JumpServer 是全球首款开源的堡垒机,使用 GNU GPL v2.0 开源协议,是符合 4A 规范的运维安全审计系统。
JumpServer 使用 Python / Django 为主进行开发,遵循 Web 2.0 规范,配备了业界领先的 Web Terminal 方案,交互界面美观、用户体验好。
JumpServer 采纳分布式架构,支持多机房跨区域部署,支持横向扩展,无资产数量及并发限制。
改变世界,从一点点开始。
特色优势
开源: 零门槛,线上快速获取和安装;
分布式: 轻松支持大规模并发访问;
无插件: 仅需浏览器,极致的 Web Terminal 使用体验;
多云支持: 一套系统,同时管理不同云上面的资产;
云端存储: 审计录像云端存储,永不丢失;
多租户: 一套系统,多个子公司和部门同时使用;
多应用支持: 数据库,Windows远程应用,Kubernetes。
安装环境
Centos7.9
验证安装-Web访问
https://ip:8443
默认用户: admin 默认密码: admin
仅需两步快速安装 JumpServer:
准备一台 2核4G (最低)且可以访问互联网的 64 位 Centos 7 主机;
以 root 用户执行如下命令一键安装 JumpServer。
curl -sSL https://github.com/jumpserver/jumpserver/releases/download/v2.0.2/quick_start.sh | sh
国内用户
curl -sSL https://resource.fit2cloud.com/jumpserver/jumpserver/releases/latest/download/quick_start.sh | bash
等着部署成功就行了
download install script to /opt/jumpserver-installer-v3.10.1
██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
Version: v3.10.1
1. Check Configuration File
Path to Configuration file: /opt/jumpserver/config
/opt/jumpserver/config/config.txt [ √ ]
/opt/jumpserver/config/nginx/cert/server.crt [ √ ]
/opt/jumpserver/config/nginx/cert/server.key [ √ ]
complete
>>> Install and Configure Docker
1. Install Docker
Starting to download Docker engine ...
Starting to download Docker Compose binary ...
complete
2. Configure Docker
Do you want to support IPv6? (y/n) (default n): complete
3. Start Docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
complete
>>> Loading Docker Image
[jumpserver/redis:6.2] pulling
[jumpserver/koko:v3.10.1] pulling
[jumpserver/core-ce:v3.10.1] pulling
[jumpserver/kael:v3.10.1] pulling
[jumpserver/lion:v3.10.1] pulling
[jumpserver/mariadb:10.6] pulling
[jumpserver/web:v3.10.1] pulling
[jumpserver/chen:v3.10.1] pulling
[jumpserver/magnus:v3.10.1] pulling
v3.10.1: Pulling from jumpserver/kael
b5a0d5c14ba9: Pulling fs layer
bc6c01cf3e8e: Pulling fs layer
4f4fb700ef54: Pulling fs layer
6158e9fff86d: Waiting
558d86dfa6a6: Waiting
83d2710f753f: Waiting
7c409e5d43c6: Waiting
2da08748e549: Waiting
v3.10.1: Pulling from jumpserver/koko
b5a0d5c14ba9: Pulling fs layer
63eda5107b9b: Waiting
2e52909f8bdd: Waiting
14aa9ca05ed9: Waiting
f0ca2911689c: Waiting
d34108c6db16: Waiting
e8c6695058cb: Waiting
6231684fca60: Waiting
603ee5ccf2c1: Waiting
6.2: Pulling from jumpserver/redis
0e0969fcaa82: Waiting
90efb8009811: Waiting
056d34192fca: Waiting
e643cc88a91b: Waiting
306521e8da1b: Waiting
e0ee52234ab3: Waiting
4f4fb700ef54: Waiting
3ab5ce3095c6: Waiting
10.6: Pulling from jumpserver/mariadb
0e0969fcaa82: Waiting
90c6e9600eac: Waiting
16839bd20328: Waiting
89d40b2e986b: Waiting
9eaf147d6d88: Waiting
77473f38e6e4: Waiting
0474fe9319a4: Waiting
0a470c720bcc: Waiting
v3.10.1: Pulling from jumpserver/web
b5a0d5c14ba9: Pulling fs layer
975b4ec1d253: Waiting
5d968dafb983: Waiting
8a1ecc36510f: Waiting
6b66cbffcbde: Waiting
71608b1f666b: Waiting
510cbe0f5421: Waiting
4f4fb700ef54: Waiting
b47beab6405f: Waiting
313d925d833d: Waiting
37f1ea77175d: Waiting
21be2948636a: Waiting
d4951d00736a: Waiting
2ab500464946: Waiting
8a4fd5a6364f: Waiting
8f988edf27e3: Waiting
9b76a2d8d3eb: Waiting
v3.10.1: Pulling from jumpserver/chen
b5a0d5c14ba9: Pulling fs layer
bcd33028f0bf: Waiting
92986fdeeeb0: Waiting
73212b989e99: Waiting
4f4fb700ef54: Waiting
847890c3cca3: Waiting
fcd488b5ca3f: Waiting
27124aeaac9a: Waiting
fd2fef1da7e4: Waiting
077d12073875: Waiting
957bb0f5fa2b: Waiting
v3.10.1: Pulling from jumpserver/magnus
b5a0d5c14ba9: Pulling fs layer
507f6f94d84e: Waiting
4f4fb700ef54: Waiting
Downloading [============================================> ] 27.88MB/31.42MB
6ae481567c73: Waiting
b5a0d5c14ba9: Downloading [=================================================> ] 30.81MB/31.42MB
b5a0d5c14ba9: Extracting [====================================> ] 22.94MB/31.42MB
3b5fd6b6bbfd: Waiting
v3.10.1: Pulling from jumpserver/core-ce
b5a0d5c14ba9: Pulling fs layer
89f76bd97852: Waiting
b5a0d5c14ba9: Downloading [===============================================> ] 29.84MB/31.42MB
b5a0d5c14ba9: Pull complete
b5a0d5c14ba9: b5a0d5c14ba9: Downloading [==========================================> ] 26.91MB/31.42MB
5fd6a2e2bac3: Waiting
4f4fb700ef54: Waiting
v3.10.1: Pulling from jumpserver/lion
0bc8ff246cb8: Waiting
b5a0d5c14ba9: Pull complete
