Semaphore UI¶
| Description / name | Input element |
|---|---|
| Your domain name |
Overview¶
Semaphore UI is an open-source, self-hosted web interface designed to simplify and centralize the management of DevOps automation tools like Ansible, Terraform, OpenTofu, PowerShell, Bash, and Python scripts.
Deployment¶
sb install sandbox-semaphoreui
Usage¶
Visit https://semaphoreui.iYOUR_DOMAIN_NAMEi.
Basics¶
Additional Settings¶
The default installation utilises a seperate postgres database. There is an option for this package to utilise mariadb / mysql but this isnt what this guide will be based on.
To enable email notifications, set these inventory entries to your desired values:
Semaphoreui Email Settings
SEMAPHORE_EMAIL_ALERT: "true" # (1)!
SEMAPHORE_EMAIL_SENDER: "" # (2)!
SEMAPHORE_EMAIL_HOST: "localhost" # (3)!¿˘˘˘˘˘˘˘˘˘¿¿˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘˘
SEMAPHORE_EMAIL_PORT: "25" # (4)!¿˘˘˘˘˘˘
SEMAPHORE_EMAIL_USERNAME: "" # (5)!
SEMAPHORE_EMAIL_PASSWORD: "" # (6)!
SEMAPHORE_EMAIL_SECURE: "" # (7)!
- Flag which enables email alerts. Can be
trueor 'false. - The email address you want to send to. Replace
""with the email address you want to send to - Replace
localhostwith your email host. IE:smtp-relay.gmail.com - Replace
25with your email port. IE:587 - Replace
""with your email username if necessary. - Replace
""with your email password if necessary. - Use
SSLorTLSfor communication with the SMTP server. Can betrueor 'false.
Semaphoreui Telgram Settings
SEMAPHORE_TELEGRAM_ALERT: "" # (1)!
SEMAPHORE_TELEGRAM_CHAT: "" # (2)!
SEMAPHORE_TELEGRAM_TOKEN: "" # (3)!
- Flag which enables telegram alerts. Can be
trueor 'false. - The chat id of which you want to send the message to
- Your Telegram bot token
Semaphoreui Telgram Settings
SEMAPHORE_SLACK_ALERT: "" # (1)!
SEMAPHORE_SLACK_URL: "" # (2)!
- Flag which enables telegram alerts. Can be
trueor 'false. - Your slack URL
Redeploy the Semaphoreui role to apply any of the above changes.
Role Defaults¶
Use the Inventory to customize variables. (1)
-
Example override
semaphoreui_name: "custom_value"Avoid overriding variables ending in
_defaultWhen overriding variables that end in
_default(likesemaphoreui_docker_envs_default), you replace the entire default configuration. Future updates that add new default values will not be applied to your setup, potentially breaking functionality.Instead, use the corresponding
_customvariable (likesemaphoreui_docker_envs_custom) to add your changes. Custom values are merged with defaults, ensuring you receive updates.
semaphoreui_name
# Type: string
semaphoreui_name: semaphoreui
semaphoreui_role_postgres_deploy
# Type: bool (true/false)
semaphoreui_role_postgres_deploy: true
semaphoreui_role_postgres_name
# Type: string
semaphoreui_role_postgres_name: "{{ semaphoreui_name }}-postgres"
semaphoreui_role_postgres_user
# Type: string
semaphoreui_role_postgres_user: "semaphoreui"
semaphoreui_role_postgres_password
# Type: string
semaphoreui_role_postgres_password: "semaphoreui"
semaphoreui_role_postgres_docker_env_db
# Type: string
semaphoreui_role_postgres_docker_env_db: "semaphoreui"
semaphoreui_role_postgres_docker_image_tag
# Type: string
semaphoreui_role_postgres_docker_image_tag: "15"
semaphoreui_role_postgres_docker_image_repo
# Type: string
semaphoreui_role_postgres_docker_image_repo: "postgres"
semaphoreui_role_postgres_docker_healthcheck
# Type: dict
semaphoreui_role_postgres_docker_healthcheck:
