一、解压安装包
yum -y install libtiff-devel libjpeg-devel libzip-devel freetype-devel lcms2-devel libwebp-devel tcl-devel tk-devel sshpass openldap-devel
[root@jumpserver packer]# tar -zxf jumpserver-2.0.1.tar.gz
[root@jumpserver packer]# cp -rp jumpserver-2.0.1 /opt/jumpserver[root@jumpserver requirements]# python3.6 -m venv /opt/py3
pip install wheel -i https://mirrors.aliyun.com/pypi/simple/pip install --upgrade pip setuptools -i https://mirrors.aliyun.com/pypi/simple/
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
如果上面安装错误,那就换成下面的清华源来安装 大笨蛋
pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
##反正这一步很坑,多按几次就好了 换源
二、配置jumpserver
cd /opt/jumpserver && \ cp config_example.yml config.yml && \ vi config.yml
1、生成秘钥
if [ ! "$SECRET_KEY" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc; echo $SECRET_KEY; else echo $SECRET_KEY; fi if [ ! "$BOOTSTRAP_TOKEN" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc; echo $BOOTSTRAP_TOKEN; else echo $BOOTSTRAP_TOKEN; fi
[root@instance-2synmlu6 ~]# cat /root/.bashrc
根据最后2行的秘钥去填写
配置文件
SECRET_KEY: WZa0Arp980Y8wm0aSlfbpJU5MyeYG56O8K98tbUEefc09R1kv
BOOTSTRAP_TOKEN: wozxlhpY1PxS9oqf
DEBUG: falseLOG_LEVEL: ERROR
SESSION_EXPIRE_AT_BROWSER_CLOSE: trueDB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD: jumpserver
DB_NAME: jumpserver
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD: jumpserver
WINDOWS_SKIP_ALL_MANUAL_PASSWORD: True
2、启动jumpserver
cd /opt/jumpserver
./jms start -d
3、安装koko组件
(py3) [root@instance-2synmlu6 opt]# tar -zxf /home/packer/koko-master-linux-amd64.tar.gz
(py3) [root@instance-2synmlu6 opt]# chown -R root:root kokocd koko
cp config_example.yml config.yml && \ vi config.yml
BOOTSTRAP_TOKEN: wozxlhpY1PxS9oqf
LOG_LEVEL: ERROR
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD: jumpserver
# REDIS_CLUSTERS:
REDIS_DB_ROOM: 6
(py3) [root@instance-2synmlu6 kokodir]# ./koko -d
4、安装lina
(py3) [root@instance-2synmlu6 opt]# tar -zxf /home/packer/lina.tar.gz
(py3) [root@instance-2synmlu6 opt]# chown -R nginx:nginx lina
5、部署Guacamole
安装docker (具体安装docker请看链接)
http://106.12.100.206/article/146
yum install docker-ce
systemctl start docker
docker run --name jms_guacamole -d \
-p 127.0.0.1:8081:8080 \
-e JUMPSERVER_SERVER=http://内网地址:8080 \
-e BOOTSTRAP_TOKEN=wozxlhpY1PxS9oqf \
-e GUACAMOLE_LOG_LEVEL=ERROR \
jumpserver/jms_guacamole:v2.1.0
6、安装配置nginx
yum -y install gcc gcc-c++ autoconf automake make
yum install -y zlib zlib-devel pcre pcre-devel openssl openssl-devel
http://106.12.100.206/article/60
echo > /etc/nginx/conf.d/default.conf
vi /etc/nginx/conf.d/jumpserver.conf
编辑配置文件
server { listen 80; client_max_body_size 100m; # 录像及文件上传大小限制 location /ui/ { try_files $uri / /index.html; alias /opt/lina/; } location /luna/ { try_files $uri / /index.html; alias /opt/luna/; # luna 路径, 如果修改安装目录, 此处需要修改 } location /media/ { add_header Content-Encoding gzip; root /opt/jumpserver/data/; # 录像位置, 如果修改安装目录, 此处需要修改 } location /static/ { root /opt/jumpserver/data/; # 静态资源, 如果修改安装目录, 此处需要修改 } location /koko/ { proxy_pass http://localhost:5000; proxy_buffering off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; access_log off; } location /guacamole/ { proxy_pass http://localhost:8081/; proxy_buffering off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; access_log off; } location /ws/ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://localhost:8070; proxy_http_version 1.1; proxy_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /api/ { proxy_pass http://localhost:8080; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /core/ { proxy_pass http://localhost:8080; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location / { rewrite ^/(.*)$ /ui/$1 last; } }
加入开机自启动
(py3) [root@instance-2synmlu6 kokodir]# tail -10 /etc/rc.local
restorecon -RF root/.ssh 2>/dev/null || :
echo never > /sys/kernel/mm/transparent_hugepage/enabled/etc/init.d/redis start
source /opt/py3/bin/activate
cd /opt/jumpserver/
./jms start all -d
cd /opt/kokodir
./koko -d
安装常见jumpserver错误篇
https://www.he-jason.com/linuxbasic/linux-basic/288.html
安装文档
https://www.cnblogs.com/93bok/p/12425408.html
有问题请加博主微信进行沟通!
全部评论