6866af1fcbe1: Waiting
b5a0d5c14ba9: Pull complete
63eda5107b9b: Downloading [===========================> ] 34.98MB/64.39MB
2e52909f8bdd: Downloading [=============================================> ] 58.7MB/63.85MB
4f4fb700ef54: Pull complete
63eda5107b9b: Downloading [===========================> ] 35.52MB/64.39MB
975b4ec1d253: Pull complete
5d968dafb983: Pull complete
8a1ecc36510f: Pull complete
6b66cbffcbde: Pull complete
510cbe0f5421: Downloading [===================================> ] 13.7MB/19.33MB
510cbe0f5421: Extracting [=============> ] 5.112MB/19.33MB
4f4fb700ef54: Download complete
510cbe0f5421: Extracting [===============> ] 6.095MB/19.33MB
510cbe0f5421: Extracting [====================> ] 7.864MB/19.33MB
b47beab6405f: Downloading [> ] 9.159MB/1.249GB
b47beab6405f: Downloading [> ] 11.83MB/1.249GB
510cbe0f5421: Pull complete
4f4fb700ef54: Pull complete
b47beab6405f: Downloading [=> ] 35.45MB/1.249GB
313d925d833d: Downloading [====================> ] 5.407MB/13.41MB
37f1ea77175d: Download complete
21be2948636a: Downloading [=======================================> ] 14.07MB/17.77MB
313d925d833d: Downloading [====================> ] 5.554MB/13.41MB
bcd33028f0bf: Pull complete
0bc8ff246cb8: ===================> ] 506.4MB/1.249GB
73212b989e99: Pull complete
4f4fb700ef54: Pull complete
847890c3cca3: Pull complete
fcd488b5ca3f: Pull complete
27124aeaac9a: Pull complete
b47beab6405f: Downloading [===========> ] 292.4MB/1.249GB
89f76bd97852: Extracting [==================================================>] 1.078MB/1.078MB
Extracting [=========> ] 33.98MB/171.2MB ] 7.496MB/31.53MB
0bc8ff246cb8: Pull complete
d0c35592470f: Pull complete
6866af1fcbe1: Pull complete
b47beab6405f: Downloading [========================> ] 607.4MB/1.249GB
2545ca49ffd2: Pull complete
ead66a07f6fe: Pull complete
a04c47cb5e40: Pull complete
0a809b3df25e: Pull complete
4692a7cc8ff1: Pull complete
b47beab6405f: Downloading [===================================> ] 883.8MB/1.249GB
c97509c3d978: Pull complete
fb50c58bbe78: Pull complete
b47beab6405f: Downloading [===================================> ] 885.4MB/1.249GB
Status: Downloaded newer image for swr.cn-north-1.myhuaweicloud.com/jumpserver/lion:v3.10.1
swr.cn-north-1.myhuaweicloud.com/jumpserver/lion:v3.10.1
b47beab6405f: Pull complete
313d925d833d: Pull complete
37f1ea77175d: Pull complete
21be2948636a: Pull complete
d4951d00736a: Pull complete
2ab500464946: Pull complete
8a4fd5a6364f: Pull complete
8f988edf27e3: Pull complete
9b76a2d8d3eb: Pull complete
Digest: sha256:c9e8c51c00741ff4aaa2a2f257cc17466a83f3bd91207baf88d10cef8e1e7c2d
Status: Downloaded newer image for swr.cn-north-1.myhuaweicloud.com/jumpserver/web:v3.10.1
swr.cn-north-1.myhuaweicloud.com/jumpserver/web:v3.10.1
Untagged: swr.cn-north-1.myhuaweicloud.com/jumpserver/web:v3.10.1
Untagged: swr.cn-north-1.myhuaweicloud.com/jumpserver/web@sha256:c9e8c51c00741ff4aaa2a2f257cc17466a83f3bd91207baf88d10cef8e1e7c2d
complete
>>> Install and Configure JumpServer
1. Configure Private Key
SECRETE_KEY: Mzk2YmMzNTktMWU0Mi00ZTdhLWJkMjktMzMzNWQzNjExMGM5
BOOTSTRAP_TOKEN: Mzk2YmMzNTktMWU0Mi00ZTdh
complete
2. Configure Persistent Directory
Do you need custom persistent store, will use the default directory /data/jumpserver? (y/n) (default n): complete
3. Configure MySQL
Do you want to use external MySQL? (y/n) (default n): complete
4. Configure Redis
Do you want to use external Redis? (y/n) (default n): complete
5. Configure External Access
Do you need to customize the JumpServer external port? (y/n) (default n): complete
6. Init JumpServer Database
[+] Building 0.0s (0/0) docker:default
[+] Running 4/4
✔ Network jms_net Created 0.3s
✔ Container jms_redis Started 3.5s
✔ Container jms_mysql Started 3.5s
✔ Container jms_core Started 3.5s
2024-01-16 15:45:53 Collect static files
ALLOWED_HOSTS:
- localhost
- core:8080
- 127.0.0.1
- 127.0.0.1:8080
- 127.0.0.1:80
- localhost:8080
- localhost:80
- core:8080
- core:80
ALLOWED_HOSTS:
- localhost
- core:8080
- 127.0.0.1
- 127.0.0.1:8080
- 127.0.0.1:80
- localhost:8080
- localhost:80
- core:8080
- core:80
2024-01-16 15:45:53 Collect static files done
2024-01-16 15:45:53 Check database structure change ...
2024-01-16 15:45:53 Migrate model change to database ...
