In this post, we will dive into the installation of Ansible AWX on Ubuntu 18.04 / Debian 10 Linux system with Nginx Reverse Proxy and optional Let’s Encrypt SSL Certificate. AWX is an open source project available under the Apache License 2.0. It provides a web-based user interface, REST API, and task engine built on top of Ansible. It is an upstream project from which the Red Hat Ansible Tower is build.

AWX enables users to better control their Ansible project use in IT environments by centrally managing Ansible playbooks, inventories, Secrets, and scheduled jobs from a web interface.

Setup minimum requirements

  • Ubuntu 18.04 / Debian 10 Linux server
  • At least 4GB of RAM
  • 2vcpus
  • 10GB disk storage
  • User with sudo access

Stay relaxed and follow the next steps to install and configure Ansible AWX on Ubuntu 18.04 / Debian 10 Linux distribution.

Step 1: Update your server

Update your system repository to get the latest list of available packages.

sudo apt update && sudo apt -y upgrade
sudo reboot

Step 2: Install Ansible

Install Ansible on Ubuntu 18.04 / Debian 10 by running the commands below.

echo "deb http://ppa.launchpad.net/ansible/ansible/ubuntu bionic main" | sudo tee /etc/apt/sources.list.d/ansible.list
sudo apt -y install gnupg2
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 93C4A3FD7BB9C367
sudo apt update
sudo apt install ansible -y

Version can be checked using the following command:

$ ansible --version
ansible 2.8.5
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ubuntu/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/dist-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.15+ (default, Jul  9 2019, 16:51:35) [GCC 7.4.0]

Step 3: Install Docker and Docker Compose

Ansible AWX services will run as docker containers. We need Docker Engine to power the environment.

Install Docker on Ubuntu 18.04

Install Docker on Debian 10 (Buster)

Install Docker Compose:

How To Install Latest Docker Compose on Linux

You should be able to print Docker version after installation.

$ docker version
Client: Docker Engine - Community
 Version:           19.03.2
 API version:       1.40
 Go version:        go1.12.8
 Git commit:        6a30dfc
 Built:             Thu Aug 29 05:29:11 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          19.03.2
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.12.8
  Git commit:       6a30dfc
  Built:            Thu Aug 29 05:27:45 2019
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.2.6
  GitCommit:        894b81a4b802e4eb2a91d1ce216b8817763c29fb
 runc:
  Version:          1.0.0-rc8
  GitCommit:        425e105d5a03fabd737a126ad93d62a9eeede87f
 docker-init:
  Version:          0.18.0
  GitCommit:        fec3683

Step 4: Install Node and NPM.

Install Node.js and NPM.

sudo apt install -y nodejs npm
sudo npm install npm --global

Step 5: Install AWX on Ubuntu 18.04 / Debian 10

Install docker-py python module.

sudo apt -y install python-pip git pwgen vim
sudo pip install requests==2.14.2

Install docker-compose module which matches your Docker Compose version.

$ docker-compose version
docker-compose version 1.24.1, build 4667896
docker-py version: 3.7.3
CPython version: 2.7.15+
OpenSSL version: OpenSSL 1.1.1  11 Sep 2018

$ sudo pip install docker-compose==1.24.1

Clone AWX source code from GitHub.

git clone --depth 50 https://github.com/ansible/awx.git

Change to installer directory

Since you need to execute ansible playbooks under installer directory, first navigate to this directory.

cd awx/installer/

Check the inventory file, you can customize as you want:

$ nano inventory

Generate AWX secret key

$ pwgen -N 1 -s 30
2fCkx2K5GnIjBz4OterhOC3ey0WPdj

Modify inventory file with correct settings for your setup. Minimal settings:

dockerhub_base=ansible
awx_task_hostname=awx
awx_web_hostname=awxweb
postgres_data_dir=/tmp/pgdocker
host_port=80
host_port_ssl=443
docker_compose_dir=/tmp/awxcompose
pg_username=awx
pg_password=awxpass
pg_database=awx
pg_port=5432
rabbitmq_password=awxpass
rabbitmq_erlang_cookie=cookiemonster
admin_user=admin
admin_password=StrongAdminpassword
create_preload_data=True
secret_key=2fCkx2K5GnIjBz4OterhOC3ey0WPdj

Execute playbook

Run ansible-playbook command followed by option -i which tells it the inventory file to use. The name of the playbook file is install.yml.

sudo ansible-playbook -i inventory install.yml

Installation output.

