{"id":23637042,"url":"https://github.com/ansibleguy/sw_semaphore","last_synced_at":"2025-08-31T12:30:29.687Z","repository":{"id":164838935,"uuid":"640261714","full_name":"ansibleguy/sw_semaphore","owner":"ansibleguy","description":"Ansible Role to provision Ansible-Semaphore on a Linux server","archived":false,"fork":false,"pushed_at":"2024-06-02T10:31:22.000Z","size":71,"stargazers_count":4,"open_issues_count":2,"forks_count":2,"subscribers_count":1,"default_branch":"latest","last_synced_at":"2024-06-02T11:43:02.658Z","etag":null,"topics":["ansible","ansible-awx","ansible-role","ansible-semaphore","ansible-ui","ansible-web","ansible-webui","cicd","iac","infrastructure-as-code","nac","network-as-code"],"latest_commit_sha":null,"homepage":"https://ansible-semaphore.com/","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ansibleguy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"ko_fi":"ansible0guy","github":"ansibleguy"}},"created_at":"2023-05-13T14:05:31.000Z","updated_at":"2024-06-02T10:31:25.000Z","dependencies_parsed_at":null,"dependency_job_id":"f79e5c59-c2e3-48e9-949d-2c3e59b27571","html_url":"https://github.com/ansibleguy/sw_semaphore","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Fsw_semaphore","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Fsw_semaphore/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Fsw_semaphore/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ansibleguy%2Fsw_semaphore/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ansibleguy","download_url":"https://codeload.github.com/ansibleguy/sw_semaphore/tar.gz/refs/heads/latest","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231590682,"owners_count":18396934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-awx","ansible-role","ansible-semaphore","ansible-ui","ansible-web","ansible-webui","cicd","iac","infrastructure-as-code","nac","network-as-code"],"created_at":"2024-12-28T06:17:29.929Z","updated_at":"2024-12-28T06:17:30.483Z","avatar_url":"https://github.com/ansibleguy.png","language":"Jinja","readme":"\u003ca href=\"https://www.ansible-semaphore.com/\"\u003e\n\u003cimg src=\"https://repository-images.githubusercontent.com/23267883/6521ff0c-6a8d-4b67-897e-40354ecd5391\" alt=\"Ansible-Semaphore - modern UI for Ansible\" width=\"600\"/\u003e\n\u003c/a\u003e\n\n# Ansible Role - Ansible-Semaphore\n\nRole to provision [Ansible Semaphore](https://github.com/ansible-semaphore/semaphore) on a linux server.\n\nSemaphore is a lightweight alternative to [Ansible AWX](ttps://github.com/ansibleguy/sw_awx). (_WebUI for Ansible usage_)\n\n\u003ca href='https://ko-fi.com/ansible0guy' target='_blank'\u003e\u003cimg height='35' style='border:0px;height:46px;' src='https://az743702.vo.msecnd.net/cdn/kofi3.png?v=0' border='0' alt='Buy me a coffee' /\u003e\n\n[![Molecule Test Status](https://badges.ansibleguy.net/sw_semaphore.molecule.svg)](https://github.com/ansibleguy/_meta_cicd/blob/latest/templates/usr/local/bin/cicd/molecule.sh.j2)\n[![YamlLint Test Status](https://badges.ansibleguy.net/sw_semaphore.yamllint.svg)](https://github.com/ansibleguy/_meta_cicd/blob/latest/templates/usr/local/bin/cicd/yamllint.sh.j2)\n[![PyLint Test Status](https://badges.ansibleguy.net/sw_semaphore.pylint.svg)](https://github.com/ansibleguy/_meta_cicd/blob/latest/templates/usr/local/bin/cicd/pylint.sh.j2)\n[![Ansible-Lint Test Status](https://badges.ansibleguy.net/sw_semaphore.ansiblelint.svg)](https://github.com/ansibleguy/_meta_cicd/blob/latest/templates/usr/local/bin/cicd/ansiblelint.sh.j2)\n[![Ansible Galaxy](https://badges.ansibleguy.net/galaxy.badge.svg)](https://galaxy.ansible.com/ui/standalone/roles/ansibleguy/sw_semaphore)\n\nMolecule Logs: [Short](https://badges.ansibleguy.net/log/molecule_sw_semaphore_test_short.log), [Full](https://badges.ansibleguy.net/log/molecule_sw_semaphore_test.log)\n\n**Tested:**\n* Debian 11\n\n## Install\n\n\n```bash\n# latest\nansible-galaxy role install git+https://github.com/ansibleguy/sw_semaphore\n\n# from galaxy\nansible-galaxy install ansibleguy.sw_semaphore\n\n# or to custom role-path\nansible-galaxy install ansibleguy.sw_semaphore --roles-path ./roles\n\n# install dependencies\nansible-galaxy install -r requirements.yml\n```\n\n----\n\n## Usage\n\nYou want a simple Ansible GUI? Check-out my [Ansible WebUI](https://github.com/ansibleguy/webui)\n\n### Config\n\nMinimal config:\n\n```yaml\nsemaphore:\n  nginx:\n    domain: 'semaphore.test.ansibleguy.net'\n\n  # optional:\n  # version: '2.8.90'\n  # admin:\n  #   user: 'admin'\n  #   name: 'AnsibleGuy'\n  #   email: 'semaphore@template.ansibleguy.net'\n```\n\nDefine the config as needed:\n\n```yaml\nsemaphore:\n  manage:\n    webserver: true  # install and configure local nginx with min-ca cert\n    database: true  # install and configure local mariadb\n    backup: true  # install service for daily local database backup (if database is managed)\n    user: true  # create service-user 'semaphore'\n    ansible_cfg: true  # provision /home/semaphore/.ansible.cfg\n    admin: true  # add admin-user after installation\n\n  version: '2.8.90'  # see: https://github.com/ansible-semaphore/semaphore/releases\n\n  persistent_requirements: false\n\n  admin:\n    user: 'admin'\n    email: 'admin@template.ansibleguy.net'\n    pwd: !vault |\n      $ANSIBLE_VAULT;1.1;AES256\n      ...