Hi 🙂 Thanks for this great tutorial! Works fantastic and is very usefull. I didn´t get semaphore up and running with other videos, so thanks for this great work.
Amazing tutorial, Thank you David for this step-by-step explanation. Are you planning on doing more Ansible tutorials? Anyway i'll share this video on my Linkedin account, definetly worth it. 😉
35:55 You make mention of a user 'ansible' when you are setting up the SSH key. However, you never mention creating that user in your tutorial. The only users I am aware of is the semaphore user and the user account I normally used. I am trying to determine which SSH private key goes here. Is it your user account? Is it the semaphore account? Something else I may of missed? Please advise.
There are at least two user accounts involved here 1) You need to be able to login to Semaphore so that you can configure it and ultimately run Ansible playbooks, etc as scheduled tasks. You create at least one account for it during its setup. But that account is specific to Semaphore 2) Ansible needs access to others IT devices to make changes to them etc. and all those devices have to have a user account for that user so that Ansible can login to them I'm using SSH key authentication, so at this point in the video I'm pointing Semaphore to the private key for my Ansible user In other words, the Sempahore user account is used to manage Semaphore, but you have a separate Ansible account that is used to manage devices
Great video displaying the full process of pre-requisites, installation & configuration of semaphore. It has been quite some time now that i was considering an ansible UI solution, still a bit hesitant between AWX (tower) and semaphore. If you did benchmark these before i would gladly appreciate some feedback. (Or if you know another alternative that may be interesting..)
The documentation doesnt match the app version. The task argument section is totally different now. You don't put variables in json anymore. Im still not clear what the extra args should look like, is force_reboot=yes valid format?
Great Video David. your videos are very good. I appreciate the time you dedicate to share this knowledge. I did set my mailrise as my smtp relay server and for some reasons i cant get semaphore to send alerts emails to slack. Could you please help us with a video on how to set a working alert for system for semaphore.
Unfortunately Semaphore, doesn't send emails if a task is successful and although this has been raised on forums, the dev(s) don't see this as an issue So although the video covers how to setup email alerts, you'll only receive one if a task fails You can hook it up directly to Slack for instance for task alerting, but I'd prefer to keep everything centralised to reduce the maintenance and admin So I'm opting to run a task which always fails, that way I get a regular alert through mailrise to let me know the alerting works
Thanks that was very informative. Is there a way to run sequential tasks or templates like for example one to update (dnf update) and one for reboot maybe after reboot one to check all is good like with CLI ansible you can use a site.yml and run playbook1 then playbook2 etc ? Thanks
A handler might make sense A task can notify a handler to do something if there's been a change I've split things up into roles and each role has its own handler So when a task runs that uploads a service config for instance and it results in a change, that task will notify the handler which in turn restarts the service
Can you be more specific? I know sudo and su are kind of in conflict these days So while sudo su - can switch you over to the root account, but using your own password when you have sudo rights, since sudo -i came out, the steer is to use that instead Normally I'm not fussed about the environment settings though, so long as the path and the prompt seem fine
@@TechTutorialsDavidMcKone 'sudo -i' is the same as using '-' with su, except sudo is only for executing a one-off command. Using '-' with su completes the login when dropping you off at the command prompt for the new user. When you use su without '-,' you're sitting at a command prompt in a partially initialized environment. For instance, you may have some .bashrc commands that you want to execute when logging in as that user. Using '-' with su does that, while not using '-' does not. Since you don't normally know your root password on systems like Ubuntu, you would use 'sudo su -' as a one-off command to use your root privileges to become the root user and complete the login to fully initialize the environment for that command prompt session. It's something I picked up 30 years ago and always do it. I never use su without '-'. su and sudo aren't really in conflict. sudo is for using your root privileges to execute a one-off command, and su (often paired up with sudo) is for switching to another user until you run 'exit' to back out to your original user.
The Installation of Ansible and Semaphore seemed to go without a hitch. However, now I can't get into Semaphore. I can access ansible and I can add users to sepmaphore and list them using putty with my root login and am 100% sure the password added is the same as I am trying to use but it won't let me in via the web interface. Can't see anything online to help. Any ideas! Thanks.
Can you login into and access the database that Semaphore uses? If not you can edit that in the config file You can also update the database to change the user/password if necessary Now if you can access the database directly but not login via the web interface then I'd have to assume the Semaphore login credentials are wrong These are stored in the database but I don't know an easy way to change them as they'll be encrypted You could ask on the Github site for how to overwrite the password Personally, whenever I've just installed software and I can't login, I chalk it up to a typing mistake and re-install it I think in this case you could delete the database, create a new one, assign the user access and then run the setup process again
The newer version has roles to assign users to but I haven't seen a custom option for that So you could assign a user with a role of Task Runner for instance that will allow them to run a task But you can't create your own role
Hi David, thank you so much for the video, this is very helpful and helped with my work as well. I do need your help with few things though. Can you kindly reply back? Thank you!
