目录
check_install_env.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
flag=0
echo -ne "User Check ........................ "
isRoot=`id -u -n | grep root | wc -l`
if [ "x$isRoot" == "x1" ]; then
echo -e "[ 33[32m OK 33[0m]"
else
echo -e "[ 33[31m ERROR 33[0m] 请用 root 用户执行安装脚本"
flag=1
fi
echo -ne "OS Check ........................ "
if [ -f /etc/redhat-release ]; then
osVersion=`cat /etc/redhat-release | grep -oE '[0-9]+.[0-9]+'`
majorVersion=`echo $osVersion | awk -F. '{print $1}'`
if [ "x$majorVersion" == "x" ]; then
echo -e "[ 33[31m ERROR 33[0m] 操作系统类型版本不符合要求,请使用 CentOS 7 64 位版本"
flag=1
else
if [[ $majorVersion == 7 ]]; then
is64bitArch=`uname -m`
if [ "x$is64bitArch" == "xx86_64" ]; then
echo -e "[ 33[32m OK 33[0m]"
else
echo -e "[ 33[31m ERROR 33[0m] 操作系统必须是 64 位的,32 位的不支持"
flag=1
fi
else
echo -e "[ 33[31m ERROR 33[0m] 操作系统类型版本不符合要求,请使用 CentOS 7"
flag=1
fi
fi
else
echo -e "[ 33[31m ERROR 33[0m] 操作系统类型版本不符合要求,请使用 CentOS 7"
flag=1
fi
echo -ne "CPU Check ........................ "
processor=`cat /proc/cpuinfo| grep "processor"| wc -l`
if [ $processor -lt 2 ]; then
echo -e "[ 33[31m ERROR 33[0m] CPU 小于 2核,JumpServer 所在机器的 CPU 需要至少 2核"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
echo -ne "Memory Check ........................ "
memTotal=`cat /proc/meminfo | grep MemTotal | awk '{print $2}'`
if [ $memTotal -lt 3750000 ]; then
echo -e "[ 33[31m ERROR 33[0m] 内存小于 4G,JumpServer 所在机器的内存需要至少 4G"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
echo -ne "Version Check ........................ "
if [ "${Version:0:1}" == "v" ]; then
if [ "${Version:1:1}" -lt "2" ]; then
echo -e "[ 33[31m ERROR 33[0m] 请安装 JumpServer v2.0.0 以上版本, 不支持旧版本安装"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[31m ERROR 33[0m] JumpServer 版本号输入错误, 版本号示例: v2.2.2"
flag=1
fi
if [ $flag -eq 1 ]; then
echo "安装环境检测未通过,请查阅上述环境检测结果"
exit 1
fi
download.sh
#!/bin/bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function download_core() {
echo ">> Download Core"
timeout 60s wget -qO $PROJECT_DIR/$Version/jumpserver-$Version.tar.gz https://github.com/jumpserver/jumpserver/releases/download/$Version/jumpserver-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/jumpserver-$Version.tar.gz
wget -qO $PROJECT_DIR/$Version/jumpserver-$Version.tar.gz http://demo.jumpserver.org/download/jumpserver/$Version/jumpserver-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/jumpserver-$Version.tar.gz
echo "[ERROR] 下载 Core 失败"
exit 1
}
}
}
function download_lina() {
echo ">> Download Lina"
timeout 60s wget -qO $PROJECT_DIR/$Version/lina-$Version.tar.gz https://github.com/jumpserver/lina/releases/download/$Version/lina-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/lina-$Version.tar.gz
wget -qO $PROJECT_DIR/$Version/lina-$Version.tar.gz http://demo.jumpserver.org/download/lina/$Version/lina-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/lina-$Version.tar.gz
echo "[ERROR] 下载 Lina 失败"
exit 1
}
}
}
function download_luna() {
echo ">> Download Luna"
timeout 60s wget -qO $PROJECT_DIR/$Version/luna-$Version.tar.gz https://github.com/jumpserver/luna/releases/download/$Version/luna-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/luna-$Version.tar.gz
wget -qO $PROJECT_DIR/$Version/luna-$Version.tar.gz http://demo.jumpserver.org/download/luna/$Version/luna-$Version.tar.gz || {
rm -f $PROJECT_DIR/$Version/luna-$Version.tar.gz
echo "[ERROR] 下载 Luna 失败"
exit 1
}
}
}
function download_koko(){
echo ">> Download KoKo"
docker pull jumpserver/jms_koko:$Version || {
echo "[ERROR] 下载 KoKo 失败"
exit 1
}
}
function download_guacamole() {
echo ">> Download Guacamole"
docker pull jumpserver/jms_guacamole:$Version || {
echo "[ERROR] 下载 Guacamole 失败"
exit 1
}
}
function main() {
if [ ! -f "$PROJECT_DIR/$Version/jumpserver-$Version.tar.gz" ]; then
download_core
fi
if [ ! -f "$PROJECT_DIR/$Version/lina-$Version.tar.gz" ]; then
download_lina
fi
if [ ! -f "$PROJECT_DIR/$Version/luna-$Version.tar.gz" ]; then
download_luna
fi
if [ ! "$(docker images | grep jms_koko | grep $Version)" ]; then
download_koko
fi
if [ ! "$(docker images | grep jms_guacamole | grep $Version)" ]; then
download_guacamole
fi
}
main
install.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function message() {