Operations to perform:
Apply all migrations: accounts, acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, labels, notifications, ops, orgs, perms, rbac, sessions, settings, terminal, tickets, users
Running migrations:
Applying contenttypes.0001_initial... OK
Applying contenttypes.0002_remove_content_type_name... OK
Applying auth.0001_initial... OK
Applying auth.0002_alter_permission_name_max_length... OK
Applying auth.0003_alter_user_email_max_length... OK
Applying auth.0004_alter_user_username_opts... OK
Applying auth.0005_alter_user_last_login_null... OK
Applying auth.0006_require_contenttypes_0002... OK
Applying auth.0007_alter_validators_add_error_messages... OK
Applying auth.0008_alter_user_username_max_length... OK
Applying users.0001_initial... OK
Applying terminal.0001_initial... OK
Applying terminal.0002_auto_20171228_0025... OK
Applying terminal.0003_auto_20171230_0308... OK
Applying terminal.0004_session_remote_addr... OK
Applying terminal.0005_auto_20180122_1154... OK
Applying terminal.0006_auto_20180123_1037... OK
Applying terminal.0007_session_date_last_active... OK
Applying terminal.0008_auto_20180307_1603... OK
Applying terminal.0009_auto_20180326_0957... OK
Applying terminal.0010_auto_20180423_1140... OK
Applying terminal.0011_auto_20180807_1116... OK
Applying terminal.0012_auto_20180816_1652... OK
Applying terminal.0013_auto_20181123_1113... OK
Applying terminal.0014_auto_20181226_1441... OK
Applying terminal.0015_auto_20190923_1529... OK
Applying terminal.0016_commandstorage_replaystorage... OK
Applying common.0001_initial... OK
Applying common.0002_auto_20180111_1407... OK
Applying common.0003_setting_category... OK
Applying common.0004_setting_encrypted... OK
Applying common.0005_auto_20190221_1902... OK
Applying common.0006_auto_20190304_1515... OK
Applying settings.0001_initial... OK
Applying terminal.0017_auto_20191125_0931... OK
Applying terminal.0018_auto_20191202_1010... OK
Applying terminal.0019_auto_20191206_1000... OK
Applying terminal.0020_auto_20191218_1721... OK
Applying terminal.0021_auto_20200213_1316... OK
Applying terminal.0022_session_is_success... OK
Applying terminal.0023_command_risk_level... OK
Applying terminal.0024_auto_20200715_1713... OK
Applying terminal.0025_auto_20200810_1735... OK
Applying terminal.0026_auto_20201027_1905... OK
Applying terminal.0027_auto_20201102_1651... OK
Applying terminal.0028_auto_20201110_1918... OK
Applying terminal.0029_auto_20201116_1757... OK
Applying terminal.0030_terminal_type... OK
Applying terminal.0031_auto_20210113_1356... OK
Applying terminal.0032_auto_20210302_1853... OK
Applying terminal.0033_auto_20210324_1008... OK
Applying terminal.0034_auto_20210406_1434... OK
Applying terminal.0035_auto_20210517_1448... OK
Applying terminal.0036_auto_20210604_1124... OK
Applying terminal.0037_auto_20210623_1748... OK
Applying terminal.0038_task_kwargs... OK
Applying terminal.0039_auto_20210805_1552... OK
Applying terminal.0040_sessionjoinrecord_sessionsharing... OK
Applying terminal.0041_auto_20211105_1605... OK
Applying terminal.0042_auto_20211229_1619... OK
Applying terminal.0043_auto_20220217_2135... OK
Applying terminal.0044_auto_20220223_1539... OK
Applying terminal.0045_auto_20220228_1144... OK
Applying terminal.0046_auto_20220228_1744... OK
Applying terminal.0047_auto_20220302_1951... OK
Applying terminal.0048_endpoint_endpointrule... OK
Applying terminal.0049_endpoint_redis_port... OK
Applying terminal.0050_auto_20220606_1745... OK
Applying terminal.0051_sessionsharing_users... OK
Applying terminal.0052_auto_20220713_1417... OK
Applying terminal.0053_auto_20221009_1755... OK
Applying users.0002_auto_20171225_1157_squashed_0019_auto_20190304_1459... OK
Applying users.0020_auto_20190612_1825... OK
Applying users.0021_auto_20190625_1104... OK
Applying users.0022_auto_20190625_1105... OK
Applying users.0023_auto_20190724_1525... OK
Applying users.0024_auto_20191118_1612... OK
Applying users.0025_auto_20200206_1216... OK
Applying users.0026_auto_20200508_2105... OK
Applying users.0027_auto_20200616_1503... OK
Applying users.0028_auto_20200728_1805... OK
Applying users.0029_auto_20200814_1650... OK
Applying users.0030_auto_20200819_2041... OK
Applying users.0031_auto_20201118_1801... OK
Applying tickets.0001_initial... OK
Applying tickets.0002_auto_20200728_1146... OK
Applying tickets.0003_auto_20200804_1551... OK
Applying tickets.0004_ticket_comment... OK
Applying tickets.0005_ticket_meta_confirmed_system_users... OK
Applying tickets.0006_auto_20201023_1628... OK
Applying tickets.0007_auto_20201224_1821... OK
Applying assets.0001_initial... OK
Applying perms.0001_initial... OK
Applying assets.0002_auto_20180105_1807_squashed_0009_auto_20180307_1212... OK
Applying assets.0010_auto_20180307_1749_squashed_0019_auto_20180816_1320... OK
Applying perms.0002_auto_20171228_0025_squashed_0009_auto_20180903_1132... OK
Applying perms.0003_action... OK
Applying perms.0004_assetpermission_actions... OK
Applying assets.0020_auto_20180816_1652... OK
Applying assets.0021_auto_20180903_1132... OK
