habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

website/integrations: Update Semaphore UI description (#12674)

Browse Source 
* Update index.mdx

Signed-off-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
Signed-off-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

* Update index.mdx

Signed-off-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

* Update index.mdx

Signed-off-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>

---------

Signed-off-by: Christopher Fenner <9592452+CFenner@users.noreply.github.com>
Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
Christopher Fenner
2025-01-16 01:13:33 +01:00
committed by GitHub
parent 813273338e
commit 661a966e23
1 changed files with 44 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
website/integrations/services/semaphore/index.mdx
View File

@ -10,6 +10,7 @@ sidebar_label: Semaphore
## What is Semaphore UI ## What is Semaphore UI
> Semaphore UI is a modern web interface for managing popular DevOps tools. > Semaphore UI is a modern web interface for managing popular DevOps tools.
>
> -- https://semaphoreui.com/ > -- https://semaphoreui.com/
> >
> This guide explains how to configure Semaphore UI to use authentik as the OAuth provider for logging in to the Web GUI. > This guide explains how to configure Semaphore UI to use authentik as the OAuth provider for logging in to the Web GUI.
@ -23,49 +24,63 @@ The following placeholders are used in this guide:
## authentik configuration ## authentik configuration
[Create](https://docs.goauthentik.io/docs/add-secure-apps/applications/manage_apps#add-new-applications) an OAuth2/OpenID provider and an application in authentik. Use the following parameters for the OAuth2/OpenID provider: Start the wizard for adding a new application.
**Provider:** **1. Application:**
- Name: `SP-semaphore`
- Client type: `Confidential`
- Redirect URIs/Origins (RegEx): `https://semaphore.company/api/auth/oidc/authentik/redirect/`
- Signing Key: `authentik Self-signed Certificate`
Take note of the Client ID and Client Secret, you'll need to give them to Semaphore UI in Step 3.
Leave the rest as default values. The durations can be changed as needed.
**Application:**
- Name: `Semaphore UI` - Name: `Semaphore UI`
- Slug: `semaphore` - Slug: `semaphore`
- Launch URL: `https://semaphore.company/`
**2. Choose a Provider**
Select `OAuth2/OpenID Provider`
**3. Configure Provider**
Select implicit or explicit authorization flow as desired.
Take note of the Client ID and Client Secret, you'll need to give them to Semaphore UI later.
- Redirect URIs/Origins (RegEx): `https://semaphore.company/api/auth/oidc/authentik/redirect/`
- Signing Key: `authentik Self-signed Certificate`
Leave the rest as default values.
## Semaphore UI configuration ## Semaphore UI configuration
Log in to your Semaphore UI host via SSH. Edit the `config.json` file (should be located under `/etc/semaphore`) file with the text editor of your choice. Log in to your Semaphore UI host via SSH. Edit the `/etc/semaphore/config.json` file with the text editor of your choice.
Before the last curly brace, add the following content: Add the `oidc_providers` configuration:
``` ```
"oidc_providers": { {
"authentik": { "oidc_providers": {
"display_name": "SSO-Login", "authentik": {
"provider_url": "https://authentik.company/application/o/semaphore/", "display_name": "Sign in with Authentik",
"client_id": "<client-id>", "provider_url": "https://authentik.company/application/o/<slug>/",
"client_secret": "<client-secret>", "client_id": "<client-id>",
"redirect_url": "https://semaphore.company/api/auth/oidc/authentik/redirect/", "client_secret": "<client-secret>",
"username_claim": "username", "redirect_url": "https://semaphore.company/api/auth/oidc/authentik/redirect/",
"name_claim": "name", "username_claim": "username",
"email_claim": "email", "name_claim": "name",
"scopes": ["openid", "profile", "email"] "email_claim": "email",
} "scopes": ["openid", "profile", "email"]
},
...
} }
``` ```
:::info :::info
It is mandatory to include 'authentik' in lowercase letters. There should also be another curly brace above these lines. Make sure to add a `,` after it to maintain proper formatting. The name of the oidc_provider (e.g. `authentik`) needs to match the name on the redirect URL.
:::
:::info
If a `Not Found` error is displayed after the login, you might need to set the web_root to `/` (see https://github.com/semaphoreui/semaphore/issues/2681):
```
SEMAPHORE_WEB_ROOT: /
```
::: :::
More information on this can be found in the Semaphore documentation https://docs.semaphoreui.com/administration-guide/openid/authentik/. More information on this can be found in the Semaphore documentation https://docs.semaphoreui.com/administration-guide/openid/authentik/.