Semaphore UI¶
Semaphore UI is being used as a GUI to Ansible to help manage my playbooks.
Installation¶
Default Port: 3000
Configuration path: /etc/semaphore
Admin password: cat ~/semaphore.creds
Database: BoltDB
Config¶
Make symlinks to repo.
authentik¶
authentik GUI
Applications -> Applications
Redirect URI: https://semaphore.company/api/auth/oidc/authentik/redirect/
/etc/semaphore/config.json
{
"oidc_providers": {
"authentik": {
"display_name": "Sign in with authentik",
"provider_url": "https://authentik.company/application/o/<slug>/",
"client_id": "<client-id>",
"client_secret": "<client-secret>",
"redirect_url": "https://semaphore.company/api/auth/oidc/authentik/redirect/",
"username_claim": "preferred_username",
"name_claim": "preferred_username",
"scopes": ["openid", "profile", "email"]
}
},
"web_host": "/",
...
}
Tip
The name of the oidc_provider (e.g. authentik
) needs to match the name on the redirect URL.
Tip
If a Not Found
error is displayed after the login, you might need to set the web_root to /
(see https://github.com/semaphoreui/semaphore/issues/2681):
Traefik¶
homelab/pve/traefik/conf.d/semaphore.yaml
---
http:
#region routers
routers:
semaphore:
entryPoints:
- "websecure"
rule: "Host(`semaphore.l.nicholaswilde.io`)"
middlewares:
- default-headers@file
- https-redirectscheme@file
tls: {}
service: semaphore
#endregion
#region services
services:
semaphore:
loadBalancer:
servers:
- url: "http://192.168.2.90:3000"
passHostHeader: true
#endregion