極速配置
https://jumpserver.readthedocs.io/zh/master/setup_by_localcloud.html
https://jumpserver.readthedocs.io/zh/master/setup_by_centos7.html https://www.cnblogs.com/weavepub/p/11115700.html https://www.cnblogs.com/kcxg/p/11012785.html https://jumpserver.readthedocs.io/zh/master/faq_rdp.html https://www.cnblogs.com/shawhe/p/10840227.html 重要參考 https://www.cnblogs.com/kevingrace/p/5950472.html
setenforce 0 systemctl stop firewalld systemctl disable firewalld sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
1.
yum -y install wget gcc epel-release git
# 安裝 Redis, Jumpserver 使用 Redis 做 cache 和 celery broke
yum -y install redis
systemctl enable redis
systemctl start redis
2.
yum -y install mariadb mariadb-devel mariadb-server MariaDB-shared # centos7下叫mariadb, 用法與mysql一致
systemctl enable mariadb
systemctl start mariadb
# 創建數據庫 Jumpserver 並授權
DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24` # 生成隨機數據庫密碼
echo -e "\033[31m 你的數據庫密碼是 $DB_PASSWORD \033[0m"
mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"
mysql密碼
jumpserver
me4IFqec9lbPVI1sib8xCKuL
3.
# 安裝 Nginx, 用作代理服務器整合 Jumpserver 與各個組件
vi /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
yum -y install nginx
systemctl enable nginx
4.
# 安裝 Python3.6
yum -y install python36 python36-devel
# 配置並載入 Python3 虛擬環境
cd /opt
python3.6 -m venv py3 # py3 為虛擬環境名稱, 可自定義
source /opt/py3/bin/activate # 退出虛擬環境可以使用 deactivate 命令
# 下載 Jumpserver
cd /opt/
git clone --depth=1 https://github.com/jumpserver/jumpserver.git
# 安裝依賴 RPM 包
$ yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt)
#配置pip加速不然下面下載很慢
[root@xuegod63 ~]# mkdir ~/.pip
[root@xuegod63 ~]# vi /root/.pip/pip.conf #寫入下以內容
[global]
index-url = http://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
# 安裝 Python 庫依賴
$ pip install --upgrade pip setuptools
$ pip install -r /opt/jumpserver/requirements/requirements.txt
ERROR: elasticsearch 6.1.1 has requirement urllib3<1.23,>=1.21.1, but you'll have urllib3 1.25.2 which is incompatible.
ERROR: django-radius 1.3.3 has requirement future==0.16.0, but you'll have future 0.17.1 which is incompatible.
http://192.168.120.56:8080/static/img/logo_text.png
./jms start all -d
|stop|status
(py3) [root@xuegod63 utils]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# chmod +x jms
(py3) [root@xuegod63 jumpserver]# ./jms start all -d
新的開始
1.
setenforce 0 #可以設置配置文件永久關閉
systemctl stop firewalld.service ; systemctl disable firewalld.service
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
export LC_ALL=zh_CN.UTF-8
echo 'LANG=zh_CN.UTF-8' > /etc/locale.conf
[root@xuegod63 ~]# exit
yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
[root@xuegod63 ~]# cd /opt
[root@xuegod63 ~]# tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1
[root@xuegod63 ~]# ./configure && make -j 4 && make install
make -j 4 #以4個進程同時編譯,會快很多
[root@xuegod63 ~]# cd /opt
[root@xuegod63 ~]# python3 -m venv py3
[root@xuegod63 ~]# source /opt/py3/bin/activate
(py3) [root@xuegod63 jumpserver]# cd /opt/jumpserver/requirements
(py3) [root@xuegod63 requirements]# yum -y install $(cat rpm_requirements.txt)
或:
[root@xuegod63 ~]# yum -y install `cat rpm_requirements.txt`
3、 安裝 Python 庫依賴
(py3) [root@xuegod63 requirements]# cd /opt/jumpserver/requirements
(py3) [root@xuegod63 requirements]# source /opt/py3/bin/activate
(py3) [root@xuegod63 requirements]# pip -V
pip install -r requirements.txt
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
4.
