一、解压安装包

yum -y install libtiff-devel libjpeg-devel libzip-devel freetype-devel lcms2-devel libwebp-devel tcl-devel tk-devel sshpass openldap-devel
 

[root@jumpserver packer]# tar -zxf jumpserver-2.0.1.tar.gz 
[root@jumpserver packer]# cp -rp jumpserver-2.0.1 /opt/jumpserver

[root@jumpserver requirements]# python3.6 -m venv /opt/py3

pip install wheel -i https://mirrors.aliyun.com/pypi/simple/

pip install --upgrade pip setuptools -i https://mirrors.aliyun.com/pypi/simple/

pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/

 

如果上面安装错误，那就换成下面的清华源来安装 大笨蛋
pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple

##反正这一步很坑，多按几次就好了 换源

二、配置jumpserver

cd /opt/jumpserver && \ cp config_example.yml config.yml && \ vi config.yml

1、生成秘钥

if [ ! "$SECRET_KEY" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc; echo $SECRET_KEY; else echo $SECRET_KEY; fi if [ ! "$BOOTSTRAP_TOKEN" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc; echo $BOOTSTRAP_TOKEN; else echo $BOOTSTRAP_TOKEN; fi

[root@instance-2synmlu6 ~]# cat /root/.bashrc

根据最后2行的秘钥去填写

 

配置文件

SECRET_KEY: WZa0Arp980Y8wm0aSlfbpJU5MyeYG56O8K98tbUEefc09R1kv
BOOTSTRAP_TOKEN: wozxlhpY1PxS9oqf
DEBUG: false

LOG_LEVEL: ERROR
SESSION_EXPIRE_AT_BROWSER_CLOSE: true

DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD: jumpserver
DB_NAME: jumpserver
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD: jumpserver
WINDOWS_SKIP_ALL_MANUAL_PASSWORD: True
 

 2、启动jumpserver

cd /opt/jumpserver

./jms start -d

3、安装koko组件

(py3) [root@instance-2synmlu6 opt]# tar -zxf /home/packer/koko-master-linux-amd64.tar.gz 
 (py3) [root@instance-2synmlu6 opt]# chown -R root:root koko

cd koko

cp config_example.yml config.yml && \ vi config.yml 

BOOTSTRAP_TOKEN: wozxlhpY1PxS9oqf

LOG_LEVEL: ERROR
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD: jumpserver
# REDIS_CLUSTERS:
REDIS_DB_ROOM: 6

(py3) [root@instance-2synmlu6 kokodir]# ./koko -d 
 

4、安装lina

(py3) [root@instance-2synmlu6 opt]# tar -zxf /home/packer/lina.tar.gz 

(py3) [root@instance-2synmlu6 opt]# chown -R nginx:nginx lina

 

5、部署Guacamole

安装docker (具体安装docker请看链接)

http://106.12.100.206/article/146

yum install docker-ce

systemctl start docker

docker run --name jms_guacamole -d \
  -p 127.0.0.1:8081:8080 \
  -e JUMPSERVER_SERVER=http://内网地址:8080 \
  -e BOOTSTRAP_TOKEN=wozxlhpY1PxS9oqf \
  -e GUACAMOLE_LOG_LEVEL=ERROR \
  jumpserver/jms_guacamole:v2.1.0

6、安装配置nginx

yum -y install gcc gcc-c++ autoconf automake make

yum install -y zlib zlib-devel pcre pcre-devel openssl openssl-devel

http://106.12.100.206/article/60

echo > /etc/nginx/conf.d/default.conf

vi /etc/nginx/conf.d/jumpserver.conf

编辑配置文件

server { listen 80; client_max_body_size 100m; # 录像及文件上传大小限制 location /ui/ { try_files $uri / /index.html; alias /opt/lina/; } location /luna/ { try_files $uri / /index.html; alias /opt/luna/; # luna 路径, 如果修改安装目录, 此处需要修改 } location /media/ { add_header Content-Encoding gzip; root /opt/jumpserver/data/; # 录像位置, 如果修改安装目录, 此处需要修改 } location /static/ { root /opt/jumpserver/data/; # 静态资源, 如果修改安装目录, 此处需要修改 } location /koko/ { proxy_pass http://localhost:5000; proxy_buffering off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; access_log off; } location /guacamole/ { proxy_pass http://localhost:8081/; proxy_buffering off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; access_log off; } location /ws/ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://localhost:8070; proxy_http_version 1.1; proxy_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/ { proxy_pass http://localhost:8080; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /core/ { proxy_pass http://localhost:8080; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location / { rewrite ^/(.*)$ /ui/$1 last; } }

加入开机自启动

(py3) [root@instance-2synmlu6 kokodir]# tail -10 /etc/rc.local
restorecon -RF root/.ssh 2>/dev/null || :
echo never > /sys/kernel/mm/transparent_hugepage/enabled

/etc/init.d/redis start 
source /opt/py3/bin/activate
cd /opt/jumpserver/
./jms start all -d
cd /opt/kokodir
./koko -d
 

安装常见jumpserver错误篇

https://www.he-jason.com/linuxbasic/linux-basic/288.html 

安装文档

https://www.cnblogs.com/93bok/p/12425408.html

https://cnesa.cn/?post=560