echo ""
echo -e "JumpServer 部署完成"
echo -ne "执行"
echo -ne " 33[33m ./jmsctl.sh start 33[0m"
echo -e "启动
"
}
function prepare_install() {
which wget >/dev/null 2>&1
if [ $? -ne 0 ];then
yum install -y wget
fi
if [ ! "$(rpm -qa | grep epel-release)" ]; then
yum install -y epel-release
fi
if grep -q 'mirror.centos.org' /etc/yum.repos.d/CentOS-Base.repo; then
wget -qO /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
yum clean all
fi
if grep -q 'mirrors.fedoraproject.org' /etc/yum.repos.d/epel.repo; then
wget -qO /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/epel.repo
yum clean all
fi
which git >/dev/null 2>&1
if [ $? -ne 0 ];then
yum install -y git
fi
which gcc >/dev/null 2>&1
if [ $? -ne 0 ];then
yum install -y gcc
fi
if [ ! -d "$PROJECT_DIR/$Version" ]; then
mkdir -p $PROJECT_DIR/$Version
yum update -y
fi
if [ ! -d "$install_dir" ]; then
echo "[ERROR] 安装目录 $install_dir 不存在"
exit 1
fi
}
function main() {
bash $BASE_DIR/check_install_env.sh
if [[ $? != 0 ]]; then
exit 1
fi
prepare_install
bash $BASE_DIR/set_firewall.sh
bash $BASE_DIR/install_docker.sh
if [ $DB_HOST == 127.0.0.1 ]; then
bash $BASE_DIR/install_mariadb.sh
fi
if [ $REDIS_HOST == 127.0.0.1 ]; then
bash $BASE_DIR/install_redis.sh
fi
bash $BASE_DIR/install_py3.sh
bash $BASE_DIR/download.sh
if [[ $? != 0 ]]; then
exit 1
fi
bash $BASE_DIR/install_core.sh
if [[ $? != 0 ]]; then
exit 1
fi
bash $BASE_DIR/install_nginx.sh
message
}
main
install_core.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function set_firewall() {
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="$Docker_IP" port protocol="tcp" port="8080" accept"
firewall-cmd --reload
}
function dec_core() {
tar xf $PROJECT_DIR/$Version/jumpserver-$Version.tar.gz -C $install_dir/
mv $install_dir/jumpserver-$Version $install_dir/jumpserver
if [ "$(getenforce)" != "Disabled" ]; then
restorecon -R $install_dir/jumpserver/data/
fi
}
function prepare_install() {
yum install -y $(cat $install_dir/jumpserver/requirements/rpm_requirements.txt) || {
echo "[ERROR] rpm 依赖安装失败"
exit 1
}
source $install_dir/py3/bin/activate
pip install wheel
pip install --upgrade pip setuptools
pip install -r $install_dir/jumpserver/requirements/requirements.txt
if [ $? -ne 0 ];then
echo "[ERROR] python 依赖安装失败"
exit 1
fi
}
function config_core() {
if [ ! "$SECRET_KEY" ]; then
SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`
sed -i "0,/SECRET_KEY=/s//SECRET_KEY=$SECRET_KEY/" $PROJECT_DIR/config.conf
fi
if [ ! "$BOOTSTRAP_TOKEN" ]; then
BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`
sed -i "0,/BOOTSTRAP_TOKEN=/s//BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN/" $PROJECT_DIR/config.conf
fi
if [ ! "$Server_IP" ]; then
Server_IP=`ip addr | grep 'state UP' -A2 | grep inet | egrep -v '(127.0.0.1|inet6|docker)' | awk '{print $2}' | tr -d "addr:" | head -n 1 | cut -d / -f1`
fi
cp $install_dir/jumpserver/config_example.yml $install_dir/jumpserver/config.yml
sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g" $install_dir/jumpserver/config.yml
sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" $install_dir/jumpserver/config.yml
sed -i "s/# DEBUG: true/DEBUG: false/g" $install_dir/jumpserver/config.yml
sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" $install_dir/jumpserver/config.yml
sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" $install_dir/jumpserver/config.yml
sed -i "s/DB_HOST: 127.0.0.1/DB_HOST: $DB_HOST/g" $install_dir/jumpserver/config.yml
sed -i "s/DB_PORT: 3306/DB_PORT: $DB_PORT/g" $install_dir/jumpserver/config.yml
sed -i "s/DB_USER: jumpserver/DB_USER: $DB_USER/g" $install_dir/jumpserver/config.yml
sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" $install_dir/jumpserver/config.yml
sed -i "s/DB_NAME: jumpserver/DB_NAME: $DB_NAME/g" $install_dir/jumpserver/config.yml
sed -i "s/REDIS_HOST: 127.0.0.1/REDIS_HOST: $REDIS_HOST/g" $install_dir/jumpserver/config.yml
sed -i "s/REDIS_PORT: 6379/REDIS_PORT: $REDIS_PORT/g" $install_dir/jumpserver/config.yml
sed -i "s/# REDIS_PASSWORD: /REDIS_PASSWORD: $REDIS_PASSWORD/g" $install_dir/jumpserver/config.yml
sed -i "s/# WINDOWS_SKIP_ALL_MANUAL_PASSWORD: False/WINDOWS_SKIP_ALL_MANUAL_PASSWORD: True/g" $install_dir/jumpserver/config.yml
