zoukankan      html  css  js  c++  java
  • JumpServer1.0 服务搭建

    JumpServer1.0 服务搭建

    系统环境配置

    setenforce 0
    systemctl stop iptables.service
    systemctl stop firewalld.service
    
    localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
    export LC_ALL=zh_CN.UTF-8
    echo 'LANG=zh_CN.UTF-8' > /etc/sysconfig/i18n
    

    安装python3

    wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
    tar xvf Python-3.6.1.tar.xz  && cd Python-3.6.1
    ./configure --prefix=/usr/local/python3
    make
    make install
    ln -s /usr/local/python3/bin/python3 /usr/bin/python3
    
    yum -y install epel-release wget unzip epel-release nginx sqlite-devel xz gcc automake zlib-devel openssl-devel redis mariadb  
    libtiff-devel libjpeg-devel libzip-devel freetype-devel lcms2-devel libwebp-devel tcl-devel tk-devel sshpass openldap-devel mysql-devel 
    mariadb-devel mariadb-server supervisor libffi-devel openssh-clients
    systemctl restart redis
    systemctl restart mariadb
    systemctl enable redis
    systemctl enable mariadb
    cd /opt/
    python3 -m venv py3
    source /opt/py3/bin/activate
    

    Jumpserver配置

    wget https://github.com/jumpserver/jumpserver/archive/1.0.0.zip -O jumpserver.zip
    unzip jumpserver.zip && rm -f jumpserver.zip && mv jumpserver* jumpserver
    source /opt/py3/bin/activate && pip install --upgrade pip && pip install -i https://pypi.douban.com/simple/ -r /opt/jumpserver/requirements/requirements.txt
    cd /opt/jumpserver
    cp config_example.py config.py
    # 修改数据库配置
    vim config.py 
    mysql -uroot -pMYSQL@2018 -e "create database jumpserver character set utf8"
    # 生成数据库表结构和初始化数据
    python apps/manage.py makemigrations
    python apps/manage.py migrate
    # 运行Jumpserver
    python run_server.py all 
    

    安装SSH Server和WebSocket Server: Coco

    cd /opt/
    wget https://github.com/jumpserver/coco/archive/1.0.0.zip -O coco.zip
    unzip coco.zip && rm -f coco.zip && mv coco* coco
    source /opt/py3/bin/activate && pip install --upgrade pip && pip install -i https://pypi.douban.com/simple/ -r /opt/coco/requirements/requirements.txt
    # 查看配置文件并运行
    cd /opt/coco
    cp conf_example.py conf.py
    python run_server.py
    #Jumpserver管理后台-会话管理-终端管理,接受 Coco 的注册
    
    cd /opt/
    wget https://github.com/jumpserver/luna/archive/v1.0.0.zip -O luna.zip
    unzip luna.zip && rm -f luna.zip && mv luna* luna
    

    安装docker

    #curl -fsSL https://get.docker.com/ | sh
    yum install -y -q docker-ce
    systemctl start docker
    systemctl enable docker
    
    # 安装guacamole
    host_ip=`python -c "import socket;print([(s.connect(('8.8.8.8', 53)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1])"`
    
    # 将Host_IP换为本机IP后执行
    docker run --name jms_guacamole -d 
      --restart always 
      -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key 
      -e JUMPSERVER_KEY_DIR=/config/guacamole/key 
      -e JUMPSERVER_SERVER=http://$host_ip:8080 
      registry.jumpserver.org/public/guacamole:1.0.0
    

    nginx环境配置

    cat << EOF > /etc/nginx/conf.d/jumpserver.conf
    server {
        listen 80;
    
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
        location /luna/ {
            try_files $uri / /index.html;
            alias /opt/luna/;
        }
    
        location /media/ {
            add_header Content-Encoding gzip;
            root /opt/jumpserver/data/;
        }
    
        location /static/ {
            root /opt/jumpserver/data/;
        }
    
        location /socket.io/ {
            proxy_pass       http://localhost:5000/socket.io/;
            proxy_buffering off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    
        location /guacamole/ {
            proxy_pass       http://localhost:8081/;
            proxy_buffering off;
            proxy_http_version 1.1;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $http_connection;
            access_log off;
        }
    
        location / {
            proxy_pass http://localhost:8080;
        }
    }
    
    EOF
    

    其他说明

    nginx配置后,通过ip打开jumpserver显示默认的nginx提示页,注释/etc/nginx/nginx.conf的默认80配置项即可

  • 相关阅读:
    iOS边练边学--tableView的批量操作
    iOS边练边学--简单的数据操作(增、删、改),左滑动删除和弹窗
    iOS边练边学--自定义非等高的cell
    iOS边练边学--自定义等高的cell
    iOS边练边学--UITableViewCell的常见属性设置
    iOS边练边学--UITableView性能优化之三种方式循环利用
    iOS边练边学--介绍布局的三种方法
    c++ 函数的函数声明
    using namespace std
    java.lang.ExceptionInInitializerError
  • 原文地址:https://www.cnblogs.com/Mrhuangrui/p/8616574.html
Copyright © 2011-2022 走看看