迁移文档

  • 升级及迁移请保持 SECRET_KEY 与旧版本一致,否则会导致数据库加密数据无法解密。

1 迁移说明

  • 统一企业版本与开源版本安装方式,社区版可以无缝切换到企业版。
  • 今后只会维护此安装方式,其他安装方式不再提供技术支持。
  • 安装完成后配置文件在 /opt/jumpserver/config/config.txt

2 迁移步骤

2.1 数据库备份

  • 在 jumpserver/config.yml 文件中获取数据库信息如下:
  1. ```yaml
  2. DB_HOST: 127.0.0.1 # 数据库服务器 IP
  3. DB_PORT: 3306 # 数据库服务器 端口
  4. DB_USER: jumpserver # 连接数据库的用户
  5. DB_PASSWORD: ****** # 连接数据库用户的密码
  6. DB_NAME: jumpserver # JumpServer 使用的数据库
  7. # mysqldump -h<DB_HOST> -P<DB_PORT> -u<DB_USER> -p<DB_PASSWORD> <DB_NAME> > /opt/<DB_NAME>.sql
  8. ```

!!! tip “”

  1. - 选择与自己环境部署方式对应的数据库备份方式:
  2. === "installer 部署"
  3. ```sh
  4. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  5. cat /opt/jumpserver/config/config.txt | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  6. ```
  7. ```sh
  8. ./jmsctl.sh backup_db
  9. ```
  10. === "源码部署"
  11. ```sh
  12. cd /opt/koko
  13. ./koko -s stop
  14. # 更老的版本使用的 coco guacamole
  15. # cd /opt/coco
  16. # ./cocod stop
  17. # /etc/init.d/guacd stop
  18. # sh /config/tomcat9/bin/shutdown.sh
  19. ```
  20. ```sh
  21. cd /opt/lion
  22. ps aux | grep lion | awk '{print $2}' | xargs kill -9
  23. ```
  24. ```sh
  25. cd /opt/jumpserver
  26. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  27. cat config.yml | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  28. ```
  29. ```sh
  30. source /opt/py3/bin/activate
  31. ./jms stop
  32. ```
  33. ```sh
  34. cd /opt
  35. mv /opt/jumpserver /opt/jumpserver_bak
  36. ```
  37. ```sh
  38. mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  39. ```
  40. === "组件容器化部署"
  41. ```sh
  42. docker stop jms_koko jms_lion
  43. docker rm jms_koko jms_lion
  44. # 更老的版本使用的 coco guacamole
  45. # docker stop jms_coco jms_guacamole
  46. # docker rm jms_coco jms_guacamole
  47. ```
  48. ```sh
  49. cd /opt/jumpserver
  50. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  51. cat config.yml | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  52. ```
  53. ```sh
  54. source /opt/py3/bin/activate
  55. ./jms stop
  56. ```
  57. ```sh
  58. cd /opt
  59. mv /opt/jumpserver /opt/jumpserver_bak
  60. ```
  61. ```sh
  62. mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  63. ```
  64. === "setuptools 脚本部署"
  65. ```sh
  66. cd /opt/setuptools
  67. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  68. cat config.conf | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  69. ```
  70. ```sh
  71. ./jmsctl.sh stop
  72. docker rm jms_koko jms_guacamole
  73. systemctl disable jms_core
  74. mv /opt/jumpserver /opt/jumpserver_bak
  75. ```
  76. ```sh
  77. mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  78. ```
  79. === "docker 部署"
  80. ```sh
  81. docker cp jms_all:/opt/jumpserver /opt/jumpserver_bak
  82. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  83. docker exec -it jms_all env | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  84. ```
  85. ```sh
  86. docker exec -it jms_all /bin/bash
  87. mysqldump -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /opt/jumpserver.sql
  88. exit
  89. ```
  90. ```sh
  91. docker cp jms_all:/opt/jumpserver.sql /opt
  92. docker stop jms_all
  93. ```
  94. === "docker-compose 部署"
  95. ```sh
  96. docker cp jms_core:/opt/jumpserver /opt/jumpserver_bak
  97. # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  98. docker exec -it jms_core env | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  99. ```
  100. ```sh
  101. docker exec -it jms_mysql /bin/bash
  102. mysqldump -uroot jumpserver > /opt/jumpserver.sql
  103. exit
  104. ```
  105. ```sh
  106. docker cp jms_mysql:/opt/jumpserver.sql /opt
  107. cd /opt/Dockerfile
  108. docker-compose stop
  109. ```