}
function config_systemd() {
cp $BASE_DIR/service/jms_core.service /usr/lib/systemd/system/
if [ $install_dir != "/opt" ]; then
sed -i "s@/opt@$install_dir@g" /usr/lib/systemd/system/jms_core.service
fi
if [ $DB_HOST != 127.0.0.1 ]; then
sed -i "s/mariadb.service //g" /usr/lib/systemd/system/jms_core.service
fi
if [ $REDIS_HOST != 127.0.0.1 ]; then
sed -i "s/redis.service //g" /usr/lib/systemd/system/jms_core.service
fi
systemctl daemon-reload
systemctl enable jms_core
}
function install_core() {
echo ">> Install Jms_core"
dec_core
}
function main() {
if [ ! -d "$install_dir/jumpserver" ]; then
install_core
fi
if [ ! -f "$install_dir/jumpserver/config.yml" ]; then
config_core
fi
prepare_install
if [ ! -f "/usr/lib/systemd/system/jms_core.service" ]; then
config_systemd
fi
if [ "$(systemctl status firewalld | grep Active | grep running)" ]; then
if [ ! "$(firewall-cmd --list-all | grep $Docker_IP)" ]; then
set_firewall
fi
fi
}
main
install_docker.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
function prepare_install() {
yum install -y yum-utils device-mapper-persistent-data lvm2
}
function install_docker() {
echo ">> Install Docker"
prepare_install
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
rpm --import https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
yum install -y docker-ce
}
function config_docker {
mkdir -p /etc/docker/
cp $BASE_DIR/docker/daemon.json /etc/docker/daemon.json
}
function start_docker {
systemctl start docker
systemctl enable docker
}
function main {
which docker >/dev/null 2>&1
if [ $? -ne 0 ];then
install_docker
fi
if [ ! -f "/etc/docker/daemon.json" ]; then
config_docker
fi
if [ ! "$(systemctl status docker | grep Active | grep running)" ]; then
start_docker
fi
}
main
install_guacamole.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
if [ -f "$PROJECT_DIR/$Version/guacamole.tar" ]; then
docker load < $PROJECT_DIR/$Version/guacamole.tar
fi
function remove_guacamole() {
docker stop jms_guacamole >/dev/null 2>&1
docker rm jms_guacamole >/dev/null 2>&1
}
function start_guacamole() {
echo ">> Install Jms_guacamole"
docker run --name jms_guacamole -d -p 127.0.0.1:8081:8080 -e JUMPSERVER_SERVER=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always jumpserver/jms_guacamole:$Version
}
function check_guacamole() {
if [ ! "$(docker inspect jms_guacamole | grep BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN)" ] || [ ! "$(docker inspect jms_guacamole | grep JUMPSERVER_SERVER=http://$Server_IP:8080)" ]; then
remove_guacamole
start_guacamole
else
docker start jms_guacamole
fi
}
function main() {
if [ ! "$(docker ps | grep jms_guacamole:$Version)" ]; then
if [ ! "$(docker ps -a | grep jms_guacamole:$Version)" ]; then
start_guacamole
else
check_guacamole
fi
else
check_guacamole
fi
}
main
install_koko.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
if [ -f "$PROJECT_DIR/$Version/koko.tar" ]; then
docker load < $PROJECT_DIR/$Version/koko.tar
fi
function remove_koko() {
docker stop jms_koko >/dev/null 2>&1
docker rm jms_koko >/dev/null 2>&1
}
function start_koko() {
echo ">> Install Jms_koko"
docker run --name jms_koko -d -p $ssh_port:2222 -p 127.0.0.1:5000:5000 -e CORE_HOST=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always --privileged=true jumpserver/jms_koko:$Version
}
function check_koko() {
if [ ! "$(docker inspect jms_koko | grep BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN)" ] || [ ! "$(docker inspect jms_koko | grep CORE_HOST=http://$Server_IP:8080)" ]; then
remove_koko
start_koko
else
docker start jms_koko
fi
}
function main() {
if [ ! "$(docker ps | grep jms_koko:$Version)" ]; then
if [ ! "$(docker ps -a | grep jms_koko:$Version)" ]; then
start_koko
else
check_koko
fi
else
check_koko
fi
}
main
install_mariadb.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function install_mariadb() {
echo ">> Install Mariadb"
yum install -y mariadb mariadb-devel mariadb-server
}
function start_mariadb() {
systemctl start mariadb
systemctl enable mariadb
}
function config_database() {
mysql -uroot -e "create database $DB_NAME default charset 'utf8' collate 'utf8_bin';"
}
function config_user() {
