netbox-community-netbox/docs/configuration/required-settings.md

# Required Configuration Settings

## ALLOWED_HOSTS

This is a list of valid fully-qualified domain names (FQDNs) that is used to reach the NetBox service. Usually this is the same as the hostname for the NetBox server, but can also be different (e.g. when using a reverse proxy serving the NetBox website under a different FQDN than the hostname of the NetBox server). NetBox will not permit access to the server via any other hostnames (or IPs). The value of this option is also used to set `CSRF_TRUSTED_ORIGINS`, which restricts `HTTP POST` to the same set of hosts (more about this [here](https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-CSRF_TRUSTED_ORIGINS)). Keep in mind that NetBox, by default, has `USE_X_FORWARDED_HOST = True` (in `netbox/netbox/settings.py`) which means that if you're using a reverse proxy, it's the FQDN used to reach that reverse proxy which needs to be in this list (more about this [here](https://docs.djangoproject.com/en/stable/ref/settings/#allowed-hosts)).

Example:

```
ALLOWED_HOSTS = ['netbox.example.com', '192.0.2.123']
```

---

## DATABASE

NetBox requires access to a PostgreSQL database service to store data. This service can run locally or on a remote system. The following parameters must be defined within the `DATABASE` dictionary:

* `NAME` - Database name
* `USER` - PostgreSQL username
* `PASSWORD` - PostgreSQL password
* `HOST` - Name or IP address of the database server (use `localhost` if running locally)
* `PORT` - TCP port of the PostgreSQL service; leave blank for default port (5432)
* `CONN_MAX_AGE` - Number in seconds for Netbox to keep database connections open. 150-300 seconds is typically a good starting point ([more info](https://docs.djangoproject.com/en/stable/ref/databases/#persistent-connections)).

Example:

```python
DATABASE = {
    'NAME': 'netbox',               # Database name
    'USER': 'netbox',               # PostgreSQL username
    'PASSWORD': 'J5brHrAXFLQSif0K', # PostgreSQL password
    'HOST': 'localhost',            # Database server
    'PORT': '',                     # Database port (leave blank for default)
    'CONN_MAX_AGE': 300,            # Max database connection age
}
```

---

## REDIS

[Redis](https://redis.io/) is an in-memory data store similar to memcached. While Redis has been an optional component of
NetBox since the introduction of webhooks in version 2.4, it is required starting in 2.6 to support NetBox's caching
functionality (as well as other planned features). In 2.7, the connection settings were broken down into two sections for
webhooks and caching, allowing the user to connect to different Redis instances/databases per feature.

Redis is configured using a configuration setting similar to `DATABASE` and these settings are the same for both of the `webhooks` and `caching` subsections:

* `HOST` - Name or IP address of the Redis server (use `localhost` if running locally)
* `PORT` - TCP port of the Redis service; leave blank for default port (6379)
* `PASSWORD` - Redis password (if set)
* `DATABASE` - Numeric database ID
* `DEFAULT_TIMEOUT` - Connection timeout in seconds
* `SSL` - Use SSL connection to Redis

Example:

```python
REDIS = {
    'webhooks': {
        'HOST': 'redis.example.com',
        'PORT': 1234,
        'PASSWORD': 'foobar',
        'DATABASE': 0,
        'DEFAULT_TIMEOUT': 300,
        'SSL': False,
    },
    'caching': {
        'HOST': 'localhost',
        'PORT': 6379,
        'PASSWORD': '',
        'DATABASE': 1,
        'DEFAULT_TIMEOUT': 300,
        'SSL': False,
    }
}
```

!!! note:
    If you are upgrading from a version prior to v2.7, please note that the Redis connection configuration settings have
    changed. Manual modification to bring the `REDIS` section inline with the above specification is necessary

!!! warning:
    It is highly recommended to keep the webhook and cache databases separate. Using the same database number on the
    same Redis instance for both may result in webhook processing data being lost during cache flushing events.

---

## SECRET_KEY

This is a secret cryptographic key is used to improve the security of cookies and password resets. The key defined here should not be shared outside of the configuration file. `SECRET_KEY` can be changed at any time, however be aware that doing so will invalidate all existing sessions.

Please note that this key is **not** used for hashing user passwords or for the encrypted storage of secret data in NetBox.

`SECRET_KEY` should be at least 50 characters in length and contain a random mix of letters, digits, and symbols. The script located at `netbox/generate_secret_key.py` may be used to generate a suitable key.
Started v2.4 documentation refresh 2018-07-17 17:23:10 -04:00			`# Required Configuration Settings`
Split configuration doc into two sections 2016-07-08 16:25:34 -04:00
			`## ALLOWED_HOSTS`

Fixes #3643: Update all Django documentation links to 'stable' version 2019-10-25 11:09:30 -04:00			This is a list of valid fully-qualified domain names (FQDNs) that is used to reach the NetBox service. Usually this is the same as the hostname for the NetBox server, but can also be different (e.g. when using a reverse proxy serving the NetBox website under a different FQDN than the hostname of the NetBox server). NetBox will not permit access to the server via any other hostnames (or IPs). The value of this option is also used to set `CSRF_TRUSTED_ORIGINS`, which restricts `HTTP POST` to the same set of hosts (more about this [here](https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-CSRF_TRUSTED_ORIGINS)). Keep in mind that NetBox, by default, has `USE_X_FORWARDED_HOST = True` (in `netbox/netbox/settings.py`) which means that if you're using a reverse proxy, it's the FQDN used to reach that reverse proxy which needs to be in this list (more about this [here](https://docs.djangoproject.com/en/stable/ref/settings/#allowed-hosts)).
Split configuration doc into two sections 2016-07-08 16:25:34 -04:00
			`Example:`

