迁移文档

  • 升级及迁移请保持 SECRET_KEY 与旧版本一致,否则会导致数据库加密数据无法解密。

1 迁移说明

  • 统一企业版本与开源版本安装方式,社区版可以无缝切换到企业版。
  • 今后只会维护此安装方式,其他安装方式不再提供技术支持。
  • 安装完成后配置文件在 /opt/jumpserver/config/config.txt

2 迁移步骤

2.1 数据库备份

  • 在 jumpserver/config.yml 文件中获取数据库信息如下:
  1. ```yaml
  2. DB_HOST: 127.0.0.1   # 数据库服务器 IP
  3. DB_PORT: 3306        # 数据库服务器 端口
  4. DB_USER: jumpserver  # 连接数据库的用户
  5. DB_PASSWORD: ******  # 连接数据库用户的密码
  6. DB_NAME: jumpserver  # JumpServer 使用的数据库
  7. # mysqldump -h<DB_HOST> -P<DB_PORT> -u<DB_USER> -p<DB_PASSWORD> <DB_NAME> > /opt/<DB_NAME>.sql
  8. ```

!!! tip “”

  1. - 选择与自己环境部署方式对应的数据库备份方式:
  3. === "installer 部署"
  4.     ```sh
  5.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  6.     cat /opt/jumpserver/config/config.txt | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  7.     ```
  8.     ```sh
  9.     ./jmsctl.sh backup_db
  10.     ```
  12. === "源码部署"
  13.     ```sh
  14.     cd /opt/koko
  15.     ./koko -s stop
  16.     # 更老的版本使用的 coco guacamole
  17.     # cd /opt/coco
  18.     # ./cocod stop
  19.     # /etc/init.d/guacd stop
  20.     # sh /config/tomcat9/bin/shutdown.sh
  21.     ```
  22.     ```sh
  23.     cd /opt/lion
  24.     ps aux | grep lion | awk '{print $2}' | xargs kill -9
  25.     ```
  26.     ```sh
  27.     cd /opt/jumpserver
  29.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  30.     cat config.yml | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  31.     ```
  32.     ```sh
  33.     source /opt/py3/bin/activate
  34.     ./jms stop
  35.     ```
  36.     ```sh
  37.     cd /opt
  38.     mv /opt/jumpserver /opt/jumpserver_bak
  39.     ```
  40.     ```sh
  41.     mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  42.     ```
  44. === "组件容器化部署"
  45.     ```sh
  46.     docker stop jms_koko jms_lion     
  47.     docker rm jms_koko jms_lion     
  48.     # 更老的版本使用的 coco guacamole
  49.     # docker stop jms_coco jms_guacamole
  50.     # docker rm jms_coco jms_guacamole
  51.     ```
  52.     ```sh
  53.     cd /opt/jumpserver
  55.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  56.     cat config.yml | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  57.     ```
  58.     ```sh
  59.     source /opt/py3/bin/activate
  60.     ./jms stop
  61.     ```
  62.     ```sh
  63.     cd /opt
  64.     mv /opt/jumpserver /opt/jumpserver_bak
  65.     ```
  66.     ```sh
  67.     mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  68.     ```
  70. === "setuptools 脚本部署"
  71.     ```sh
  72.     cd /opt/setuptools
  74.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  75.     cat config.conf | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  76.     ```
  77.     ```sh
  78.     ./jmsctl.sh stop
  79.     docker rm jms_koko jms_guacamole
  80.     systemctl disable jms_core
  81.     mv /opt/jumpserver /opt/jumpserver_bak
  82.     ```
  83.     ```sh
  84.     mysqldump -h127.0.0.1 -P3306 -ujumpserver -p jumpserver > /opt/jumpserver.sql
  85.     ```
  87. === "docker 部署"
  88.     ```sh
  89.     docker cp jms_all:/opt/jumpserver /opt/jumpserver_bak
  91.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  92.     docker exec -it jms_all env | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  93.     ```
  94.     ```sh
  95.     docker exec -it jms_all /bin/bash
  96.     mysqldump -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /opt/jumpserver.sql
  97.     exit
  98.     ```
  99.     ```sh
  100.     docker cp jms_all:/opt/jumpserver.sql /opt
  101.     docker stop jms_all
  102.     ```
  104. === "docker-compose 部署"
  105.     ```sh
  106.     docker cp jms_core:/opt/jumpserver /opt/jumpserver_bak
  108.     # 记录 SECRET_KEY 和 BOOTSTRAP_TOKEN
  109.     docker exec -it jms_core env | egrep "SECRET_KEY|BOOTSTRAP_TOKEN"
  110.     ```
  111.     ```sh
  112.     docker exec -it jms_mysql /bin/bash
  113.     mysqldump -uroot jumpserver > /opt/jumpserver.sql
  114.     exit
  115.     ```
  116.     ```sh
  117.     docker cp jms_mysql:/opt/jumpserver.sql /opt
  118.     cd /opt/Dockerfile
  119.     docker-compose stop
  120.     ```