mysql -uroot -e "drop user '$DB_USER'@'$DB_HOST';" >/dev/null 2>&1
mysql -uroot -e "grant all on $DB_NAME.* to '$DB_USER'@'$DB_HOST' identified by '$DB_PASSWORD';flush privileges;"
}
function config_passwd() {
DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`
sed -i "0,/DB_PASSWORD=/s//DB_PASSWORD=$DB_PASSWORD/" $PROJECT_DIR/config.conf
}
function main() {
if [ ! "$(rpm -qa | grep mariadb-server)" ]; then
install_mariadb
fi
if [ ! "$(systemctl status mariadb | grep Active | grep running)" ]; then
start_mariadb
fi
if [ ! "$DB_PASSWORD" ]; then
config_passwd
fi
if [ ! -d "/var/lib/mysql/$DB_NAME" ]; then
config_database
fi
mysql -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD -e "use $DB_NAME;" >/dev/null 2>&1
if [ $? -ne 0 ]; then
config_user
fi
}
main
install_nginx.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function prepare_set() {
cp $BASE_DIR/nginx/nginx.repo /etc/yum.repos.d/nginx.repo
}
function install_nginx() {
echo ">> Install Nginx"
yum localinstall -y $BASE_DIR/nginx/nginx-1.18.0-1.el7.ngx.x86_64.rpm
}
function dec_lina() {
tar xf $PROJECT_DIR/$Version/lina-$Version.tar.gz -C $install_dir/
mv $install_dir/lina-$Version $install_dir/lina
if [ "$(getenforce)" != "Disabled" ]; then
restorecon -R $install_dir/lina/
fi
}
function dec_luna() {
tar xf $PROJECT_DIR/$Version/luna-$Version.tar.gz -C $install_dir/
mv $install_dir/luna-$Version $install_dir/luna
if [ "$(getenforce)" != "Disabled" ]; then
restorecon -R $install_dir/luna/
fi
}
function start_nginx() {
systemctl start nginx
systemctl enable nginx
}
function config_nginx() {
echo > /etc/nginx/conf.d/default.conf
cp $BASE_DIR/nginx/jumpserver.conf /etc/nginx/conf.d/jumpserver.conf
if [ "$http_port" != "80" ]; then
sed -i "s@listen 80;@listen $http_port;@g" /etc/nginx/conf.d/jumpserver.conf
fi
if [ $install_dir != "/opt" ]; then
sed -i "s@/opt@$install_dir@g" /etc/nginx/conf.d/jumpserver.conf
fi
sed -i "s@worker_processes 1;@worker_processes auto;@g" /etc/nginx/nginx.conf
}
function main {
if [ ! -f "/etc/yum.repos.d/nginx.repo" ]; then
prepare_set
fi
which nginx >/dev/null 2>&1
if [ $? -ne 0 ];then
install_nginx
fi
if [ ! -f /etc/nginx/conf.d/jumpserver.conf ];then
config_nginx
fi
if [ ! -d "$install_dir/lina" ]; then
dec_lina
fi
if [ ! -d "$install_dir/luna" ]; then
dec_luna
fi
if [ ! "$(systemctl status nginx | grep Active | grep running)" ]; then
start_nginx
fi
}
main
install_py3.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function install_python() {
echo ">> Install Python3.6"
yum install -y python36 python36-devel
}
function config_py3() {
python3.6 -m venv $install_dir/py3
if [ ! -f "~/.pydistutils.cfg" ]; then
cp $BASE_DIR/pypi/.pydistutils.cfg ~/.pydistutils.cfg
fi
if [ ! -f "~/.pip/pip.conf" ]; then
mkdir -p ~/.pip
cp $BASE_DIR/pypi/pip.conf ~/.pip/pip.conf
fi
}
function main() {
which python3.6 >/dev/null 2>&1
if [ $? -ne 0 ];then
install_python
fi
if [ ! -d "$install_dir/py3" ]; then
config_py3
fi
}
main
install_redis.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function install_redis() {
echo ">> Install redis"
yum install -y redis
sed -i "s/bind 127.0.0.1/bind 0.0.0.0/g" /etc/redis.conf
sed -i "561i maxmemory-policy allkeys-lru" /etc/redis.conf
}
function start_redis {
systemctl start redis
systemctl enable redis
}
function config_redis() {
if [ $REDIS_PORT != 6379 ]; then
sed -i "s/port 6379/port $REDIS_PORT/g" /etc/redis.conf
fi
if [ ! "$(cat /etc/redis.conf | grep -v ^# | grep requirepass)" ]; then
sed -i "481i requirepass $REDIS_PASSWORD" /etc/redis.conf
else
sed -i "s/requirepass .*/requirepass $REDIS_PASSWORD/g" /etc/redis.conf
fi
systemctl restart redis
}
function config_passwd() {
REDIS_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`
sed -i "0,/REDIS_PASSWORD=/s//REDIS_PASSWORD=$REDIS_PASSWORD/" $PROJECT_DIR/config.conf
config_redis
}
function main {
if [ ! "$(rpm -qa | grep redis)" ]; then
install_redis
fi
if [ ! "$REDIS_PASSWORD" ]; then
config_passwd
else
config_redis
fi
if [ ! "$(systemctl status redis | grep Active | grep running)" ]; then
start_redis
fi
redis-cli -h $REDIS_HOST -p $REDIS_PORT -a $REDIS_PASSWORD info >/dev/null 2>&1
if [ $? -ne 0 ]; then
config_redis
fi
}
main
install_status.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
