Setup Semaphore Ansible Web UI on Ubuntu / Debian

Welcome to our guide on how to install Semaphore Ansible Web UI on Ubuntu / Debian. Semaphore is an open source alternative to Ansible Tower. It allows you to launch and manage Ansible Tasks from a Web interface.

Semaphore has the following dependencies:

• MySQL >= 5.6.4/MariaDB >= 5.3
• ansible
• git >= 2.x

We will consider the installation of Semaphore on both Debian & Ubuntu line of Distributions.

For CentOS 7, use: Install Semaphore Ansible Web UI on CentOS 7 / CentOS 8

How to Install Semaphore on Ubuntu / Debian

Here are the steps you need to follow to have Semaphore installed on Ubuntu / Debian system.

Step 1: Update system and install git

Start work from an updated system with git installed.

sudo apt update
sudo apt install git curl wget software-properties-common

Confirm that Git version installed is = 2.x.

$ git --version
git version 2.25.1

Step 2: Install Ansible on Ubuntu / Debian

Add Ansible PPA repository and install Ansible.

For Ubuntu

sudo apt-add-repository ppa:ansible/ansible
sudo apt update
sudo apt install ansible -y

If you get error like “apt-add-repository: command not found“, then check install add-apt-repository on Debian/Ubuntu.

For Debian

echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu trusty main" | sudo tee /etc/apt/sources.list.d/ansible.list
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
sudo apt update
sudo apt install ansible -y

Confirm Ansible version installed.

$ ansible --version
ansible [core 2.12.4]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ubuntu/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3/dist-packages/ansible
  ansible collection location = /home/ubuntu/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.8.10 (default, Jun  2 2021, 10:49:15) [GCC 9.4.0]
  jinja version = 2.10.1
  libyaml = True

Step 3: Install MariaDB/MySQL Database server

You can choose MySQL or MariaDB database server. Add MariaDB APT repository using the commands below:

curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s --

Once the repository is added install server and client packages

sudo apt install mariadb-server mariadb-client

Secure your database server

$ sudo mariadb-secure-installation
Switch to unix_socket authentication [Y/n] n
Change the root password? [Y/n] y
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] y
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

Step 4: Download Semaphore on Ubuntu / Debian

Visit the Semaphore Releases page and copy the download link for your OS.

VER=$(curl -s https://api.github.com/repos/ansible-semaphore/semaphore/releases/latest|grep tag_name | cut -d '"' -f 4|sed 's/v//g')
wget https://github.com/ansible-semaphore/semaphore/releases/download/v${VER}/semaphore_${VER}_linux_amd64.deb

Install the Debian package downloaded.

sudo apt install ./semaphore_${VER}_linux_amd64.deb

Check if you have semaphore binary in your $PATH.

$ which semaphore
/usr/bin/semaphore

$ semaphore  -version
v2.8.53

Step 5: Setup Semaphore on Ubuntu / Debian

Run the following command to start Semaphore setup in your system.

$ sudo semaphore setup
Hello! You will now be guided through a setup to:

1. Set up configuration for a MySQL/MariaDB database
2. Set up a path for your playbooks (auto-created)
3. Run database Migrations
4. Set up initial semaphore user & password

What database to use:
   1 - MySQL
   2 - BoltDB
   3 - PostgreSQL
 (default 1): 1
   DB Hostname (default 127.0.0.1:3306): 127.0.0.1:3306
   DB User (default root): root
   DB Password: <root Password>  
   DB Name (default semaphore): semaphore
   Playbook path (default /tmp/semaphore): /opt/semaphore
   Web root URL (optional, example http://localhost:8010/):  http://localhost:3000/
   Enable email alerts (y/n, default n): n
   Enable telegram alerts (y/n, default n): n
   Enable LDAP authentication (y/n, default n): n 

If you choose to turn on email/telegram alerts or LDAP authentication, set appropriate values.

Confirm generated configuration and Agree to start the installation.

Generated configuration:
  {
      "mysql": {
          "host": "127.0.0.1:3306",
          "user": "root",
          "pass": "password",
          "name": "semaphore"
      },
      "port": "",
      "tmp_path": "/opt/semaphore",
      "cookie_hash": "0Jpz8DrxGg02+Bx7P3lDPa+Tdu0nOEw6HwKMu22Oo60=",
      "cookie_encryption": "I3hI3Fgitr5OMOOWmnaR59hxLUP6FlnAPdL/WJbSlO0=",
      "email_sender": "",
      "email_host": "",
      "email_port": "",
      "web_host": "http://localhost:3000/",
      "ldap_binddn": "",
      "ldap_bindpassword": "",
      "ldap_server": "",
      "ldap_searchdn": "",
      "ldap_searchfilter": "",
      "ldap_mappings": {
          "dn": "",
          "mail": "",
          "uid": "",
          "cn": ""
      },
      "telegram_chat": "",
      "telegram_token": "",
      "concurrency_mode": "",
      "max_parallel_tasks": 0,
      "email_alert": false,
      "telegram_alert": false,
      "ldap_enable": false,
      "ldap_needtls": false
  }

Confirm these values are correct to initiate setup.