Applying assets.0022_auto_20181012_1717... OK
Applying assets.0023_auto_20181016_1650... OK
Applying assets.0024_auto_20181219_1614... OK
Applying assets.0025_auto_20190221_1902... OK
Applying assets.0026_auto_20190325_2035... OK
Applying applications.0001_initial... OK
Applying perms.0005_auto_20190521_1619... OK
Applying perms.0006_auto_20190628_1921... OK
Applying perms.0007_remove_assetpermission_actions... OK
Applying perms.0008_auto_20190911_1907... OK
Applying assets.0027_auto_20190521_1703... OK
Applying assets.0028_protocol... OK
Applying assets.0029_auto_20190522_1114... OK
Applying assets.0030_auto_20190619_1135... OK
Applying assets.0031_auto_20190621_1332... OK
Applying assets.0032_auto_20190624_2108... OK
Applying assets.0033_auto_20190624_2108... OK
Applying assets.0034_auto_20190705_1348... OK
Applying assets.0035_auto_20190711_2018... OK
Applying assets.0036_auto_20190716_1535... OK
Applying assets.0037_auto_20190724_2002... OK
Applying assets.0038_auto_20190911_1634... OK
Applying perms.0009_remoteapppermission_system_users... OK
Applying assets.0039_authbook_is_active... OK
Applying assets.0040_auto_20190917_2056... OK
Applying assets.0041_gathereduser... OK
Applying assets.0042_favoriteasset... OK
Applying assets.0043_auto_20191114_1111... OK
Applying assets.0044_platform... OK
Applying assets.0045_auto_20191206_1607... OK
Applying assets.0046_auto_20191218_1705... OK
Applying applications.0002_remove_remoteapp_system_user... OK
Applying applications.0003_auto_20191210_1659... OK
Applying applications.0004_auto_20191218_1705... OK
Applying perms.0010_auto_20191218_1705... OK
Applying perms.0011_auto_20200721_1739... OK
Applying assets.0047_assetuser... OK
Applying assets.0048_auto_20191230_1512... OK
Applying assets.0049_systemuser_sftp_root... OK
Applying assets.0050_auto_20200711_1740... OK
Applying assets.0051_auto_20200713_1143... OK
Applying assets.0052_auto_20200715_1535... OK
Applying assets.0053_auto_20200723_1232... OK
Applying assets.0054_auto_20200807_1032... OK
Applying applications.0005_k8sapp... OK
Applying perms.0012_k8sapppermission... OK
Applying assets.0055_auto_20200811_1845... OK
Applying assets.0056_auto_20200904_1751... OK
Applying assets.0057_fill_node_value_assets_amount_and_parent_key...
................................................................. OK
Applying perms.0013_rebuildusertreetask_usergrantedmappingnode... OK
Applying perms.0014_build_users_perm_tree... OK
Applying perms.0015_auto_20200929_1728... OK
Applying assets.0058_auto_20201023_1115... OK
Applying assets.0059_auto_20201027_1905... OK
Applying applications.0006_application... OK
Applying perms.0016_applicationpermission... OK
Applying perms.0017_auto_20210104_0435... OK
Applying assets.0060_node_full_value...
- Start migrate node value if has /
- Start migrate node full value
OK
Applying assets.0061_auto_20201116_1757... OK
Applying assets.0062_auto_20201117_1938... OK
Applying assets.0063_migrate_default_node_key...
Check old default node `key=0 value=Default` not exists
OK
Applying assets.0064_auto_20201203_1100... OK
Applying assets.0065_auto_20210121_1549... OK
Applying perms.0018_auto_20210208_1515... OK
Applying orgs.0001_initial... OK
Applying orgs.0002_auto_20180903_1132... OK
Applying orgs.0003_auto_20190916_1057... OK
Applying orgs.0004_organizationmember... OK
Applying orgs.0005_auto_20200721_1937... OK
Applying orgs.0006_auto_20200721_1937... OK
Applying orgs.0007_auto_20200728_1805... OK
Applying orgs.0008_auto_20200819_2041... OK
Applying orgs.0009_auto_20201023_1628... OK
Applying ops.0001_initial... OK
Applying ops.0002_celerytask... OK
Applying ops.0003_auto_20181207_1744... OK
Applying ops.0004_adhoc_run_as... OK
Applying ops.0005_auto_20181219_1807... OK
Applying ops.0006_auto_20190318_1023... OK
Applying ops.0007_auto_20190724_2002... OK
Applying ops.0008_auto_20190919_2100... OK
Applying ops.0009_auto_20191217_1713... OK
Applying ops.0010_auto_20191217_1758... OK
Applying ops.0011_auto_20200106_1534... OK
Applying ops.0012_auto_20200108_1659... OK
Applying ops.0013_auto_20200108_1706... OK
Applying ops.0014_auto_20200108_1749... OK
Applying ops.0015_auto_20200108_1809... OK
Applying ops.0016_commandexecution_org_id... OK
Applying ops.0017_auto_20200306_1747... OK
Applying ops.0018_auto_20200509_1434... OK
Applying ops.0019_adhocexecution_celery_task_id... OK
Applying audits.0001_initial... OK
Applying audits.0002_ftplog_org_id... OK
Applying audits.0003_auto_20180816_1652... OK
Applying audits.0004_operatelog_passwordchangelog_userloginlog... OK
Applying audits.0005_auto_20190228_1715... OK
Applying audits.0006_auto_20190726_1753... OK
Applying audits.0007_auto_20191202_1010... OK
Applying audits.0008_auto_20200508_2105... OK
Applying audits.0009_auto_20200624_1654... OK
Applying audits.0010_auto_20200811_1122... OK
Applying audits.0011_userloginlog_backend... OK
Applying assets.0066_auto_20210208_1802... OK
Applying applications.0007_auto_20201119_1110... OK
Applying applications.0008_auto_20210104_0435... OK
Applying orgs.0010_auto_20210219_1241...