2.2 修改数据库字符集

!!! tip “”

  1. - 如果你不需要或不想处理数据库字符集可以跳过此步骤, 保证迁移前后的数据库字符集一样即可。
  2. ```sh
  3. if grep -q 'COLLATE=utf8_bin' /opt/jumpserver.sql; then
  4. cp /opt/jumpserver.sql /opt/jumpserver_bak.sql
  5. sed -i 's@ COLLATE=utf8_bin@@g' /opt/jumpserver.sql
  6. sed -i 's@ COLLATE utf8_bin@@g' /opt/jumpserver.sql
  7. else
  8. echo "备份数据库字符集正确";
  9. fi
  10. ```

2.3 下载 jumpserver-install

!!! tip “”

  1. ```sh
  2. cd /opt
  3. yum -y install wget
  4. wget https://github.com/jumpserver/installer/releases/download/{{ jumpserver.tag }}/jumpserver-installer-{{ jumpserver.tag }}.tar.gz
  5. tar -xf jumpserver-installer-{{ jumpserver.tag }}.tar.gz
  6. cd jumpserver-installer-{{ jumpserver.tag }}
  7. ```

2.4 编辑临时配置文件

!!! tip “”

  1. ```sh
  2. vi config-example.txt
  3. ```
  4. ```vim hl_lines="3 9-10"
  5. # 修改下面选项, 其他保持默认
  6. ### 数据持久化目录, 安装完成后请勿随意更改, 可以使用其他目录如: /data/jumpserver
  7. VOLUME_DIR=/opt/jumpserver
  8. ### 注意: SECRET_KEY 与旧版本不一致, 加密的数据将无法解密
  9. # Core 配置
  10. ### 启动后不能再修改,否则密码等等信息无法解密
  11. SECRET_KEY= # 从旧版本的配置文件获取后填入 (*)
  12. BOOTSTRAP_TOKEN= # 从旧版本的配置文件获取后填入 (*)
  13. LOG_LEVEL=ERROR
  14. # SESSION_COOKIE_AGE=86400
  15. SESSION_EXPIRE_AT_BROWSER_CLOSE=True # 关闭浏览器后 session 过期
  16. ```

2.5 开始部署 JumpServer

!!! tip “”

