Installation Guide for Ubuntu 16.04¶
This document starts with an initial, clean installation of Ubuntu 16.04 Server already setup and ready
Update Ubuntu¶
Update Ubuntu, install required system packages, and reboot
sudo apt-get update && sudo apt-get -y upgrade && sudo apt-get -y dist-upgrade && sudo apt-get -y autoremove
sudo reboot now
sudo apt-get -y install python python-pip nginx redis-server supervisor libssl-dev libsasl2-dev gunicorn git
Create new Netconfig user¶
Create a new netconfig user to install and run Netconfig under. Set any password you choose. When prompted for full name, room number, phone numbers, etc, you can leave them all blank
sudo adduser netconfig
sudo usermod -aG sudo netconfig
Switch to the new Netconfig user
su - netconfig
Download NetConfig¶
Download NetConfig and install required Python packages
cd ~/
git clone -b master https://github.com/v1tal3/netconfig.git
cd netconfig
sudo pip install --upgrade pip
sudo pip install -r requirements.txt
Configure NGINX¶
Remove default in NGINX sites-enabled, and create a new site for Netconfig. Replace “domain.com” with your actual domain name (lines highlighted)
sudo rm /etc/nginx/sites-enabled/default
sudo touch /etc/nginx/sites-available/netconfig
sudo vi /etc/nginx/sites-available/netconfig
Contents of /etc/nginx/sites-available/netconfig¶
server {
listen 80;
server_name netconfig.domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name netconfig.domain.com;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /netconfig {
alias /home/netconfig/netconfig/app/;
}
}
Create symlink¶
Create symlink for netconfig file into nginx/sites-enabled
sudo ln -s /etc/nginx/sites-available/netconfig /etc/nginx/sites-enabled
Service¶
Create and fill out netconfig.service file
sudo touch /etc/systemd/system/netconfig.service
sudo vi /etc/systemd/system/netconfig.service
Contents of /etc/systemd/system/netconfig.service¶
[Unit]
Description=uWSGI instance to serve NetConfig
After=network.target
[Service]
User=netconfig
Group=www-data
WorkingDirectory=/home/netconfig/netconfig
Environment="PATH=/usr/bin/python"
ExecStart=/usr/bin/uwsgi --ini netconfig.ini
[Install]
WantedBy=multi-user.target
Start and Enable Netconfig services¶
Start and enable services related to NetConfig running in the background
sudo systemctl daemon-reload
sudo systemctl start netconfig
sudo systemctl enable netconfig
Supervisord Configuration¶
Create and fill out netconfig.conf for gUnicorn
sudo touch /etc/supervisor/conf.d/netconfig.conf
sudo vi /etc/supervisor/conf.d/netconfig.conf
Contents of /etc/supervisor/conf.d/netconfig.conf¶
[program:netconfig]
command = gunicorn app:app -b localhost:8000
directory = /home/netconfig/netconfig
user = netconfig
Restart Services¶
sudo pkill gunicorn
sudo supervisorctl reread
sudo supervisorctl update
sudo supervisorctl restart netconfig
Configure Self-Signed SSL Cert¶
Run these commands to generate a self-signed SSL certificate
Create a new directory for the certs and move into it
sudo mkdir /etc/nginx/ssl
cd /etc/nginx/ssl
Generate the self-signed SSL certs.
When prompted to create a key file password, anything will work (line 1). This will be the same password used when prompted during certificate creation (lines 2 and 4)
When generating the certificate, fill out the relevant details as requested (Country, State, etc.). However when asked for the common name, set it to your domain name
sudo openssl genrsa -des3 -out server.key 2048
sudo openssl req -new -key server.key -out server.csr
sudo cp server.key server.key.org
sudo openssl rsa -in server.key.org -out server.key
sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Restart NGINX services
sudo systemctl restart nginx
Configure NetConfig Settings¶
Copy settings template file
cd ~/netconfig
cp instance/settings_template.py instance/settings.py
Modify the contents of the file:
vi instance/settings.py
The only required settings that need to be changed in the file are as follows:
- SECRET_KEY - Generate a random key to use with the program. You can provide you own, or use the provided “generate_secret_key.py” script to generate one for you. This can be run with the command “python ~/netconfig/generate_secret_key.py”
- DATALOCATION - Specify if you want to use a local database on the server, and configure the inventory manually, or use an existing Netbox installation
- NETBOXSERVER - If using an existing Netbox installation, this is the Netbox server hostname. Otherwise this value is not used
Create local database¶
If using local SQLAlchemy database, create the database (this step is not needed if using Netbox)
python db_create.py
Restart NetConfig Service¶
Restart Netconfig service for all changes to take effect
sudo supervisorctl restart netconfig
Important next steps!¶
If using Netbox, please consult the Netbox Integration section for instructions on setting up Netbox to interface with Netconfig