526互联

jumpserver部署

发布时间 2023-07-06 18:59:32作者: 雙_木

jumpserver部署

#环境要求
# 关闭防火墙和selinux
[root@localhost ~]# systemctl disable --now firewalld
[root@localhost ~]# systemctl disable --now firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vi /etc/selinux/config
SELINUX=disabled
# 安装相关工具
[root@localhost ~]# yum install -y --allowerasing wget curl tar gettext iptables
python3 gcc gcc-c++ make vim mariadb*
[root@localhost ~]# rpm -qa|grep mariadb
mariadb-java-client-2.2.5-3.el8.noarch
mariadb-common-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-connector-c-3.1.11-2.el8_3.x86_64
mariadb-gssapi-server-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-embedded-devel-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-connector-odbc-3.1.12-1.el8.x86_64
mariadb-oqgraph-engine-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-connector-c-config-3.1.11-2.el8_3.noarch
mariadb-errmsg-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-backup-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-server-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-connector-c-devel-3.1.11-2.el8_3.x86_64
mariadb-server-galera-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-test-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-embedded-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-server-utils-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
mariadb-devel-10.3.28-1.module_el8.3.0+757+d382997d.x86_64
# 设置数据库开机自启
[root@localhost ~]# systemctl enable --now mariadb
Created symlink /etc/systemd/system/mysql.service →
/usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service →
/usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service →
/usr/lib/systemd/system/mariadb.service.
# 设置数据库密码
[root@localhost ~]# mysql
源码安装redis
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> set password = password('1234');
Query OK, 0 rows affected (0.001 sec)
# 创建jumpserver数据库
[root@localhost ~]# mysql -urrot -p1234
ERROR 1045 (28000): Access denied for user 'rrot'@'localhost' (using password: YES)
[root@localhost ~]# mysql -uroot -p1234
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database jumpserver default charset 'utf8';
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| jumpserver |
| mysql |
| performance_schema |
+--------------------+
4 rows in set (0.001 sec)
MariaDB [(none)]> grant all on jumpserver.* to jumpserver@'%' identified by '1234';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)

源码安装redis

image-20230603173231495

# 解压缩
[root@localhost ~]# tar xf redis-7.0.11.tar.gz
[root@localhost ~]# ls
anaconda-ks.cfg redis-7.0.11 redis-7.0.11.tar.gz
[root@localhost ~]# cd redis-7.0.11
[root@localhost redis-7.0.11]# make -j 4
Hint: It's a good idea to run 'make test' ;)
make[1]: Leaving directory '/root/redis-7.0.11/src'
[root@localhost redis-7.0.11]# make test
cd src && make test
make[1]: Entering directory '/root/redis-7.0.11/src'
CC Makefile.dep
You need tcl 8.5 or newer in order to run the Redis test
make[1]: *** [Makefile:427: test] Error 1
make[1]: Leaving directory '/root/redis-7.0.11/src'
make: *** [Makefile:6: test] Error 2
# 安装tcl
[root@localhost ~]# yum -y install tcl tcl-devel
[root@localhost redis-7.0.11]# make test
All tests passed without errors!
Cleanup: may take some time... OK
make[1]: Leaving directory '/root/redis-7.0.11/src'
[root@localhost redis-7.0.11]# make install
cd src && make install
make[1]: Entering directory '/root/redis-7.0.11/src'
离线安装
上传安装包
Hint: It's a good idea to run 'make test' ;)
INSTALL redis-server
INSTALL redis-benchmark
INSTALL redis-cli
make[1]: Leaving directory '/root/redis-7.0.11/src'
[root@localhost ~]# which redis-server
/usr/local/bin/redis-server
# 修改redis.conf文件
修改这两处即可
[root@localhost ~]# cp redis-7.0.11/redis.conf /etc/
[root@localhost ~]# vim /etc/redis.conf
requirepass 1234
bind 0.0.0.0
# 后台运行
[root@localhost ~]# nohup redis-server /etc/redis.conf &
[1] 38076
[root@localhost ~]# nohup: ignoring input and appending output to 'nohup.out'
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 80 0.0.0.0:3306 0.0.0.0:*
LISTEN 0 128 0.0.0.0:6379 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*

image-20230603173446779

# 解压缩
[root@localhost opt]# ls
jumpserver-offline-installer-v3.3.1-amd64-322.tar.gz
[root@localhost opt]# tar xf jumpserver-offline-installer-v3.3.1-amd64-322.tar.gz
[root@localhost opt]# ls
jumpserver-offline-installer-v3.3.1-amd64-322
jumpserver-offline-installer-v3.3.1-amd64-322.tar.gz
# 修改config-example.txt文件
[root@localhost jumpserver-offline-installer-v3.3.1-amd64-322]# vim configexample.txt
DB_HOST=192.168.88.128
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=1234
DB_NAME=jumpserver
DB_USE_SSL=false
REDIS_HOST=192.168.88.128
REDIS_PORT=6379
REDIS_PASSWORD=1234
# 安装
[root@localhost jumpserver-offline-installer-v3.3.1-amd64-322]# ./jmsctl.sh install
>>> The Installation is Complete
1. You can use the following command to start, and then visit
cd /opt/jumpserver-offline-installer-v3.3.1-amd64-322
./jmsctl.sh start
2. Other management commands
./jmsctl.sh stop
./jmsctl.sh restart
./jmsctl.sh backup
./jmsctl.sh upgrade
For more commands, you can enter ./jmsctl.sh --help to understand
3. Web access
http://192.168.88.128:80
Default username: admin Default password: admin
4. SSH/SFTP access
ssh -p2222 admin@192.168.88.128
sftp -P2222 admin@192.168.88.128
5. More information
Official Website: https://www.jumpserver.org/
Documentation: https://docs.jumpserver.org/
# 启动
[root@localhost jumpserver-offline-installer-v3.3.1-amd64-322]# ./jmsctl.sh start
[+] Running 6/6
✔ Container jms_core Healthy
13.3s
✔ Container jms_web Started
15.5s
✔ Container jms_celery Started
15.6s
✔ Container jms_magnus Started
15.4s
✔ Container jms_lion Started
15.5s
✔ Container jms_koko Started
15.4s
[root@localhost ~]# ss -antl
State   Recv-Q  Send-Q     Local Address:Port      Peer Address:Port  Process  
LISTEN  0       128              0.0.0.0:33061          0.0.0.0:*              
LISTEN  0       128              0.0.0.0:33062          0.0.0.0:*              
LISTEN  0       128              0.0.0.0:2222           0.0.0.0:*              
LISTEN  0       128              0.0.0.0:63790          0.0.0.0:*              
LISTEN  0       128              0.0.0.0:80             0.0.0.0:*              
LISTEN  0       128              0.0.0.0:22             0.0.0.0:*              
LISTEN  0       128                 [::]:33061             [::]:*              
LISTEN  0       128                 [::]:33062             [::]:*              
LISTEN  0       128                 [::]:2222              [::]:*              
LISTEN  0       128                 [::]:63790             [::]:*              
LISTEN  0       128                 [::]:80                [::]:*              
LISTEN  0       128                 [::]:22                [::]:*

image-20230603173337334

image-20230603173413840