semaphere部署，配置ldap

在处理 Ansible 相关项目时，我们经常面临繁琐的命令行操作，这对于不熟悉命令行的用户来说可能是一个挑战。此外，当项目规模扩大时，跟踪和管理多个 playbook 变得困难，同时缺乏对失败的及时通知和访问控制。这些问题催生了 Ansible Semaphore。
Ansible Semaphore 旨在解决这些问题。它提供了一个现代化的用户界面，通过直观的操作和可视化工具，使得运行 Ansible playbook 变得简单而高效。无论是新手还是经验丰富的开发人员，都能够通过 Ansible Semaphore 轻松管理和部署项目.

1、首先在下载semaphore的二进制文件 版本自定义

wget https://github.com/ansible-semaphore/semaphore/releases/\
download/v2.8.75/semaphore_2.8.75_linux_amd64.tar.gz

tar xf semaphore_2.8.75_linux_amd64.tar.gz

./semaphore setup
按照交互式的提示输入配置项会生成config.json
最后执行./semaphore service --config=./config.json

config.json配置

{
        "mysql": {
                "host": "10.72.88.200:3306",
                "user": "semaphere",
                "pass": "semaphere",
                "name": "semaphere",
                "options": null
        },
        "bolt": {
                "host": "",
                "user": "",
                "pass": "",
                "name": "",
                "options": null
        },
        "postgres": {
                "host": "",
                "user": "",
                "pass": "",
                "name": "",
                "options": null
        },
        "dialect": "mysql",
        "port": "",
        "interface": "",
        "tmp_path": "/data/semaphere",
        "cookie_hash": "dlL7hN+6zGPl9nA+b7qMH9KxTc1e0j5kFhwFxnxbJO4=",
        "cookie_encryption": "6cIiVCnjLS+CADd4Gf5ifAPmef6ZFUzzLogT/0C8dVc=",
        "access_key_encryption": "HnFwKdZbd5qyS0a0Dp0KBJ05mJAdRQuGcI5Y2bA0Vrw=",
        "email_sender": "",
        "email_host": "",
        "email_port": "",
        "email_username": "",
        "email_password": "",
        "web_host": "",
        "ldap_binddn": "cn=xiaomao,cn=managers,dc=test,dc=com",
        "ldap_bindpassword": "Root@saxofintech",
        "ldap_server": "10.72.88.200:31683",
        "ldap_searchdn": "dc=test,dc=com",
        "ldap_searchfilter": "(&(objectClass=inetOrgPerson)(cn=%s))",
        "ldap_mappings": {
                "dn": "",
                "mail": "mail",
                "uid": "cn",
                "cn": "cn"
        },
        "ldap_enable": true,
        "ldap_needtls": false,
        "telegram_chat": "",
        "telegram_token": "",
        "slack_url": "",
        "max_parallel_tasks": 0,
        "email_alert": false,
        "email_secure": false,
        "telegram_alert": false,
        "slack_alert": false,
        "ssh_config_path": "",
        "demo_mode": false
 }

数据库选一个就可以，然后ldap根据自己的值来配置，当配置完成后第一个登录的用户是没有admin的权限的需要手动给一下admin的权限，
UPDATE semaphere.user SET admin=1 WHERE username='xxx';

以系统服务运行

sudo cat > /etc/systemd/system/semaphore.service <<EOF
[Unit]
Description=Semaphore Ansible
Documentation=https://github.com/ansible-semaphore/semaphore
Wants=network-online.target
After=network-online.target

[Service]
Type=simple
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/path/to/semaphore service --config=/path/to/config.json
SyslogIdentifier=semaphore
Restart=always
RestartSec=10s

[Install]
WantedBy=multi-user.target
EOF