test: ["CMD-SHELL", "pg_isready -d {{ lookup('role_var', '_postgres_docker_env_db', role='semaphoreui') }} -U {{ lookup('role_var', '_postgres_user', role='semaphoreui') }}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
semaphoreui_role_postgres_paths_folder
# Type: string
semaphoreui_role_postgres_paths_folder: "{{ semaphoreui_name }}"
semaphoreui_role_postgres_paths_location
# Type: string
semaphoreui_role_postgres_paths_location: "{{ server_appdata_path }}/{{ semaphoreui_role_postgres_paths_folder }}/postgres"
semaphoreui_role_web_subdomain
# Type: string
semaphoreui_role_web_subdomain: "{{ semaphoreui_name }}"
semaphoreui_role_web_domain
# Type: string
semaphoreui_role_web_domain: "{{ user.domain }}"
semaphoreui_role_web_port
# Type: string
semaphoreui_role_web_port: "3000"
semaphoreui_role_web_url
# Type: string
semaphoreui_role_web_url: "{{ 'https://' + (lookup('role_var', '_web_subdomain', role='semaphoreui') + '.' + lookup('role_var', '_web_domain', role='semaphoreui')
if (lookup('role_var', '_web_subdomain', role='semaphoreui') | length > 0)
else lookup('role_var', '_web_domain', role='semaphoreui')) }}"
semaphoreui_role_dns_record
# Type: string
semaphoreui_role_dns_record: "{{ lookup('role_var', '_web_subdomain', role='semaphoreui') }}"
semaphoreui_role_dns_zone
# Type: string
semaphoreui_role_dns_zone: "{{ lookup('role_var', '_web_domain', role='semaphoreui') }}"
semaphoreui_role_dns_proxy
# Type: bool (true/false)
semaphoreui_role_dns_proxy: "{{ dns_proxied }}"
semaphoreui_role_traefik_sso_middleware
# Type: string
semaphoreui_role_traefik_sso_middleware: "{{ traefik_default_sso_middleware }}"
semaphoreui_role_traefik_middleware_default
# Type: string
semaphoreui_role_traefik_middleware_default: "{{ traefik_default_middleware }}"
semaphoreui_role_traefik_middleware_custom
# Type: string
semaphoreui_role_traefik_middleware_custom: ""
semaphoreui_role_traefik_certresolver
# Type: string
semaphoreui_role_traefik_certresolver: "{{ traefik_default_certresolver }}"
semaphoreui_role_traefik_enabled
# Type: bool (true/false)
semaphoreui_role_traefik_enabled: true
semaphoreui_role_traefik_api_enabled
# Type: bool (true/false)
semaphoreui_role_traefik_api_enabled: true
semaphoreui_role_traefik_api_endpoint
# Type: string
semaphoreui_role_traefik_api_endpoint: "PathPrefix(`/api`)"
Container
semaphoreui_role_docker_container
# Type: string
semaphoreui_role_docker_container: "{{ semaphoreui_name }}"
Image
semaphoreui_role_docker_image_pull
# Type: bool (true/false)
semaphoreui_role_docker_image_pull: true
semaphoreui_role_docker_image_tag
# Type: string
semaphoreui_role_docker_image_tag: "latest"
semaphoreui_role_docker_image_repo
# Type: string
semaphoreui_role_docker_image_repo: "semaphoreui/semaphore"
semaphoreui_role_docker_image
# Type: string
semaphoreui_role_docker_image: "{{ lookup('role_var', '_docker_image_repo', role='semaphoreui') }}:{{ lookup('role_var', '_docker_image_tag', role='semaphoreui') }}"
Envs
semaphoreui_role_docker_envs_default
# Type: dict
semaphoreui_role_docker_envs_default:
SEMAPHORE_DB_USER: "{{ lookup('role_var', '_postgres_user', role='semaphoreui') }}"
SEMAPHORE_DB_PASS: "{{ lookup('role_var', '_postgres_password', role='semaphoreui') }}"
SEMAPHORE_DB_HOST: "{{ lookup('role_var', '_postgres_name', role='semaphoreui') }}"
SEMAPHORE_DB_PORT: "5432"
SEMAPHORE_DB_DIALECT: "postgres"
SEMAPHORE_DB: "{{ lookup('role_var', '_postgres_docker_env_db', role='semaphoreui') }}"
SEMAPHORE_PLAYBOOK_PATH: "{{ lookup('role_var', '_paths_location', role='semaphoreui') }}/playbooks"