2.2 修改数据库字符集

!!! tip “”

  1. - 如果你不需要或不想处理数据库字符集可以跳过此步骤, 保证迁移前后的数据库字符集一样即可。
  3. ```sh
  4. if grep -q 'COLLATE=utf8_bin' /opt/jumpserver.sql; then
  5.     cp /opt/jumpserver.sql /opt/jumpserver_bak.sql
  6.     sed -i 's@ COLLATE=utf8_bin@@g' /opt/jumpserver.sql
  7.     sed -i 's@ COLLATE utf8_bin@@g' /opt/jumpserver.sql
  8. else
  9.     echo "备份数据库字符集正确";
  10. fi
  11. ```

2.3 下载 jumpserver-install

!!! tip “”

  1. ```sh
  2. cd /opt
  3. yum -y install wget
  4. wget https://github.com/jumpserver/installer/releases/download/{{ jumpserver.tag }}/jumpserver-installer-{{ jumpserver.tag }}.tar.gz
  5. tar -xf jumpserver-installer-{{ jumpserver.tag }}.tar.gz
  6. cd jumpserver-installer-{{ jumpserver.tag }}
  7. ```

2.4 编辑临时配置文件

!!! tip “” 

  1. ```sh
  2. vi config-example.txt
  3. ```
  4. ```vim hl_lines="3 9-10"
  5. # 修改下面选项, 其他保持默认
  6. ### 数据持久化目录, 安装完成后请勿随意更改, 可以使用其他目录如: /data/jumpserver
  7. VOLUME_DIR=/opt/jumpserver
  9. ### 注意: SECRET_KEY 与旧版本不一致, 加密的数据将无法解密
  11. # Core 配置
  12. ### 启动后不能再修改,否则密码等等信息无法解密
  13. SECRET_KEY=                           # 从旧版本的配置文件获取后填入 (*)
  14. BOOTSTRAP_TOKEN=                      # 从旧版本的配置文件获取后填入 (*)
  15. LOG_LEVEL=ERROR
  16. # SESSION_COOKIE_AGE=86400
  17. SESSION_EXPIRE_AT_BROWSER_CLOSE=True  # 关闭浏览器后 session 过期
  18. ```

2.5 开始部署 JumpServer

!!! tip “”

