极速配置
https://jumpserver.readthedocs.io/zh/master/setup_by_localcloud.html
https://jumpserver.readthedocs.io/zh/master/setup_by_centos7.html https://www.cnblogs.com/weavepub/p/11115700.html https://www.cnblogs.com/kcxg/p/11012785.html https://jumpserver.readthedocs.io/zh/master/faq_rdp.html https://www.cnblogs.com/shawhe/p/10840227.html 重要参考 https://www.cnblogs.com/kevingrace/p/5950472.html
setenforce 0 systemctl stop firewalld systemctl disable firewalld sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
1.
yum -y install wget gcc epel-release git
# 安装 Redis, Jumpserver 使用 Redis 做 cache 和 celery broke
yum -y install redis
systemctl enable redis
systemctl start redis
2.
yum -y install mariadb mariadb-devel mariadb-server MariaDB-shared # centos7下叫mariadb, 用法与mysql一致
systemctl enable mariadb
systemctl start mariadb
# 创建数据库 Jumpserver 并授权
DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24` # 生成随机数据库密码
echo -e "\033[31m 你的数据库密码是 $DB_PASSWORD \033[0m"
mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"
mysql密码
jumpserver
me4IFqec9lbPVI1sib8xCKuL
3.
# 安装 Nginx, 用作代理服务器整合 Jumpserver 与各个组件
vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
yum -y install nginx
systemctl enable nginx
4.
# 安装 Python3.6
yum -y install python36 python36-devel
# 配置并载入 Python3 虚拟环境
cd /opt
python3.6 -m venv py3 # py3 为虚拟环境名称, 可自定义
source /opt/py3/bin/activate # 退出虚拟环境可以使用 deactivate 命令
# 下载 Jumpserver
cd /opt/
git clone --depth=1 https://github.com/jumpserver/jumpserver.git
# 安装依赖 RPM 包
$ yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt)
#配置pip加速不然下面下载很慢
[root@xuegod63 ~]# mkdir ~/.pip
[root@xuegod63 ~]# vi /root/.pip/pip.conf #写入下以内容
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
# 安装 Python 库依赖
$ pip install --upgrade pip setuptools
$ pip install -r /opt/jumpserver/requirements/requirements.txt
ERROR: elasticsearch 6.1.1 has requirement urllib3<1.23,>=1.21.1, but you'll have urllib3 1.25.2 which is incompatible.
ERROR: django-radius 1.3.3 has requirement future==0.16.0, but you'll have future 0.17.1 which is incompatible.
http://192.168.120.56:8080/static/img/logo_text.png
./jms start all -d
|stop|status
(py3) [root@xuegod63 utils]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# chmod +x jms
(py3) [root@xuegod63 jumpserver]# ./jms start all -d
新的开始
1.
setenforce 0 #可以设置配置文件永久关闭
systemctl stop firewalld.service ; systemctl disable firewalld.service
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
export LC_ALL=zh_CN.UTF-8
echo 'LANG=zh_CN.UTF-8' > /etc/locale.conf
[root@xuegod63 ~]# exit
yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
[root@xuegod63 ~]# cd /opt
[root@xuegod63 ~]# tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1
[root@xuegod63 ~]# ./configure && make -j 4 && make install
make -j 4 #以4个进程同时编译,会快很多
[root@xuegod63 ~]# cd /opt
[root@xuegod63 ~]# python3 -m venv py3
[root@xuegod63 ~]# source /opt/py3/bin/activate
(py3) [root@xuegod63 jumpserver]# cd /opt/jumpserver/requirements
(py3) [root@xuegod63 requirements]# yum -y install $(cat rpm_requirements.txt)
或:
[root@xuegod63 ~]# yum -y install `cat rpm_requirements.txt`
3、 安装 Python 库依赖
(py3) [root@xuegod63 requirements]# cd /opt/jumpserver/requirements
(py3) [root@xuegod63 requirements]# source /opt/py3/bin/activate
(py3) [root@xuegod63 requirements]# pip -V
pip install -r requirements.txt
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
4.
