jumpServer 安装、配置

环境要求

1. Python = 3.6.x （python -V）
2. Mysql Server ≥ 5.6 （mysql -V）
3. Mariadb Server ≥ 5.5.56
4. Redis

安装 python 3.7

安装依赖：yum install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel libffi-devel gcc make
下载包：wget https://www.python.org/ftp/python/3.7.7/Python-3.7.7.tar.xz
解压缩：tar -xvJf Python-3.7.7.tar.xz
编译：./configure
make&&make install

. python 备份，python3 软连接到 python
python 软连接：ln -s /usr/local/bin/python3 /usr/bin/python
pip3 软连接：ln -s /usr/local/bin/pip3 /usr/bin/pip3

报错：yum 不可用，第一行改成 python2
vi /usr/libexec/urlgrabber-ext-down 
vi /usr/bin/yum

安装Redis

下载包：wget http://download.redis.io/releases/redis-4.0.6.tar.gz
解压缩：tar -zxvf redis-4.0.6.tar.gz
gcc依赖：yum install gcc （gcc -v）
cd redis-4.0.6
编译解压：make MALLOC=libc　
启动：redis-server

设置redis开机自启动

/etc目录下新建redis目录：mkdir redis
cp /usr/local/redis-4.0.6/redis.conf /etc/redis/6379.conf
cp /usr/local/redis-4.0.6/utils/redis_init_script /etc/init.d/redisd

报错：chkconfig redisd on -- service redisd does not support chkconfig
redisd文件，在第一行加入如下两行注释
# chkconfig:   2345 90 10
# description:  Redis is a persistent key-value database　

service redisd start

nohup src/redis-server > /dev/null 2>&1 &
ps aux|grep redis

查看 python 虚拟环境

env python -V

获取 JumpServer

cd /opt
git clone –depth=1 https://github.com/jumpserver/jumpserver.git
cd /opt/jumpserver/requirements
yum -y install $(cat rpm_requirements.txt)
pip3 install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/

创建数据库 Jumpserver 并授权

create database jumpserver default charset ‘utf8’;
flush privileges;
grant all on jumpserver.* to ‘jumpserver’@’127.0.0.1’ identified by ‘jumps1@db’;

修改 Jumpserver 配置文件

cd /opt/jumpserver
cp config_example.py config.py
vi config.py

# 生成随机SECRET_KEY
SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50` 
# 生成随机BOOTSTRAP_TOKEN
BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`  

#配置密钥
sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g" /opt/jumpserver/config.yml
#配置token信息
sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /opt/jumpserver/config.yml
#关闭debug
sed -i "s/# DEBUG: true/DEBUG: false/g" /opt/jumpserver/config.yml
#修改日志界别为error
sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" /opt/jumpserver/config.yml
#设定session在关闭浏览器的时候清空
sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /opt/jumpserver/config.yml
#替换数据库的密码配置
sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" /opt/jumpserver/config.yml

启动 jumpserver

./jms start all -d

报错：pip install psutil -i https://mirrors.aliyun.com/pypi/simple/