  1. - 选择与自己数据库环境对应的部署方式。
  3. === "使用新的内置数据库"
  4.     ```sh
  5.     ./jmsctl.sh install
  6.     ```
  7.     ```nginx hl_lines="31 48 57 61 65 69"
  9.            ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
  10.            ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
  11.            ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
  12.       ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
  13.       ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
  14.        ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝
  16.                                                                          Version:  {{ jumpserver.tag }}
  19.     1. 检查配置文件
  20.     配置文件位置: /opt/jumpserver/config
  21.     /opt/jumpserver/config/config.txt  [ √ ]
  22.     /opt/jumpserver/config/nginx/lb_rdp_server.conf  [ √ ]
  23.     /opt/jumpserver/config/nginx/lb_ssh_server.conf  [ √ ]
  24.     /opt/jumpserver/config/nginx/cert/server.crt  [ √ ]
  25.     /opt/jumpserver/config/nginx/cert/server.key  [ √ ]
  26.     完成
  28.     2. 备份配置文件
  29.     备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  30.     完成
  32.     >>> 安装配置 Docker
  33.     1. 安装 Docker
  34.     开始下载 Docker 程序 ...
  35.     开始下载 Docker Compose 程序 ...
  36.     完成
  38.     2. 配置 Docker
  39.     是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n)  (默认为 n): n
  40.     完成
  42.     3. 启动 Docker
  43.     Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  44.     完成
  46.     >>> 加载 Docker 镜像
  47.     Docker: Pulling from jumpserver/core:{{ jumpserver.tag }}         [ OK ]
  48.     Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }}         [ OK ]
  49.     Docker: Pulling from jumpserver/web:{{ jumpserver.tag }}          [ OK ]
  50.     Docker: Pulling from jumpserver/redis:6-alpine      [ OK ]
  51.     Docker: Pulling from jumpserver/mysql:5             [ OK ]
  52.     Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }}         [ OK ]
  54.     >>> 安装配置 JumpServer
  55.     1. 配置网络
  56.     是否需要支持 IPv6? (y/n)  (默认为 n): n
  57.     完成
  59.     2. 配置加密密钥
  60.     SECRETE_KEY:     YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  61.     BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  62.     完成
  64.     3. 配置持久化目录
  65.     是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n)  (默认为 n): n
  66.     完成
  68.     4. 配置 MySQL
  69.     是否使用外部 MySQL? (y/n)  (默认为 n): n
  70.     完成
  72.     5. 配置 Redis
  73.     是否使用外部 Redis? (y/n)  (默认为 n): n
  74.     完成
  76.     6. 配置对外端口
  77.     是否需要配置 JumpServer 对外访问端口? (y/n)  (默认为 n): n
  78.     完成
  80.     7. 初始化数据库
  81.     Creating network "jms_net" with driver "bridge"
  82.     Creating jms_mysql ... done
  83.     Creating jms_redis ... done
  84.     2021-07-15 22:39:52 Collect static files
  85.     2021-07-15 22:39:52 Collect static files done
  86.     2021-07-15 22:39:52 Check database structure change ...
  87.     2021-07-15 22:39:52 Migrate model change to database ...
  89.     475 static files copied to '/opt/jumpserver/data/static'.
  90.     Operations to perform:
  91.       Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  92.     Running migrations:
  93.       Applying contenttypes.0001_initial... OK
  94.       Applying contenttypes.0002_remove_content_type_name... OK
  95.       Applying auth.0001_initial... OK
  96.       Applying auth.0002_alter_permission_name_max_length... OK
  97.       Applying auth.0003_alter_user_email_max_length... OK
  98.       Applying auth.0004_alter_user_username_opts... OK
  99.       Applying auth.0005_alter_user_last_login_null... OK
  100.       Applying auth.0006_require_contenttypes_0002... OK