Hi. I have an error when running a task: fatal: [192.168.1.1]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.1.1' (ED25519) to the list of known hosts. ubuntu@192.168.1.1: Permission denied (publickey).", "unreachable": true} Im using the free cloud server of oracle & installed ubuntu. Was going great until i tried to run a task. I can ssh to the server & pub/priv keys are present too. Being a beginner in all these is so hard😅 pls help. Thank you.
The computer is denying access as it requires SSH key authentication You have to point Ansible/Semaphore to the relevant private key that goes with the public key the server has for the user account you're logging in as
@@TechTutorialsDavidMcKone Thank you for the reply. I managed to work that initial error but I have a new error now as I am trying to use my local repository. I cloned the online git repo to my local machine then followed how you setup your repository in the semapahore web UI (I didn't do the chown & chmod part though as I have no idea if I have a group in the first place). When I run the task, it says: Failed in finding static repository at /mydir/mydir: stat /mydir/mydir: no such file or directory The directory exists but semaphore can't find it for some reason. Not sure if I missed any crucial steps or permissions.
@@ah-ys8gs If you're going to use git it might be better to just link directly to it from Semaphore, but that's a slightly different method Part of the Semaphore setup process involves setting up a folder where Semaphore will pull local copies of files to, so you don't need to do downloads yourself Any changes you want to make to your Ansible files should be done on the github repository
Thank you David, this has been very helpful. I appreciate your making such a detailed tutorial.
Thanks for the feedback, much appreciated
I do find Semaphore very useful, even if it's just for automating and logging the tasks
Thank you so much for this thorough tutorial! It's really going to help me with my final project for my IT apprenticeship :)
Good to know the video was useful
That sounds like an interesting project if it involves Ansible
Great video, really helped in setting up semaphore when nothing could.
Good to know
I do like Semaphore as I think it makes it easier to automate the maintenance jobs
Hi 🙂 Thanks for this great tutorial! Works fantastic and is very usefull. I didn´t get semaphore up and running with other videos, so thanks for this great work.
Good to know the video was helpful and thanks for the feedback
Amazing tutorial, Thank you David for this step-by-step explanation.
Are you planning on doing more Ansible tutorials?
Anyway i'll share this video on my Linkedin account, definetly worth it. 😉
I do have others in the pipeline, but these things take time
Thanks for promoting the video
My pleasure.@@TechTutorialsDavidMcKone
excellent video . Very informative. Thank you very much !
Thanks for the feedback
Good to know the video was useful
35:55 You make mention of a user 'ansible' when you are setting up the SSH key. However, you never mention creating that user in your tutorial. The only users I am aware of is the semaphore user and the user account I normally used. I am trying to determine which SSH private key goes here. Is it your user account? Is it the semaphore account? Something else I may of missed? Please advise.
There are at least two user accounts involved here
1) You need to be able to login to Semaphore so that you can configure it and ultimately run Ansible playbooks, etc as scheduled tasks. You create at least one account for it during its setup. But that account is specific to Semaphore
2) Ansible needs access to others IT devices to make changes to them etc. and all those devices have to have a user account for that user so that Ansible can login to them
I'm using SSH key authentication, so at this point in the video I'm pointing Semaphore to the private key for my Ansible user
In other words, the Sempahore user account is used to manage Semaphore, but you have a separate Ansible account that is used to manage devices
Very helpful. Thank you!
Thanks for the feedback, it really helps get videos out to others who might find it useful
thanks david.
It is useful Sempahore, so glad to hear this video was helpful
Great video displaying the full process of pre-requisites, installation & configuration of semaphore.
It has been quite some time now that i was considering an ansible UI solution, still a bit hesitant between AWX (tower) and semaphore.
If you did benchmark these before i would gladly appreciate some feedback. (Or if you know another alternative that may be interesting..)
Thanks for the feedback
I'll keep an eye out for other options
The documentation doesnt match the app version. The task argument section is totally different now. You don't put variables in json anymore. Im still not clear what the extra args should look like, is force_reboot=yes valid format?
Thanks for the feedback
It sounds like a newer video is needed
@@TechTutorialsDavidMcKone I was complaining about the documentation. Your video was great.
Great Video David. your videos are very good. I appreciate the time you dedicate to share this knowledge.
I did set my mailrise as my smtp relay server and for some reasons i cant get semaphore to send alerts emails to slack. Could you please help us with a video on how to set a working alert for system for semaphore.
