From 98a2957e2f2e548c271e0697e1bdda7f9eadf5e0 Mon Sep 17 00:00:00 2001
From: wojiushixiaobai <296015668@qq.com>
Date: Sat, 27 Oct 2018 17:23:18 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9B=B4=E6=96=B0=E6=96=87=E6=A1=A3?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
docs/distributed_01.rst | 11 +------
docs/distributed_06.rst | 63 +++++++++++++++++++++++++++++++--------
docs/setup_by_centos7.rst | 56 +++++++++++++++++++++++-----------
docs/setup_by_ubuntu.rst | 8 ++---
docs/step_by_step.rst | 10 +++----
5 files changed, 99 insertions(+), 49 deletions(-)
diff --git a/docs/distributed_01.rst b/docs/distributed_01.rst
index d00b08e9..1b54ced0 100644
--- a/docs/distributed_01.rst
+++ b/docs/distributed_01.rst
@@ -17,16 +17,7 @@
- Nginx ä»£ç† IP: 192.168.100.100
-
-æ•°æ®åº“æœåŠ¡å™¨è¿è¡Œ mariadb æœåŠ¡
-
-Jumpserver æœåŠ¡å™¨è¿è¡Œ jumpserverã€redis æœåŠ¡
-
-Coco æœåŠ¡å™¨è¿è¡Œ coco æœåŠ¡
-
-Guacamole æœåŠ¡å™¨è¿è¡Œ docker æœåŠ¡
-
-Nginx 代ç†æœåŠ¡å™¨è¿è¡Œ nginx æœåŠ¡ï¼Œæ³¨æ„ upstream 的负载模å¼ï¼Œéœ€è¦è§£å†³ session 问题
+Nginx å¤šç»„ä»¶æ³¨æ„ upstream 的负载模å¼ï¼Œéœ€è¦è§£å†³ session 问题
安全
~~~~~~~
diff --git a/docs/distributed_06.rst b/docs/distributed_06.rst
index 262c859e..3fee2f3f 100644
--- a/docs/distributed_06.rst
+++ b/docs/distributed_06.rst
@@ -23,19 +23,56 @@
# 安装ä¾èµ–包
$ yum install -y yum-utils device-mapper-persistent-data lvm2
- # 设置 selinux ç–ç•¥
- $ chcon -Rt svirt_sandbox_file_t /opt/guacamole/key
-
- # 安装 docker(192.168.100.100 是 jumpserver çš„ url 地å€ï¼‰
- $ yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- $ yum makecache fast
- $ yum install docker-ce
- $ systemctl start docker
- $ docker run --name jms_guacamole -d \
- -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
- -e JUMPSERVER_KEY_DIR=/config/guacamole/key \
- -e JUMPSERVER_SERVER=http://192.168.100.100 \
- jumpserver/guacamole:latest
+ # 设置 selinux 与 防ç«å¢™
+ $ setenforce 0
+ $ sed -i "s/enforcing/disabled/g" `grep enforcing -rl /etc/selinux/config`
+ $ firewall-cmd --zone=public --add-port=8081/tcp --permanent
+ $ firewall-cmd --reload
+
+ $ yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm
+ $ rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
+ $ rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
+
+ $ yum install -y git gcc java-1.8.0-openjdk libtool
+ $ yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
+ $ yum install -y ffmpeg-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
+
+ $ cd /opt
+ $ git clone https://github.com/jumpserver/docker-guacamole.git
+
+ $ cd /opt/docker-guacamole/
+ $ tar -xf guacamole-server-0.9.14.tar.gz
+ $ cd guacamole-server-0.9.14
+ $ autoreconf -fi
+ $ ./configure --with-init-dir=/etc/init.d
+ $ make && make install
+ $ cd ..