  101.       Applying auth.0007_alter_validators_add_error_messages... OK
  102.       Applying auth.0008_alter_user_username_max_length... OK
  103.       ...
  104.       Applying sessions.0001_initial... OK
  105.       Applying terminal.0032_auto_20210302_1853... OK
  106.       Applying terminal.0033_auto_20210324_1008... OK
  107.       Applying terminal.0034_auto_20210406_1434... OK
  108.       Applying terminal.0035_auto_20210517_1448... OK
  109.       Applying terminal.0036_auto_20210604_1124... OK
  110.       Applying terminal.0037_auto_20210623_1748... OK
  111.       Applying tickets.0008_auto_20210311_1113... OK
  112.       Applying tickets.0009_auto_20210426_1720... OK
  114.     >>> 安装完成了
  115.     1. 可以使用如下命令启动, 然后访问
  116.     cd /root/jumpserver-installer-{{ jumpserver.tag }}
  117.     ./jmsctl.sh start
  119.     2. 其它一些管理命令
  120.     ./jmsctl.sh stop
  121.     ./jmsctl.sh restart
  122.     ./jmsctl.sh backup
  123.     ./jmsctl.sh upgrade
  124.     更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  126.     3. Web 访问
  127.     http://192.168.100.212:80
  128.     默认用户: admin  默认密码: admin
  130.     4. SSH/SFTP 访问
  131.     ssh -p2222 admin@192.168.100.212
  132.     sftp -P2222 admin@192.168.100.212
  134.     5. 更多信息
  135.     我们的官网: https://www.jumpserver.org/
  136.     我们的文档: https://docs.jumpserver.org/
  137.     ```
  138.     ```sh
  139.     docker exec -it jms_mysql /bin/bash
  140.     # 如果变量 $MARIADB_ROOT_PASSWORD 不存在,请使用 $MYSQL_ROOT_PASSWORD
  141.     mysql -uroot -p$MARIADB_ROOT_PASSWORD
  142.     ```
  143.     ```mysql
  144.     drop database jumpserver;
  145.     create database jumpserver default charset 'utf8';
  146.     exit
  147.     exit
  148.     ```
  149.     ```sh
  150.     # /opt/jumpserver.sql 为旧版本数据库
  151.     ./jmsctl.sh restore_db /opt/jumpserver.sql
  152.     ```
  153.     ```nginx
  154.     开始还原数据库: /opt/jumpserver.sql
  155.     mysql: [Warning] Using a password on the command line interface can be insecure.
  156.     数据库恢复成功!
  157.     ```
  158.     ```sh
  159.     ./jmsctl.sh start
  160.     ```
  162. === "使用新的外置数据库"
  163.     ```sh
  164.     # 登录外置数据库操作
  165.     mysql -h192.168.100.11 -P3306 -ujumpserver -pweakPassword
  166.     ```
  167.     ```mysql
  168.     create database jumpserver default charset 'utf8';
  169.     create user 'jumpserver'@'%' identified by 'weakPassword';
  170.     grant all on jumpserver.* to 'jumpserver'@'%';
  171.     flush privileges;
  172.     exit
  173.     ```
  174.     ```sh
  175.     ./jmsctl.sh install
  176.     ```
  177.     ```nginx hl_lines="31 48 57 61-66 70-73 77"
  179.            ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
  180.            ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
  181.            ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
  182.       ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
  183.       ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
  184.        ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝
  186.                                                                          Version:  {{ jumpserver.tag }}
  189.     1. 检查配置文件
  190.     配置文件位置: /opt/jumpserver/config
  191.     /opt/jumpserver/config/config.txt  [ √ ]
  192.     /opt/jumpserver/config/nginx/lb_rdp_server.conf  [ √ ]
  193.     /opt/jumpserver/config/nginx/lb_ssh_server.conf  [ √ ]
  194.     /opt/jumpserver/config/nginx/cert/server.crt  [ √ ]
  195.     /opt/jumpserver/config/nginx/cert/server.key  [ √ ]
  196.     完成
  198.     2. 备份配置文件
  199.     备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  200.     完成