(py3) [root@xuegod63 requirements]# rpm -ivh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
(py3) [root@xuegod63 requirements]# yum -y install redis
(py3) [root@xuegod63 requirements]# systemctl enable redis ; systemctl start redis
5、安裝 MySQL
本教程使用 Mysql 作為數據庫,如果不使用 Mysql 可以跳過相關 Mysql 安裝和配置
(py3) [root@xuegod63 ~]# yum install mariadb mariadb-devel mariadb-server -y
(py3) [root@xuegod63 ~]# systemctl enable mariadb ; systemctl start mariadb
6、建數據庫 Jumpserver 並授權
(py3) [root@xuegod63 ~]# mysql
MariaDB [(none)]> create database jumpserver default charset 'utf8';
MariaDB [(none)]> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '123456';
MariaDB [(none)]> exit;
7、改 Jumpserver 配置文件,讓Jumpserver可以連接數據庫
(py3) [root@xuegod63 ~]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# cp config_example.py config.py
vi config.py
8、創建數據庫表結構和初始化數據
(py3) [root@xuegod63 jumpserver]# cd /opt/jumpserver/utils
(py3) [root@xuegod63 utils]# bash make_migrations.sh #注,在執行這一條命令之前,必
9、運行 Jumpserver一定在python3環境下執行
(py3) [root@xuegod63 utils]# source /opt/py3/bin/activate
(py3) [root@xuegod63 utils]# cd /opt/jumpserver
(py3) [root@xuegod63 jumpserver]# chmod +x jms
(py3) [root@xuegod63 jumpserver]# ./jms start all -d
推出虛擬環境 deactivate
2、 安裝coco的依賴包,主要有rpm和python包
(py3) [root@xuegod63 coco]# cd /opt/coco/requirements
(py3) [root@xuegod63 requirements]# yum -y install $(cat rpm_requirements.txt)
(py3) [root@xuegod63 requirements]# pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ #前面已經離線安
3、查看配置文件並運行
(py3) [root@xuegod63 requirements]# cd /opt/coco
(py3) [root@xuegod63 coco]# cp conf_example.py conf.py #如果 coco 與 jumpserver 分開部署,請手動修改 conf.py
(py3) [root@xuegod63 coco]# chmod +x cocod
(py3) [root@xuegod63 coco]# ./cocod restart -d #后台運行使用 -d 參數
# 新版本更新了運行腳本,使用方式./cocod start|stop|status|restart 后台運行請添加 -d 參數
(py3) [root@xuegod63 coco]# netstat -antup | grep 5000 #如果服務啟動成功,可以看
注冊
python run_server.py &
終端管理需要接收請求 不然報錯
* Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
(py3) [root@jumperserver56 coco]# ./cocod status
Coco is running: 31885
(py3) [root@jumperserver56 coco]# netstat -antup | grep 5000
tcp 0 0 0.0.0.0:5000 0.0.0.0:* LISTEN 31885/python3
tar zxvf luna.tar.gz
(py3) [root@xuegod63 jumpserver]# yum -y install nginx
在准備配置文件
(py3) [root@xuegod63 opt]# vi /etc/nginx/nginx.conf
刪除第38行到 57行中server {。。。}相關的內容,在vim命令模式,輸入38gg,快速跳到38行,然后輸入20dd,就可以刪除。
server {
listen 80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/;
}
location /static/ {
root /opt/jumpserver/data/;
}
location /socket.io/ {
proxy_pass http://localhost:5000/socket.io/; # 如果coco安裝在別的服務器,請填寫它的ip
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://localhost:8080; # 如果jumpserver安裝在別的服務器,請填寫它的ip
}
}
ssh -p2222 admin@192.168.120.56
https://www.cnblogs.com/kevingrace/p/5950472.html
docker run --name jms_guacamole -d -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
-e JUMPSERVER_KEY_DIR=/config/guacamole/key -e JUMPSERVER_SERVER=http://192.168.120.56:8080 registry.jumpserver.org/public/guacamole:1.0.0
docker run --name jms_guacamole -d -p 8081:8081 -e JUMPSERVER_SERVER=http://<Jumpserver_url> -e BOOTSTRAP_TOKEN=xxxxxx jumpserver/jms_guacamole:1.5.1
docker pull registry.jumpserver.org/public/guacamole:1.0.0
telnet 192.168.120.254 3389
nginx-windows-的轉發
location /guacamole/ {
proxy_pass http://localhost:8081/; #如果guacamole安裝在別的服務器,請填寫它的ip
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log off;
}