(py3) [root@xuegod63 requirements]# rpm -ivh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
(py3) [root@xuegod63 requirements]# yum -y install redis
(py3) [root@xuegod63 requirements]# systemctl enable redis ; systemctl start redis
5、安装 MySQL
本教程使用 Mysql 作为数据库,如果不使用 Mysql 可以跳过相关 Mysql 安装和配置
(py3) [root@xuegod63 ~]# yum install mariadb mariadb-devel mariadb-server -y
(py3) [root@xuegod63 ~]# systemctl enable mariadb ; systemctl start mariadb
6、建数据库 Jumpserver 并授权
(py3) [root@xuegod63 ~]# mysql
MariaDB [(none)]> create database jumpserver default charset 'utf8';
MariaDB [(none)]> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '123456';
MariaDB [(none)]> exit;
7、改 Jumpserver 配置文件,让Jumpserver可以连接数据库
(py3) [root@xuegod63 ~]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# cp config_example.py config.py
vi config.py
8、创建数据库表结构和初始化数据
(py3) [root@xuegod63 jumpserver]# cd /opt/jumpserver/utils
(py3) [root@xuegod63 utils]# bash make_migrations.sh #注,在执行这一条命令之前,必
9、运行 Jumpserver一定在python3环境下执行
(py3) [root@xuegod63 utils]# source /opt/py3/bin/activate
(py3) [root@xuegod63 utils]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# chmod +x jms
(py3) [root@xuegod63 jumpserver]# ./jms start all -d
推出虚拟环境 deactivate
2、 安装coco的依赖包,主要有rpm和python包
(py3) [root@xuegod63 coco]# cd /opt/coco/requirements
(py3) [root@xuegod63 requirements]# yum -y install $(cat rpm_requirements.txt)
(py3) [root@xuegod63 requirements]# pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ #前面已经离线安
3、查看配置文件并运行
(py3) [root@xuegod63 requirements]# cd /opt/coco
(py3) [root@xuegod63 coco]# cp conf_example.py conf.py #如果 coco 与 jumpserver 分开部署,请手动修改 conf.py
(py3) [root@xuegod63 coco]# chmod +x cocod
(py3) [root@xuegod63 coco]# ./cocod restart -d #后台运行使用 -d 参数
# 新版本更新了运行脚本,使用方式./cocod start|stop|status|restart 后台运行请添加 -d 参数
(py3) [root@xuegod63 coco]# netstat -antup | grep 5000 #如果服务启动成功,可以看
注册
python run_server.py &
终端管理需要接收请求 不然报错
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
(py3) [root@jumperserver56 coco]# ./cocod status
Coco is running: 31885
(py3) [root@jumperserver56 coco]# netstat -antup | grep 5000
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 31885/python3
tar zxvf luna.tar.gz
(py3) [root@xuegod63 jumpserver]# yum -y install nginx
在准备配置文件
(py3) [root@xuegod63 opt]# vi /etc/nginx/nginx.conf
删除第38行到 57行中server {。。。}相关的内容,在vim命令模式,输入38gg,快速跳到38行,然后输入20dd,就可以删除。
server {
listen 80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/;
}
location /static/ {
root /opt/jumpserver/data/;
}
location /socket.io/ {
proxy_pass http://localhost:5000/socket.io/; # 如果coco安装在别的服务器,请填写它的ip
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://localhost:8080; # 如果jumpserver安装在别的服务器,请填写它的ip
}
}
ssh -p2222 admin@192.168.120.56
https://www.cnblogs.com/kevingrace/p/5950472.html
docker run --name jms_guacamole -d -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
-e JUMPSERVER_KEY_DIR=/config/guacamole/key -e JUMPSERVER_SERVER=http://192.168.120.56:8080 registry.jumpserver.org/public/guacamole:1.0.0
docker run --name jms_guacamole -d -p 8081:8081 -e JUMPSERVER_SERVER=http://<Jumpserver_url> -e BOOTSTRAP_TOKEN=xxxxxx jumpserver/jms_guacamole:1.5.1
docker pull registry.jumpserver.org/public/guacamole:1.0.0
telnet 192.168.120.254 3389
nginx-windows-的转发
location /guacamole/ {
proxy_pass http://localhost:8081/; #如果guacamole安装在别的服务器,请填写它的ip
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log off;
}