SEMAPHORE_ADMIN_PASSWORD: "{{ user.pass }}"
SEMAPHORE_ADMIN_NAME: "{{ user.name }}"
SEMAPHORE_ADMIN_EMAIL: "{{ user.email }}"
SEMAPHORE_ADMIN: "{{ user.name }}"
SEMAPHORE_ACCESS_KEY_ENCRYPTION: "{{ semaphoreui_saltbox_facts.facts.secret_key }}"
TZ: "{{ timezone }}"
semaphoreui_role_docker_envs_custom
# Type: dict
semaphoreui_role_docker_envs_custom: {}
Hostname
semaphoreui_role_docker_hostname
# Type: string
semaphoreui_role_docker_hostname: "{{ semaphoreui_name }}"
Networks
semaphoreui_role_docker_networks_alias
# Type: string
semaphoreui_role_docker_networks_alias: "{{ semaphoreui_name }}"
semaphoreui_role_docker_networks_default
# Type: list
semaphoreui_role_docker_networks_default: []
semaphoreui_role_docker_networks_custom
# Type: list
semaphoreui_role_docker_networks_custom: []
Restart Policy
semaphoreui_role_docker_restart_policy
# Type: string
semaphoreui_role_docker_restart_policy: unless-stopped
State
semaphoreui_role_docker_state
# Type: string
semaphoreui_role_docker_state: started
Dependencies
semaphoreui_role_depends_on
# Type: string
semaphoreui_role_depends_on: "{{ lookup('role_var', '_postgres_name', role='semaphoreui') }}"
semaphoreui_role_depends_on_delay
# Type: string (quoted number)
semaphoreui_role_depends_on_delay: "0"
semaphoreui_role_depends_on_healthchecks
# Type: string ("true"/"false")
semaphoreui_role_depends_on_healthchecks: "false"
The following advanced options are available via create_docker_container but are not defined in the role. See: docker_container module
Resource Limits
semaphoreui_role_docker_blkio_weight
# Type: int
semaphoreui_role_docker_blkio_weight:
semaphoreui_role_docker_cpu_period
# Type: int
semaphoreui_role_docker_cpu_period:
semaphoreui_role_docker_cpu_quota
# Type: int
semaphoreui_role_docker_cpu_quota:
semaphoreui_role_docker_cpu_shares
# Type: int
semaphoreui_role_docker_cpu_shares:
semaphoreui_role_docker_cpus
# Type: string
semaphoreui_role_docker_cpus:
semaphoreui_role_docker_cpuset_cpus
# Type: string
semaphoreui_role_docker_cpuset_cpus:
semaphoreui_role_docker_cpuset_mems
# Type: string
semaphoreui_role_docker_cpuset_mems:
semaphoreui_role_docker_kernel_memory
# Type: string
semaphoreui_role_docker_kernel_memory:
semaphoreui_role_docker_memory
# Type: string
semaphoreui_role_docker_memory:
semaphoreui_role_docker_memory_reservation
# Type: string
semaphoreui_role_docker_memory_reservation:
semaphoreui_role_docker_memory_swap
# Type: string
semaphoreui_role_docker_memory_swap:
semaphoreui_role_docker_memory_swappiness
# Type: int
semaphoreui_role_docker_memory_swappiness:
semaphoreui_role_docker_shm_size
# Type: string
semaphoreui_role_docker_shm_size:
Security & Devices
semaphoreui_role_docker_cap_drop
# Type: list
semaphoreui_role_docker_cap_drop:
semaphoreui_role_docker_cgroupns_mode
# Type: string
semaphoreui_role_docker_cgroupns_mode:
semaphoreui_role_docker_device_cgroup_rules
# Type: list
semaphoreui_role_docker_device_cgroup_rules:
semaphoreui_role_docker_device_read_bps
# Type: list
semaphoreui_role_docker_device_read_bps:
semaphoreui_role_docker_device_read_iops
# Type: list
semaphoreui_role_docker_device_read_iops:
semaphoreui_role_docker_device_requests
# Type: list
semaphoreui_role_docker_device_requests:
semaphoreui_role_docker_device_write_bps
# Type: list
semaphoreui_role_docker_device_write_bps:
semaphoreui_role_docker_device_write_iops
# Type: list
semaphoreui_role_docker_device_write_iops:
semaphoreui_role_docker_devices
# Type: list
semaphoreui_role_docker_devices:
semaphoreui_role_docker_devices_default
