zoukankan      html  css  js  c++  java

  • JumpServer1.0 服务搭建

    JumpServer1.0 服务搭建

    系统环境配置

    setenforce 0
systemctl stop iptables.service
systemctl stop firewalld.service

localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
export LC_ALL=zh_CN.UTF-8
echo 'LANG=zh_CN.UTF-8' > /etc/sysconfig/i18n

    安装python3

    wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
tar xvf Python-3.6.1.tar.xz  && cd Python-3.6.1
./configure --prefix=/usr/local/python3
make
make install
ln -s /usr/local/python3/bin/python3 /usr/bin/python3

yum -y install epel-release wget unzip epel-release nginx sqlite-devel xz gcc automake zlib-devel openssl-devel redis mariadb  
libtiff-devel libjpeg-devel libzip-devel freetype-devel lcms2-devel libwebp-devel tcl-devel tk-devel sshpass openldap-devel mysql-devel 
mariadb-devel mariadb-server supervisor libffi-devel openssh-clients
systemctl restart redis
systemctl restart mariadb
systemctl enable redis
systemctl enable mariadb
cd /opt/
python3 -m venv py3
source /opt/py3/bin/activate

    Jumpserver配置

    wget https://github.com/jumpserver/jumpserver/archive/1.0.0.zip -O jumpserver.zip
unzip jumpserver.zip && rm -f jumpserver.zip && mv jumpserver* jumpserver
source /opt/py3/bin/activate && pip install --upgrade pip && pip install -i https://pypi.douban.com/simple/ -r /opt/jumpserver/requirements/requirements.txt
cd /opt/jumpserver
cp config_example.py config.py
# 修改数据库配置
vim config.py 
mysql -uroot -pMYSQL@2018 -e "create database jumpserver character set utf8"
# 生成数据库表结构和初始化数据
python apps/manage.py makemigrations
python apps/manage.py migrate
# 运行Jumpserver
python run_server.py all

    安装SSH Server和WebSocket Server: Coco

    cd /opt/
wget https://github.com/jumpserver/coco/archive/1.0.0.zip -O coco.zip
unzip coco.zip && rm -f coco.zip && mv coco* coco
source /opt/py3/bin/activate && pip install --upgrade pip && pip install -i https://pypi.douban.com/simple/ -r /opt/coco/requirements/requirements.txt
# 查看配置文件并运行
cd /opt/coco
cp conf_example.py conf.py
python run_server.py
#Jumpserver管理后台-会话管理-终端管理,接受 Coco 的注册

cd /opt/
wget https://github.com/jumpserver/luna/archive/v1.0.0.zip -O luna.zip
unzip luna.zip && rm -f luna.zip && mv luna* luna

    安装docker

    #curl -fsSL https://get.docker.com/ | sh
yum install -y -q docker-ce
systemctl start docker
systemctl enable docker

# 安装guacamole
host_ip=`python -c "import socket;print([(s.connect(('8.8.8.8', 53)), s.getsockname()[0], s.close()) for s in [socket.socket(socket.AF_INET, socket.SOCK_DGRAM)]][0][1])"`

# 将Host_IP换为本机IP后执行
docker run --name jms_guacamole -d 
  --restart always 
  -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key 
  -e JUMPSERVER_KEY_DIR=/config/guacamole/key 
  -e JUMPSERVER_SERVER=http://$host_ip:8080 
  registry.jumpserver.org/public/guacamole:1.0.0

    nginx环境配置

    cat << EOF > /etc/nginx/conf.d/jumpserver.conf
server {
    listen 80;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    location /luna/ {
        try_files $uri / /index.html;
        alias /opt/luna/;
    }

    location /media/ {
        add_header Content-Encoding gzip;
        root /opt/jumpserver/data/;
    }

    location /static/ {
        root /opt/jumpserver/data/;
    }

    location /socket.io/ {
        proxy_pass       http://localhost:5000/socket.io/;
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location /guacamole/ {
        proxy_pass       http://localhost:8081/;
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;
        access_log off;
    }

    location / {
        proxy_pass http://localhost:8080;
    }
}

EOF

    其他说明

    nginx配置后,通过ip打开jumpserver显示默认的nginx提示页,注释/etc/nginx/nginx.conf的默认80配置项即可
  • 相关阅读:
    【LSGDOJ 1408】邮局
    中间件小姐姐直播“带货”——阿里程序员必知的插件
    ChaosBlade 发布对 C++ 应用混沌实验的支持
    来自 Spring Cloud 官方的消息,Spring Cloud Alibaba 即将毕业
    大合集 | 9 场 Dubbo Meetup 回顾视频和PPT下载
    Future Maker | 领跑亚太 进击的阿里云数据库
    更简单易用的数据仓库,阿里云重磅推出分析型数据库3.0版
    AnalyticDB for MySQL 3.0 技术架构解析
    阿里云 EMAS HTTPDNS 联合函数计算重磅推出 SDNS 服务,三大能力获得突破
    新一代互联网传输协议QUIC浅析
  • 原文地址:https://www.cnblogs.com/Mrhuangrui/p/8616574.html
Copyright © 2011-2022 走看看