Migrate model org id: Application done, use 1.21 ms
Migrate model org id: AdminUser done, use 0.62 ms
Migrate model org id: Asset done, use 0.64 ms
Migrate model org id: AuthBook done, use 0.6 ms
Migrate model org id: CommandFilter done, use 0.57 ms
Migrate model org id: CommandFilterRule done, use 0.55 ms
Migrate model org id: Domain done, use 0.56 ms
Migrate model org id: Gateway done, use 0.54 ms
Migrate model org id: GatheredUser done, use 0.55 ms
Migrate model org id: Label done, use 0.54 ms
Migrate model org id: Node done, use 0.53 ms
Migrate model org id: SystemUser done, use 0.64 ms
Migrate model org id: FTPLog done, use 0.73 ms
Migrate model org id: OperateLog done, use 0.73 ms
Migrate model org id: AdHoc done, use 0.64 ms
Migrate model org id: AdHocExecution done, use 0.71 ms
Migrate model org id: CommandExecution done, use 0.75 ms
Migrate model org id: Task done, use 3.18 ms
Migrate model org id: ApplicationPermission done, use 0.71 ms
Migrate model org id: AssetPermission done, use 0.59 ms
Migrate model org id: UserAssetGrantedTreeNodeRelation done, use 0.9 ms
Migrate model org id: Session done, use 0.59 ms
Migrate model org id: Command done, use 0.57 ms
Migrate model org id: Ticket done, use 0.57 ms
Migrate model org id: UserGroup done, use 0.66 ms
Will add users to default org: 1
Add users to default org: 1-1
done, use 2.96 ms
OK
Applying assets.0067_auto_20210311_1113... OK
Applying assets.0068_auto_20210312_1455... OK
Applying assets.0069_change_node_key0_to_key1...
--> Not exist key=0 nodes, do nothing.
OK
Applying assets.0070_auto_20210426_1515... OK
Applying assets.0071_systemuser_type...
OK
Applying assets.0072_historicalauthbook...
OK
Applying assets.0073_auto_20210606_1142...
OK
Applying assets.0074_remove_systemuser_assets... OK
Applying assets.0075_auto_20210705_1759... OK
Applying assets.0076_delete_assetuser... OK
Applying assets.0077_auto_20211012_1642... OK
Applying assets.0078_auto_20211014_2209... OK
Applying assets.0079_auto_20211102_1922... OK
Applying assets.0080_auto_20211104_1347... OK
Applying assets.0081_auto_20211105_1605... OK
Applying applications.0009_applicationuser... OK
Applying applications.0010_appaccount_historicalappaccount... OK
Applying applications.0011_auto_20210826_1759... OK
Applying applications.0012_auto_20211014_2209... OK
Applying applications.0013_auto_20211026_1711... OK
Applying applications.0014_auto_20211105_1605... OK
Applying assets.0082_auto_20211209_1440... OK
Applying assets.0083_auto_20211215_1436... OK
Applying assets.0084_auto_20220112_1959... OK
Applying assets.0085_commandfilterrule_ignore_case... OK
Applying assets.0086_auto_20220217_2135... OK
Applying assets.0087_auto_20220223_1539... OK
Applying assets.0088_auto_20220303_1612... OK
Applying assets.0089_auto_20220310_0616... OK
Applying assets.0090_auto_20220412_1145... OK
Applying assets.0091_auto_20220629_1826... OK
Applying assets.0092_commandfilter_nodes... OK
Applying assets.0093_auto_20220403_1627... OK
Applying assets.0094_auto_20220402_1736... OK
Applying assets.0095_auto_20220407_1726... OK
Applying assets.0096_auto_20220426_1550... OK
Applying assets.0097_auto_20220426_1558... - Update platform: Windows2016
- Update platform: Other
OK
Applying applications.0015_auto_20220112_2035... OK
Applying applications.0016_auto_20220118_1455... OK
Applying applications.0017_auto_20220217_2135... OK
Applying applications.0018_auto_20220223_1539... OK
Applying applications.0019_auto_20220310_1853... OK
Applying applications.0020_auto_20220316_2028... OK
Applying assets.0098_auto_20220430_2126...
- Migrate ori host to device: 0
OK
Applying assets.0099_auto_20220711_1409...
Start migrate asset protocols
OK
Applying accounts.0001_initial... OK
Applying assets.0100_auto_20220711_1413...
Start migrate asset accounts
Start migrate app accounts
OK
Applying assets.0101_auto_20220811_1511... OK
Applying terminal.0054_auto_20221027_1125... OK
Applying assets.0102_auto_20220816_1022...
Start migrate command filters to assets
OK
Applying assets.0103_auto_20220902_1021...>>> migrate gateway to asset
>>> migrate gateway to account
OK
Applying assets.0104_auto_20220817_1544... OK
Applying assets.0105_auto_20221220_1956... OK
Applying terminal.0055_auto_20221228_1804... OK
Applying terminal.0056_auto_20221228_1808... OK
Applying terminal.0057_auto_20230109_1447... OK
Applying terminal.0058_auto_20230110_1445... OK
Applying terminal.0059_session_account_id... OK
Applying terminal.0060_sessionsharing_action_permission... OK
Applying terminal.0061_applet_can_concurrent... OK
Applying terminal.0062_applet_edition... OK
Applying terminal.0063_auto_20230621_1133... OK
Applying terminal.0064_auto_20230728_1001... OK
Applying terminal.0065_session_error_reason... OK
Applying terminal.0066_applethost_using_same_account... OK
Applying terminal.0067_alter_replaystorage_type... OK
Applying tickets.0008_auto_20210311_1113... OK
Applying tickets.0009_auto_20210426_1720... OK
Applying tickets.0010_auto_20210812_1618... OK
Applying tickets.0011_remove_approvalrule_assignees_display... OK
Applying tickets.0012_ticketsession... OK
Applying tickets.0013_ticket_serial_num...
Fill ticket serial number ...
OK
Applying tickets.0014_auto_20220217_2135... OK
Applying tickets.0015_superticket... OK
Applying tickets.0016_auto_20220609_1758... OK
Applying tickets.0017_auto_20220623_1027... OK
Applying tickets.0018_applyapplicationticket_apply_actions... OK
Applying tickets.0019_delete_applyapplicationticket... OK
Applying tickets.0020_auto_20220817_1346...