  1. - 选择与自己数据库环境对应的部署方式。
  2. === "使用新的内置数据库"
  3. ```sh
  4. ./jmsctl.sh install
  5. ```
  6. ```nginx hl_lines="31 48 57 61 65 69"
  7. ██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
  8. ██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
  9. ██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
  10. ██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
  11. ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
  12. ╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
  13. Version: {{ jumpserver.tag }}
  14. 1. 检查配置文件
  15. 配置文件位置: /opt/jumpserver/config
  16. /opt/jumpserver/config/config.txt [ √ ]
  17. /opt/jumpserver/config/nginx/lb_rdp_server.conf [ √ ]
  18. /opt/jumpserver/config/nginx/lb_ssh_server.conf [ √ ]
  19. /opt/jumpserver/config/nginx/cert/server.crt [ √ ]
  20. /opt/jumpserver/config/nginx/cert/server.key [ √ ]
  21. 完成
  22. 2. 备份配置文件
  23. 备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  24. 完成
  25. >>> 安装配置 Docker
  26. 1. 安装 Docker
  27. 开始下载 Docker 程序 ...
  28. 开始下载 Docker Compose 程序 ...
  29. 完成
  30. 2. 配置 Docker
  31. 是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n) (默认为 n): n
  32. 完成
  33. 3. 启动 Docker
  34. Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  35. 完成
  36. >>> 加载 Docker 镜像
  37. Docker: Pulling from jumpserver/core:{{ jumpserver.tag }} [ OK ]
  38. Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }} [ OK ]
  39. Docker: Pulling from jumpserver/web:{{ jumpserver.tag }} [ OK ]
  40. Docker: Pulling from jumpserver/redis:6-alpine [ OK ]
  41. Docker: Pulling from jumpserver/mysql:5 [ OK ]
  42. Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }} [ OK ]
  43. >>> 安装配置 JumpServer
  44. 1. 配置网络
  45. 是否需要支持 IPv6? (y/n) (默认为 n): n
  46. 完成
  47. 2. 配置加密密钥
  48. SECRETE_KEY: YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  49. BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  50. 完成
  51. 3. 配置持久化目录
  52. 是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n) (默认为 n): n
  53. 完成
  54. 4. 配置 MySQL
  55. 是否使用外部 MySQL? (y/n) (默认为 n): n
  56. 完成
  57. 5. 配置 Redis
  58. 是否使用外部 Redis? (y/n) (默认为 n): n
  59. 完成
  60. 6. 配置对外端口
  61. 是否需要配置 JumpServer 对外访问端口? (y/n) (默认为 n): n
  62. 完成
  63. 7. 初始化数据库
  64. Creating network "jms_net" with driver "bridge"
  65. Creating jms_mysql ... done
  66. Creating jms_redis ... done
  67. 2021-07-15 22:39:52 Collect static files
  68. 2021-07-15 22:39:52 Collect static files done
  69. 2021-07-15 22:39:52 Check database structure change ...
  70. 2021-07-15 22:39:52 Migrate model change to database ...
  71. 475 static files copied to '/opt/jumpserver/data/static'.
  72. Operations to perform:
  73. Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  74. Running migrations:
  75. Applying contenttypes.0001_initial... OK
  76. Applying contenttypes.0002_remove_content_type_name... OK
  77. Applying auth.0001_initial... OK
  78. Applying auth.0002_alter_permission_name_max_length... OK
  79. Applying auth.0003_alter_user_email_max_length... OK
  80. Applying auth.0004_alter_user_username_opts... OK
  81. Applying auth.0005_alter_user_last_login_null... OK
  82. Applying auth.0006_require_contenttypes_0002... OK
  83. Applying auth.0007_alter_validators_add_error_messages... OK
  84. Applying auth.0008_alter_user_username_max_length... OK
  85. ...
  86. Applying sessions.0001_initial... OK
  87. Applying terminal.0032_auto_20210302_1853... OK
  88. Applying terminal.0033_auto_20210324_1008... OK
  89. Applying terminal.0034_auto_20210406_1434... OK
  90. Applying terminal.0035_auto_20210517_1448... OK
  91. Applying terminal.0036_auto_20210604_1124... OK
  92. Applying terminal.0037_auto_20210623_1748... OK
  93. Applying tickets.0008_auto_20210311_1113... OK
  94. Applying tickets.0009_auto_20210426_1720... OK
  95. >>> 安装完成了
  96. 1. 可以使用如下命令启动, 然后访问
  97. cd /root/jumpserver-installer-{{ jumpserver.tag }}
  98. ./jmsctl.sh start