# Type: string
semaphoreui_role_docker_devices_default:
semaphoreui_role_docker_groups
# Type: list
semaphoreui_role_docker_groups:
semaphoreui_role_docker_privileged
# Type: bool (true/false)
semaphoreui_role_docker_privileged:
semaphoreui_role_docker_security_opts
# Type: list
semaphoreui_role_docker_security_opts:
semaphoreui_role_docker_user
# Type: string
semaphoreui_role_docker_user:
semaphoreui_role_docker_userns_mode
# Type: string
semaphoreui_role_docker_userns_mode:
Networking
semaphoreui_role_docker_dns_opts
# Type: list
semaphoreui_role_docker_dns_opts:
semaphoreui_role_docker_dns_search_domains
# Type: list
semaphoreui_role_docker_dns_search_domains:
semaphoreui_role_docker_dns_servers
# Type: list
semaphoreui_role_docker_dns_servers:
semaphoreui_role_docker_domainname
# Type: string
semaphoreui_role_docker_domainname:
semaphoreui_role_docker_exposed_ports
# Type: list
semaphoreui_role_docker_exposed_ports:
semaphoreui_role_docker_hosts
# Type: dict
semaphoreui_role_docker_hosts:
semaphoreui_role_docker_hosts_use_common
# Type: bool (true/false)
semaphoreui_role_docker_hosts_use_common:
semaphoreui_role_docker_ipc_mode
# Type: string
semaphoreui_role_docker_ipc_mode:
semaphoreui_role_docker_links
# Type: list
semaphoreui_role_docker_links:
semaphoreui_role_docker_network_mode
# Type: string
semaphoreui_role_docker_network_mode:
semaphoreui_role_docker_pid_mode
# Type: string
semaphoreui_role_docker_pid_mode:
semaphoreui_role_docker_ports
# Type: list
semaphoreui_role_docker_ports:
semaphoreui_role_docker_uts
# Type: string
semaphoreui_role_docker_uts:
Storage
semaphoreui_role_docker_keep_volumes
# Type: bool (true/false)
semaphoreui_role_docker_keep_volumes:
semaphoreui_role_docker_mounts
# Type: list
semaphoreui_role_docker_mounts:
semaphoreui_role_docker_storage_opts
# Type: dict
semaphoreui_role_docker_storage_opts:
semaphoreui_role_docker_tmpfs
# Type: list
semaphoreui_role_docker_tmpfs:
semaphoreui_role_docker_volume_driver
# Type: string
semaphoreui_role_docker_volume_driver:
semaphoreui_role_docker_volumes
# Type: list
semaphoreui_role_docker_volumes:
semaphoreui_role_docker_volumes_from
# Type: list
semaphoreui_role_docker_volumes_from:
semaphoreui_role_docker_volumes_global
# Type: bool (true/false)
semaphoreui_role_docker_volumes_global:
semaphoreui_role_docker_working_dir
# Type: string
semaphoreui_role_docker_working_dir:
Monitoring & Lifecycle
semaphoreui_role_docker_auto_remove
# Type: bool (true/false)
semaphoreui_role_docker_auto_remove:
semaphoreui_role_docker_cleanup
# Type: bool (true/false)
semaphoreui_role_docker_cleanup:
semaphoreui_role_docker_force_kill
# Type: string
semaphoreui_role_docker_force_kill:
semaphoreui_role_docker_healthcheck
# Type: dict
semaphoreui_role_docker_healthcheck:
semaphoreui_role_docker_healthy_wait_timeout
# Type: int
semaphoreui_role_docker_healthy_wait_timeout:
semaphoreui_role_docker_init
# Type: bool (true/false)
semaphoreui_role_docker_init:
semaphoreui_role_docker_kill_signal
# Type: string
semaphoreui_role_docker_kill_signal:
semaphoreui_role_docker_log_driver
# Type: string
semaphoreui_role_docker_log_driver:
semaphoreui_role_docker_log_options
# Type: dict
semaphoreui_role_docker_log_options:
semaphoreui_role_docker_oom_killer
# Type: bool (true/false)
semaphoreui_role_docker_oom_killer:
semaphoreui_role_docker_oom_score_adj
# Type: int
semaphoreui_role_docker_oom_score_adj:
semaphoreui_role_docker_output_logs
# Type: bool (true/false)
semaphoreui_role_docker_output_logs:
