一、jumpserver一键部署方式:
可以直接登录官网查看一键部署的地址:https://docs.jumpserver.org/zh/master/install/setup_by_fast/
1、默认会安装到 /opt/jumpserver-installer-v2.13.2 目录
root@localhost:/opt#curl -SSL https://github.com/jumpserver/jumpserver/releases/download/v2.28.6/quick_start.sh | bash ████████████████████████████████████████ 100%[Success]: download install script to /opt/jumpserver-installer-v2.28.6 [Info]: Start executing the installation script. [Info]: In an automated script deployment, note the message prompts on the screen.████████████████████████████████████████ 100%[Success]: The Installation is Complete. For more commands, you can enter jmsctl –help to view help informatio
也可以直接通过本地址下载一键部署脚本到本地再运行https://github.com/jumpserver/jumpserver/releases/download/v2.28.6/quick_start.sh
直接下载部署:
cd /opt
wget https://github.com/jumpserver/installer/releases/download/v2.28.6/jumpserver-installer-v2.28.6.tar.gz
tar -xf jumpserver-installer-v2.28.6.tar.gz
cd jumpserver-installer-v2.28.6
下一步直接保持默认,直至安装完成
2、安装完成后配置文件
cat /opt/jumpserver/config/config.txt
cd /opt/jumpserver-installer-v2.28.6/ 启动 ./jmsctl.sh start 停止 ./jmsctl.sh down 卸载 ./jmsctl.sh uninstall 帮助 ./jmsctl.sh -h
启动jumpserver
[root@localhost jumpserver-installer-v2.28.6]# ./jmsctl.sh start
查看jumpserver启动的相关镜像
[root@localhost /]# docker ps -a
http://10.0.0.97 初始账号密码为:admin admin
二、配置开机自启动:
创建jms.service、coco.service两个文件
[root@localhost ~]# vim /usr/lib/systemd/system/jms.service
[Unit]
Description=jms
After=network.target mariadb.service redis.service
Wants=mariadb.service redis.service
[Service]
Type=forking
Environment=”PATH=/opt/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin”
ExecStart=/opt/jumpserver/jms start all -d
ExecReload=
ExecStop=/opt/jumpserver/jms stop
[Install]
WantedBy=multi-user.target
[root@localhost ~]# vim /usr/lib/systemd/system/coco.service
[Unit]
Description=coco
After=network.target jms.service
[Service]
Type=forking
PIDFile=/opt/coco/coco.pid
Environment=”PATH=/opt/py3/bin”
ExecStart=/opt/coco/cocod start -d
ExecReload=
ExecStop=/opt/coco/cocod stop
[Install]
WantedBy=multi-user.target
执行以下命令即可
[root@localhost ~]# systemctl enable jms
[root@localhost ~]# systemctl enable coco
三、配置https访问
首先检查宿主机上的firewalld防火墙以及selinux的程序是否放开或关闭,配置https的ssl证书文件可用openssl自建证书,但是有可能会报错。
另一种方法就是在腾讯云或是阿里云等上面申请免费证书,证书上传至上传证书到上传证书到/opt/jumpserver/config/nginx/cert目录(域名是和证书绑定的我这里用的是suuyuu.cn下的免费证书“阿里云每个域名可申请20个免费证书”耳机域名可自定义)
编辑 vim /opt/jumpserver/config/config.txt 配置文件,把证书和密钥文件指向此处的路径,注意https的配置默认是注释掉的,记得把注释打开。
[root@localhost ~]# vim /opt/jumpserver/config/config.txt