  99. 2. 其它一些管理命令
  100. ./jmsctl.sh stop
  101. ./jmsctl.sh restart
  102. ./jmsctl.sh backup
  103. ./jmsctl.sh upgrade
  104. 更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  105. 3. Web 访问
  106. http://192.168.100.212:80
  107. 默认用户: admin 默认密码: admin
  108. 4. SSH/SFTP 访问
  109. ssh -p2222 admin@192.168.100.212
  110. sftp -P2222 admin@192.168.100.212
  111. 5. 更多信息
  112. 我们的官网: https://www.jumpserver.org/
  113. 我们的文档: https://docs.jumpserver.org/
  114. ```
  115. ```sh
  116. docker exec -it jms_mysql /bin/bash
  117. # 如果变量 $MARIADB_ROOT_PASSWORD 不存在,请使用 $MYSQL_ROOT_PASSWORD
  118. mysql -uroot -p$MARIADB_ROOT_PASSWORD
  119. ```
  120. ```mysql
  121. drop database jumpserver;
  122. create database jumpserver default charset 'utf8';
  123. exit
  124. exit
  125. ```
  126. ```sh
  127. # /opt/jumpserver.sql 为旧版本数据库
  128. ./jmsctl.sh restore_db /opt/jumpserver.sql
  129. ```
  130. ```nginx
  131. 开始还原数据库: /opt/jumpserver.sql
  132. mysql: [Warning] Using a password on the command line interface can be insecure.
  133. 数据库恢复成功!
  134. ```
  135. ```sh
  136. ./jmsctl.sh start
  137. ```
  138. === "使用新的外置数据库"
  139. ```sh
  140. # 登录外置数据库操作
  141. mysql -h192.168.100.11 -P3306 -ujumpserver -pweakPassword
  142. ```
  143. ```mysql
  144. create database jumpserver default charset 'utf8';
  145. create user 'jumpserver'@'%' identified by 'weakPassword';
  146. grant all on jumpserver.* to 'jumpserver'@'%';
  147. flush privileges;
  148. exit
  149. ```
  150. ```sh
  151. ./jmsctl.sh install
  152. ```
  153. ```nginx hl_lines="31 48 57 61-66 70-73 77"
  154. ██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
  155. ██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
  156. ██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
  157. ██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
  158. ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
  159. ╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
  160. Version: {{ jumpserver.tag }}
  161. 1. 检查配置文件
  162. 配置文件位置: /opt/jumpserver/config
  163. /opt/jumpserver/config/config.txt [ √ ]
  164. /opt/jumpserver/config/nginx/lb_rdp_server.conf [ √ ]
  165. /opt/jumpserver/config/nginx/lb_ssh_server.conf [ √ ]
  166. /opt/jumpserver/config/nginx/cert/server.crt [ √ ]
  167. /opt/jumpserver/config/nginx/cert/server.key [ √ ]
  168. 完成
  169. 2. 备份配置文件
  170. 备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  171. 完成
  172. >>> 安装配置 Docker
  173. 1. 安装 Docker
  174. 开始下载 Docker 程序 ...
  175. 开始下载 Docker Compose 程序 ...
  176. 完成
  177. 2. 配置 Docker
  178. 是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n) (默认为 n): n
  179. 完成
  180. 3. 启动 Docker
  181. Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  182. 完成
  183. >>> 加载 Docker 镜像
  184. Docker: Pulling from jumpserver/core:{{ jumpserver.tag }} [ OK ]
  185. Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }} [ OK ]
  186. Docker: Pulling from jumpserver/web:{{ jumpserver.tag }} [ OK ]
  187. Docker: Pulling from jumpserver/redis:6-alpine [ OK ]
  188. Docker: Pulling from jumpserver/mysql:5 [ OK ]
  189. Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }} [ OK ]
  190. >>> 安装配置 JumpServer
  191. 1. 配置网络
  192. 是否需要支持 IPv6? (y/n) (默认为 n): n
  193. 完成
  194. 2. 配置加密密钥
  195. SECRETE_KEY: YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  196. BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  197. 完成
  198. 3. 配置持久化目录
  199. 是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n) (默认为 n): n
  200. 完成
  201. 4. 配置 MySQL
  202. 是否使用外部 MySQL? (y/n) (默认为 n): y
  203. 请输入 MySQL 的主机地址 (无默认值): 192.168.100.11
  204. 请输入 MySQL 的端口 (默认为 3306): 3306
  205. 请输入 MySQL 的数据库 (默认为 jumpserver): jumpserver
  206. 请输入 MySQL 的用户名 (无默认值): jumpserver
  207. 请输入 MySQL 的密码 (无默认值): weakPassword
  208. 完成
  209. 5. 配置 Redis
  210. 是否使用外部 Redis? (y/n) (默认为 n): y
  211. 请输入 Redis 的主机地址 (无默认值): 192.168.100.11
  212. 请输入 Redis 的端口 (默认为 6379): 6379