flag=0
function check_mysql() {
echo -ne "MySQL Check ........................ "
mysql -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD -e "use $DB_NAME;" >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_redis() {
echo -ne "Redis Check ........................ "
if [ ! "$REDIS_PASSWORD" ]; then
redis-cli -h $REDIS_HOST -p $REDIS_PORT info >/dev/null 2>&1
else
redis-cli -h $REDIS_HOST -p $REDIS_PORT -a $REDIS_PASSWORD info >/dev/null 2>&1
fi
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_docker() {
echo -ne "Docke. Check ........................ "
if [ ! "$(systemctl status docker | grep Active | grep running)" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_py3() {
echo -ne "Py3 Check ........................ "
if [ ! -d "$install_dir/py3" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_core() {
echo -ne "Core Check ........................ "
if [ ! "$(systemctl status jms_core | grep Active | grep running)" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_nginx() {
echo -ne "Nginx Check ........................ "
if [ ! "$(systemctl status nginx | grep Active | grep running)" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
flag=1
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_koko() {
echo -ne "Koko Check ........................ "
if [ ! "$(docker ps | grep jms_koko)" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function check_guacamole() {
echo -ne "Guaca. Check ........................ "
if [ ! "$(docker ps | grep jms_guacamole)" ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function main() {
check_mysql
check_redis
check_docker
check_nginx
check_py3
check_core
check_koko
check_guacamole
if [ $flag -eq 1 ]; then
echo -e "[ 33[31m ERROR 33[0m] 部分组件出现故障,请查阅上述检测结果"
exit 1
fi
}
main
reset.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
target=$1
function reset_core() {
echo ">> Reset Jms_core"
mv $install_dir/jumpserver $install_dir/jumpserver_backup
bash $BASE_DIR/install_core.sh
cp -rf $install_dir/jumpserver_backup/data/* $install_dir/jumpserver/data/*
rm -rf $install_dir/jumpserver_backup
}
function reset_koko() {
echo ">> Reset Jms_koko"
docker stop jms_koko
docker rm jms_koko
docker run --name jms_koko -d -p $ssh_port:2222 -p 127.0.0.1:5000:5000 -e CORE_HOST=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always jumpserver/jms_koko:$Version
}
function reset_guacamole() {
echo ">> Reset Jms_guacamole"
docker stop jms_guacamole
docker rm jms_guacamole
docker run --name jms_guacamole -d -p 127.0.0.1:8081:8080 -e JUMPSERVER_SERVER=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always jumpserver/jms_guacamole:$Version
}
function main() {
case "${target}" in
core)
reset_core
;;
koko)
reset_koko
;;
guacamole)
reset_guacamole
;;
all)
reset_core
reset_koko
reset_guacamole
;;
*)
echo -e "jmsctl: invalid COMMAND '$target'
"
echo -e "Usage: jmsctl reset COMMAND
"
echo -e "Commands:"
echo -e " core 重置 core"
echo -e " koko 重置 koko"
echo -e " guacamole 重置 guacamole"
echo -e " all 重置 core koko gua. "
esac
}
main
set_firewall.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function set_firewall() {
if [ ! "$(firewall-cmd --list-all | grep $http_port)" ]; then
firewall-cmd --zone=public --add-port=$http_port/tcp --permanent
firewall-cmd --reload
fi
if [ ! "$(firewall-cmd --list-all | grep $ssh_port)" ]; then
firewall-cmd --zone=public --add-port=$ssh_port/tcp --permanent
firewall-cmd --reload
fi
}
function set_selinux() {
if [ ! "$(rpm -qa | grep policycoreutils-python)" ]; then
yum install -y policycoreutils-python
fi
setsebool -P httpd_can_network_connect 1
if [ "$http_port" != "80" ]; then
semanage port -a -t http_port_t -p tcp $http_port || {
semanage port -m -t http_port_t -p tcp $http_port || true
}
fi
if [ ! "$(semanage fcontext -l | grep $install_dir/lina)" ]; then
semanage fcontext -a -t httpd_sys_content_t "$install_dir/lina(/.*)?"
fi
if [ ! "$(semanage fcontext -l | grep $install_dir/luna)" ]; then
semanage fcontext -a -t httpd_sys_content_t "$install_dir/luna(/.*)?"
fi
if [ ! "$(semanage fcontext -l | grep $install_dir/jumpserver/data)" ]; then
semanage fcontext -a -t httpd_sys_content_t "$install_dir/jumpserver/data(/.*)?"
