Introduction
This documentation is related to 'Netbox Image', created by Puppeteers Oy. Netbox Image is an open source, pre-built Cloud virtual machine image that runs Netbox, "the leading solution for modeling and documenting modern networks. By combining the traditional disciplines of IP address management (IPAM) and datacenter infrastructure management (DCIM) with powerful APIs and extensions". Netbox Image contains Nginx, PostgreSQL, Redis, Netbox and large number of other software. Currently it's available for Azure Marketplace and AWS Marketplace. See Netbox Image product page for more information on the features.
Security group setup
The default security groups allow traffic to Netbox (tcp/443) from any IPv4 address. SSH access is allowed from anywhere.
Security recommendations
In production setups it is recommended to allow access only from RFC1918 private networks. If you don't have a VPN (e.g. OpenVPN, OpenVPN Access Server or Wireguard) configured and must access a production Netbox admin interface directly from the Internet, it is recommended for security reasons to limit access using IP whitelisting in Security Groups.
Logging in to the instance using SSH
Our images are built on top of official Cloud images of various operating system vendors. In AWS login as the "ubuntu" user. In Azure you'd typically log in as "azureuser". You can login using the instance's public IP address.
Note that automated system package upgrade may kick in immediately after you launch the instance. This may manifest itself as slowness in the web interface which should not last very long.
Logging in to Netbox as admin
Netbox can be accessed with a web browser at its public IP address, for example https://150.51.4.123. You can find the public IP address of your Netbox instance easily:
- AWS console -> EC2 -> Instances
- Azure portal -> Virtual Machines -> <name-of-vm> -> Public IP address
The first time you visit the URL you will get a certificate warning. This is normal: Netbox uses self-signed snakeoil certificates created on the first boot of the VM. You have to ignore the warning and save an exception in your browser. You will then be presented with the Netbox web user interface.
You need to get the Netbox admin password. It is available in /home/ubuntu/netbox-passwords.txt (AWS) or /home/azureuser/netbox-passwords.txt (default in Azure). The admin username is "admin".
Setting the hostname
On production installations it is recommended to change the hostname of the instance to something reasonable. On Ubuntu you can do that like this:
$ sudo -i
$ hostnamectl set-hostname netbox.example.org
SSL/TLS certificate setup
By default Netbox Image uses snakeoil certificates that are generated when the Cloud instance is launched. It is strongly recommended to switch to commercial certificates or Letsencrypt certificates. If you wish to use Letsencrypt and your Netbox is not publicly accessible (recommended) we suggest using a Letsencrypt wildcard certificate (e.g. *.example.org) that can be obtained with the DNS-01 challenge.
Please follow the instructions of the certificate provider on how to configure nginx to use your own certificates.
Updating Netbox
Netbox Image can be updated like any other Netbox instance. We recommend following the official upgrade instructions.
Contact and support
If you require more information than given here or have any issues using Netbox on a freshly created cloud instance please contact our product support at [email protected]. We will respond on a best effort basis.
We do not provide support for running or configuring Netbox for your particular use-case, unless you have a support plan (only available in Azure). If you need help, we recommend reaching out to the official community support channels.