Vezpi/Blog
1
0
Fork 0
Code Issues 2 Pull Requests Actions Wiki Activity

Auto-update blog content from Obsidian: 2026-02-06 21:55:10
All checks were successful
Blog Deployment / Check-Rebuild (push) Successful in 6s
Details
Blog Deployment / Build (push) Has been skipped
Details
Blog Deployment / Deploy-Staging (push) Successful in 9s
Details
Blog Deployment / Test-Staging (push) Successful in 2s
Details
Blog Deployment / Merge (push) Successful in 7s
Details
Blog Deployment / Deploy-Production (push) Successful in 9s
Details
Blog Deployment / Test-Production (push) Successful in 2s
Details
Blog Deployment / Clean (push) Has been skipped
Details
Blog Deployment / Notify (push) Successful in 2s
Details

Browse Source
This commit is contained in:
Gitea Actions
2026-02-06 21:55:10 +00:00
parent ab7996e685
commit e088e8ab18
2 changed files with 44 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
content/post/semaphore-ui-interface-ansible-terraform.md
View File

@@ -32,7 +32,7 @@ Semaphore UI supports many ways to [install](https://semaphoreui.com/docs/catego
I'll use Docker for my installation, you can see how I deploy application currently in this [post]({{< ref "post/16-how-I-deploy-application" >}})
Here my `docker-compose.yml` file I've configured using PostgreSQL:
```yml
```yaml
services:
semaphore:
image: semaphoreui/semaphore:v2.16.45
@@ -127,7 +127,7 @@ Then I create a new `Inventory`. I'm using the Ansible inventory format (the onl
## Launching an Ansible playbook
I want to test something simple, install a web server with a custom page on these 3 VMs, I create the playbook `install_nginx.yml`:
```
```yaml
---
- name: Demo Playbook - Install Nginx and Serve Hostname Page
hosts: all
@@ -189,9 +189,50 @@ There are also a lot of customization available when setting the task template u
---
## Deploy with Terraform
While running Ansible playbooks was easy out of the box, this was a bit different to deploy with Terraform.
While running Ansible playbooks was easy out of the box, this was a bit different to deploy with Terraform on Proxmox VE.
Previously from the CLI, I was interacting with the Proxmox cluster using a SSH key. I was not able to put it to work from Semaphore UI. I used a username with a password instead.
I told myself it would be a good opportunity to use Ansible against my Proxmox nodes to create a dedicated user for this. But this didn't work, here the playbook I used:
```yaml
---
- name: Create Terraform local user for Proxmox
hosts: nodes
become: true
tasks:
- name: Create terraform user
ansible.builtin.user:
name: "{{ terraform_user }}"
password: "{{ terraform_password | password_hash('sha512') }}"
shell: /bin/bash
- name: Create sudoers file for terraform user
ansible.builtin.copy:
dest: /etc/sudoers.d/{{ terraform_user }}
mode: '0440'
content: |
{{ terraform_user }} ALL=(root) NOPASSWD: /sbin/pvesm
{{ terraform_user }} ALL=(root) NOPASSWD: /sbin/qm
{{ terraform_user }} ALL=(root) NOPASSWD: /usr/bin/tee /var/lib/vz/*
```
It was failing with the following error:
```plaintext
Unable to encrypt nor hash, passlib must be installed. No module named 'passlib'
```
It is apparently a known problem of Semaphore, to workaround, I installed `passlib` directly on the container
```bash
docker exec -it semaphore_ui pip install passlib
```
Finally I could create my user on the Proxmox nodes.
Next I create a variable group `pve_vm`. In a variable group I can define multiple variables and secrets together:
![Semaphore UI new variable group](img/semaphore-ui-create-variable-group.png)
Then I create a new task template