linux上安裝堡壘機開源jumpserver
阿新 • • 發佈:2019-01-04
一、安裝堡壘機jumpserver cd /mnt/ setenforce 0 systemctl stop iptables systemctl stop firewalld localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 export LC_ALL=zh_CN.UTF-8 echo 'LANG=zh_CN.UTF-8' >/etc/locale.conf yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1 ./configure && make &&make install cd /opt/ python3 -m venv py3 source /opt/py3/bin/activate git clone git://github.com/kennethreitz/autoenv.git ~/.autoenv echo 'source ~/.autoenv/activate.sh'>> ~/.bashrc source ~/.bashrc cd /opt/ git clone --depth=1 https://github.com/jumpserver/jumpserver.git && cd jumpserver&& git checkout master echo "source /opt/py3/bin/activate" > /opt/jumpserver/.env cd /opt/jumpserver/requirements --會跳出提示,請直接回車 yum -y install $(cat rpm_requirements.txt) pip install -r requirements.txt yum -y install redis systemctl start redis yum -y install mariadb mariadb-devel mariadb-server systemctl enable mariadb systemctl start mariadb 請直接複製以下命令使用 mysql create database jumpserver default character set 'utf8' collate utf8_general_ci; grant all on jumpserver.* to'jumpserver'@'127.0.0.1' identified by 'somepassword'; grant all on jumpserver.* to'jumpserver'@'localhost' identified by 'somepassword'; exit cd /opt/jumpserver --會跳出提示,請直接回車 AA=`cat -n config.py | grep DEBUG | grep True | awk '{print $1}'` sed -i ''"$AA"'c DEBUG = True' config.py sed -i ''"$AA"'s/^/ /' config.py BB=`cat -n config.py | grep DB_PASSWORD | awk '{print $1}'` sed -i "${BB}c DB_PASSWORD = 'somepassword'" config.py sed -i ''"$BB"'s/^/ /' config.py cd /opt/jumpserver/utils/ --會跳出提示,請直接回車 bash make_migrations.sh cd /opt/jumpserver ./jms start all 再請瀏覽器訪問 http://本機ip:8080/ 預設賬號: admin 密碼: admin
二、配置 Nginx 整合各元件 yum -y install nginx vi /etc/nginx/nginx.conf --把server以及以下的內容全部刪除 200dd(再把以下內容全部貼上上去) server { listen 80; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location /luna/ { try_files $uri / /index.html; alias /opt/luna/; } location /media/ { add_header Content-Encoding gzip; root /opt/jumpserver/data/; } location /static/ { root /opt/jumpserver/data/; } location /socket.io/ { proxy_pass http://localhost:5000/socket.io/; # 如果coco安裝在別的伺服器,請填寫它的ip proxy_buffering off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /guacamole/ { proxy_pass http://localhost:8081/; # 如果guacamole安裝在別的伺服器,請填寫它的ip proxy_buffering off; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; access_log off; } location / { proxy_pass http://localhost:8080; # 如果jumpserver安裝在別的伺服器,請填寫它的ip } } } nginx -t /etc/nginx/nginx.conf systemctl start nginx systemctl enable nginx ./jms start all 再請瀏覽器訪問 http://本機ip/ 預設賬號: admin 密碼: admin