in `ddns-vish-proxied` service (`hosts/synology/atlantis/dynamicdnsupdater.yaml`) - **NPM**: Proxy host ID 46 -- `nb.vish.gg` -> `http://100.67.40.126:8443` - SSL: Cloudflare origin certificate (`*.vish.gg`, cert ID 1) - Force SSL: yes - Block exploits: yes ## Deployment Deployed via `docker compose` with env vars for secrets: ```bash cd /home/homelab/organized/repos/homelab/hosts/vms/homelab-vm SUPERUSER_EMAIL=your-email@example.com \ SUPERUSER_PASSWORD="REDACTED_PASSWORD" \ DB_PASSWORD="REDACTED_PASSWORD" \ REDIS_PASSWORD="REDACTED_PASSWORD" \ docker compose -f netbox.yaml -p netbox up -d ``` First startup takes several minutes (DB migrations + static file collection). ## Configuration Main config persisted at: `/home/homelab/docker/netbox/config/configuration.py` Key settings: - `ALLOWED_HOSTS = ['*']` -- NPM handles domain routing - `TIME_ZONE = 'UTC'` - `LOGIN_REQUIRED = False` (change to `True` to require auth for read access) - `SECRET_KEY` -- auto-generated on first run, do not change To edit: ```bash sudo nano /home/homelab/docker/netbox/config/configuration.py docker restart netbox ``` ## API REST API at `/api/`, GraphQL at `/graphql/`. ```bash # Create a token: User menu -> API Tokens in the web UI curl -H "Authorization: Token " https://nb.vish.gg/api/dcim/devices/ ``` ## Maintenance ```bash # Logs docker logs netbox --tail 50 # Restart docker restart netbox # Upgrade docker compose -f netbox.yaml -p netbox pull && \ docker compose -f netbox.yaml -p netbox up -d # Backup database docker exec netbox-db pg_dump -U netbox netbox > /home/homelab/docker/netbox/backup-$(date +%Y%m%d).sql ```