You can check created docker containers and their status using the docker ps command.

$ sudo docker ps
CONTAINER ID        IMAGE                        COMMAND                  CREATED             STATUS              PORTS                                                 NAMES
6a138d25e9a3        ansible/awx_task:7.0.0       "/tini -- /bin/sh -c…"   20 minutes ago      Up 20 minutes       8052/tcp                                              awx_task
7ea650febea3        ansible/awx_web:7.0.0        "/tini -- /bin/sh -c…"   20 minutes ago      Up 20 minutes       0.0.0.0:80->8052/tcp                                  awx_web
ee4fa869bcba        postgres:10                  "docker-entrypoint.s…"   20 minutes ago      Up 19 minutes       5432/tcp                                              awx_postgres
ea0f5bf77fbe        ansible/awx_rabbitmq:3.7.4   "docker-entrypoint.s…"   20 minutes ago      Up 19 minutes       4369/tcp, 5671-5672/tcp, 15671-15672/tcp, 25672/tcp   awx_rabbitmq
2954d433672e        memcached:alpine             "docker-entrypoint.s…"   20 minutes ago      Up 20 minutes       11211/tcp                                             awx_memcached

The web portal is accessible via host-ip:8000 or port 80 if you didn’t change it. You will get a welcome dashboard similar to one below.

Login with admin user account password set in the inventory file. Once you authenticate, you’ll get to AWX administration dashboard.

Step 6: Configure Nginx Reverse proxy (Optional)

If you would like to configure Nginx reverse proxy for AWX with http to https redirection, follow next steps.

Install Nginx:

sudo apt -y install nginx

Install Let’s Encrypt certificate generation tool.

wget https://dl.eff.org/certbot-auto
chmod +x certbot-auto
sudo mv certbot-auto /usr/local/bin
sudo chmod a+x /usr/local/bin/certbot-auto

Then generate SSL certificate for AWX using certbot-auto tool.

DOMAIN="ansible.example.com"
EMAIL="[email protected]"

sudo /usr/local/bin/certbot-auto certonly --standalone \
 -d ${DOMAIN} \ 
 --preferred-challenges http --agree-tos -n -m ${EMAIL} \
 --keep-until-expiring

Once you get ssl certificate, modify below configuration snippet to use with Nginx.

$ sudo cat /etc/nginx/conf.d/awx.conf
server {
 listen 443 ssl http2;
 server_name awx.example.com www.awx.example.com;

location / {
   proxy_http_version 1.1;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "upgrade";
   proxy_pass http://192.168.x.x:8000/;
 }

ssl on;
ssl_certificate /etc/letsencrypt/live/awx.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/awx.example.com/privkey.pem;
ssl_session_timeout 5m;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;

access_log /var/log/nginx/awx.access.log;
error_log /var/log/nginx/awx.error.log;
}

server {
   listen 80;
   server_name awx.example.com www.awx.example.com;
   add_header Strict-Transport-Security max-age=2592000;
   rewrite ^ https://$server_name$request_uri? permanent;
}

Replace example.com with your real domain or subdomain name and put the correct location of SSL certificate. Then finally confirm that Nginx configuration is OK and restart Nginx.

$ nginx -t
$ sudo systemctl restart nginx

Similar articles:

How To Install and Configure Ansible Tower on CentOS 7

Install Ansible AWX on CentOS 7 / Fedora

Semaphore – Manage Ansible Tasks from A Web UI