  202.     >>> 安装配置 Docker
  203.     1. 安装 Docker
  204.     开始下载 Docker 程序 ...
  205.     开始下载 Docker Compose 程序 ...
  206.     完成
  208.     2. 配置 Docker
  209.     是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n)  (默认为 n): n
  210.     完成
  212.     3. 启动 Docker
  213.     Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  214.     完成
  216.     >>> 加载 Docker 镜像
  217.     Docker: Pulling from jumpserver/core:{{ jumpserver.tag }}         [ OK ]
  218.     Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }}         [ OK ]
  219.     Docker: Pulling from jumpserver/web:{{ jumpserver.tag }}          [ OK ]
  220.     Docker: Pulling from jumpserver/redis:6-alpine      [ OK ]
  221.     Docker: Pulling from jumpserver/mysql:5             [ OK ]
  222.     Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }}         [ OK ]
  224.     >>> 安装配置 JumpServer
  225.     1. 配置网络
  226.     是否需要支持 IPv6? (y/n)  (默认为 n): n
  227.     完成
  229.     2. 配置加密密钥
  230.     SECRETE_KEY:     YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  231.     BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  232.     完成
  234.     3. 配置持久化目录
  235.     是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n)  (默认为 n): n
  236.     完成
  238.     4. 配置 MySQL
  239.     是否使用外部 MySQL? (y/n)  (默认为 n): y
  240.     请输入 MySQL 的主机地址 (无默认值): 192.168.100.11
  241.     请输入 MySQL 的端口 (默认为 3306): 3306
  242.     请输入 MySQL 的数据库 (默认为 jumpserver): jumpserver
  243.     请输入 MySQL 的用户名 (无默认值): jumpserver
  244.     请输入 MySQL 的密码 (无默认值): weakPassword
  245.     完成
  247.     5. 配置 Redis
  248.     是否使用外部 Redis? (y/n)  (默认为 n): y
  249.     请输入 Redis 的主机地址 (无默认值): 192.168.100.11
  250.     请输入 Redis 的端口 (默认为 6379): 6379
  251.     请输入 Redis 的密码 (无默认值): weakPassword
  252.     完成
  254.     6. 配置对外端口
  255.     是否需要配置 JumpServer 对外访问端口? (y/n)  (默认为 n): n
  256.     完成
  258.     7. 初始化数据库
  259.     Creating network "jms_net" with driver "bridge"
  260.     Creating jms_redis ... done
  261.     2021-07-15 22:39:52 Collect static files
  262.     2021-07-15 22:39:52 Collect static files done
  263.     2021-07-15 22:39:52 Check database structure change ...
  264.     2021-07-15 22:39:52 Migrate model change to database ...
  266.     475 static files copied to '/opt/jumpserver/data/static'.
  267.     Operations to perform:
  268.       Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  269.     Running migrations:
  270.       Applying contenttypes.0001_initial... OK
  271.       Applying contenttypes.0002_remove_content_type_name... OK
  272.       Applying auth.0001_initial... OK
  273.       Applying auth.0002_alter_permission_name_max_length... OK
  274.       Applying auth.0003_alter_user_email_max_length... OK
  275.       Applying auth.0004_alter_user_username_opts... OK
  276.       Applying auth.0005_alter_user_last_login_null... OK
  277.       Applying auth.0006_require_contenttypes_0002... OK
  278.       Applying auth.0007_alter_validators_add_error_messages... OK
  279.       Applying auth.0008_alter_user_username_max_length... OK
  280.       ...
  281.       Applying sessions.0001_initial... OK
  282.       Applying terminal.0032_auto_20210302_1853... OK
  283.       Applying terminal.0033_auto_20210324_1008... OK
  284.       Applying terminal.0034_auto_20210406_1434... OK
  285.       Applying terminal.0035_auto_20210517_1448... OK
  286.       Applying terminal.0036_auto_20210604_1124... OK
  287.       Applying terminal.0037_auto_20210623_1748... OK
  288.       Applying tickets.0008_auto_20210311_1113... OK
  289.       Applying tickets.0009_auto_20210426_1720... OK
  291.     >>> 安装完成了