fi
}
function main() {
if [ "$(systemctl status firewalld | grep Active | grep running)" ]; then
set_firewall
fi
if [ "$(getenforce)" != "Disabled" ]; then
set_selinux
fi
}
main
start.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
function success() {
echo ""
echo -e "JumpServer 启动成功! "
echo -ne "Web 登陆信息: "
echo -e " 33[32mhttp://$Server_IP:$http_port 33[0m"
echo -ne "SSH 登录信息: "
echo -e " 33[32mssh admin@$Server_IP -p$ssh_port 33[0m"
echo -ne "初始用户名密码: "
echo -e " 33[32madmin admin 33[0m
"
echo -e " 33[33m[如果你是云服务器请在安全组放行 $http_port 和 $ssh_port 端口]
33[0m"
}
function start_mariadb() {
echo -ne "MySQL start ........................ "
if [ ! "$(systemctl status mariadb | grep Active | grep running)" ]; then
systemctl start mariadb
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_redis() {
echo -ne "Redis Start ........................ "
if [ ! "$(systemctl status redis | grep Active | grep running)" ]; then
systemctl start redis
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_docker() {
echo -ne "Docke. Start ........................ "
if [ ! "$(systemctl status docker | grep Active | grep running)" ]; then
systemctl start docker
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_core() {
echo -ne "Core Start ........................ "
if [ ! "$(systemctl status jms_core | grep Active | grep running)" ]; then
systemctl start jms_core
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_koko(){
echo -ne "Koko Start ........................ "
bash $BASE_DIR/install_koko.sh >/dev/null 2>&1
if [ ! "$(docker ps | grep jms_koko)" ]; then
systemctl restart docker
docker start jms_koko
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_guacamole() {
echo -ne "Guaca. Start ........................ "
bash $BASE_DIR/install_guacamole.sh >/dev/null 2>&1
if [ ! "$(docker ps | grep jms_guacamole)" ]; then
docker start jms_guacamole
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function start_nginx() {
echo -ne "Nginx Start ........................ "
if [ ! "$(systemctl status nginx | grep Active | grep running)" ]; then
systemctl start nginx
if [ $? -ne 0 ]; then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function main() {
if [ $DB_HOST == 127.0.0.1 ]; then
start_mariadb
fi
if [ $REDIS_HOST == 127.0.0.1 ]; then
start_redis
fi
start_docker
start_core
start_koko
start_guacamole
start_nginx
echo ""
bash $BASE_DIR/install_status.sh
if [[ $? != 0 ]]; then
exit 1
fi
success
}
main
stop.sh
#!/usr/bin/env bash
#
function stop_koko() {
echo -ne "Koko Stop ........................ "
docker stop jms_koko >/dev/null 2>&1
if [ $? -ne 0 ];then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function stop_guacamole() {
echo -ne "Guaca. Stop ........................ "
docker stop jms_guacamole >/dev/null 2>&1
if [ $? -ne 0 ];then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function stop_core() {
echo -ne "Core Stop ........................ "
systemctl stop jms_core
if [ $? -ne 0 ];then
echo -e "[ 33[31m ERROR 33[0m]"
else
echo -e "[ 33[32m OK 33[0m]"
fi
}
function main() {
stop_koko
stop_guacamole
stop_core
echo ""
}
main
uninstall.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
echo -e " 33[31m 准备从系统中卸载 jumpserver 33[0m"
if [ "$(systemctl status nginx | grep Active | grep running)" ]; then
systemctl stop nginx
fi
rm -f /etc/nginx/conf.d/jumpserver.conf
if [ "$(systemctl status docker | grep Active | grep running)" ]; then
docker stop jms_koko jms_guacamole
docker rm jms_koko jms_guacamole
docker rmi jumpserver/jms_koko:$Version jumpserver/jms_guacamole:$Version
systemctl stop docker
fi
if [ "$(systemctl status jms_core | grep Active | grep running)" ]; then
systemctl stop jms_core
fi
rm -f /usr/lib/systemd/system/jms_core.service
rm -rf $install_dir/py3
rm -rf $install_dir/lina
rm -rf $install_dir/luna
rm -rf $install_dir/jumpserver
if [ $REDIS_HOST == 127.0.0.1 ]; then
if [ "$(systemctl status redis | grep Active | grep running)" ]; then
if [ ! "$REDIS_PASSWORD" ]; then
redis-cli -h $REDIS_HOST -p $REDIS_PORT flushall
else
redis-cli -h $REDIS_HOST -p $REDIS_PORT -a $REDIS_PASSWORD flushall
fi
systemctl stop redis
fi
fi
if [ $DB_HOST == 127.0.0.1 ]; then
if [ "$(systemctl status mariadb | grep Active | grep running)" ]; then
mysql -uroot -e"drop user '$DB_USER'@'$DB_HOST';drop database $DB_NAME;flush privileges;"
systemctl stop mariadb
fi
fi
if [ "$(systemctl status firewalld | grep Active | grep running)" ]; then
if [ "$(firewall-cmd --list-all | grep $http_port)" ]; then
firewall-cmd --zone=public --remove-port=$http_port/tcp --permanent
firewall-cmd --reload
fi
if [ "$(firewall-cmd --list-all | grep $ssh_port)" ]; then
firewall-cmd --zone=public --remove-port=$ssh_port/tcp --permanent
firewall-cmd --reload
fi
if [ "$(firewall-cmd --list-all | grep 8080)" ]; then
if [ "$Docker_IP" ]; then
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="$Docker_IP" port protocol="tcp" port="8080" accept"
firewall-cmd --reload
fi
fi
fi
if [ "$(getenforce)" != "Disabled" ]; then
if [ "$http_port" != "80" ]; then
semanage port -d -t http_port_t -p tcp $http_port || true
fi
if [ "$(semanage fcontext -l | grep $install_dir/lina)" ]; then
semanage fcontext -d -t httpd_sys_content_t "$install_dir/lina(/.*)?"