Start migrate system user to account
- migrate 'ApplyAssetTicket'
- migrate 'ApplyCommandTicket'
- migrate 'ApplyLoginAssetTicket'
OK
Applying tickets.0021_auto_20220921_1814... OK
Applying tickets.0022_alter_applyassetticket_apply_actions... OK
Applying tickets.0023_alter_applyassetticket_apply_actions... OK
Applying tickets.0024_auto_20221121_1800... OK
Applying authentication.0001_initial... OK
Applying authentication.0002_auto_20190729_1423... OK
Applying authentication.0003_loginconfirmsetting... OK
Applying authentication.0004_ssotoken... OK
Applying acls.0001_initial... OK
Applying acls.0002_auto_20210926_1047... OK
Applying acls.0003_auto_20211130_1037... OK
Applying acls.0004_auto_20220831_1658... OK
Applying acls.0005_auto_20221201_1846... OK
Applying acls.0006_commandfilteracl_commandgroup... OK
Applying acls.0007_auto_20221202_1048... OK
Applying acls.0008_commandgroup_comment... OK
Applying tickets.0025_auto_20221206_1820... OK
Applying assets.0106_auto_20221228_1838... OK
Applying assets.0107_automation... OK
Applying assets.0108_alter_platform_charset... OK
Applying assets.0109_alter_asset_options... OK
Applying assets.0110_auto_20230315_1741... OK
Applying assets.0111_auto_20230321_1633... OK
Applying assets.0112_auto_20230404_1631... OK
Applying assets.0113_auto_20230411_1917...
Migrate platform su method: Cisco
Migrate platform su method: H3C
Migrate platform su method: Huawei
OK
Applying assets.0114_baseautomation_params... OK
Applying assets.0115_auto_20230417_1425... OK
Applying assets.0116_auto_20230418_1726... OK
Applying assets.0117_alter_baseautomation_params... OK
Applying assets.0118_auto_20230524_1647... OK
Applying assets.0119_assets_add_default_node... OK
Applying assets.0120_auto_20230630_1613... OK
Applying assets.0121_auto_20230725_1458...
Platform add sftp protocol:
- Linux
- Gateway
Asset add sftp protocol:
Not found telnet regex setting, skip
OK
Applying assets.0122_auto_20230803_1553... OK
Applying accounts.0002_auto_20220616_0021... OK
Applying accounts.0003_automation... OK
Applying accounts.0004_auto_20230106_1507... OK
Applying accounts.0005_alter_changesecretrecord_options... OK
Applying accounts.0006_gatheredaccount... OK
Applying accounts.0007_alter_account_options... OK
Applying accounts.0008_alter_gatheredaccount_options... OK
Applying accounts.0009_account_usernames_to_ids... OK
Applying accounts.0010_gatheraccountsautomation_is_sync_account... OK
Applying accounts.0011_auto_20230506_1443... OK
Applying accounts.0012_auto_20230621_1456... OK
Applying accounts.0013_account_backup_recipients... OK
Applying accounts.0014_virtualaccount... OK
Applying accounts.0015_auto_20230825_1120... OK
Applying accounts.0016_accounttemplate_password_rules... OK
Applying accounts.0017_alter_automationexecution_options... OK
Applying accounts.0018_accountbackupautomation_backup_type_and_more... OK
Applying accounts.0019_gatheraccountsautomation_recipients... OK
Applying accounts.0020_alter_accountbackupautomation_backup_type_and_more... OK
Applying acls.0009_auto_20221220_1956... OK
Applying acls.0010_alter_commandfilteracl_command_groups... OK
Applying acls.0011_auto_20230425_1704... OK
Applying acls.0012_auto_20230426_1111... OK
Applying acls.0013_auto_20230426_1759... OK
Applying acls.0014_loginassetacl_rules... OK
Applying acls.0015_connectmethodacl... OK
Applying acls.0016_auto_20230606_1857... OK
Applying acls.0017_alter_connectmethodacl_options... OK
Applying acls.0018_alter_commandfilteracl_command_groups... OK
Applying admin.0001_initial... OK
Applying admin.0002_logentry_remove_auto_add... OK
Applying admin.0003_logentry_add_action_flag_choices... OK
Applying perms.0019_auto_20210906_1044... OK
Applying perms.0020_auto_20210910_1103... OK
Applying perms.0021_auto_20211105_1605... OK
Applying perms.0022_applicationpermission_actions... OK
Applying perms.0023_auto_20220112_2035... OK
Applying perms.0024_auto_20220217_2135... OK
Applying perms.0025_auto_20220223_1539... OK
Applying perms.0026_auto_20220307_1500... OK
Applying perms.0027_auto_20220310_1802... OK
Applying perms.0028_auto_20220316_2028... OK
Applying perms.0029_auto_20220728_1728... OK
Applying perms.0030_auto_20220816_1132... OK
Applying perms.0031_auto_20220816_1600... OK
Applying ops.0020_adhoc_run_system_user... OK
Applying ops.0021_auto_20211130_1037... OK
Applying ops.0022_auto_20220817_1346... OK
Applying applications.0021_auto_20220629_1826... OK
Applying applications.0022_auto_20220714_1046... OK
Applying applications.0023_auto_20220715_1556... OK
Applying applications.0024_alter_application_type... OK
Applying applications.0025_auto_20220817_1346... OK
Applying applications.0026_auto_20220817_1716... OK
Applying applications.0027_auto_20221220_1956... OK
Applying labels.0001_initial... OK
Applying assets.0123_device_automation_ansible_enabled... OK
Applying assets.0124_auto_20231007_1437... OK
Applying assets.0125_auto_20231011_1053... OK
Applying labels.0002_auto_20231103_1659... OK
Applying assets.0126_remove_asset_labels... OK
