search

semaphoreui / semaphore

Modern UI for Ansible, Terraform, OpenTofu, Bash, Pulumi.
https://semaphoreui.com
MIT License
10.28k stars 1.03k forks source link

Question: Using semaphore with bastion #2251

Open epwickey opened 1 month ago

epwickey commented 1 month ago

Question

For our environments we have ssh bastion servers. Right now we have ssh configs in each users workstations defining the proxies. We need to use the same user for proxy as the ones we use to run playbooks. For each user there is a separate username. How can we achieve this through semaphore. I tried using ssh config in the semaphore host but the connection to the bastion server tries to use root user. Not the user that is used for playbooks.

Related to

Configuration

ezekiel commented 1 month ago

I'm not an expert, just a user, but I think the answer to your question is NOT in semaphore setup/config, but in task setup/config ( I'll use ansible as an example ).

In ansible.cfg, you have options like: https://docs.ansible.com/ansible/latest/reference_appendices/config.html#netconf-ssh-config

Or, in inventory/group/play vars, you have options like: ansible_ssh_common_args: "-J username@bastion.host.domain.tld"

Semaphore "just" calls tasks ( I'm using ansible as the prime example ) - you want to configure your tasks with bastion-traversal, not semaphore.