Getting Started Introduction to the Netos NetOps Project Introduction Our goal with our Sempahore projects is to deliver a framework that makes it simple and fast to deploy and manage open-source enterprise networking applications and tools. Quickly spin up an enterprise grade application stack (in minutes). Deal with all the critical yet time consuming platform engineering at the click of a button. Deal with the boring but important stuff like backups, restores, and maintenance. Fast track to the interesting stuff like playing with the tools and dev/test. Over time we will publish more projects with associated playbooks. Currently available is: Netos NetOps - A simple wrapper project for managing the underlying Semaphore instance. Netos NetBox - Contains all the playbooks to deploy and operate NetBox. Ansible Semaphore Semaphore UI is a simple and easy to use alternative to Ansible AWX. Netos have used it for over a year without issues to run thousands of playbooks and manage all of our infrastructure. It is convenient and easy to use - user friendly web interface for executing Ansible playbooks, Terraform, OpenTofu, Pulumi code and Bash scripts. It is designed to make your automation tasks easier and more enjoyable. Playbooks At a click of a button you can perform complex installations, like installing NetBox, and a lot more. Views Views group together different playbooks, for example, below you can the tasks that deploy NetBox:   Semaphore Projects Finally, we group everything together into different projects. Key Semaphore Principles Introduction The following diagram illustrates the purpose of each menu item in Semaphore, in the context of the Netos deployment. Environments Environments pass variables into Ansible (or other scripts such as Python or Bash). For example, in this environment file we pass through variables from the Semaphore Environment, but also set default variables where applicable in the /vars/ files in the Ansible project. CERT_CONTENT: "{{ lookup('env', 'CERT_CONTENT') | default('must-be-set-in-semaphore-variable') }}" CERT_DIR: "{{ lookup('env', 'CERT_DIR') | default('/netos/certs/netbox') }}" DOMAIN: "{{ lookup('env', 'DOMAIN') | default('netos.dev') }}" NETBOX_DB_NAME: "{{ lookup('env', 'NETBOX_DB_NAME') | default('netbox') }}" Semaphore also supports encrypted secrets as variables. We decided to use this feature throughout rather than Ansible Vault because it ensures that all data is in one place, rather than being split across different vaults and environments. There is a bug in Semaphore where updates to Secrets are not saved. Problem: not possible to edit secret name · Issue #2293 · semaphoreui/semaphore (github.com) Repositories Repositories are linked to Templates (e.g. an Ansible playbook) and in general point to a Git repository. In the case of all Netos projects, we instead point to a local file system, and instead have a per-project task to pull the repository from Netos Networks (github.com).  Templates Everything above is pulled together into a Template. Scheduling Templates can then be scheduled for repetitive tasks, such as backup and housekeeping tasks. Tracking Tasks You can globally track the status of all tasks, as well as within the logs of each Template. Users, Accounts & Tokens Introduction We have set default tokens and passwords to get a test/lab environment up and running quickly. In a production deployment you should replace all the tokens and passwords. We don't suggest changing any directories. Default Login Values The default accounts to login to systems following deployment from Semaphore are as follows. The endpoints (URLs) are set in Semaphore environments, and you will need deploy and configure NGINX. System Username Password Endpoint Settings Semaphore admin admin Set in Semaphore environment "Semaphore Global Settings" NetBox admin ohp8toef7Jee Set in Semaphore environment "NetBox Global Settings" Var Files There are different Ansible Variable files located in each project, for example: https://github.com/netos-networks/netos-netops/tree/main/vars  https://github.com/netos-networks/netos-netbox/tree/main/vars Here is an example  vars_file from the netos-netbox repository. The "lookup" value is taken from. CERT_CONTENT: "{{ lookup('env', 'CERT_CONTENT') | default('must-be-set-in-semaphore-variable') }}" CERT_DIR: "{{ lookup('env', 'CERT_DIR') | default('/netos/certs/netbox') }}" DOMAIN: "{{ lookup('env', 'DOMAIN') | default('netos.dev') }}" NETBOX_DB_NAME: "{{ lookup('env', 'NETBOX_DB_NAME') | default('netbox') }}" NETBOX_DB_PASSWORD: "{{ lookup('env', 'NETBOX_DB_PASSWORD') | default('VxW6EnnKRrkxCzcnDnWT8Fz9q') }}" NETBOX_DB_USER: "{{ lookup('env', 'NETBOX_DB_USER') | default('netbox') }}" NETBOX_HOSTNAME: "{{ lookup('env', 'NETBOX_HOSTNAME') | default('netbox') }}" NETBOX_INSTALL_DIR: "{{ lookup('env', 'NETBOX_INSTALL_DIR') | default('/opt/netbox') }}" NETBOX_REPO: "{{ lookup('env', 'NETBOX_REPO') | default('https://github.com/netbox-community/netbox.git') }}" NETBOX_TOKEN: "{{ lookup('env', 'NETBOX_TOKEN') | default('d4c5b00f7053317be2ce8993dd74caa14ca53ca8') }}" ORG_NAME: "{{ lookup('env', 'ORG_NAME') | default('Netos Networks') }}" PLUGIN_ADD_TAG: "{{ lookup('env', 'PLUGIN_ADD_TAG') | default('') }}" POSTGRES_USER_PASSWORD: "{{ lookup('env', 'POSTGRES_USER_PASSWORD') | default('3SqtYWH8iy0Y1alOIj2I') }}" PRIVATE_CERT_CONTENT: "{{ lookup('env', 'PRIVATE_CERT_CONTENT') | default('must-be-set-in-semaphore-variable') }}" SECRET_KEY: "{{ lookup('env', 'SECRET_KEY') | default('ahz3ool4teiNgo7moh6fiehiuTh6zei5achae2eeshae9vaiYe') }}" SUPER_USER_EMAIL: "{{ lookup('env', 'SUPER_USER_EMAIL') | default('netbox@netos.dev') }}" SUPER_USER_PASSWORD: "{{ lookup('env', 'SUPER_USER_PASSWORD') | default('ohp8toef7Jee') }}" SUPER_USER_USERNAME: "{{ lookup('env', 'SUPER_USER_USERNAME') | default('admin') }}" AIRFLOW_API_USER_USERNAME: "{{ lookup('env', 'AIRFLOW_API_USER_USERNAME') | default('airflow_api') }}" AIRFLOW_API_USER_PASSWORD: "{{ lookup('env', 'AIRFLOW_API_USER_PASSWORD') | default('a17baa2b642565b1d7be4d6d52a7fc23a2c6c41a') }}" AIRFLOW_API_TOKEN: "{{ lookup('env', 'AIRFLOW_API_TOKEN') | default('d6d52a7fc23a2c6c41aa17baa2b642565b1d7be4') }}" Semaphore Variables Variables and Secrets are set in Environments which are passed as variables via the lookup command above. Check the Key Semaphore Principles guide for more information about Semaphore. The variable must be configured in Semaphore if it is referenced in a variable file. If it isn't you will get an error when running the playbook. In a production system, double check all accounts after setting them. I.e. ensure you can manually authenticate to databases, APIs, applications, etc.