semaphoreui_role_docker_paused
# Type: bool (true/false)
semaphoreui_role_docker_paused:
semaphoreui_role_docker_recreate
# Type: bool (true/false)
semaphoreui_role_docker_recreate:
semaphoreui_role_docker_restart_retries
# Type: int
semaphoreui_role_docker_restart_retries:
semaphoreui_role_docker_stop_timeout
# Type: int
semaphoreui_role_docker_stop_timeout:
Other Options
semaphoreui_role_docker_capabilities
# Type: list
semaphoreui_role_docker_capabilities:
semaphoreui_role_docker_cgroup_parent
# Type: string
semaphoreui_role_docker_cgroup_parent:
semaphoreui_role_docker_commands
# Type: list
semaphoreui_role_docker_commands:
semaphoreui_role_docker_create_timeout
# Type: int
semaphoreui_role_docker_create_timeout:
semaphoreui_role_docker_entrypoint
# Type: string
semaphoreui_role_docker_entrypoint:
semaphoreui_role_docker_env_file
# Type: string
semaphoreui_role_docker_env_file:
semaphoreui_role_docker_labels
# Type: dict
semaphoreui_role_docker_labels:
semaphoreui_role_docker_labels_use_common
# Type: bool (true/false)
semaphoreui_role_docker_labels_use_common:
semaphoreui_role_docker_read_only
# Type: bool (true/false)
semaphoreui_role_docker_read_only:
semaphoreui_role_docker_runtime
# Type: string
semaphoreui_role_docker_runtime:
semaphoreui_role_docker_sysctls
# Type: list
semaphoreui_role_docker_sysctls:
semaphoreui_role_docker_ulimits
# Type: list
semaphoreui_role_docker_ulimits:
semaphoreui_role_autoheal_enabled
# Enable or disable Autoheal monitoring for the container created when deploying
# Type: bool (true/false)
semaphoreui_role_autoheal_enabled: true
semaphoreui_role_depends_on
# List of container dependencies that must be running before the container start
# Type: string
semaphoreui_role_depends_on: ""
semaphoreui_role_depends_on_delay
# Delay in seconds before starting the container after dependencies are ready
# Type: string (quoted number)
semaphoreui_role_depends_on_delay: "0"
semaphoreui_role_depends_on_healthchecks
# Enable healthcheck waiting for container dependencies
# Type: string ("true"/"false")
semaphoreui_role_depends_on_healthchecks:
semaphoreui_role_diun_enabled
# Enable or disable Diun update notifications for the container created when deploying
# Type: bool (true/false)
semaphoreui_role_diun_enabled: true
semaphoreui_role_dns_enabled
# Enable or disable automatic DNS record creation for the container
# Type: bool (true/false)
semaphoreui_role_dns_enabled: true
semaphoreui_role_docker_controller
# Enable or disable Saltbox Docker Controller management for the container
# Type: bool (true/false)
semaphoreui_role_docker_controller: true
semaphoreui_role_docker_image_repo
# Type: string
semaphoreui_role_docker_image_repo:
semaphoreui_role_docker_image_tag
# Type: string
semaphoreui_role_docker_image_tag:
semaphoreui_role_docker_volumes_download
# Type: bool (true/false)
semaphoreui_role_docker_volumes_download:
semaphoreui_role_paths_location
# Type: string
semaphoreui_role_paths_location:
semaphoreui_role_postgres_docker_env_db
# Type: string
semaphoreui_role_postgres_docker_env_db:
semaphoreui_role_postgres_name
# Type: string
semaphoreui_role_postgres_name:
semaphoreui_role_postgres_password
# Type: string
semaphoreui_role_postgres_password:
semaphoreui_role_postgres_user
# Type: string
semaphoreui_role_postgres_user:
semaphoreui_role_themepark_addons
# Type: string
semaphoreui_role_themepark_addons:
semaphoreui_role_themepark_app
# Type: string
semaphoreui_role_themepark_app:
semaphoreui_role_themepark_theme