Applying assets.0127_automation_remove_account... OK
Applying ops.0023_auto_20220912_0021... OK
Applying audits.0012_auto_20210414_1443... OK
Applying audits.0013_auto_20211130_1037... OK
Applying audits.0014_auto_20220505_1902... OK
Applying audits.0015_auto_20221011_1745... OK
Applying audits.0016_auto_20221111_1919... OK
Applying audits.0017_auto_20221220_1757... OK
Applying audits.0018_operatelog_resource_id... OK
Applying audits.0019_alter_operatelog_options... OK
Applying audits.0020_auto_20230117_1004... OK
Applying audits.0021_auto_20230207_0857... OK
Applying audits.0022_auto_20230605_1555... OK
Applying audits.0023_auto_20230906_1322... OK
Applying audits.0024_usersession... OK
Applying audits.0025_remove_usersession_date_expired... OK
Applying auth.0009_alter_user_last_name_max_length... OK
Applying auth.0010_alter_group_name_max_length... OK
Applying auth.0011_update_proxy_permissions... OK
Applying auth.0012_alter_user_first_name_max_length... OK
Applying tickets.0026_auto_20221220_1956... OK
Applying tickets.0027_alter_applycommandticket_apply_run_account... OK
Applying tickets.0028_remove_app_tickets... OK
Applying authentication.0005_delete_loginconfirmsetting... OK
Applying authentication.0006_auto_20211227_1059... OK
Applying authentication.0007_connectiontoken... OK
Applying authentication.0008_superconnectiontoken... OK
Applying authentication.0009_auto_20220310_0616... OK
Applying authentication.0010_temptoken... OK
Applying authentication.0011_auto_20220705_1940... OK
Applying authentication.0012_auto_20220816_1629... OK
Applying authentication.0013_connectiontoken_protocol... OK
Applying authentication.0014_auto_20221122_2152... OK
Applying authentication.0015_auto_20221205_1136... OK
Applying authentication.0016_auto_20221220_1956... OK
Applying authentication.0017_auto_20230105_1743... OK
Applying authentication.0018_alter_connectiontoken_input_secret... OK
Applying authentication.0019_connectiontoken_is_reusable... OK
Applying authentication.0020_connectiontoken_connect_options... OK
Applying authentication.0021_auto_20230713_1459... OK
Applying authentication.0022_passkey... OK
Applying authentication.0023_auto_20231010_1101... OK
Applying authentication.0024_accesskey_ip_group... OK
Applying captcha.0001_initial... OK
Applying captcha.0002_alter_captchastore_id... OK
Applying django_cas_ng.0001_initial... OK
Applying django_cas_ng.0002_auto_20201023_1400... OK
Applying django_cas_ng.0003_auto_20210813_1226... OK
Applying django_celery_beat.0001_initial... OK
Applying django_celery_beat.0002_auto_20161118_0346... OK
Applying django_celery_beat.0003_auto_20161209_0049... OK
Applying django_celery_beat.0004_auto_20170221_0000... OK
Applying django_celery_beat.0005_add_solarschedule_events_choices... OK
Applying django_celery_beat.0006_auto_20180322_0932... OK
Applying django_celery_beat.0007_auto_20180521_0826... OK
Applying django_celery_beat.0008_auto_20180914_1922... OK
Applying django_celery_beat.0006_auto_20180210_1226... OK
Applying django_celery_beat.0006_periodictask_priority... OK
Applying django_celery_beat.0009_periodictask_headers... OK
Applying django_celery_beat.0010_auto_20190429_0326... OK
Applying django_celery_beat.0011_auto_20190508_0153... OK
Applying django_celery_beat.0012_periodictask_expire_seconds... OK
Applying django_celery_beat.0013_auto_20200609_0727... OK
Applying django_celery_beat.0014_remove_clockedschedule_enabled... OK
Applying django_celery_beat.0015_edit_solarschedule_events_choices... OK
Applying django_celery_beat.0016_alter_crontabschedule_timezone... OK
Applying django_celery_beat.0017_alter_crontabschedule_month_of_year... OK
Applying django_celery_beat.0018_improve_crontab_helptext... OK
Applying labels.0003_alter_labeledresource_options_and_more... OK
Applying users.0032_userpasswordhistory... OK
Applying users.0033_user_need_update_password... OK
Applying users.0034_auto_20210506_1448... OK
Applying users.0035_auto_20210526_1100... OK
Applying users.0036_user_feishu_id... OK
Applying users.0037_user_secret_key... OK
Applying users.0038_auto_20211209_1140... OK
Applying users.0039_auto_20211229_1852... OK
Applying users.0040_alter_user_source... OK
Applying users.0041_auto_20221220_1956... OK
Applying notifications.0001_initial... OK
Applying notifications.0002_auto_20210909_1946...
Init user message subscription: 1
OK
Applying notifications.0003_auto_20221220_1956... OK
Applying notifications.0004_auto_20230201_1614... OK
Applying ops.0024_alter_celerytask_date_last_publish... OK
Applying ops.0025_auto_20230413_1531... OK
Applying ops.0026_auto_20230810_1039... OK
Applying ops.0027_alter_celerytaskexecution_options... OK
Applying rbac.0001_initial... OK
Applying rbac.0002_auto_20210929_1409... OK
Applying rbac.0003_auto_20211130_1037... - Update builtin roles
- Update: SystemAdmin - True
- Update: SystemAuditor - True
- Update: SystemComponent - True
- Update: User - True
- Update: OrgAdmin - True
- Update: OrgAuditor - True
- Update: OrgUser - True
OK
Applying rbac.0004_auto_20211201_1901...