			```
			`ALLOWED_HOSTS = ['netbox.example.com', '192.0.2.123']`
			```

			`---`

			`## DATABASE`

			NetBox requires access to a PostgreSQL database service to store data. This service can run locally or on a remote system. The following parameters must be defined within the `DATABASE` dictionary:

Fixes #3429: Update installation docs for Redis 2019-09-18 16:35:45 -04:00			* `NAME` - Database name
			* `USER` - PostgreSQL username
			* `PASSWORD` - PostgreSQL password
			* `HOST` - Name or IP address of the database server (use `localhost` if running locally)
			* `PORT` - TCP port of the PostgreSQL service; leave blank for default port (5432)
Add CONN_MAX_AGE to documentation (#3642) * Add CONN_MAX_AGE to sample configurations * Correct alignment * Restore ghost space * Correct alignment. * Use stable docs url 2019-10-25 13:11:48 -04:00			* `CONN_MAX_AGE` - Number in seconds for Netbox to keep database connections open. 150-300 seconds is typically a good starting point ([more info](https://docs.djangoproject.com/en/stable/ref/databases/#persistent-connections)).
Split configuration doc into two sections 2016-07-08 16:25:34 -04:00
			`Example:`

implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			```python
Split configuration doc into two sections 2016-07-08 16:25:34 -04:00			`DATABASE = {`
			`'NAME': 'netbox', # Database name`
			`'USER': 'netbox', # PostgreSQL username`
			`'PASSWORD': 'J5brHrAXFLQSif0K', # PostgreSQL password`
			`'HOST': 'localhost', # Database server`
			`'PORT': '', # Database port (leave blank for default)`
Add CONN_MAX_AGE to documentation (#3642) * Add CONN_MAX_AGE to sample configurations * Correct alignment * Restore ghost space * Correct alignment. * Use stable docs url 2019-10-25 13:11:48 -04:00			`'CONN_MAX_AGE': 300, # Max database connection age`
Split configuration doc into two sections 2016-07-08 16:25:34 -04:00			`}`
			```

			`---`

changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00			`## REDIS`

			`[Redis](https://redis.io/) is an in-memory data store similar to memcached. While Redis has been an optional component of`
			`NetBox since the introduction of webhooks in version 2.4, it is required starting in 2.6 to support NetBox's caching`
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			`functionality (as well as other planned features). In 2.7, the connection settings were broken down into two sections for`
			`webhooks and caching, allowing the user to connect to different Redis instances/databases per feature.`
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			Redis is configured using a configuration setting similar to `DATABASE` and these settings are the same for both of the `webhooks` and `caching` subsections:
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00
Fixes #3429: Update installation docs for Redis 2019-09-18 16:35:45 -04:00			* `HOST` - Name or IP address of the Redis server (use `localhost` if running locally)
			* `PORT` - TCP port of the Redis service; leave blank for default port (6379)
			* `PASSWORD` - Redis password (if set)
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			* `DATABASE` - Numeric database ID
Fixes #3429: Update installation docs for Redis 2019-09-18 16:35:45 -04:00			* `DEFAULT_TIMEOUT` - Connection timeout in seconds
			* `SSL` - Use SSL connection to Redis
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00
			`Example:`

implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			```python
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00			`REDIS = {`
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			`'webhooks': {`
			`'HOST': 'redis.example.com',`
			`'PORT': 1234,`
			`'PASSWORD': 'foobar',`
			`'DATABASE': 0,`
			`'DEFAULT_TIMEOUT': 300,`
			`'SSL': False,`
			`},`
			`'caching': {`
			`'HOST': 'localhost',`
			`'PORT': 6379,`
			`'PASSWORD': '',`
			`'DATABASE': 1,`
			`'DEFAULT_TIMEOUT': 300,`
			`'SSL': False,`
			`}`
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00			`}`
			```

			`!!! note:`
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			`If you are upgrading from a version prior to v2.7, please note that the Redis connection configuration settings have`
			changed. Manual modification to bring the `REDIS` section inline with the above specification is necessary
changelog and docs updates for 2.6 2019-04-19 02:32:50 -04:00
			`!!! warning:`
Merge branch 'develop' into develop-2.7 2019-11-01 16:19:36 -04:00			`It is highly recommended to keep the webhook and cache databases separate. Using the same database number on the`
implements #3282 - seperate webhooks and caching redis configs 2019-10-13 02:49:54 -04:00			`same Redis instance for both may result in webhook processing data being lost during cache flushing events.`
Fixes #3429: Update installation docs for Redis 2019-09-18 16:35:45 -04:00
			`---`

			`## SECRET_KEY`

			This is a secret cryptographic key is used to improve the security of cookies and password resets. The key defined here should not be shared outside of the configuration file. `SECRET_KEY` can be changed at any time, however be aware that doing so will invalidate all existing sessions.

			`Please note that this key is not used for hashing user passwords or for the encrypted storage of secret data in NetBox.`

			`SECRET_KEY` should be at least 50 characters in length and contain a random mix of letters, digits, and symbols. The script located at `netbox/generate_secret_key.py` may be used to generate a suitable key.