Home Ansible Semaphore
Post
Cancel

Ansible Semaphore

Posted Mar 9, 2023 Updated Mar 10, 2023
By Will Kennedy
4 min read

If you’ve been using ansible for a while and ever wonder if there’s a Web GUI to go along with it that’s easy to use. Then you’re in luck.

This took me a few days to figure out so I’m going to save you some pain.

We’ll start off with the pre-req’s

Pre-Reqs

  • Linux Box for docker
  • Docker
  • Docker-Compose
  • Portainer (Optional but it makes life easier)
  • Github Repo

Setup a Github Repo

Signup or login to Github

Go to Repositories and press new

Give it a Repository name and press Create repository

Get the https link and save that for later

A screenshot

Installing Semaphore as a Docker Stack in Portainer

In Portainer click stacks

A screenshot

Add Stack

Give it a name i.e semaphore

Put this in the big box

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

---
version: '3'
services:
  mysql:
    restart: unless-stopped
    ports:
      - 3306:3306
    image: mysql:8.0
    hostname: mysql
    volumes:
      - semaphore-mysql:/var/lib/mysql
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
      MYSQL_DATABASE: semaphore
      MYSQL_USER: semaphore
      MYSQL_PASSWORD: changeme
  semaphore:
    restart: unless-stopped
    ports:
      - 3000:3000
    image: semaphoreui/semaphore:latest
    environment:
      SEMAPHORE_DB_USER: semaphore
      SEMAPHORE_DB_PASS: changeme
      SEMAPHORE_DB_HOST: mysql # for postgres, change to: postgres
      SEMAPHORE_DB_PORT: 3306 # change to 5432 for postgres
      SEMAPHORE_DB_DIALECT: mysql
      SEMAPHORE_DB: semaphore
      SEMAPHORE_PLAYBOOK_PATH: /tmp/
      SEMAPHORE_ADMIN_PASSWORD: changeme
      SEMAPHORE_ADMIN_NAME: admin
      SEMAPHORE_ADMIN_EMAIL: admin@localhost
      SEMAPHORE_ADMIN: admin
      SEMAPHORE_ACCESS_KEY_ENCRYPTION: gs72mPntFATGJs9qK0pQ0rKtfidlexiMjYCH9gWKhTU=
      SEMAPHORE_LDAP_ACTIVATED: 'no' # if you wish to use ldap, set to: 'yes' 
      SEMAPHORE_LDAP_HOST: dc01.local.example.com
      SEMAPHORE_LDAP_PORT: '636'
      SEMAPHORE_LDAP_NEEDTLS: 'yes'
      SEMAPHORE_LDAP_DN_BIND: 'uid=bind_user,cn=users,cn=accounts,dc=local,dc=shiftsystems,dc=net'
      SEMAPHORE_LDAP_PASSWORD: 'ldap_bind_account_password'
      SEMAPHORE_LDAP_DN_SEARCH: 'dc=local,dc=example,dc=com'
      SEMAPHORE_LDAP_SEARCH_FILTER: "(\u0026(uid=%s)(memberOf=cn=ipausers,cn=groups,cn=accounts,dc=local,dc=example,dc=com))"
    depends_on:
      - mysql 
volumes:
  semaphore-mysql:

Note make sure you change the passwords where it says “Changeme”

1
2
3
4
5

#These need to be the same what ever you change it to
MYSQL_PASSWORD: changeme
SEMAPHORE_DB_PASS: changeme


1
2

# this is the password you're going to login in with
SEMAPHORE_ADMIN_PASSWORD: changeme

Now press Update the Stack

Configuring Semaphore

Now that you have the docker stack up and running go to a webbrowser and enter the IP address of the Linux Server that’s running ubuntu and use port 3000 unless you changed it in the stack code.

1

http://IP:3000

Login with admin and the password you set in the stack code.

Once you’re logged in we need to set a few things up before we can start running playbooks.

Go to KeyStore and Press NEW KEY at the top

A screenshot

Keystore setup

This 1st key will be for the normal user for the Linux box you want to administer.

  • Key Name = A Meaningful name
  • Type = Login with password
  • Login = The username for that box
  • Password = The password associated with the username

Press Create

Now do it again but this time we’re going to create an Admin credential for that box.

  • Key Name = i.e Sudo admin
  • Type = Login with password
  • Login = LEAVE THIS BLANK
  • Password = The password associated with the username that you set before – this is important and took me a while to figure out

Now one more time but you’re going to create a “NONE” account. This is for the git repository

  • Key Name = i.e None
  • Type = None

So now you should have three keys.

  • One as the normal user that you would SSH in with
  • Another as admin using the password you SSH with using the normal user
  • And one with a None type

Repositories Setup

Go to Repositories and Click NEW REPOSITORY

Fill out the Information using the git repo that you saved from the pre-reqs and use the NONE Access Key

A screenshot

Environment

Here is pretty simple you just need to create an empty environment

Press NEW ENVIRONMENT

and this into the “Extra variables”

1

{}

Inventory

This is where you’re machines will go.

Press NEW INVENTORY

A screenshot

Note the Sudo Cedentials, This is important if you want to make changes on the machines like installing software. Make sure you set it to the sudo creds that you setup int he key store. (This had me for 2 days before I noticed it)

Playbooks

Now you’re ready to create and run playbooks.

In github upload a playbook and give it the name

1

nanotest.yml

Inside the file enter this

1
2
3
4
5
6
7
8
9
10
11

---
  - name: Nanotest
    hosts: all
    gather_facts: no
    become: yes
    become_user: root
    tasks:
      - name: remove nano
        apt:
          name: nano
          state: absent

Now Press NEW TEMPLATE in semaphore

Name it anything you want and then use the drop downs and select the options that you’ll notice we created earlier.

Also reference the file which we created earier in github this will be the playbook that we’re going to run

Here’s an example.

1

#Note the vault password is the normal user that we setup NOT the admin

A screenshot

Now press Run and it should work.

You should now have a central repo using GitHub to deploy ansible scripts!!!!

Thanks

Programming
python
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Trending Tags
python homelab powershell
Contents
Trending Tags
python homelab powershell