centos7
注意事项: 各组件须使用相同版本!!!!
vim /etc/selinux/config
SELINUX=disable
systemctl disable firewalld.service
wget https://github.com/jumpserver/jumpserver/releases/download/v2.2.2/jumpserver-v2.2.2.tar.gz
yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git
yum install libffi-devel -y
wget https://www.python.org/ftp/python/3.7.0/Python-3.7.0.tgz
tar -zxvf Python-3.7.0.tgz
cd Python-3.7.0/
./configure --prefix=/usr/local/python3
make -j 4 && make install
ln -s /usr/local/python3/bin/python3 /usr/bin/python3
ln -s /usr/local/python3/bin/pip3 /usr/bin/pip3
cd /opt
python3 -m venv jumpy # 创建
source /opt/jumpy/bin/activate #开启
cd /opt/
tar -xf jumpserver-v2.2.2.tar.gz
rm jumpserver-v2.2.2.tar.gz
mv jumpserver-v2.2.2/ jumpserver
cd jumpserver
cd requirements/
yum install -y cat rpm_requirements.txt
pip install wheel -i https://mirrors.aliyun.com/pypi/simple/
pip install --upgrade pip setuptools -i https://mirrors.aliyun.com/pypi/simple/
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
yum install redis -y
systemctl enable --now redis
#yum install mariadb mariadb-devel mariadb-server -y
#systemctl enable --now mariadb
wget -i -c http://dev.mysql.com/get/mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql57-community-release-el7-10.noarch.rpm
yum -y install mysql-community-server
systemctl enable --now mysqld.service
cat /var/log/mysqld.log | grep -i pass
2022-01-13T08:03:30.631058Z 1 Note A temporary password is generated for root@localhost: _njl5ehUX46K
alter user user() identified by "Jumpserver1!"; #修改初始密码
创建数据库
mysql -uroot -pJumpserver1!
create database jumpserver default charset 'utf8'; # 创建数据库
grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'Jumpserver1!'; # 授权jumpserver用户在本地对jumpserver数据库的任意表有全部权限
修改jumpserver配置文件
cd /opt/jumpserver/
cp config_example.yml config.yml
vim config.yml
SECRET_KEY: 123456a
BOOTSTRAP_TOKEN: 345678a
DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD: Jumpserver1!
DB_NAME: jumpserver
jumpserver表构建
cd /opt/jumpserver/
cd utils/
bash make_migrations.sh
cd /opt/jumpserver
./jms start all -d # 启动所有服务 -d=后台
启动后就可以以8080端口访问了
cd /opt
wget https://github.com/jumpserver/koko/releases/download/v2.2.2/koko-v2.2.2-linux-amd64.tar.gz
tar -xf koko-master-linux-amd64.tar.gz
mv koko-v2.2.2-linux-amd64 koko
chown -R root:root koko
cd koko
cp config_example.yml config.yml
vim config.yml
BOOTSTRAP_TOKEN: 345678a # 需要和jumpserver配置的相同
./koko -d
cd /opt
wget https://github.com/jumpserver/lina/releases/download/v2.2.2/lina-v2.2.2.tar.gz
tar -xf lina-v2.17.3.tar.gz
mv lina-v2.17.3 lina
wget wget https://github.com/jumpserver/luna/releases/download/v2.2.2/luna-v2.2.2.tar.gz
tar -zxvf luna.tar.gz
chown -R root:root luna
yum -y install nginx
rm -rf /etc/nginx/config.d/default.conf
cd /etc/nginx/conf.d/
touch jumpserver.conf
vim jumpserver.conf
server {
listen 80;
client_max_body_size 100m; # 录像及文件上传大小限制
location /ui/ {
try_files $uri / /index.html;
alias /opt/lina/;
}
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/; # luna 路径, 如果修改安装目录, 此处需要修改
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/; # 录像位置, 如果修改安装目录, 此处需要修改
}
location /static/ {
root /opt/jumpserver/data/; # 静态资源, 如果修改安装目录, 此处需要修改
}
location /koko/ {
proxy_pass http://localhost:5000;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /guacamole/ {
proxy_pass http://localhost:8081/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /ws/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8070;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
systemctl enable --now nginx
cd /opt
wget https://community.fit2cloud.com/#/products/jumpserver/downloads
tar -xf jumpserver-installer-v2.17.3.tar.gz
cd jumpserver-installer-v2.17.3
修改配置文件
./jmsctl.sh install # 安装
# 启动
./jmsctl.sh start # 开启
解决方案: 为config.yml中的secret_key赋值即可
解决方案: 通过打印该key发现是配置文件中的secretkey, 修改为字符串即可, 若使用纯数字须在数字两边加引号
解决方案: 更改为mysql数据库
解决方案:
cd /opt/jumpserver/apps/locale/zh/LC_MESSAGES/
rm django.mo
vim django.po
修改language配置项从CN->EN"Language: zh_EN\n"
msgfmt django.po
mv messages.mo django.mo
如果报错是djangojs.mo, 修改djangojs.po文件中的language为en
File "/opt/jumpserver/apps/perms/serializers/application/permission.py", line 58
if request := self.context.get('request'):
解决方案:
vim /opt/jumpserver/apps/perms/serializers/application/permission.py
58行修改为
if request == self.context.get('request'):
原因: 版本不同
解决方案: 使用相同版本的各组件
原因: SELinux
原因: 版本问题
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。
本文系转载,前往查看
如有侵权,请联系 cloudcommunity@tencent.com 删除。