 Is this correct? (yes/no): yes
 Config output directory (default /root): 
 WARN[0037] An input error occured:unexpected newline    
 Running: mkdir -p /root..
 Configuration written to /root/config.json..
 Pinging db.. 
 Running DB Migrations..
 Checking DB migrations
 Creating migrations table
......
Migrations Finished

Set username

Username: admin
Email: [email protected]
WARN[0268] sql: no rows in result set                    level=Warn
 Your name: Admin User
 Password: StrongPassword 
 You are all setup Admin User!
 Re-launch this program pointing to the configuration file
 ./semaphore server --config /home/ubuntu/config.json

To run as daemon:
 nohup ./semaphore server --config /home/ubuntu/config.json &
 You can login with [email protected] or admin.

You can set other configuration values on the file /root/config.json.

Step 6: Configure Systemd for Semaphore Ansible UI

Let’s now configure Semaphore Ansible UI to be managed by systemd.

Create systemd service unit file.

sudo vim /etc/systemd/system/semaphore.service

The add:

[Unit]
Description=Semaphore Ansible UI
Documentation=https://github.com/ansible-semaphore/semaphore
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/bin/semaphore server --config /etc/semaphore/config.json
SyslogIdentifier=semaphore
Restart=always

[Install]
WantedBy=multi-user.target

Create Semaphore configurations directory:

sudo mkdir /etc/semaphore

Copy your configuration file to created directory:

sudo cp /root/config.json /etc/semaphore/config.json

You can modify the config to accommodate the exact URL you want to use to access the site. If you use any other aside from the specified, access will be denied.

$ sudo vim /etc/semaphore/config.json
....
        "web_host": "http://ansible.example.com:3000",
....

Stop running instances of Semaphore.

sudo pkill semaphore

Confirm:

ps aux | grep sema

Reload systemd and start semaphore service.

sudo systemctl daemon-reload
sudo systemctl start semaphore

Check status to see if running:

$ systemctl status semaphore
● semaphore.service - Semaphore Ansible UI
     Loaded: loaded (/etc/systemd/system/semaphore.service; disabled; vendor preset: enabled)
     Active: active (running) since Tue 2022-04-19 22:41:19 UTC; 18s ago
       Docs: https://github.com/ansible-semaphore/semaphore
   Main PID: 17994 (semaphore)
      Tasks: 6 (limit: 4682)
     Memory: 24.0M
     CGroup: /system.slice/semaphore.service
             └─17994 /usr/bin/semaphore server --config /etc/semaphore/config.json

Apr 19 22:41:19 ubuntu-20-04-02 systemd[1]: Started Semaphore Ansible UI.
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: MySQL [email protected]:3306 semaphore
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: Tmp Path (projects home) /opt/semaphore
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: Semaphore v2.8.53
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: Interface
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: Port :3000
Apr 19 22:41:20 ubuntu-20-04-02 semaphore[17994]: Server is running

Set Service to start at boot.

$ sudo systemctl enable semaphore
Created symlink /etc/systemd/system/multi-user.target.wants/semaphore.service → /etc/systemd/system/semaphore.service.

Port 3000 should now be Open

$ sudo ss -tunelp | grep 3000
tcp    LISTEN  0       4096                       *:3000                *:*      users:(("semaphore",pid=17994,fd=8)) ino:88453 sk:7 v6only:0 <->

Step 7: Setup Nginx Proxy (Optional)

To be able to access the Semaphore Web interface with a domain name, use the guide below to setup.

• Configure Nginx Proxy for Semaphore Ansible Web UI

Step 8: Access Semaphore Web interface

On your web browser, open semaphore using the specified web URL for example http://ansible.example.com:3000

Use the username/email created earlier during installation to Sign in. Web console for semaphore should be shown after authentication.

You’re ready to manage your servers with Ansible and powerful Web UI.

The initial steps required are:

• Add SSH keys / API keys used by Ansible – Under Key Store > create key

• Create Inventory file with servers to manage – Under Inventory > create inventory

• Create users and add to Team(s)
• Create Environments
• Add Playbook repositories

• Create Task Templates and execute

Also check a comprehensive guide on semaphore Web UI. Also check:

• How To Install Ansible AWX on CentOS 7 / RHEL 7
• Install Ansible AWX on Debian
• Install Ansible AWX Ubuntu