netbox: move NetBox from NixOS to Ansible

Also introduce netbox_hosts group for applying netbox role to multiple hosts.
2025-02-15 19:57:15 +01:00 · 2025-02-15 19:57:15 +01:00 · 2ec1471d7f
commit 2ec1471d7f
parent 09a8551c8a
7 changed files with 143 additions and 2 deletions
--- a/inventories/chaosknoten/host_vars/netbox.yaml
+++ b/inventories/chaosknoten/host_vars/netbox.yaml
@ -0,0 +1,16 @@
+netbox__version: "v4.1.7"
+netbox__db_password: "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/netbox/DATABASE_PASSWORD', create=false, missing='error') }}"
+netbox__config: "{{ lookup('ansible.builtin.template', 'resources/chaosknoten/netbox/netbox/configuration.py.j2') }}"
+netbox__custom_pipeline_oidc_group_and_role_mapping: true
+
+nginx__version_spec: ""
+nginx__configurations:
+  - name: netbox.hamburg.ccc.de
+    content: "{{ lookup('ansible.builtin.file', 'resources/chaosknoten/netbox/nginx/netbox.hamburg.ccc.de.conf') }}"
+
+certbot__version_spec: ""
+certbot__acme_account_email_address: j+letsencrypt-ccchh@jsts.xyz
+certbot__certificate_domains:
+  - "netbox.hamburg.ccc.de"
+certbot__new_cert_commands:
+  - "systemctl reload nginx.service"
--- a/inventories/chaosknoten/hosts.yaml
+++ b/inventories/chaosknoten/hosts.yaml
@ -32,6 +32,10 @@ all:
        mumble:
          ansible_host: mumble.hamburg.ccc.de
          ansible_user: chaos
+        netbox:
+          ansible_host: netbox-intern.hamburg.ccc.de
+          ansible_user: chaos
+          ansible_ssh_common_args: -J ssh://chaos@public-reverse-proxy.hamburg.ccc.de
        onlyoffice:
          ansible_host: onlyoffice-intern.hamburg.ccc.de
          ansible_user: chaos
@ -64,6 +68,7 @@ all:
        keycloak:
        lists:
        mumble:
+        netbox:
        onlyoffice:
        pad:
        pretalx:
@ -94,6 +99,7 @@ all:
        keycloak:
        lists:
        mumble:
+        netbox:
        onlyoffice:
        pad:
        pretalx:
@ -112,6 +118,7 @@ all:
        keycloak:
        lists:
        mumble:
+        netbox:
        onlyoffice:
        pad:
        pretalx:
@ -123,6 +130,7 @@ all:
        eh22-wiki:
        tickets:
        keycloak:
+        netbox:
        onlyoffice:
        pad:
        pretalx:
@ -136,6 +144,7 @@ all:
        tickets:
        cloud:
        keycloak:
+        netbox:
        onlyoffice:
        pad:
        pretalx:
@ -146,3 +155,6 @@ all:
      hosts:
        eh22-wiki:
        wiki:
+    netbox_hosts:
+      hosts:
+        netbox: