2. 技术
    3. 81-CentOS-jumpserver自动化部署脚本

    81-CentOS-jumpserver自动化部署脚本

    技术2023-09-13  104

    目录

    参考信息部署开始

    参考信息

    当前版本:CentOS7.7

    ..Jumpserver服务器10.20.0.16资产主机10.20.0.15

    #执行脚本前请确保Jumpserver服务器 #请确保网络配置正常,能够连接外网 #自动化部署脚本quick_start内容如下

    #!/bin/bash # which wget >/dev/null 2>&1 if [ $? -ne 0 ];then yum install -y wget fi which git >/dev/null 2>&1 if [ $? -ne 0 ];then yum install -y git fi if [ ! -d "/opt/setuptools" ]; then wget -qO /opt/setuptools.tar.gz http://demo.jumpserver.org/download/setuptools.tar.gz tar -xf /opt/setuptools.tar.gz -C /opt rm -rf /opt/setuptools.tar.gz fi cd /opt/setuptools git pull if [ ! -f "/opt/setuptools/config.conf" ]; then cp config_example.conf config.conf fi ./jmsctl.sh install

    setuptools.tar.gz 下载链接 链接:https://pan.baidu.com/s/17WXQDQc13g2FQUJbb3Ja2w 提取码:jp3z

    [root@C7-6 data]# cat /opt/setuptools/jmsctl.sh #!/usr/bin/env bash # BASE_DIR=$(cd "$(dirname "$0")";pwd) PROJECT_DIR=${BASE_DIR} SCRIPT_DIR=${BASE_DIR}/scripts action=$1 target=$2 if [ ! -f "$PROJECT_DIR/config.conf" ]; then echo -e "Error: No config file found." echo -e "You can run 'cp config_example.conf config.conf', and edit it." exit 1 fi source ${PROJECT_DIR}/config.conf function usage() { echo "JumpServer 部署安装脚本" echo echo "Usage: " echo " jmsctl [COMMAND] ..." echo " jmsctl --help" echo echo "Commands: " echo " install 安装 JumpServer" echo " start 启动 JumpServer" echo " stop 停止 JumpServer" echo " restart 重启 JumpServer" echo " status 检查 JumpServer" echo " uninstall 卸载 JumpServer" echo " upgrade 升级 JumpServer" echo " reset 重置组件" } function main() { case "${action}" in install) bash ${SCRIPT_DIR}/install.sh ;; uninstall) bash ${SCRIPT_DIR}/uninstall.sh ;; upgrade) bash ${SCRIPT_DIR}/upgrade.sh ;; start) bash ${SCRIPT_DIR}/start.sh ;; stop) bash ${SCRIPT_DIR}/stop.sh ;; restart) bash ${SCRIPT_DIR}/stop.sh bash ${SCRIPT_DIR}/start.sh ;; status) bash ${SCRIPT_DIR}/install_status.sh ;; reset) if [ ! $target ]; then echo -e "Usage: jmsctl reset COMMAND\n" echo -e "Commands:" echo -e " koko 重置 koko" echo -e " guacamole 重置 guacamole" exit 1 else bash ${SCRIPT_DIR}/reset.sh $target fi ;; --help) usage ;; -h) usage ;; *) echo -e "jmsctl: unknown COMMAND: '$action'" echo -e "See 'jmsctl --help' \n" usage esac } main

    部署开始

    [root@C7-6 data]# curl -sSL https://github.com/jumpserver/jumpserver/releases/download/2.0.1/quick_start.sh | sh ……………..# 脚本执行时间很长 Digest: sha256:3589e1d06c5dc169bf1ce256a82ab111604fa1597049fc6ec6d89e03b61baded Status: Downloaded newer image for jumpserver/jms_guacamole:2.0.1 24536f019fd8a9b94794bb09d6c33268dcf46d4e3c461cb4f79332db209cc25b MySQL Check ........................ [ OK ] Redis Check ........................ [ OK ] Ninx Check ........................ [ OK ] Py3 Check ........................ [ OK ] Core Check ........................ [ OK ] Koko Check ........................ [ OK ] Guaca. Check ........................ [ OK ] Jumpserver 安装成功! 默认登陆信息: http://10.20.0.16:80 username: admin password: admin [如果你是云服务器请在安全组放行 80 和 2222 端口]

    #登录 jumpserver web 界面 ,账户在上图可看

    #创建普通用户

    #创建管理用户 #管理用户应当是资产主机上的root管理员或者是在资产主机上拥有 NOPASSWD: ALL sudo 权限的用户 #jumpserver会使用该用户去推送系统用户以及获取资产硬件信息等,因此若该用户的密钥配置错误将会导致无法连接资产主机

    #创建系统用户 #该用户是jumpserver跳转登录资产主机时使用的用户

    #创建资产

    #资产授权

    #登录mahuateng 用户

    #返回admin用户,配置命令过滤

    #更新系统用户配置

    #登录mahuateng 用户

    Processed: 0.008, SQL: 9