  213. 请输入 Redis 的密码 (无默认值): weakPassword
  214. 完成
  215. 6. 配置对外端口
  216. 是否需要配置 JumpServer 对外访问端口? (y/n) (默认为 n): n
  217. 完成
  218. 7. 初始化数据库
  219. Creating network "jms_net" with driver "bridge"
  220. Creating jms_redis ... done
  221. 2021-07-15 22:39:52 Collect static files
  222. 2021-07-15 22:39:52 Collect static files done
  223. 2021-07-15 22:39:52 Check database structure change ...
  224. 2021-07-15 22:39:52 Migrate model change to database ...
  225. 475 static files copied to '/opt/jumpserver/data/static'.
  226. Operations to perform:
  227. Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  228. Running migrations:
  229. Applying contenttypes.0001_initial... OK
  230. Applying contenttypes.0002_remove_content_type_name... OK
  231. Applying auth.0001_initial... OK
  232. Applying auth.0002_alter_permission_name_max_length... OK
  233. Applying auth.0003_alter_user_email_max_length... OK
  234. Applying auth.0004_alter_user_username_opts... OK
  235. Applying auth.0005_alter_user_last_login_null... OK
  236. Applying auth.0006_require_contenttypes_0002... OK
  237. Applying auth.0007_alter_validators_add_error_messages... OK
  238. Applying auth.0008_alter_user_username_max_length... OK
  239. ...
  240. Applying sessions.0001_initial... OK
  241. Applying terminal.0032_auto_20210302_1853... OK
  242. Applying terminal.0033_auto_20210324_1008... OK
  243. Applying terminal.0034_auto_20210406_1434... OK
  244. Applying terminal.0035_auto_20210517_1448... OK
  245. Applying terminal.0036_auto_20210604_1124... OK
  246. Applying terminal.0037_auto_20210623_1748... OK
  247. Applying tickets.0008_auto_20210311_1113... OK
  248. Applying tickets.0009_auto_20210426_1720... OK
  249. >>> 安装完成了
  250. 1. 可以使用如下命令启动, 然后访问
  251. cd /root/jumpserver-installer-{{ jumpserver.tag }}
  252. ./jmsctl.sh start
  253. 2. 其它一些管理命令
  254. ./jmsctl.sh stop
  255. ./jmsctl.sh restart
  256. ./jmsctl.sh backup
  257. ./jmsctl.sh upgrade
  258. 更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  259. 3. Web 访问
  260. http://192.168.100.212:80
  261. 默认用户: admin 默认密码: admin
  262. 4. SSH/SFTP 访问
  263. ssh -p2222 admin@192.168.100.212
  264. sftp -P2222 admin@192.168.100.212
  265. 5. 更多信息
  266. 我们的官网: https://www.jumpserver.org/
  267. 我们的文档: https://docs.jumpserver.org/
  268. ```
  269. ```sh
  270. ./jmsctl.sh start
  271. ```
  272. ```nginx
  273. Creating network "jms_net" with driver "bridge"
  274. Creating jms_core ... done
  275. Creating jms_celery ... done
  276. Creating jms_koko ... done
  277. Creating jms_magnus ... done
  278. Creating jms_web ... done
  279. ```
  280. === "使用旧的外置数据库"
  281. ```sh
  282. # 如果之前使用的数据库符合版本要求, 可以直接使用 (注意备份)
  283. ./jmsctl.sh install
  284. ```
  285. ```nginx hl_lines="31 48 57 61-66 70-73 77"
  286. ██╗██╗ ██╗███╗ ███╗██████╗ ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗
  287. ██║██║ ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
  288. ██║██║ ██║██╔████╔██║██████╔╝███████╗█████╗ ██████╔╝██║ ██║█████╗ ██████╔╝
  289. ██ ██║██║ ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██╔══╝ ██╔══██╗
  290. ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║
  291. ╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝
  292. Version: {{ jumpserver.tag }}
  293. 1. 检查配置文件
  294. 配置文件位置: /opt/jumpserver/config
  295. /opt/jumpserver/config/config.txt [ √ ]
  296. /opt/jumpserver/config/nginx/lb_rdp_server.conf [ √ ]
  297. /opt/jumpserver/config/nginx/lb_ssh_server.conf [ √ ]
  298. /opt/jumpserver/config/nginx/cert/server.crt [ √ ]
  299. /opt/jumpserver/config/nginx/cert/server.key [ √ ]
  300. 完成
  301. 2. 备份配置文件
  302. 备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  303. 完成
  304. >>> 安装配置 Docker
  305. 1. 安装 Docker
  306. 开始下载 Docker 程序 ...
  307. 开始下载 Docker Compose 程序 ...
  308. 完成
  309. 2. 配置 Docker
  310. 是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n) (默认为 n): n
