Setup Semaphore
Setup Ansible Semaphore and deploy it behind the reverse proxy
Ensure to modify following in it:
- MYSQL_PASSWORD in both mysql and semaphore. Ensure to use new but same password in both
- SEMAPHORE_ADMIN_PASSWORD - autogenerate new password
version: '2'
services:
mysql:
image: mysql:latest
hostname: mysql
environment:
MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
MYSQL_DATABASE: semaphore
MYSQL_USER: semaphore
MYSQL_PASSWORD: AsmbkicBcLCED9Ljv9vA
volumes:
- db:/var/lib/mysql
restart: unless-stopped
semaphore:
image: semaphoreui/semaphore:latest
ports:
- "10.10.10.10:3000:3000"
environment:
SEMAPHORE_DB_DIALECT: mysql
SEMAPHORE_DB_USER: semaphore
SEMAPHORE_DB_PASS: AsmbkicBcLCED9Ljv9vA
SEMAPHORE_DB_HOST: mysql
SEMAPHORE_DB_PORT: 3306
SEMAPHORE_DB: semaphore
SEMAPHORE_ADMIN_PASSWORD: 6TtPhvFjmDSi
SEMAPHORE_ADMIN_NAME: a01
SEMAPHORE_ADMIN_EMAIL: a01@labs.tshetum.bt
SEMAPHORE_ADMIN: a01
ANSIBLE_HOST_KEY_CHECKING: "false"
depends_on:
- mysql
volumes:
- config:/etc/semaphore # config.json location
restart: unless-stopped
volumes:
db:
config:
Once edited, deploy it using
docker-compose up -d
Ensure that ansible semaphore is running by looking at output of
docker container list -a | grep semaphore
We have exceeded the Letsencrypt rate limit on domain “nog.bt”. Max certificate per domain per week is 50 and our 37 attendees have exceeded that. Thus this new temporary domain for this specific task.
| Old Domain | New Domain |
|---|---|
| a01.labs.nog.bt | a01.labs.tshetum.bt |
| a02.labs.nog.bt | a02.labs.tshetum.bt |
| a03.labs.nog.bt | a03.labs.tshetum.bt |
Setup ansible.a01.labs.tshetum.bt to proxy 10.10.10.10:3000 in NGINX Proxy manager or Caddy (whatever you are using). Set it up with a valid TLS certificate and force SSL.