Jumpserver自动安装脚本

共6083个字

#!/bin/bash
# coding: utf-8
#

set -e

echo -e "\033[31m 本脚本仅用于测试环境使用 \033[0m"
echo -e "\033[31m 目前仅支持CentOS 7系统 \033[0m"
echo -e "\033[31m 请确定你当前的网络正常 \033[0m"
echo -e "\033[31m 本程序将于10秒后开始运行,祝您好运! \033[0m"

sleep 10s

setenforce 0 || true
sed -i "s/enforcing/disabled/g" \`grep enforcing -rl /etc/selinux/config` || true
systemctl stop iptables.service || true
systemctl stop firewalld.service || true
systemctl disable iptables.service || true
systemctl disable firewalld.service || true

if [ ! -f "/etc/locale.conf" ]; then
localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 && export LC_ALL=zh_CN.UTF-8 && echo 'LANG=zh_CN.UTF-8' > /etc/locale.conf
fi

sleep 5s

yum -y update || true
yum -y install vim wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git || true
yum -y install mariadb mariadb-devel mariadb-server || true
yum -y install nginx redis || true

sleep 5s

systemctl enable mariadb && systemctl enable nginx && systemctl enable redis || true
systemctl restart mariadb && systemctl restart redis || true

sleep 5s

rm -rf /opt/*
if [ ! -f "jumpserver.tar.gz" ]; then
cd /opt  || true
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz || true
git clone --depth=1 https://github.com/jumpserver/jumpserver.git || true
git clone https://github.com/jumpserver/coco.git || true
wget https://github.com/jumpserver/luna/releases/download/v1.0.0/luna.tar.gz || true
tar xvf Python-3.6.1.tar.xz && tar xvf luna.tar.gz || true
chown -R root:root luna || true
else
tar zxf jumpserver.tar.gz -C /opt || true
fi

sleep 5s

cd /opt/jumpserver && git checkout master && git pull || true
cd /opt/coco && git checkout master && git pull || true
cd /opt/Python-3.6.1 && ./configure && make && make install || true

sleep 5s

cd /opt || true
python3 -m venv py3 || true
source /opt/py3/bin/activate || true
yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt) && yum -y install $(cat /opt/coco/requirements/rpm_requirements.txt) || true
pip install --upgrade pip && pip install -r /opt/jumpserver/requirements/requirements.txt &&  pip install -r /opt/coco/requirements/requirements.txt || true

sleep 5s

if [ ! -d "/var/lib/mysql/jumpserver" ]; then
mysql -uroot -e "
create database jumpserver default charset 'utf8';
grant all on jumpserver.\* to 'jumpserver'@'127.0.0.1' identified by 'somepassword';
flush privileges;
quit"
else
mysql -uroot -e "
drop database jumpserver;
drop user jumpserver@127.0.0.1;
flush privileges;
create database jumpserver default charset 'utf8';
grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'somepassword';
flush privileges;
quit"
fi

sleep 5s

cd /opt || true
if [ ! -f "/opt/jumpserver/config.py" ]; then
cp /opt/jumpserver/config_example.py /opt/jumpserver/config.py || true
else
rm -rf /opt/jumpserver/config.py || true
cp /opt/jumpserver/config_example.py /opt/jumpserver/config.py || true
fi

if [ ! -f "/opt/coco/conf.py" ]; then
cp /opt/coco/conf_example.py /opt/coco/conf.py || true
else
rm -rf /opt/coco/conf.py || true
cp /opt/coco/conf_example.py /opt/coco/conf.py || true
fi

sleep 5s

sed -i "s/DB_ENGINE = 'sqlite3'/# DB_ENGINE = 'sqlite3'/g" \`grep "DB_ENGINE = 'sqlite3'" -rl /opt/jumpserver/config.py` || true

sed -i "s/DB_NAME = os.path.join/# DB_NAME = os.path.join/g" \`grep "DB_NAME = os.path.join" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_ENGINE = 'mysql'/DB_ENGINE = 'mysql'/g" `grep "# DB_ENGINE = 'mysql'" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_HOST = '127.0.0.1'/DB_HOST = '127.0.0.1'/g" `grep "# DB_HOST = '127.0.0.1'" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_PORT = 3306/DB_PORT = 3306/g" `grep "# DB_PORT = 3306" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_USER = 'root'/DB_USER = 'jumpserver'/g" `grep "# DB_USER = 'root'" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_PASSWORD = ''/DB_PASSWORD = 'somepassword'/g" `grep "# DB_PASSWORD = ''" -rl /opt/jumpserver/config.py` || true
sed -i "s/# DB_NAME = 'jumpserver'/DB_NAME = 'jumpserver'/g" `grep "# DB_NAME = 'jumpserver'" -rl /opt/jumpserver/config.py` || true

sleep 5s

cd /opt/jumpserver/utils && bash make_migrations.sh || true
cd /opt  || true

sleep 5s

rm -rf /etc/nginx/nginx.conf

cat << EOF > /etc/nginx/nginx.conf
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '\$remote_addr - $remote_user [\$time_local] "\$request" '
                      '\$status $body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

    proxy_set_header X-Real-IP \$remote_addr;
       proxy_set_header Host \$host;
    proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;

    location /luna/ {
        try_files \$uri / /index.html;
        alias /opt/luna/;
    }

    location /media/ {
        add_header Content-Encoding gzip;
        root /opt/jumpserver/data/;
    }

    location /static/ {
        root /opt/jumpserver/data/;
    }

    location /socket.io/ {
        proxy_pass       http://localhost:5000/socket.io/;  # 如果coco安装在别的服务器,请填写它的ip
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade \$http_upgrade;
        proxy_set_header Connection "upgrade";
    }

    location /guacamole/ {
        proxy_pass       http://localhost:8081/;  # 如果guacamole安装在别的服务器,请填写它的ip
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        proxy_set_header Upgrade \$http_upgrade;
        proxy_set_header Connection \$http_connection;
        access_log off;
    }

    location / {
        proxy_pass http://localhost:8080;  # 如果jumpserver安装在别的服务器,请填写它的ip
    }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
}

EOF

sleep 5s

systemctl restart nginx || true

cat << EOF > /opt/start_jms.sh
#!/bin/bash

sleep 5
source /opt/py3/bin/activate || true
cd /opt/jumpserver || true
./jms restart -d || true
sleep 15
cd /opt/coco || true
./cocod restart -d || true
exit 0
EOF

sleep 5s
chmod +x /opt/start_jms.sh
chmod +x /etc/rc.local || true
echo "bash /opt/start_jms.sh" >> /etc/rc.local || true

cd /opt && ./start_jms.sh

exit 0

链接:https://pan.baidu.com/s/1Casz3fZotqe0Pt5qjvulbA

❤ 喜欢 0

5条回应:“Jumpserver自动安装脚本”

  1. Hello! Do you use Twitter? I’d like to follow you if that would be okay.
    I’m absolutely enjoying your blog and look forward
    to new updates.

  2. Excellent post. Keep writing such kind of information on your page.
    Im really impressed by it.
    Hi there, You’ve done an excellent job. I’ll certainly digg it and for my part suggest to my friends.
    I am sure they will be benefited from this website.

  3. I needed to thank you for this good read!! I absolutely loved every
    little bit of it. I have you book-marked to look at new things you post…

  4. Hey there would you mind letting me know which hosting
    company you’re working with? I’ve loaded your blog in 3 completely different internet browsers
    and I must say this blog loads a lot faster then most.

    Can you recommend a good internet hosting provider at a honest
    price? Thanks a lot, I appreciate it!

发表评论

必填项已用*标注

归档于 Cent OS