# Netbox Deployment

GitOps deployment for Netbox with Tailscale HTTPS access.

## Prerequisites

### PostgreSQL Database

Connect to your PostgreSQL server and create the database:

```sql
CREATE DATABASE netbox;
CREATE USER netbox WITH PASSWORD 'your-secure-password';
GRANT ALL PRIVILEGES ON DATABASE netbox TO netbox;
ALTER DATABASE netbox OWNER TO netbox;
```

### Host Configuration

Download configuration files to `/opt/ts-netbox` (first time only):

```bash
sudo mkdir -p /opt/ts-netbox
sudo curl -o /opt/ts-netbox/serve-config.json https://gitea.arnodo.fr/Damien/netbox-deployment/raw/branch/main/serve-config.json
sudo curl -o /opt/ts-netbox/local_settings.py https://gitea.arnodo.fr/Damien/netbox-deployment/raw/branch/main/local_settings.py
```

### Generate Secret Key

```bash
python3 -c "import secrets; print(secrets.token_urlsafe(50))"
```

## Deployment

1. Create a new stack in Portainer
2. Select "Repository" and point to this repository
3. Portainer will load `stack.env` automatically
4. Override sensitive values (`CHANGE_ME`) in the environment variables section:
   - `TS_AUTHKEY` - Tailscale auth key (reusable recommended)
   - `DB_PASSWORD` - PostgreSQL password
   - `SECRET_KEY` - Django secret key
   - `SUPERUSER_PASSWORD` - Initial admin password
5. Deploy

### After First Deployment

Set `SKIP_SUPERUSER=true` to prevent superuser recreation on redeploy.

## Access

Once deployed: https://netbox.taila5ad8.ts.net