fi
if [ "$(semanage fcontext -l | grep $install_dir/luna)" ]; then
semanage fcontext -d -t httpd_sys_content_t "$install_dir/luna(/.*)?"
fi
if [ "$(semanage fcontext -l | grep $install_dir/jumpserver/data)" ]; then
semanage fcontext -d -t httpd_sys_content_t "$install_dir/jumpserver/data(/.*)?"
fi
fi
echo -e " 33[31m 已经成功清理 jumpserver 相关文件 33[0m"
echo -e " 33[31m 请自行卸载 docker nginx redis mariadb 服务 33[0m"
echo -e " 33[31m yum remove -y docker-ce docker-ce-cli nginx redis mariadb-server mariadb-devel mariadb-libs mariadb 33[0m"
echo -e " 33[31m 卸载完成后请重启服务器清空路由表 33[0m"
upgrade.sh
#!/usr/bin/env bash
#
BASE_DIR=$(dirname "$0")
PROJECT_DIR=$(dirname $(cd $(dirname "$0");pwd))
source ${PROJECT_DIR}/config.conf
Upgrade_Version=$(curl -s -L http://demo.jumpserver.org/download/latest)
if [ $Version == $Upgrade_Version ]; then
echo -e " 33[31m $Version 已是最新版本 33[0m"
exit 0
fi
echo -e " 33[33m 准备从 $Version 升级到 $Upgrade_Version ... 33[0m"
jumpserver_backup=${PROJECT_DIR}/backup/$Version
if [ ! -d "$jumpserver_backup" ]; then
mkdir -p $jumpserver_backup
fi
if [ ! -d "$install_dir/jumpserver" ]; then
if [ ! -d "$jumpserver_backup/jumpserver" ]; then
echo -e " 33[31m jumpserver 未安装或者目录不正确 33[0m"
exit 1
fi
fi
if [ ! -d "$PROJECT_DIR/$Upgrade_Version" ]; then
mkdir -p $PROJECT_DIR/$Upgrade_Version
fi
if [ ! -f "$PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz" ]; then
timeout 60s wget -qO wget -qO $PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz https://github.com/jumpserver/jumpserver/releases/download/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz
wget -qO $PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz http://demo.jumpserver.org/download/jumpserver/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz
echo -e " 33[31m 下载 jumpserver 失败, 请检查网络是否正常或尝试重新执行升级脚本 33[0m"
exit 1
}
}
fi
rm -rf $install_dir/lina*
if [ ! -f "$PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz" ]; then
timeout 60s wget -qO $PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz https://github.com/jumpserver/lina/releases/download/$Upgrade_Version/lina-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz
wget -qO $PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz http://demo.jumpserver.org/download/lina/$Upgrade_Version/lina-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz
echo -e " 33[31m 下载 lina 失败, 请检查网络是否正常或尝试重新执行升级脚本 33[0m"
exit 1
}
}
fi
tar -xf $PROJECT_DIR/$Upgrade_Version/lina-$Upgrade_Version.tar.gz -C $install_dir
mv $install_dir/lina-$Upgrade_Version $install_dir/lina
rm -rf $install_dir/luna*
if [ ! -f "$PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz" ]; then
timeout 60s wget -qO $PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz https://github.com/jumpserver/luna/releases/download/$Upgrade_Version/luna-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz
wget -qO $PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz http://demo.jumpserver.org/download/luna/$Upgrade_Version/luna-$Upgrade_Version.tar.gz || {
rm -f $PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz
echo -e " 33[31m 下载 luna 失败, 请检查网络是否正常或尝试重新执行升级脚本 33[0m"
exit 1
}
}
fi
tar -xf $PROJECT_DIR/$Upgrade_Version/luna-$Upgrade_Version.tar.gz -C $install_dir
mv $install_dir/luna-$Upgrade_Version $install_dir/luna
if [ -f "$PROJECT_DIR/$Upgrade_Version/koko.tar" ]; then
docker load < $PROJECT_DIR/$Upgrade_Version/koko.tar
fi
if [ -f "$PROJECT_DIR/$Upgrade_Version/guacamole.tar" ]; then