  292.     1. 可以使用如下命令启动, 然后访问
  293.     cd /root/jumpserver-installer-{{ jumpserver.tag }}
  294.     ./jmsctl.sh start
  296.     2. 其它一些管理命令
  297.     ./jmsctl.sh stop
  298.     ./jmsctl.sh restart
  299.     ./jmsctl.sh backup
  300.     ./jmsctl.sh upgrade
  301.     更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  303.     3. Web 访问
  304.     http://192.168.100.212:80
  305.     默认用户: admin  默认密码: admin
  307.     4. SSH/SFTP 访问
  308.     ssh -p2222 admin@192.168.100.212
  309.     sftp -P2222 admin@192.168.100.212
  311.     5. 更多信息
  312.     我们的官网: https://www.jumpserver.org/
  313.     我们的文档: https://docs.jumpserver.org/
  314.     ```
  315.     ```sh
  316.     ./jmsctl.sh start
  317.     ```
  318.     ```nginx
  319.     Creating network "jms_net" with driver "bridge"
  320.     Creating jms_core      ... done
  321.     Creating jms_celery    ... done
  322.     Creating jms_koko      ... done
  323.     Creating jms_magnus    ... done
  324.     Creating jms_web       ... done
  325.     ```
  327. === "使用旧的外置数据库"
  328.     ```sh
  329.     # 如果之前使用的数据库符合版本要求, 可以直接使用 (注意备份)
  330.     ./jmsctl.sh install
  331.     ```
  332.     ```nginx hl_lines="31 48 57 61-66 70-73 77"
  334.            ██╗██╗   ██╗███╗   ███╗██████╗ ███████╗███████╗██████╗ ██╗   ██╗███████╗██████╗
  335.            ██║██║   ██║████╗ ████║██╔══██╗██╔════╝██╔════╝██╔══██╗██║   ██║██╔════╝██╔══██╗
  336.            ██║██║   ██║██╔████╔██║██████╔╝███████╗█████╗  ██████╔╝██║   ██║█████╗  ██████╔╝
  337.       ██   ██║██║   ██║██║╚██╔╝██║██╔═══╝ ╚════██║██╔══╝  ██╔══██╗╚██╗ ██╔╝██╔══╝  ██╔══██╗
  338.       ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║     ███████║███████╗██║  ██║ ╚████╔╝ ███████╗██║  ██║
  339.        ╚════╝  ╚═════╝ ╚═╝     ╚═╝╚═╝     ╚══════╝╚══════╝╚═╝  ╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝
  341.                                                                          Version:  {{ jumpserver.tag }}
  344.     1. 检查配置文件
  345.     配置文件位置: /opt/jumpserver/config
  346.     /opt/jumpserver/config/config.txt  [ √ ]
  347.     /opt/jumpserver/config/nginx/lb_rdp_server.conf  [ √ ]
  348.     /opt/jumpserver/config/nginx/lb_ssh_server.conf  [ √ ]
  349.     /opt/jumpserver/config/nginx/cert/server.crt  [ √ ]
  350.     /opt/jumpserver/config/nginx/cert/server.key  [ √ ]
  351.     完成
  353.     2. 备份配置文件
  354.     备份至 /opt/jumpserver/config/backup/config.txt.2021-07-15_22-26-13
  355.     完成
  357.     >>> 安装配置 Docker
  358.     1. 安装 Docker
  359.     开始下载 Docker 程序 ...
  360.     开始下载 Docker Compose 程序 ...
  361.     完成
  363.     2. 配置 Docker
  364.     是否需要自定义 docker 存储目录, 默认将使用目录 /var/lib/docker? (y/n)  (默认为 n): n
  365.     完成
  367.     3. 启动 Docker
  368.     Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /etc/systemd/system/docker.service.
  369.     完成
  371.     >>> 加载 Docker 镜像
  372.     Docker: Pulling from jumpserver/core:{{ jumpserver.tag }}         [ OK ]
  373.     Docker: Pulling from jumpserver/koko:{{ jumpserver.tag }}         [ OK ]
  374.     Docker: Pulling from jumpserver/web:{{ jumpserver.tag }}          [ OK ]
  375.     Docker: Pulling from jumpserver/redis:6-alpine      [ OK ]
  376.     Docker: Pulling from jumpserver/mysql:5             [ OK ]
  377.     Docker: Pulling from jumpserver/lion:{{ jumpserver.tag }}         [ OK ]
  379.     >>> 安装配置 JumpServer
  380.     1. 配置网络
  381.     是否需要支持 IPv6? (y/n)  (默认为 n): n
  382.     完成
  384.     2. 配置加密密钥
  385.     SECRETE_KEY:     YTE2YTVkMTMtMGE3MS00YzI5LWFlOWEtMTc2OWJlMmIyMDE2
  386.     BOOTSTRAP_TOKEN: YTE2YTVkMTMtMGE3
  387.     完成
  389.     3. 配置持久化目录
