jumpserver1.4.1 安装过程
# 修改字符集
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 export LC_ALL=zh_CN.UTF-8 echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf
#安装依赖包
yum -y install readline* net-tools icu perl-DBI perl-Net-Daemon perl-PlRPC libcap-devel lynx perl-DBD-MySQL readline-devel net-tools* dos2unix gcc* xmlto screen vim* psmisc wget lrzsz pcre-devel iptraf sysstat libevent libevent-devel perl-ExtUtils-CBuilder perl-ExtUtils-MakeMaker tar rrdtool ntp* dos2unix setup* net-snmp-utils net-snmp-devel ruby ruby-devel php-snmp cmake net-snmp-perl net-snmp net-snmp-libs wget elinks make autoconf213 m4 gcc gcc-c++ automake autoconf fontconfig fontconfig-devel libjpeg libjpeg* libjpeg-devel libpng libpng-devel freetype freetype* freetype-devel libxml2 libxml2-devel libdhash libdhash-devel libxslt* zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2* libicu libicu-devel ncurses ncurses-devel xmlrpc-c xmlrpc-c-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel openldap-clients openldap-servers gd gd-devel pam* gettext gettext-devel keyutils mpfr cpp libgomp libstdc++-devel keyutils-libs-devel libcom_err-devel libsepol-devel libXpm* php-gd ncurses* libtool* patch unzip bison-devel bison libcom_err-devel libsepol-devel gtk* libselinux-devel libtiff* php-common policycoreutils telnet t1lib t1lib* nasm nasm* wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git libtiff-devel libjpeg-devel libzip-devel freetype-devel lcms2-devel libwebp-devel tcl-devel tk-devel sshpass openldap-devel mysql-devel libffi-devel openssh-clients
#编译安装python
tar xvf package.tar.gz tar xvf Python-3.6.1.tar.xz cd Python-3.6.1 ./configure --enable-optimizations make && make install
#建立 Python 虚拟环境
cd /opt python3 -m venv python3 source /opt/python3/bin/activate
#自动载入 Python 虚拟环境配置
tar zxvf autoenv.tar.gz mv autoenv /opt/ echo 'source /opt/autoenv/activate.sh' >> ~/.bashrc source ~/.bashrc
#安装 Jumpserver
tar zxvf jumpserver.tar.gz mv jumpserver /opt/ echo 'source /opt/python3/bin/activate' > /opt/jumpserver/.env cd /opt/jumpserver
# 首次进入 jumpserver 文件夹会有提示,按 y 即可
# Are you sure you want to allow this? (y/N) y
#安装 Python 库依赖
pip install -r /opt/jumpserver/requirements/requirements.txt -i https://pypi.python.org/simple
#安装 Redis
yum -y install redis sed -i "481 a requirepass 123456" /etc/redis.conf systemctl enable redis systemctl start redis
#安装 MySQL
yum -y install mariadb mariadb-devel mariadb-server systemctl enable mariadb systemctl start mariadb
#设置mariadb密码
/usr/bin/mysqladmin -u root password 123456 cat > /tmp/mysql_sec_script<<EOF drop database test; create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '123456'; grant all on jumpserver.* to 'jumpserver'@'localhost' identified by '123456'; grant all on jumpserver.* to 'jumpserver'@'%' identified by '123456'; flush privileges; EOF /usr/bin/mysql -u root -p123456 -h 127.0.0.1 < /tmp/mysql_sec_script rm -f /tmp/mysql_sec_script
#修改 Jumpserver 配置文件
cp /opt/jumpserver/config_example.py /opt/jumpserver/config.py sed -i "s/# DB_HOST/DB_HOST/g" /opt/jumpserver/config.py sed -i "s/# DB_ENGINE/DB_ENGINE/g" /opt/jumpserver/config.py sed -i "s/# DB_PORT/DB_PORT/g" /opt/jumpserver/config.py sed -i "s/# DB_USER/DB_USER/g" /opt/jumpserver/config.py sed -i "s/# DB_PASSWORD/DB_PASSWORD/g" /opt/jumpserver/config.py sed -i "s/# DB_NAME/DB_NAME/g" /opt/jumpserver/config.py sed -i "s/DB_ENGINE = 'sqlite3'/#DB_ENGINE = 'sqlite3'/g" /opt/jumpserver/config.py sed -i "s/weakPassword/$mysqlrootpwd/g" /opt/jumpserver/config.py sed -i "s/or ''/or '123456'/g" /opt/jumpserver/config.py sed -i "s/DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')/#DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')/g" /opt/jumpserver/config.py sed -i "168 a 'OPTIONS': {\n'init_command': \"SET sql_mode='STRICT_TRANS_TABLES'"\"\\n\}, /opt/jumpserver/apps/jumpserver/settings.py sed -i "s/0.0.0.0/你的IP/g" /opt/jumpserver/config.py
#生成数据库表结构和初始化数据
cd /opt/jumpserver/utils/ ./make_migrations.sh
#运行 Jumpserver
cd /opt/jumpserver/ ./jms start all -d
请浏览器访问 http://IP:8080/ 默认账号: admin 密码: admin
#安装 SSH 和 WebSocket 接口
tar zxvf coco.tar.gz mv coco /opt/coco echo 'source /opt/python3/bin/activate' > /opt/coco/.env
# 首次进入 coco 文件夹会有提示,按 y 即可
# Are you sure you want to allow this? (y/N) y
#安装依赖
pip install -r /opt/coco/requirements/requirements.txt -i https://pypi.python.org/simple
#修改配置文件
sed -i "s/# NAME/NAME/g" /opt/coco/conf.py sed -i "s/# CORE_HOST/CORE_HOST/g" /opt/coco/conf.py sed -i "s/# LOG_LEVEL = 'INFO'/LOG_LEVEL = 'WARN'/g" /opt/coco/conf.py sed -i "69 a LANGUAGE_CODE = 'zh'" /opt/coco/conf.py
#运行coco
cd /opt/coco ./cocod start -d
#安装 Web Terminal 前端
tar zxvf luna.tar.gz chown -R root:root luna mv luna /opt/luna
# 安装 Windows 支持组件
yum remove docker-latest-logrotate docker-logrotate docker-selinux dockdocker-engine yum install -y yum-utils device-mapper-persistent-data lvm2 yum-config-manager --add-repo docker-ce.repo rpm --import gpg yum makecache fast yum -y install docker-ce
#启动docker
systemctl start docker systemctl status docker
#启动 Guacamole
cp guacamole.tar /opt/guacamole.tar docker load < /opt/guacamole.tar # 注意:这里需要修改下 http://<填写jumpserver的url地址> 例: http://192.168.3.189, 否则会出错 docker run --name jms_guacamole -d -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key -e JUMPSERVER_KEY_DIR=/config/guacamole/key -e JUMPSERVER_SERVER=http://$IP jumpserver/guacamole:latest
#安装nginx
yum install nginx cp jumpserver.conf /etc/nginx/conf.d/ systemctl enable nginx systemctl start nginx
#查看各个服务运行
cd /opt/jumpserver ./jms status cd /opt/coco ./cocod status docker ps