# Type: string
semaphoreui_role_themepark_theme:
semaphoreui_role_traefik_api_endpoint
# Type: dict/omit
semaphoreui_role_traefik_api_endpoint:
semaphoreui_role_traefik_api_middleware
# Type: string
semaphoreui_role_traefik_api_middleware:
semaphoreui_role_traefik_api_middleware_http
# Type: string
semaphoreui_role_traefik_api_middleware_http:
semaphoreui_role_traefik_autodetect_enabled
# Enable Traefik autodetect middleware for the container
# Type: bool (true/false)
semaphoreui_role_traefik_autodetect_enabled: false
semaphoreui_role_traefik_certresolver
# Type: string
semaphoreui_role_traefik_certresolver:
semaphoreui_role_traefik_crowdsec_enabled
# Enable CrowdSec middleware for the container
# Type: bool (true/false)
semaphoreui_role_traefik_crowdsec_enabled: false
semaphoreui_role_traefik_error_pages_enabled
# Enable custom error pages middleware for the container
# Type: bool (true/false)
semaphoreui_role_traefik_error_pages_enabled: false
semaphoreui_role_traefik_gzip_enabled
# Enable gzip compression middleware for the container
# Type: bool (true/false)
semaphoreui_role_traefik_gzip_enabled: false
semaphoreui_role_traefik_middleware_http
# Type: string
semaphoreui_role_traefik_middleware_http:
semaphoreui_role_traefik_middleware_http_api_insecure
# Type: bool (true/false)
semaphoreui_role_traefik_middleware_http_api_insecure:
semaphoreui_role_traefik_middleware_http_insecure
# Type: bool (true/false)
semaphoreui_role_traefik_middleware_http_insecure:
semaphoreui_role_traefik_priority
# Type: string
semaphoreui_role_traefik_priority:
semaphoreui_role_traefik_robot_enabled
# Enable robots.txt middleware for the container
# Type: bool (true/false)
semaphoreui_role_traefik_robot_enabled: true
semaphoreui_role_traefik_tailscale_enabled
# Enable Tailscale-specific Traefik configuration for the container
# Type: bool (true/false)
semaphoreui_role_traefik_tailscale_enabled: false
semaphoreui_role_traefik_wildcard_enabled
# Enable wildcard certificate for the container
# Type: bool (true/false)
semaphoreui_role_traefik_wildcard_enabled: true
semaphoreui_role_web_domain
# Type: string
semaphoreui_role_web_domain:
semaphoreui_role_web_fqdn_override
# Override the Traefik fully qualified domain name (FQDN) for the container
# Type: list
semaphoreui_role_web_fqdn_override:
Example Override
semaphoreui_role_web_fqdn_override:
- "{{ traefik_host }}"
- "semaphoreui2.{{ user.domain }}"
- "semaphoreui.otherdomain.tld"
Note: Include {{ traefik_host }} to preserve the default FQDN alongside your custom entries
semaphoreui_role_web_host_override
# Override the Traefik web host configuration for the container
# Type: string
semaphoreui_role_web_host_override:
Example Override
semaphoreui_role_web_host_override: "Host(`{{ traefik_host }}`) || Host(`{{ 'semaphoreui2.' + user.domain }}`)"
Note: Use {{ traefik_host }} to include the default host configuration in your custom rule
semaphoreui_role_web_http_port
# Type: string (quoted number)
semaphoreui_role_web_http_port:
semaphoreui_role_web_http_scheme
# Type: string ("http"/"https")
semaphoreui_role_web_http_scheme:
semaphoreui_role_web_http_serverstransport
# Type: dict/omit
semaphoreui_role_web_http_serverstransport:
semaphoreui_role_web_scheme
# URL scheme to use for web access to the container
# Type: string ("http"/"https")
semaphoreui_role_web_scheme:
semaphoreui_role_web_serverstransport
# Type: dict/omit
semaphoreui_role_web_serverstransport:
semaphoreui_role_web_subdomain
# Type: string
semaphoreui_role_web_subdomain: