Skip to content
This repository has been archived by the owner on Nov 12, 2024. It is now read-only.
/ controller Public archive

SemaphoreUI deployment and configuration

License

Notifications You must be signed in to change notification settings

bbaassssiiee/controller

Repository files navigation

Ansible Controller with SemaphoreUI

This project provides a development environment for deploying an Ansible Controller with SemaphoreUI. In this setup, Semaphore runs within a Docker container, while other components, such as PostgreSQL and Nginx, run directly on the host system.

screenshot of Semaphore

Contents

Overview

This project automates the deployment of an Ansible Controller featuring a web-based interface through SemaphoreUI. Semaphore runs within a Docker container, while components like PostgreSQL and Nginx operate directly on the host system.

Installation

Follow these steps to set up the environment:

  1. Prerequisites:

    Note: The inventory/local configuration is suitable for direct deployment on systems like Ubuntu Jammy, Red Hat, AlmaLinux, or Rocky Linux (8). In this setup, Vagrant and VirtualBox are not required.

  2. Clone the repository:

    git clone https://github.com/bbaassssiiee/controller.git
    cd controller
  3. Install Ansible in a Python virtualenv:

     source ansible.sh
     ./prepare.sh
  4. Define the variables in inventory/{{ name }}/group_vars: For instance, when you use the local inventory on an Ubuntu 22.04 machine, change this file inventory/local/group_vars/database.yml from 15 to 14:

    postgres_version: 14
  5. Define these secrets as environment variables Store them in a safe place afterwards:

    export DB_PASS=your_database_password
    export SSH_PASSPHRASE=KeyWillBeGeneratedWithAPassphrase
  6. Run the playbook: Execute the Ansible playbook to provision to the default 'local' inventory:

    ./provision.yml --list-tags
    
    playbook: ./provision.yml
    
    play #1 (database): Database Server	TAGS: []
          TASK TAGS: [postgres]
    
    play #2 (semaphore): Semaphore in Docker	TAGS: []
          TASK TAGS: [docker, semaphore]
    
    play #3 (web): Reverse Proxy	TAGS: []
          TASK TAGS: [nginx]
    
    play #4 (semaphore): Configure Semaphore	TAGS: []
          TASK TAGS: [semaphore]

Configuration

  • SSL Certificates: By default, self-signed certificates are used. For production environments, it is recommended to implement certificates from a trusted certificate authority.

  • Database: Ensure that the DB_PASS environment variable is set with a strong password before running the playbook. To disable installation of Postgres and use your own intance set postgres_enabled: false Semaphore needs to connect to the database, you can use a non-default IP address based on an interface like:

    semaphore_db_host: "{{ ansible_enp0s8.ipv4.address }}"
  • Software Environments: This project contains three inventories, but can be run with inventories define in external repositories modeled after the examples.

This is the 'local' configuration:

ansible_connection: local
ansible_host: localhost
database:
  postgres:
    enabled: true
    name: postgres
    owner: postgres
    password: '{{ lookup(''env'', ''DB_PASS'') }}'
    username: postgres
  semaphore:
    enabled: true
    name: semaphore
    owner: semaphore
    password: '{{ lookup(''env'', ''DB_PASS'') }}'
    username: semaphore
docker_install_compose: true
docker_install_compose_plugin: true
postgres_enabled: true
semaphore_web_root: https://controller
server_name: '{{ lookup(''env'', ''HOSTNAME'') }}'
ssh_passphrase: '{{ lookup(''env'', ''SSH_PASS'') }}'

Usage

After successful installation, SemaphoreUI is accessible via your web browser at the address configured. You can find the credentials to login with:

sudo grep ADMIN /home/semaphore/.env

To remove Semaphore run:

./provision.yml --tags semaphore -e desired_state=absent

To reinstall Semaphore run with the default desired_state, i.e. present:

./provision.yml --tags semaphore

Contributing

Contributions are welcome! Feel free to submit pull requests or open issues for suggestions and improvements.

License

This project is licensed under the MIT License. See the LICENSE file for more information.