Unfortunately Semaphore, doesn't send emails if a task is successful and although this has been raised on forums, the dev(s) don't see this as an issue
So although the video covers how to setup email alerts, you'll only receive one if a task fails
You can hook it up directly to Slack for instance for task alerting, but I'd prefer to keep everything centralised to reduce the maintenance and admin
So I'm opting to run a task which always fails, that way I get a regular alert through mailrise to let me know the alerting works
Thanks that was very informative. Is there a way to run sequential tasks or templates like for example one to update (dnf update) and one for reboot maybe after reboot one to check all is good like with CLI ansible you can use a site.yml and run playbook1 then playbook2 etc ? Thanks
A handler might make sense
A task can notify a handler to do something if there's been a change
I've split things up into roles and each role has its own handler
So when a task runs that uploads a service config for instance and it results in a change, that task will notify the handler which in turn restarts the service
Great video and paced well. I thought it was interesting that you don't use - with sudo su to initialize the new user's environment.
Can you be more specific?
I know sudo and su are kind of in conflict these days
So while sudo su - can switch you over to the root account, but using your own password when you have sudo rights, since sudo -i came out, the steer is to use that instead
Normally I'm not fussed about the environment settings though, so long as the path and the prompt seem fine
@@TechTutorialsDavidMcKone 'sudo -i' is the same as using '-' with su, except sudo is only for executing a one-off command. Using '-' with su completes the login when dropping you off at the command prompt for the new user. When you use su without '-,' you're sitting at a command prompt in a partially initialized environment. For instance, you may have some .bashrc commands that you want to execute when logging in as that user. Using '-' with su does that, while not using '-' does not. Since you don't normally know your root password on systems like Ubuntu, you would use 'sudo su -' as a one-off command to use your root privileges to become the root user and complete the login to fully initialize the environment for that command prompt session.
It's something I picked up 30 years ago and always do it. I never use su without '-'. su and sudo aren't really in conflict. sudo is for using your root privileges to execute a one-off command, and su (often paired up with sudo) is for switching to another user until you run 'exit' to back out to your original user.
The Installation of Ansible and Semaphore seemed to go without a hitch. However, now I can't get into Semaphore. I can access ansible and I can add users to sepmaphore and list them using putty with my root login and am 100% sure the password added is the same as I am trying to use but it won't let me in via the web interface. Can't see anything online to help. Any ideas! Thanks.
Can you login into and access the database that Semaphore uses?
If not you can edit that in the config file
You can also update the database to change the user/password if necessary
Now if you can access the database directly but not login via the web interface then I'd have to assume the Semaphore login credentials are wrong
These are stored in the database but I don't know an easy way to change them as they'll be encrypted
You could ask on the Github site for how to overwrite the password
Personally, whenever I've just installed software and I can't login, I chalk it up to a typing mistake and re-install it
I think in this case you could delete the database, create a new one, assign the user access and then run the setup process again
Hi, in anisible Semaphore, is there anyway to custom user permission so that user can only view or run additional task?
The newer version has roles to assign users to but I haven't seen a custom option for that
So you could assign a user with a role of Task Runner for instance that will allow them to run a task
But you can't create your own role
This is good . Thanks for the great work. But what if you want to run just one of the IP address in your inventory, how do you go about it?
You can create multiple inventories for Semaphore, so you could always create one with a single IP and then run a task against that
Hi David, thank you so much for the video, this is very helpful and helped with my work as well. I do need your help with few things though. Can you kindly reply back? Thank you!
I don't really provide support as such
I only cover issues such as something no longer working in a video or if things don't work as expected
Hi. I have an error when running a task:
fatal: [192.168.1.1]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added '192.168.1.1' (ED25519) to the list of known hosts.
ubuntu@192.168.1.1: Permission denied (publickey).", "unreachable": true}
Im using the free cloud server of oracle & installed ubuntu. Was going great until i tried to run a task. I can ssh to the server & pub/priv keys are present too. Being a beginner in all these is so hard😅 pls help. Thank you.
The computer is denying access as it requires SSH key authentication
You have to point Ansible/Semaphore to the relevant private key that goes with the public key the server has for the user account you're logging in as
@@TechTutorialsDavidMcKone Thank you for the reply. I managed to work that initial error but I have a new error now as I am trying to use my local repository.
I cloned the online git repo to my local machine then followed how you setup your repository in the semapahore web UI (I didn't do the chown & chmod part though as I have no idea if I have a group in the first place). When I run the task, it says:
Failed in finding static repository at /mydir/mydir: stat /mydir/mydir: no such file or directory
The directory exists but semaphore can't find it for some reason. Not sure if I missed any crucial steps or permissions.
@@ah-ys8gs If you're going to use git it might be better to just link directly to it from Semaphore, but that's a slightly different method
Part of the Semaphore setup process involves setting up a folder where Semaphore will pull local copies of files to, so you don't need to do downloads yourself
Any changes you want to make to your Ansible files should be done on the github repository