  311. 完成
  312. 3. 启动 Docker
  313. Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  314. 完成
  315. >>> 加载 Docker 镜像
  316. Docker: Pulling from jumpserver/core:{{ jumpserver.tag }} [ OK ]
  317. Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }} [ OK ]
  318. Docker: Pulling from jumpserver/web:{{ jumpserver.tag }} [ OK ]
  319. Docker: Pulling from jumpserver/redis:6-alpine [ OK ]
  320. Docker: Pulling from jumpserver/mysql:5 [ OK ]
  321. Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }} [ OK ]
  322. >>> 安装配置 JumpServer
  323. 1. 配置网络
  324. 是否需要支持 IPv6? (y/n) (默认为 n): n
  325. 完成
  326. 2. 配置加密密钥
  327. SECRETE_KEY: YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  328. BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  329. 完成
  330. 3. 配置持久化目录
  331. 是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n) (默认为 n): n
  332. 完成
  333. 4. 配置 MySQL
  334. 是否使用外部 MySQL? (y/n) (默认为 n): y
  335. 请输入 MySQL 的主机地址 (无默认值): 192.168.100.11
  336. 请输入 MySQL 的端口 (默认为 3306): 3306
  337. 请输入 MySQL 的数据库 (默认为 jumpserver): jumpserver
  338. 请输入 MySQL 的用户名 (无默认值): jumpserver
  339. 请输入 MySQL 的密码 (无默认值): weakPassword
  340. 完成
  341. 5. 配置 Redis
  342. 是否使用外部 Redis? (y/n) (默认为 n): y
  343. 请输入 Redis 的主机地址 (无默认值): 192.168.100.11
  344. 请输入 Redis 的端口 (默认为 6379): 6379
  345. 请输入 Redis 的密码 (无默认值): weakPassword
  346. 完成
  347. 6. 配置对外端口
  348. 是否需要配置 JumpServer 对外访问端口? (y/n) (默认为 n): n
  349. 完成
  350. 7. 初始化数据库
  351. Creating network "jms_net" with driver "bridge"
  352. Creating jms_redis ... done
  353. 2021-07-15 22:39:52 Collect static files
  354. 2021-07-15 22:39:52 Collect static files done
  355. 2021-07-15 22:39:52 Check database structure change ...
  356. 2021-07-15 22:39:52 Migrate model change to database ...
  357. 475 static files copied to '/opt/jumpserver/data/static'.
  358. Operations to perform:
  359. Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  360. Running migrations:
  361. Applying contenttypes.0001_initial... OK
  362. Applying contenttypes.0002_remove_content_type_name... OK
  363. Applying auth.0001_initial... OK
  364. Applying auth.0002_alter_permission_name_max_length... OK
  365. Applying auth.0003_alter_user_email_max_length... OK
  366. Applying auth.0004_alter_user_username_opts... OK
  367. Applying auth.0005_alter_user_last_login_null... OK
  368. Applying auth.0006_require_contenttypes_0002... OK
  369. Applying auth.0007_alter_validators_add_error_messages... OK
  370. Applying auth.0008_alter_user_username_max_length... OK
  371. ...
  372. Applying sessions.0001_initial... OK
  373. Applying terminal.0032_auto_20210302_1853... OK
  374. Applying terminal.0033_auto_20210324_1008... OK
  375. Applying terminal.0034_auto_20210406_1434... OK
  376. Applying terminal.0035_auto_20210517_1448... OK
  377. Applying terminal.0036_auto_20210604_1124... OK
  378. Applying terminal.0037_auto_20210623_1748... OK
  379. Applying tickets.0008_auto_20210311_1113... OK
  380. Applying tickets.0009_auto_20210426_1720... OK
  381. >>> 安装完成了
  382. 1. 可以使用如下命令启动, 然后访问
  383. cd /root/jumpserver-installer-{{ jumpserver.tag }}
  384. ./jmsctl.sh start
  385. 2. 其它一些管理命令
  386. ./jmsctl.sh stop
  387. ./jmsctl.sh restart
  388. ./jmsctl.sh backup
  389. ./jmsctl.sh upgrade
  390. 更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  391. 3. Web 访问
  392. http://192.168.100.212:80
  393. 默认用户: admin 默认密码: admin
  394. 4. SSH/SFTP 访问
  395. ssh -p2222 admin@192.168.100.212
  396. sftp -P2222 admin@192.168.100.212
  397. 5. 更多信息
  398. 我们的官网: https://www.jumpserver.org/
  399. 我们的文档: https://docs.jumpserver.org/
  400. ```
  401. ```sh
  402. ./jmsctl.sh start
  403. ```
  404. ```nginx
  405. Creating network "jms_net" with driver "bridge"
  406. Creating jms_core ... done
  407. Creating jms_celery ... done
  408. Creating jms_koko ... done
  409. Creating jms_magnus ... done
  410. Creating jms_web ... done
  411. ```