cd /opt/jumpserver
cp config_example.py config.py
vi config.py # 我们计划修改 DevelopmentConfig 中的配置,因为默认 Jumpserver 使用该配置,它继承自 Config
#注意: 配置文件是 Python 格式,不要用 TAB,而要用空格
class DevelopmentConfig(Config):
DEBUG = True
DB_ENGINE = 'mysql'
DB_HOST = '127.0.0.1'
DB_PORT = 3306
DB_USER = 'jumpserver'
DB_PASSWORD = 'somepassword'
DB_NAME = 'jumpserver'
config = DevelopmentConfig()
(8):启动服务
cd /opt/jumpserver/utils
bash make_migrations.sh
cd /opt/jumpserver
./jms start all -d # 后台运行使用 -d 参数./jms start all -d
# 新版本更新了运行脚本,使用方式./jms start|stop|status|restart all 后台运行请添加 -d 参数
4、安装SSH Server和WebSocket Server:Coco
(1):下载或clone项目
cd /opt
source /opt/py3/bin/activate
git clone https://github.com/jumpserver/coco.git && cd coco && git checkout master
(2):安装依赖
cd /opt/coco/requirements
yum -y install $(cat rpm_requirements.txt)
pip install -r requirements.txt
(3):查看配置文件并运行
cd /opt/coco
cp conf_example.py conf.py # 如果 coco 与 jumpserver 分开部署,请手动修改 conf.py
./cocod start # 后台运行使用 -d 参数./cocod start -d
# 新版本更新了运行脚本,使用方式./cocod start|stop|status|restart 后台运行请添加 -d 参数
5、安装Web Terminal前端:Luna
Luna 已改为纯前端,需要 Nginx 来运行访问
cd /opt
wget https://github.com/jumpserver/luna/releases/download/v1.0.0/luna.tar.gz
tar xvf luna.tar.gz
6、安装windows支持组件(如果不需要管理windows资产,可以直接跳过这一步)
yum remove docker-latest-logrotate docker-logrotate docker-selinux dockdocker-engine
yum install docker-ce
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum-config-manager --enable docker-ce-edge
yum-config-manager --enable docker-ce-test
yum-config-manager --disable docker-ce-edge
yum install docker-ce
systemctl start docker
systemctl status docker
7、配置Nginx整合组件
yum -y install nginx
vim /etc/nginx/nginx.conf
... 省略
# 把默认server配置块改成这样
server {
listen 80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/;
}
location /static/ {
root /opt/jumpserver/data/;
}
location /socket.io/ {
proxy_pass http://localhost:5000/socket.io/; # 如果coco安装在别的服务器,请填写它的ip
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /guacamole/ {
proxy_pass http://localhost:8081/; # 请修改成运行docker服务的服务器IP,windows资产连接白屏的问题多数是出现在这里
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
access_log off;
}
location / {
proxy_pass http://localhost:8080; # 如果jumpserver安装在别的服务器,请填写它的ip
}
}
nginx -t # 确保配置没有问题, 有问题请先解决
# CentOS 7
$ systemctl start nginx
$ systemctl enable nginx
三、登录测试
默认账号密码:admin/admin