Create role binding: 0-1 using: 0.01s
Create role binding: 0-1 using: 0.00s
OK
Applying orgs.0011_auto_20211223_1913... OK
Applying orgs.0012_auto_20220118_1054... OK
Applying orgs.0013_alter_organization_options... OK
Applying orgs.0014_organization_builtin... OK
Applying orgs.0015_auto_20221220_1956... OK
Applying perms.0032_auto_20221111_1919... OK
Applying perms.0033_auto_20221220_1956... OK
Applying perms.0034_auto_20230525_1734... OK
Applying perms.0035_auto_20231125_1025... OK
Applying perms.0036_auto_20231108_1626... OK
Applying rbac.0005_auto_20220307_1524... OK
Applying rbac.0006_auto_20220310_0616... OK
Applying rbac.0007_auto_20220314_1525... OK
Applying rbac.0008_auto_20220411_1709... OK
Applying rbac.0009_auto_20220411_1724... OK
Applying rbac.0010_auto_20221220_1956... OK
Applying rbac.0011_remove_redundant_permission... OK
Applying rbac.0012_remove_add_changesecretexection_permission... OK
Applying rbac.0013_alter_menupermission_options... OK
Applying rbac.0014_auto_20231208_1548... OK
Applying sessions.0001_initial... OK
Applying settings.0002_auto_20210729_1546... OK
Applying settings.0003_auto_20210901_1035... OK
Applying settings.0004_auto_20220211_1401... OK
Applying settings.0005_auto_20220310_0616... OK
Applying settings.0006_remove_setting_enabled... OK
Applying settings.0007_migrate_ldap_sync_org_ids... OK
Applying settings.0008_alter_setting_options... OK
Applying settings.0009_alter_cas_username_attribute... OK
Applying settings.0010_alter_setting_options... OK
Applying settings.0011_chatprompt... OK
Applying settings.0012_alter_setting_options... OK
Applying terminal.0068_virtualapp... OK
Applying terminal.0069_endpoint_sqlserver_port_alter_appprovider_apps_and_more... OK
Applying tickets.0029_auto_20230110_1445... OK
Applying users.0042_auto_20230203_1201... OK
Applying users.0043_remove_user_secret_key_preference... OK
Applying users.0044_usersession... OK
Applying users.0045_delete_usersession... OK
Applying users.0046_auto_20230927_1456... OK
Applying users.0047_user_date_api_key_last_used... OK
Applying users.0048_wechat_phone_encrypt... OK
Applying users.0049_alter_user_unique_together_user_slack_id_and_more... OK
After migration, update builtin role permissions
- Update builtin roles
complete
>>> The Installation is Complete
1. You can use the following command to start, and then visit
cd /opt/jumpserver-installer-v3.10.1
./jmsctl.sh start
2. Other management commands
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
For more commands, you can enter ./jmsctl.sh --help to understand
3. Web access
http://192.168.40.104:80
Default username: admin Default password: admin
4. SSH/SFTP access
ssh -p2222 admin@192.168.40.104
sftp -P2222 admin@192.168.40.104
5. More information
Official Website: https://www.jumpserver.org/
Documentation: https://docs.jumpserver.org/
[+] Building 0.0s (0/0) docker:default
[+] Running 10/10
✔ Container jms_magnus Started 0.1s
✔ Container jms_web Started 0.1s
✔ Container jms_lion Started 0.1s
✔ Container jms_koko Started 0.1s
✔ Container jms_chen Started 0.1s
✔ Container jms_celery Started 0.1s
✔ Container jms_kael Started 0.1s
✔ Container jms_redis Running 0.0s
✔ Container jms_mysql Running 0.0s
✔ Container jms_core Started
#!/bin/bash
#
function prepare_check() {
isRoot=`id -u -n | grep root | wc -l`
if [ "x$isRoot" != "x1" ]; then
echo -e "[\033[31m ERROR \033[0m] Please use root to execute the installation script (请用 root 用户执行安装脚本)"
exit 1
fi
processor=`cat /proc/cpuinfo| grep "processor"| wc -l`
if [ $processor -lt 2 ]; then
echo -e "[\033[31m ERROR \033[0m] The CPU is less than 2 cores (CPU 小于 2核,JumpServer 所在机器的 CPU 需要至少 2核)"
exit 1
fi
memTotal=`cat /proc/meminfo | grep MemTotal | awk '{print $2}'`
if [ $memTotal -lt 7500000 ]; then
echo -e "[\033[31m ERROR \033[0m] Memory less than 8G (内存小于 8G,JumpServer 所在机器的内存需要至少 8G)"
exit 1
fi
}
function install_soft() {
if command -v dnf > /dev/null; then
if [ "$1" == "python" ]; then
dnf -q -y install python2
ln -s /usr/bin/python2 /usr/bin/python
else
dnf -q -y install $1
fi
elif command -v yum > /dev/null; then
yum -q -y install $1
elif command -v apt > /dev/null; then
apt-get -qqy install $1
elif command -v zypper > /dev/null; then
zypper -q -n install $1
elif command -v apk > /dev/null; then
apk add -q $1
else
echo -e "[\033[31m ERROR \033[0m] Please install it first (请先安装) $1 "
exit 1
fi
}
function prepare_install() {
for i in curl wget zip python; do
command -v $i &>/dev/null || install_soft $i
done
}
function config_docker() {
if [ ! -f "/etc/docker/daemon.json" ]; then
mkdir -p /etc/docker/
wget -qO /etc/docker/daemon.json https://demo.jumpserver.org/download/docker/daemon.json || {
rm -f /etc/docker/daemon.json
}
fi
}
function get_installer() {
Version=$(curl -s 'https://api.github.com/repos/jumpserver/installer/releases/latest' | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
cd /opt
if [ ! -d "/opt/jumpserver-installer-$Version" ]; then
wget -qO jumpserver-installer-$Version.tar.gz https://github.com/jumpserver/installer/releases/download/$Version/jumpserver-installer-$Version.tar.gz || {
rm -rf /opt/jumpserver-installer-$Version.tar.gz
echo -e "[\033[31m ERROR \033[0m] Failed to download jumpserver-installer (下载 jumpserver-installer 失败, 请检查网络是否正常或尝试重新执行脚本)"
exit 1
}
tar -xf /opt/jumpserver-installer-$Version.tar.gz -C /opt || {
rm -rf /opt/jumpserver-installer-$Version
echo -e "[\033[31m ERROR \033[0m] Failed to unzip jumpserver-installe (解压 jumpserver-installer 失败, 请检查网络是否正常或尝试重新执行脚本)"
exit 1
}
rm -rf /opt/jumpserver-installer-$Version.tar.gz
fi
}
function config_installer() {
cd /opt/jumpserver-installer-$Version
JMS_Version=$(curl -s 'https://api.github.com/repos/jumpserver/jumpserver/releases/latest' | grep "tag_name" | head -n 1 | awk -F ":" '{print $2}' | sed 's/\"//g;s/,//g;s/ //g')
sed -i "s/VERSION=.*/VERSION=$JMS_Version/g" /opt/jumpserver-installer-$Version/static.env
./jmsctl.sh install
}
function main(){
prepare_check
prepare_install
config_docker
get_installer
config_installer
}
main