  390.     是否需要自定义持久化存储, 默认将使用目录 /opt/jumpserver? (y/n)  (默认为 n): n
  391.     完成
  393.     4. 配置 MySQL
  394.     是否使用外部 MySQL? (y/n)  (默认为 n): y
  395.     请输入 MySQL 的主机地址 (无默认值): 192.168.100.11
  396.     请输入 MySQL 的端口 (默认为 3306): 3306
  397.     请输入 MySQL 的数据库 (默认为 jumpserver): jumpserver
  398.     请输入 MySQL 的用户名 (无默认值): jumpserver
  399.     请输入 MySQL 的密码 (无默认值): weakPassword
  400.     完成
  402.     5. 配置 Redis
  403.     是否使用外部 Redis? (y/n)  (默认为 n): y
  404.     请输入 Redis 的主机地址 (无默认值): 192.168.100.11
  405.     请输入 Redis 的端口 (默认为 6379): 6379
  406.     请输入 Redis 的密码 (无默认值): weakPassword
  407.     完成
  409.     6. 配置对外端口
  410.     是否需要配置 JumpServer 对外访问端口? (y/n)  (默认为 n): n
  411.     完成
  413.     7. 初始化数据库
  414.     Creating network "jms_net" with driver "bridge"
  415.     Creating jms_redis ... done
  416.     2021-07-15 22:39:52 Collect static files
  417.     2021-07-15 22:39:52 Collect static files done
  418.     2021-07-15 22:39:52 Check database structure change ...
  419.     2021-07-15 22:39:52 Migrate model change to database ...
  421.     475 static files copied to '/opt/jumpserver/data/static'.
  422.     Operations to perform:
  423.       Apply all migrations: acls, admin, applications, assets, audits, auth, authentication, captcha, common, contenttypes, django_cas_ng, django_celery_beat, jms_oidc_rp, notifications, ops, orgs, perms, sessions, settings, terminal, tickets, users
  424.     Running migrations:
  425.       Applying contenttypes.0001_initial... OK
  426.       Applying contenttypes.0002_remove_content_type_name... OK
  427.       Applying auth.0001_initial... OK
  428.       Applying auth.0002_alter_permission_name_max_length... OK
  429.       Applying auth.0003_alter_user_email_max_length... OK
  430.       Applying auth.0004_alter_user_username_opts... OK
  431.       Applying auth.0005_alter_user_last_login_null... OK
  432.       Applying auth.0006_require_contenttypes_0002... OK
  433.       Applying auth.0007_alter_validators_add_error_messages... OK
  434.       Applying auth.0008_alter_user_username_max_length... OK
  435.       ...
  436.       Applying sessions.0001_initial... OK
  437.       Applying terminal.0032_auto_20210302_1853... OK
  438.       Applying terminal.0033_auto_20210324_1008... OK
  439.       Applying terminal.0034_auto_20210406_1434... OK
  440.       Applying terminal.0035_auto_20210517_1448... OK
  441.       Applying terminal.0036_auto_20210604_1124... OK
  442.       Applying terminal.0037_auto_20210623_1748... OK
  443.       Applying tickets.0008_auto_20210311_1113... OK
  444.       Applying tickets.0009_auto_20210426_1720... OK
  446.     >>> 安装完成了
  447.     1. 可以使用如下命令启动, 然后访问
  448.     cd /root/jumpserver-installer-{{ jumpserver.tag }}
  449.     ./jmsctl.sh start
  451.     2. 其它一些管理命令
  452.     ./jmsctl.sh stop
  453.     ./jmsctl.sh restart
  454.     ./jmsctl.sh backup
  455.     ./jmsctl.sh upgrade
  456.     更多还有一些命令, 你可以 ./jmsctl.sh --help 来了解
  458.     3. Web 访问
  459.     http://192.168.100.212:80
  460.     默认用户: admin  默认密码: admin
  462.     4. SSH/SFTP 访问
  463.     ssh -p2222 admin@192.168.100.212
  464.     sftp -P2222 admin@192.168.100.212
  466.     5. 更多信息
  467.     我们的官网: https://www.jumpserver.org/
  468.     我们的文档: https://docs.jumpserver.org/
  469.     ```
  470.     ```sh
  471.     ./jmsctl.sh start
  472.     ```
  473.     ```nginx
  474.     Creating network "jms_net" with driver "bridge"
  475.     Creating jms_core      ... done
  476.     Creating jms_celery    ... done
  477.     Creating jms_koko      ... done
  478.     Creating jms_magnus    ... done
  479.     Creating jms_web       ... done
  480.     ```