docker load < $PROJECT_DIR/$Upgrade_Version/guacamole.tar
fi
if [ ! "$(docker images | grep jms_koko | grep $Upgrade_Version)" ]; then
docker pull jumpserver/jms_koko:$Upgrade_Version || {
echo -e " 33[31m 下载 koko 镜像失败, 请检查网络是否正常或尝试重新执行升级脚本 33[0m"
exit 1
}
fi
if [ ! "$(docker images | grep jms_guacamole | grep $Upgrade_Version)" ]; then
docker pull jumpserver/jms_guacamole:$Upgrade_Version || {
echo -e " 33[31m 下载 guacamole 镜像失败, 请检查网络是否正常或尝试重新执行升级脚本 33[0m"
exit 1
}
fi
docker stop jms_koko jms_guacamole >/dev/null 2>&1
docker rm jms_koko jms_guacamole >/dev/null 2>&1
systemctl stop jms_core
if [ ! -d "$jumpserver_backup/jumpserver" ]; then
mv $install_dir/jumpserver $jumpserver_backup/
echo -e " 33[33m >>> 已备份文件到 $jumpserver_backup <<< 33[0m"
fi
if [ ! -f "$jumpserver_backup/$DB_NAME.sql" ]; then
mysqldump -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > $jumpserver_backup/$DB_NAME.sql
echo -e " 33[33m >>> 已备份数据库到 $jumpserver_backup <<< 33[0m"
fi
if [ ! -d "$install_dir/jumpserver" ]; then
tar -xf $PROJECT_DIR/$Upgrade_Version/jumpserver-$Upgrade_Version.tar.gz -C $install_dir
mv $install_dir/jumpserver-$Upgrade_Version $install_dir/jumpserver
fi
if [ ! -f "$install_dir/jumpserver/config.yml" ]; then
cp $jumpserver_backup/jumpserver/config.yml $install_dir/jumpserver/
cp -rf $jumpserver_backup/jumpserver/data/* $install_dir/jumpserver/data/
fi
source $install_dir/py3/bin/activate
pip install --upgrade pip setuptools
pip install -r $install_dir/jumpserver/requirements/requirements.txt || {
echo -e " 33[31m 升级 python 依赖失败, 请检查网络是否正常或者更换 pypi 源 33[0m"
exit 1
}
if [ ! "$(systemctl status jms_core | grep Active | grep running)" ]; then
systemctl start jms_core
fi
if [ "${Version:0:1}" == "1" ]; then
rm -f /etc/nginx/conf.d/jumpserver.conf
if [ ! -f "$PROJECT_DIR/$Upgrade_Version/jumpserver.conf" ]; then
wget -qO $PROJECT_DIR/$Upgrade_Version/jumpserver.conf http://demo.jumpserver.org/download/nginx/conf.d/latest/jumpserver.conf || {
rm -f $PROJECT_DIR/$Upgrade_Version/jumpserver.conf
echo "[ERROR] 下载 nginx 配置文件失败"
}
fi
cp $PROJECT_DIR/$Upgrade_Version/jumpserver.conf /etc/nginx/conf.d/jumpserver.conf
if [ "$http_port" != "80" ]; then
sed -i "s@listen 80;@listen $http_port;@g" /etc/nginx/conf.d/jumpserver.conf
fi
if [ $install_dir != "/opt" ]; then
sed -i "s@/opt@$install_dir@g" /etc/nginx/conf.d/jumpserver.conf
fi
sed -i "s@worker_processes 1;@worker_processes auto;@g" /etc/nginx/nginx.conf
if [ "$(getenforce)" != "Disabled" ]; then
if [ ! "$(semanage fcontext -l | grep $install_dir/lina)" ]; then
semanage fcontext -a -t httpd_sys_content_t "$install_dir/lina(/.*)?"
restorecon -R $install_dir/lina/
fi
fi
nginx -s reload
systemctl restart nginx
fi
docker run --name jms_koko -d -p $ssh_port:2222 -p 127.0.0.1:5000:5000 -e CORE_HOST=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always --privileged=true jumpserver/jms_koko:$Upgrade_Version || {
echo -e " 33[31m jms_koko 镜像下载失败, 请检查网络是否正常或者手动 pull 镜像 33[0m"
exit 1
}
docker run --name jms_guacamole -d -p 127.0.0.1:8081:8080 -e JUMPSERVER_SERVER=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always jumpserver/jms_guacamole:$Upgrade_Version || {
echo -e " 33[31m jms_guacamole 镜像下载失败, 请检查网络是否正常或者手动 pull 镜像 33[0m"
exit 1
}
docker rmi jumpserver/jms_koko:$Version jumpserver/jms_guacamole:$Version >/dev/null 2>&1
sed -i "s/Version=$Version/Version=$Upgrade_Version/g" ${PROJECT_DIR}/config.conf
echo ""
echo -e " 33[33m >>> 已升级版本至 $Upgrade_Version <<<
33[0m"