Semaphore: Ansible UI When the Team Grows
Actualizado: 2026-05-03
Semaphore[1] is the open-source web interface for running Ansible playbooks: simple, lightweight, self-hostable. Born as a pragmatic alternative to AWX (upstream open-source of Ansible Tower / Red Hat Ansible Automation Platform) — fewer features, but dramatically simpler to operate. For mid-size teams that have outgrown “run from laptop” but don’t need AWX complexity, it’s the sensible choice.
Key takeaways
- Semaphore solves the four Ansible scale problems: audit, permissions, execution history, and centralised secrets.
- The architecture is minimal: one Go binary, PostgreSQL, and Ansible available on the server or container.
- RBAC covers five well-defined roles (admin, project owner, manager, task runner, guest).
- Semaphore consumes ~500 MB RAM; AWX typically needs ~4 GB.
- For teams of fewer than 50 with moderate needs, Semaphore is the right choice. AWX for large teams with complex workflows.
What Semaphore Solves
Problems arising as teams grow:
- Audit: who ran which playbook when against which hosts?
- Permissions: which users can run which playbooks against which inventory?
- History: what output did that execution a week ago produce?
- Schedules: periodic playbooks without dedicating a cron host.
- Centralised secrets: vault keys, SSH keys, without distributing across laptops.
Architecture
Minimum components:
- Semaphore server (Go, single binary).
- Database: MySQL/MariaDB, PostgreSQL, or embedded BoltDB.
- Ansible available on the server or container.
No distributed workers or complex queues. For teams with fewer than 100 simultaneous runs, sufficient.
Docker Install
version: "3.8"
services:
semaphore:
image: semaphoreui/semaphore:latest
ports:
- "3000:3000"
environment:
SEMAPHORE_DB_DIALECT: postgres
SEMAPHORE_DB_HOST: postgres
SEMAPHORE_DB_USER: semaphore
SEMAPHORE_DB_PASS: ${DB_PASS}
SEMAPHORE_DB: semaphore
SEMAPHORE_PLAYBOOK_PATH: /tmp/semaphore
SEMAPHORE_ADMIN_PASSWORD: ${ADMIN_PASS}
SEMAPHORE_ADMIN_NAME: admin
SEMAPHORE_ADMIN_EMAIL: admin@example.com
volumes:
- semaphore_data:/etc/semaphore
- semaphore_tmp:/tmp/semaphore
depends_on:
- postgresStart and log into http://localhost:3000 as admin.
Key Concepts
- Project: isolated space with its inventory, keys, templates.
- Inventory: list of hosts — static or dynamic (script, AWS, etc).
- Key Store: SSH keys, passwords, vault passwords.
- Repository: Git repo where your playbooks live. Semaphore pulls and executes.
- Task Template: associates a playbook + inventory + keys. This is what runs.
- Schedule: a template that runs on cron.
Semaphore vs AWX
| Aspect | Semaphore | AWX |
|---|---|---|
| Deploy complexity | Simple (Docker) | Complex (Kubernetes recommended) |
| RBAC | Basic-medium | Advanced |
| Workflows | Limited | Advanced (graph) |
| Commercial support | — | Yes (Red Hat) |
| Resource consumption | ~500 MB RAM | ~4 GB RAM |
| Learning curve | Low | Medium-high |
Semaphore for teams of fewer than 50 with moderate needs. AWX for large teams with complex requirements.
Conclusion
Semaphore is the pragmatic option for mid-size teams wanting an Ansible UI without AWX complexity. Its simplicity focus is its strength: install in minutes, operate painlessly, covers real cases. For large organisations with complex workflow requirements, enterprise SSO, and multi-tenancy, AWX remains the reference. Choice should be based on team size and needs sophistication. Often, simple is right.
