centos7安装最新版jumpserver

最新推荐文章于 2022-11-04 18:06:51 发布

bolaoyun5518

最新推荐文章于 2022-11-04 18:06:51 发布

阅读量208

点赞数

文章标签：运维数据库 git

原文链接：http://blog.51cto.com/14226596/2420441

版权

1.安装python3环境
更新epel-release
＄yum install -y python36 python36-devel python36-pip
安装python后，还要修改以下两个文件内容：
1）/usr/bin/yum

将第一行 #！/usr/bin/yum修改为：#!/usr/bin/python2.7
2） /usr/libexec/urlgrabber-ext-down
将第一行#!/usr/bin/python修改为了#!/usr/bin/python2.7
再使用yum进行后面的安装
2.安装redis

＄yum -y install redis
＄systemctl enable redis
＄systemctl start redis

3.安装mysql

$ yum -y install mariadb mariadb-devel mariadb-server MariaDB-shared # centos7下叫mariadb, 用法与mysql一致
$ systemctl enable mariadb
$ systemctl start mariadb
$ DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`  # 生成随机数据库密码

$ echo -e "\033[31m 你的数据库密码是 $DB_PASSWORD \033[0m"
$ mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'
@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"

4.安装jumpserver
解压jumpserver的包 git地址： git clone --depth=1 https://github.com/jumpserver/jumpserver.git
进入解压后的jumpserver路径，安装依赖和模块，因此处用到pip命令，默认是国外的源，安装起来就比较慢，配置pip加速：

$ mkdir ~/.pip
$ cat > ~/.pip/pip.conf << EOF
> [global]
> trusted-host=mirrors.aliyun.com
> index-url=https://mirrors.aliyun.com/pypi/simple/
EOF

然后进行安装：

$ yum -y install $(cat /usr/local/kaiyuan/jumpserver/jumpserver/requirements/rpm_requirements.txt)
$ pip3.6 install -r
修改jumpserver配置文件：
$ cd /usr/local/kaiyuan/junpserverjumpserver
$ cp config_example.yml config.yml
$ SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`  # 生成随机SECRET_KEY
$ echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
$ BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`  # 生成随机BOOTSTRAP_TOKEN
$ echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
$ sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g"  config.yml
$ sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" config.yml
$ sed -i "s/# DEBUG: true/DEBUG: false/g" config.yml
$ sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" config.yml
$ sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" config.yml
$ sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" config.yml
$ echo -e "\033[31m 你的SECRET_KEY是 $SECRET_KEY \033[0m"
$ echo -e "\033[31m 你的BOOTSTRAP_TOKEN是 $BOOTSTRAP_TOKEN \033[0m"

确认配置文件，先将debug改为true：
$ vi config.yml

null
SECURITY WARNING: keep the secret key used in production secret!
加密秘钥 生产环境中请修改为随机字符串, 请勿外泄, PS: 纯数字不可以
SECRET_KEY:
SECURITY WARNING: keep the bootstrap token used in production secret!
预共享Token coco和guacamole用来注册服务账号, 不在使用原来的注册接受机制BOOTSTRAP_TOKEN:
Development env open this, when error occur display the full process track, Production disable it
DEBUG 模式 开启DEBUG后遇到错误时可以看到更多日志
DEBUG: true
DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
日志级别
LOG_LEVEL: ERROR
LOG_DIR:
Session expiration setting, Default 24 hour, Also set expired on on browser close
浏览器Session过期时间, 默认24小时, 也可以设置浏览器关闭则过期# SESSION_COOKIE_AGE: 86400
SESSION_EXPIRE_AT_BROWSER_CLOSE: true
Database setting, Support sqlite3, mysql, postgres ....
数据库设置# See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
SQLite setting:# 使用单文件sqlite数据库
DB_ENGINE: sqlite3# DB_NAME:
MySQL or postgres setting like:
使用Mysql作为数据库~~~~
DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD:
DB_NAME: jumpserver
When Django start it will bind this host and port
./manage.py runserver 127.0.0.1:8000
运行时绑定端口
HTTP_BIND_HOST: 127.0.0.1
HTTP_LISTEN_PORT: 8000
Use Redis as broker for celery and web socket# Redis配置
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD:# REDIS_DB_CELERY: 3
REDIS_DB_CACHE: 4
Use OpenID authorization
使用OpenID 来进行认证设置# BASE_SITE_URL: http://localhost:8080# AUTH_OPENID: false  # True or False# AUTH_OPENID_SERVER_URL: https://openid-auth-server.com/
AUTH_OPENID_REALM_NAME: realm-name
AUTH_OPENID_CLIENT_ID: client-id
AUTH_OPENID_CLIENT_SECRET: client-secret
OTP settings# OTP/MFA 配置
OTP_VALID_WINDOW: 0
OTP_ISSUER_NAME: Jumpserver

小贴士：修改jms文件的内容中运行manage.py的命令改为python3，不然运行报错没有django模块
centos7安装最新版jumpserver

5.安装luna、coco
1）安装luna比较简单，将luna的包解压后，属主改为root就可以了
centos7安装最新版jumpserver
2）coco安装
下载coco配置包，git地址： git clone https://github.com/jumpserver/coco.git
解压coco的包并进入coco目录，安装相关模块和依赖

$ cd /usr/local/kaiyuan/jumpserver/coco/requirements
$ yum -y install $(cat rpm_requirements.txt)
$ pip3.6 install -r requirements.txt
$ cd  /usr/local/kaiyuan/jumpserver/coco
$ cp config_example.yml config.yml
coco密钥：
$ sed -i "s/BOOTSTRAP_TOKEN: <PleasgeChangeSameWithJumpserver>/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" config.yml
$ sed -i "s/# LOG_LEVEL: INFO/LOG_LEVEL: ERROR/g" config.yml
$ vim config.yml  （BOOTSTRAP_TOKEN与jumpserver的config.yml保持一致）

centos7安装最新版jumpserver
运行coco ./cocod start -d
6.安装配置nginx

$ yum install nginx -y ##安装
$ systemctl enable nginx ##设置开机启动
$ cd /etc/nginx/conf.d/
$ vim jumpserver.conf ##编写jumpserver相关配置
$ systemctl start nginx ##运行nginx
7.关闭selinux和防火墙
记得将jumpserver的debug改为false

8.浏览器打开自己设置好的域名，或者主机ip访问页面：
centos7安装最新版jumpserver

bolaoyun5518

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
centos7安装最新版jumpserver

1.安装python3环境更新epel-release＄yum install -y python36 python36-devel python36-pip安装python后，还要修改以下两个文件内容：1）/usr/bin/yum将第一行 #！/usr/bin/yum修改为：#!/usr/bin/python2.72） /usr/libexec/urlgrabber-ext-down将第一...
复制链接

扫一扫