Last update at :2024-05-11,Edit by888u
JumpServer is the world's first completely open source bastion machine. It uses the GNU GPL v2.0 open source protocol and is a professional operation and maintenance audit system that complies with 4A. Many people know this system, but don't know how to install it. Today, the blogger will bring you an installation tutorial for using centos server.
1. JumpServer official website
Click here to enter JumpServer official website
2. Installation tutorial
- System: centos7
- Keep the server network open
The following commands are all executed in a terminal!
echo -e "/033[31m 1. Firewall Selinux settings /033[0m" / && if [ "$(systemctl status firewalld | grep running)" != "" ]; then firewall-cmd --zone=public --add-port=80/tcp --permanent; firewall-cmd --zone=public --add-port=2222/tcp --permanent; firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.17.0.0/16" port protocol="tcp" port="8080" accept"; firewall-cmd --reload; fi / && if [ "$(getenforce)" != "Disabled" ]; then setsebool -P httpd_can_network_connect 1; fi
echo -e "/033[31m 2. Deployment environment /033[0m" / && yum update -y / && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime / && yum -y install kde-l10n-Chinese / && localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 / && export LC_ALL=zh_CN.UTF-8 / && echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf / && yum -y install wget gcc epel-release git / && yum install -y yum-utils device-mapper-persistent-data lvm2 / && yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo / && yum makecache fast / && rpm --import https://mirrors.aliyun.com/docker-ce/linux/centos/gpg / && echo -e "[nginx-stable]/nname=nginx stable repo/nbaseurl=http://nginx.org/packages/centos//$releasever//$basearch//ngpgcheck=1/nenabled=1/ngpgkey= https://nginx.org/keys/nginx_signing.key" > /etc/yum.repos.d/nginx.repo / && rpm --import https://nginx.org/keys/nginx_signing.key / && yum -y install redis mariadb mariadb-devel mariadb-server MariaDB-shared nginx docker-ce / && systemctl enable redis mariadb nginx docker / && systemctl start redis mariadb / && yum -y install python36 python36-devel / && python3.6 -m venv /opt/py3
echo -e "/033[31m 3. Download components /033[0m" / && cd /opt / && if [ ! -d "/opt/jumpserver" ]; then git clone --depth=1 https://github.com/jumpserver/jumpserver.git; fi / && if [ ! -f "/opt/luna.tar.gz" ]; then wget https://demo.jumpserver.org/download/luna/1.5.6/luna.tar.gz; tar xf luna.tar. gz; chown -R root:root luna; fi / && yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt) / && echo -e "[easy_install]/nindex_url = https://mirrors.aliyun.com/pypi/simple/" > ~/.pydistutils.cfg / && source /opt/py3/bin/activate / && pip install wheel -i https://mirrors.aliyun.com/pypi/simple/ / && pip install --upgrade pip setuptools -i https://mirrors.aliyun.com/pypi/simple/ / && pip install -r /opt/jumpserver/requirements/requirements.txt -i https://mirrors.aliyun.com/pypi/simple/ / && mkdir /etc/docker / && wget -O /etc/docker/daemon.json http://demo.jumpserver.org/download/docker/daemon.json / && systemctl restart docker / && docker pull wojiushixiaobai/jms_koko:1.5.6 / && docker pull wojiushixiaobai/jms_guacamole:1.5.6 / && rm -rf /etc/nginx/conf.d/default.conf / && wget -O /etc/nginx/conf.d/jumpserver.conf https://demo.jumpserver.org/download/nginx/conf.d/jumpserver.conf
echo -e "/033[31m 4. Processing configuration files /033[0m" /
&& source ~/.bashrc /
&& if [ "$DB_PASSWORD" = "" ]; then DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`; fi /
&& if [ "$SECRET_KEY" = "" ]; then SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`; echo "SECRET_KEY=$SECRET_KEY" >> ~/ .bashrc; fi /
&& if [ "$BOOTSTRAP_TOKEN" = "" ]; then BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`; echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/ .bashrc; fi /
&& if [ "$Server_IP" = "" ]; then Server_IP=`ip addr | grep 'state UP' -A2 | grep inet | egrep -v '(127.0.0.1|inet6|docker)' | awk '{print $2 }' | tr -d "addr:" | head -n 1 | cut -d / -f1`; fi /
&& if [ ! -d "/var/lib/mysql/jumpserver" ]; then mysql -uroot -e "create database jumpserver default charset 'utf8';grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '$DB_PASSWORD';flush privileges;"; fi /
&& if [ ! -f "/opt/jumpserver/config.yml" ]; then cp /opt/jumpserver/config_example.yml /opt/jumpserver/config.yml; sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY /g" /opt/jumpserver/config.yml; sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /opt/jumpserver/config.yml; sed -i "s/# DEBUG: true/DEBUG: false/g" /opt/jumpserver/config.yml; sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" /opt/jumpserver/config.yml; sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/ SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /opt/jumpserver/config.yml; sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" /opt/jumpserver/config.yml; fi
echo -e "/033[31m 5. Start JumpServer /033[0m" / && systemctl start nginx / && cd /opt/jumpserver / && ./jms start -d / && docker run --name jms_koko -d -p 2222:2222 -p 127.0.0.1:5000:5000 -e CORE_HOST=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always wojiushixiaobai/jms_koko: 1.5.6/ && docker run --name jms_guacamole -d -p 127.0.0.1:8081:8080 -e JUMPSERVER_SERVER=http://$Server_IP:8080 -e BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN --restart=always wojiushixiaobai/jms_guacamole:1.5.6 / && echo -e "/033[31m Your database password is $DB_PASSWORD /033[0m" / && echo -e "/033[31m Your SECRET_KEY is $SECRET_KEY /033[0m" / && echo -e "/033[31m Your BOOTSTRAP_TOKEN is $BOOTSTRAP_TOKEN /033[0m" / && echo -e "/033[31m Your server IP is $Server_IP /033[0m" / && echo -e "/033[31m Please open the browser and visit http://$Server_IP Username: admin Password: admin /033[0m"
echo -e "/033[31m 6. Configure auto-start /033[0m" / && if [ ! -f "/usr/lib/systemd/system/jms.service" ]; then wget -O /usr/lib/systemd/system/jms.service https:
Recommended site searches: free asp.net space, domain name value evaluation, domain name space registration, mainland China site group server, US virtual space, IP rental, IP address search, Foshan high defense server, agent filing, query IP address,
All copyrights belong to 888u unless special state
发表评论