本文vagrantfile配置详细参考vagrant-jumpserver
目录
Database
sudo apt install -y mysql-server
# mysql -uroot -p
# CREATE DATABASE jumpserver default charset 'utf8' collate 'utf8_bin';
# GRANT ALL PRIVILEGES on jumpserver.* to jumpserver@localhost IDENTIFIED BY '123456';
# FLUSH PRIVILEGES;
sudo apt install -y redis-server
Python3.6
sudo add-apt-repository -y ppa:deadsnakes/ppa
sudo apt update
sudo apt install -y python3.6 python3.6-dev python3.6-venv
sudo python3.6 -m venv /opt/py3
sudo chown -R `whoami`:`whoami` /opt/py3
source /opt/py3/bin/activate
JumpServer
wget http://file.nuozhilin.site/3_linux/jumpserver-2.0.0.tar.gz
tar xf jumpserver-2.0.0.tar.gz
sudo mv jumpserver-2.0.0 /opt/jumpserver
cd /opt/jumpserver/requirements
pip install wheel -i https://mirrors.aliyun.com/pypi/simple/
pip install --upgrade pip setuptools -i https://mirrors.aliyun.com/pypi/simple/
# sudo apt install -y build-essential libmysqlclient-dev libkrb5-dev libldap2-dev libsasl2-dev
pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
cd /opt/jumpserver
cp config_example.yml config.yml
vim config.yml
# SECRET_KEY => cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 49
# BOOTSTRAP_TOKEN => cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16
# DB_PASSWORD: '123456'
export LC_ALL="en_US.UTF-8"
./jms start
# ./jms start -d
Koko
wget http://134.175.107.119/download/koko/2.0.0/koko-master-linux-amd64.tar.gz
tar xf koko-master-linux-amd64.tar.gz
sudo mv kokodir /opt/
cd /opt/kokodir/
cp config_example.yml config.yml
vim config.yml
# BOOTSTRAP_TOKEN => 和jumpserver保持一致
./koko
# ./koko -d
ssh -p 2222 admin@192.168.56.111
# admin
Lina
wget http://134.175.107.119/download/lina/2.0.0/lina.tar.gz
tar xf lina.tar.gz
sudo mv lina /opt/
Luna
wget http://134.175.107.119/download/luna/2.0.0/luna.tar.gz
tar xf luna.tar.gz
sudo mv luna /opt/
Nginx
sudo apt install -y nginx
sudo vim /etc/nginx/sites-enabled/jumpserver.conf
server {
listen 80;
client_max_body_size 100m;
location /ui/ {
try_files $uri / /index.html;
alias /opt/lina/;
}
location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}
location /media/ {
add_header Content-Encoding gzip;
root /opt/jumpserver/data/;
}
location /static/ {
root /opt/jumpserver/data/;
}
location /koko/ {
proxy_pass http://localhost:5000;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /guacamole/ {
proxy_pass http://localhost:8081/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location /ws/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8070;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /api/ {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /core/ {
proxy_pass http://localhost:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
rewrite ^/(.*)$ /ui/$1 last;
}
}
sudo rm /etc/nginx/sites-enabled/default
sudo nginx -t
sudo nginx -s reload
网友评论