centos7安裝最新版jumpserver

時間 2019-12-24

標籤 centos7 centos 安裝最新版 jumpserver 欄目 Tomcat 简体版

原文原文鏈接

1.安裝python3環境
更新epel-release
＄yum install -y python36 python36-devel python36-pip
安裝python後，還要修改如下兩個文件內容：
1）/usr/bin/yumpython

將第一行 #！/usr/bin/yum修改成：#!/usr/bin/python2.7
2） /usr/libexec/urlgrabber-ext-down
將第一行#!/usr/bin/python修改成了#!/usr/bin/python2.7
再使用yum進行後面的安裝
2.安裝redismysql

＄yum -y install redis
＄systemctl enable redis
＄systemctl start redis

3.安裝mysqllinux

$ yum -y install mariadb mariadb-devel mariadb-server MariaDB-shared # centos7下叫mariadb, 用法與mysql一致
$ systemctl enable mariadb
$ systemctl start mariadb
$ DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`  # 生成隨機數據庫密碼

$ echo -e "\033[31m 你的數據庫密碼是 $DB_PASSWORD \033[0m"
$ mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'
@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"

4.安裝jumpserver
解壓jumpserver的包 git地址： git clone --depth=1 https://github.com/jumpserver/jumpserver.git
進入解壓後的jumpserver路徑，安裝依賴和模塊，所以處用到pip命令，默認是國外的源，安裝起來就比較慢，配置pip加速：nginx

$ mkdir ~/.pip
$ cat > ~/.pip/pip.conf << EOF
> [global]
> trusted-host=mirrors.aliyun.com
> index-url=https://mirrors.aliyun.com/pypi/simple/
EOF

而後進行安裝：git

$ yum -y install $(cat /usr/local/kaiyuan/jumpserver/jumpserver/requirements/rpm_requirements.txt)
$ pip3.6 install -r
修改jumpserver配置文件：
$ cd /usr/local/kaiyuan/junpserverjumpserver
$ cp config_example.yml config.yml
$ SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`  # 生成隨機SECRET_KEY
$ echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
$ BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`  # 生成隨機BOOTSTRAP_TOKEN
$ echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
$ sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g"  config.yml
$ sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" config.yml
$ sed -i "s/# DEBUG: true/DEBUG: false/g" config.yml
$ sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" config.yml
$ sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" config.yml
$ sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" config.yml
$ echo -e "\033[31m 你的SECRET_KEY是 $SECRET_KEY \033[0m"
$ echo -e "\033[31m 你的BOOTSTRAP_TOKEN是 $BOOTSTRAP_TOKEN \033[0m"

確認配置文件，先將debug改成true：
$ vi config.ymlgithub

null
SECURITY WARNING: keep the secret key used in production secret!
加密祕鑰 生產環境中請修改成隨機字符串, 請勿外泄, PS: 純數字不能夠
SECRET_KEY:
SECURITY WARNING: keep the bootstrap token used in production secret!
預共享Token coco和guacamole用來註冊服務帳號, 不在使用原來的註冊接受機制BOOTSTRAP_TOKEN:
Development env open this, when error occur display the full process track, Production disable it
DEBUG 模式 開啓DEBUG後遇到錯誤時能夠看到更多日誌
DEBUG: true
DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
日誌級別
LOG_LEVEL: ERROR
LOG_DIR:
Session expiration setting, Default 24 hour, Also set expired on on browser close
瀏覽器Session過時時間, 默認24小時, 也能夠設置瀏覽器關閉則過時# SESSION_COOKIE_AGE: 86400
SESSION_EXPIRE_AT_BROWSER_CLOSE: true
Database setting, Support sqlite3, mysql, postgres ....
數據庫設置# See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
SQLite setting:# 使用單文件sqlite數據庫
DB_ENGINE: sqlite3# DB_NAME:
MySQL or postgres setting like:
使用Mysql做爲數據庫~~~~
DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD:
DB_NAME: jumpserver
When Django start it will bind this host and port
./manage.py runserver 127.0.0.1:8000
運行時綁定端口
HTTP_BIND_HOST: 127.0.0.1
HTTP_LISTEN_PORT: 8000
Use Redis as broker for celery and web socket# Redis配置
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
REDIS_PASSWORD:# REDIS_DB_CELERY: 3
REDIS_DB_CACHE: 4
Use OpenID authorization
使用OpenID 來進行認證設置# BASE_SITE_URL: http://localhost:8080# AUTH_OPENID: false  # True or False# AUTH_OPENID_SERVER_URL: https://openid-auth-server.com/
AUTH_OPENID_REALM_NAME: realm-name
AUTH_OPENID_CLIENT_ID: client-id
AUTH_OPENID_CLIENT_SECRET: client-secret
OTP settings# OTP/MFA 配置
OTP_VALID_WINDOW: 0
OTP_ISSUER_NAME: Jumpserver

小貼士：修改jms文件的內容中運行manage.py的命令改成python3，否則運行報錯沒有django模塊
web

5.安裝luna、coco
1）安裝luna比較簡單，將luna的包解壓後，屬主改成root就能夠了

2）coco安裝
下載coco配置包，git地址： git clone https://github.com/jumpserver/coco.git
解壓coco的包並進入coco目錄，安裝相關模塊和依賴redis

$ cd /usr/local/kaiyuan/jumpserver/coco/requirements
$ yum -y install $(cat rpm_requirements.txt)
$ pip3.6 install -r requirements.txt
$ cd  /usr/local/kaiyuan/jumpserver/coco
$ cp config_example.yml config.yml
coco密鑰：
$ sed -i "s/BOOTSTRAP_TOKEN: <PleasgeChangeSameWithJumpserver>/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" config.yml
$ sed -i "s/# LOG_LEVEL: INFO/LOG_LEVEL: ERROR/g" config.yml
$ vim config.yml  （BOOTSTRAP_TOKEN與jumpserver的config.yml保持一致）

運行coco ./cocod start -d
6.安裝配置nginxsql

$ yum install nginx -y ##安裝
$ systemctl enable nginx ##設置開機啓動
$ cd /etc/nginx/conf.d/
$ vim jumpserver.conf ##編寫jumpserver相關配置
$ systemctl start nginx ##運行nginx
7.關閉selinux和防火牆
記得將jumpserver的debug改成false

8.瀏覽器打開本身設置好的域名，或者主機ip訪問頁面：

數據庫

相關標籤/搜索

jumpserver