Start netbox with systemd

[Michaël]

Hi,

i have trouble with gunicorn and supervisor. and i'm dont want to loose time with that.

So i have made a configuration to start netbox with systemd.

Start the webui with systemd

Create unit file

Create a unit file ‘/lib/systemd/system/netbox.service’ with this content :

[Unit] Description=Netbox Service After=multi-user.target [Service] Type=idle ExecStart=/usr/bin/python3 /opt/netbox/netbox/manage.py runserver 0.0.0.0:80 --insecure [Install] WantedBy=multi-user.target

Set the permission on the unit file :

sudo chmod 644 /lib/systemd/system/netbox.service

Configure systemd

Now the unit file has been defined we can tell systemd to start it during the boot sequence :

sudo systemctl daemon-reload sudo systemctl enable netbox.service

Start the service

sudo systemctl start netbox.service

Does someone see problems or security issue to start netbox like that ?

[Brian Candler]

Well firstly, for security you should run it as a non-root user.

Secondly, manage.py runserver is really only intended as a test/debug server, not a production server. See https://docs.djangoproject.com/en/1.11/ref/django-admin/#runserver

"DO NOT USE THIS SERVER IN A PRODUCTION SETTING. It has not gone through security audits or performance tests. (And that’s how it’s gonna stay. We’re in the business of making Web frameworks, not Web servers, so improving this server to be able to handle a production environment is outside the scope of Django.)"

Making a systemd service is a sensible thing to do, so I'd just follow what /etc/supervisor/conf.d/netbox.conf does:

[program:netbox]

command = gunicorn -c /opt/netbox/gunicorn_config.py netbox.wsgi

directory = /opt/netbox/netbox/

user = www-data

[Michaël]

this are some good reasons