Netbox Deployment

GitOps deployment for Netbox with Tailscale HTTPS access.

Prerequisites

PostgreSQL Database

Connect to your PostgreSQL server and create the database:

CREATE DATABASE netbox;
CREATE USER netbox WITH PASSWORD 'your-secure-password';
GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
ALTER DATABASE netbox OWNER TO netbox;
-- Required for netbox-branching plugin
GRANT CREATE ON DATABASE netbox TO netbox;

Host Configuration

Download configuration files to /opt/netbox (first time only):

sudo mkdir -p /opt/netbox/{tailscale,app}
sudo curl -o /opt/netbox/tailscale/serve-config.json https://gitea.arnodo.fr/Damien/netbox-deployment/raw/branch/main/serve-config.json
sudo curl -o /opt/netbox/app/configuration.py https://gitea.arnodo.fr/Damien/netbox-deployment/raw/branch/main/configuration.py
sudo curl -o /opt/netbox/app/plugins.py https://gitea.arnodo.fr/Damien/netbox-deployment/raw/branch/main/plugins.py

Generate Secret Key

python3 -c "import secrets; print(secrets.token_urlsafe(50))"

Deployment

1. Create a new stack in Portainer
2. Select "Repository" and point to this repository
3. Portainer will load stack.env automatically
4. Override sensitive values (CHANGE_ME) in the environment variables section:
   • TS_AUTHKEY - Tailscale auth key (reusable recommended)
   • DB_PASSWORD - PostgreSQL password
   • SECRET_KEY - Django secret key
   • SUPERUSER_PASSWORD - Initial admin password
5. Deploy

After First Deployment

Set SKIP_SUPERUSER=true to prevent superuser recreation on redeploy.

Access

Once deployed: https://netbox.taila5ad8.ts.net

Directory Structure

/opt/netbox/
├── tailscale/
│   └── serve-config.json    # Tailscale HTTPS configuration
└── app/
    ├── configuration.py     # Full NetBox config with DynamicSchemaDict
    └── plugins.py           # Plugins activation