NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-25 18:08:38 -06:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Add instructions for Let's Encrypt

Browse Source 
Had issues installing on my NetBox and found information on: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04
This commit is contained in:
Garber-001 2020-11-09 10:27:35 -05:00 committed by GitHub
parent 0d27abc6fc
commit 4c09681cc2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 27 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
docs/installation/5-http-server.md
View File

@ -5,7 +5,7 @@ This documentation provides example configurations for both [nginx](https://www.
!!! info
For the sake of brevity, only Ubuntu 18.04 instructions are provided here, these tasks not unique to NetBox and should carry over to other distributions with mininal changes. Please consult your distribution's documentation for assistance if needed.
## Obtain an SSL Certificate
## Obtain a Self-Signed SSL Certificate
To enable HTTPS access to NetBox, you'll need a valid SSL certificate. You can purchase one from a trusted commercial provider, obtain one for free from [Let's Encrypt](https://letsencrypt.org/getting-started/), or generate your own (although self-signed certificates are generally untrusted). Both the public certificate and private key files need to be installed on your NetBox server in a location that is readable by the `netbox` user.
@ -93,3 +93,29 @@ If you are able to connect but receive a 502 (bad gateway) error, check the foll
* The WSGI worker processes (gunicorn) are running (`systemctl status netbox` should show a status of "active (running)")
* nginx/Apache is configured to connect to the port on which gunicorn is listening (default is 8001).
* SELinux is not preventing the reverse proxy connection. You may need to allow HTTP network connections with the command `setsebool -P httpd_can_network_connect 1`
## Obtain a Let's Encrypt Certificate for nginx
First, add the repository:
```no-highlight
# sudo add-apt-repository ppa:certbot/certbot
```
Install Certbots nginx package with apt:
```no-highlight
* sudo apt install python-certbot-nginx
```
Obtain SSL Certificate
```no-highlight
* sudo certbot --nginx -d netbox.example.com
```
Enter requested information by Let's Encrypt and generate certificate. If you receive the "Unable to install the certificate" error upon Certificate generation, go onto the next step.
Copy the `/etc/letsencrypt/live/netbox.example.com/fullchain.pem` and the `/etc/letsencrypt/live/netbox.example.com/privkey.pem`
Open `/etc/nginx/sites-available` and paste the correct directy path into the `ssl_certifcate` and `ssl_certificate-path` fields