\n\n  config:  # config key-value pairs as set in 'config.json': https://docs.ansible-semaphore.com/administration-guide/configuration\n    concurrency_mode: 'node'\n    email_sender: 'semaphore@template.ansibleguy.net'\n    email_host: 'mail.template.ansibleguy.net'\n    email_alert: true\n\n    # optional\n    ldap_enable: true\n    ldap_needtls: true\n    ldap_binddn: 'service_semaphore'\n    ldap_bindpassword: !vault |\n      $ANSIBLE_VAULT;1.1;AES256\n      ...\n    ldap_server: 'ldap.template.ansibleguy.net:636'\n    ldap_searchfilter: '(\u0026(mail=%s)(objectClass=person)(memberOf:=CN=semaphore,OU=Groups,DC=template,DC=ansibleguy,DC=net))'  # login with mail; must be in group 'semaphore'\n\n    # optional =\u003e see: https://docs.ansible-semaphore.com/administration-guide/security#database-encryption\n    cookie_hash: !vault |\n      $ANSIBLE_VAULT;1.1;AES256\n      ...\n    cookie_encryption: !vault |\n      $ANSIBLE_VAULT;1.1;AES256\n      ...\n    access_key_encryption: !vault |\n      $ANSIBLE_VAULT;1.1;AES256\n      ...\n\n  requirements:  # requirements your execution-environment needs\n    pip: ['httpx']  # any python3-modules\n    collections: ['community.general']  # any ansible-collections (if persistent_requirements=true)\n    roles: []  # any ansible-roles (if persistent_requirements=true)\n\n  ansible_config:  # /home/semaphore/.ansible.cfg =\u003e if manage.ansible_cfg=true; see: https://docs.ansible.com/ansible/latest/reference_appendices/config.html\n    defaults:  # section\n      remote_port: 48322\n      vault_id_match: 'semaphore'\n    diff:\n      context: 2\n\n  backup:\n    retention_days: 30\n```\n\nYou might want to use 'ansible-vault' to encrypt your passwords:\n```bash\nansible-vault encrypt_string\n```\n\n### Execution\n\nRun the playbook:\n```bash\nansible-playbook -K -D -i inventory/hosts.yml playbook.yml\n```\n\nThere are also some useful **tags** available:\n* webserver\n* database\n* config\n* requirements\n\nTo debug errors - you can set the 'debug' variable at runtime:\n```bash\nansible-playbook -K -D -i inventory/hosts.yml playbook.yml -e debug=yes\n```\n\n----\n\n## Functionality\n\n* **Package installation**\n  * Ansible-Semaphore in the specified version\n  * Python3 PIP\n  * Python3 Virtual-Environment\n    * Ansible\n    * common Ansible Jinja-Filter dependencies\n  * Git\n\n\n* **Configuration**\n  * Service: 'semaphore.service'\n  * Service-user: 'semaphore'\n\n\n  * **Default config**:\n    * Directories:\n      * Venv: '/var/local/lib/semaphore_venv'\n      * Config: '/etc/semaphore'\n      * Backup: '/var/backups/semaphore'\n      * Tmp/Run: '/tmp/.semaphore'\n \n\n  * **Default opt-ins**:\n    * Nginx proxy =\u003e using [THIS Role](https://github.com/ansibleguy/infra_nginx)\n    * MariaDB database =\u003e using [THIS Role](https://github.com/ansibleguy/infra_mariadb)\n    * Daily local database backup (_if database is managed_)\n      * Backup service: 'semaphore-backup.service'\n    * Provisioning 'ansible.cfg' for serviceuser\n    * Adding admin-user after installation\n\n  * **Default opt-outs**:\n    * Persistent requirements\n      * Update service: 'semaphore-requirements.service'\n\n----\n\n## Info\n\n* **Note:** this role currently only supports debian-based systems\n\n\n* **Note:** Most of the role's functionality can be opted in or out.\n\n  For all available options - see the default-config located in [the main defaults-file](https://github.com/ansibleguy/sw_semaphore/blob/latest/defaults/main/1_main.yml)!\n\n\n* **Warning:** Not every setting/variable you provide will be checked for validity. Bad config might break the role!\n\n\n* **Note:** If you like to use docker =\u003e you might want to check out [the official docker-image of Ansible-Semaphore](https://hub.docker.com/r/semaphoreui/semaphore) instead!\n\n\n* **Info:** Persistent requirements can be used to speed up executions:\n\n  It will install \u0026 update ansible-roles \u0026 ansible-collections using an external service/timer.\n\n  By default, semaphore will need to re-install them ON EACH EXECUTION.\n\n  For this to work - you will also have to make sure that the requirements files do not exist in your repositories:\n\n  * $REPO/collections/requirements.yml\n  * $REPO/roles/requirements.yml\n","funding_links":["https://ko-fi.com/ansible0guy","https://github.com/sponsors/ansibleguy","https://ko-fi.com/ansible0guy'"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fansibleguy%2Fsw_semaphore","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fansibleguy%2Fsw_semaphore","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fansibleguy%2Fsw_semaphore/lists"}