+ $ rm -rf guacamole-server-0.9.14.tar.gz guacamole-server-0.9.14
+ $ ldconfig
+
+ $ mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions # 创建 guacamole 目录
+ $ cp /opt/docker-guacamole/guacamole-auth-jumpserver-0.9.14.jar /config/guacamole/extensions/guacamole-auth-jumpserver-0.9.14.jar
+ $ cp /opt/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/ # guacamole é…置文件
+
+ $ cd /config
+ $ wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-8/v8.5.34/bin/apache-tomcat-8.5.34.tar.gz
+ $ tar xf apache-tomcat-8.5.34.tar.gz
+ $ rm -rf apache-tomcat-8.5.34.tar.gz
+ $ mv apache-tomcat-8.5.34 tomcat8
+ $ rm -rf /config/tomcat8/webapps/*
+ $ cp /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war # guacamole client
+ $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
+ $ sed -i 's/FINE/WARNING/g' `grep 'FINE' -rl /config/tomcat8/conf/logging.properties` # 修改 log ç‰çº§ä¸º WARNING
+
+ $ export JUMPSERVER_SERVER=http://192.168.100.100 # 192.168.100.100 指 jumpserver 访问地å€
+ $ echo "export JUMPSERVER_SERVER=192.168.100.100" >> ~/.bashrc
+ $ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
+ $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
+ $ export GUACAMOLE_HOME=/config/guacamole
+ $ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
+
+ $ /etc/init.d/guacd start
+ $ sh /config/tomcat8/bin/startup.sh
# 访问 http://192.168.100.100/terminal/terminal/ æŽ¥å— guacamole 注册
diff --git a/docs/setup_by_centos7.rst b/docs/setup_by_centos7.rst
index 0d3af078..5888df72 100644
--- a/docs/setup_by_centos7.rst
+++ b/docs/setup_by_centos7.rst
@@ -33,9 +33,8 @@ CentOS 7 安装文档
$ firewall-cmd --reload # é‡æ–°è½½å…¥è§„则
- $ setsebool -P httpd_can_network_connect 1 # 设置 selinux å…许 http 访问
- $ mkdir -p /opt/guacamole/key
- $ chcon -Rt svirt_sandbox_file_t /opt/guacamole/key # 设置 selinux å…许容器对目录读写
+ $ setenforce 0
+ $ sed -i "s/enforcing/disabled/g" `grep enforcing -rl /etc/selinux/config`
# 修改å—符集,å¦åˆ™å¯èƒ½æŠ¥ input/output errorçš„é—®é¢˜ï¼Œå› ä¸ºæ—¥å¿—é‡Œæ‰“å°äº†ä¸æ–‡
$ localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
@@ -307,13 +306,41 @@ CentOS 7 安装文档
$ chown -R root:root luna
# 安装 Windows 支æŒç»„件(如果ä¸éœ€è¦ç®¡ç† windows 资产,å¯ä»¥ç›´æŽ¥è·³è¿‡è¿™ä¸€æ¥ï¼‰
- $ yum remove docker-latest-logrotate docker-logrotate docker-selinux dockdocker-engine
- $ yum install -y yum-utils device-mapper-persistent-data lvm2
- $ yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
- $ yum makecache fast
- $ yum install docker-ce
- $ systemctl start docker
- $ docker pull jumpserver/guacamole:latest
+ $ yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm
+ $ rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
+ $ rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
+ $ yum install -y git gcc java-1.8.0-openjdk libtool
+ $ yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
+ $ yum install -y ffmpeg-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
+ $ cd /op
+ $ git clone https://github.com/jumpserver/docker-guacamole.git
+ $ cd /opt/docker-guacamole/
+ $ tar -xf guacamole-server-0.9.14.tar.gz
+ $ cd guacamole-server-0.9.14
+ $ autoreconf -fi
+ $ ./configure --with-init-dir=/etc/init.d
+ $ make && make install
+ $ cd ..
+ $ rm -rf guacamole-server-0.9.14.tar.gz guacamole-server-0.9.14
+ $ ldconfig
+ $ mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions # 创建 guacamole 目录
+ $ cp /opt/docker-guacamole/guacamole-auth-jumpserver-0.9.14.jar /config/guacamole/extensions/guacamole-auth-jumpserver-0.9.14.jar
+ $ cp /opt/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/ # guacamole é…置文件
+ $ cd /config
+ $ wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-8/v8.5.34/bin/apache-tomcat-8.5.34.tar.gz
+ $ tar xf apache-tomcat-8.5.34.tar.gz
+ $ rm -rf apache-tomcat-8.5.34.tar.gz
+ $ mv apache-tomcat-8.5.34 tomcat8
+ $ rm -rf /config/tomcat8/webapps/*
+ $ cp /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war # guacamole client
+ $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
+ $ sed -i 's/FINE/WARNING/g' `grep 'FINE' -rl /config/tomcat8/conf/logging.properties` # 修改 log ç‰çº§ä¸º WARNING
+ $ export JUMPSERVER_SERVER=http://127.0.0.1:8080 # http://127.0.0.1:8080 指 jumpserver 访问地å€
+ $ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc
+ $ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
+ $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
+ $ export GUACAMOLE_HOME=/config/guacamole
+ $ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
::
@@ -398,13 +425,8 @@ CentOS 7 安装文档
# 新版本更新了è¿è¡Œè„šæœ¬ï¼Œä½¿ç”¨æ–¹å¼./cocod start|stop|status|restart åŽå°è¿è¡Œè¯·æ·»åŠ -d å‚æ•°
# è¿è¡Œ Guacamole
- # 注æ„:这里需è¦ä¿®æ”¹ä¸‹ http://<填写jumpserverçš„url地å€> 例: http://192.168.244.144:8080 或 http://192.168.244.144 ä¸èƒ½ä½¿ç”¨ 127.0.0.1
- $ docker run --name jms_guacamole -d \
- -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
- -e JUMPSERVER_KEY_DIR=/config/guacamole/key \
- -e JUMPSERVER_SERVER=http://<填写jumpserverçš„url地å€> \
- jumpserver/guacamole:latest
- # docker é‡å¯å®¹å™¨çš„方法docker restart jms_guacamole
+ $ /etc/init.d/guacd start
+ $ sh /config/tomcat8/bin/startup.sh
# è¿è¡Œ Nginx
$ nginx -t # ç¡®ä¿é…置没有问题, 有问题请先解决
diff --git a/docs/setup_by_ubuntu.rst b/docs/setup_by_ubuntu.rst
index 231c3d73..043da28c 100644
--- a/docs/setup_by_ubuntu.rst
+++ b/docs/setup_by_ubuntu.rst
@@ -410,15 +410,15 @@ Luna 已改为纯å‰ç«¯ï¼Œéœ€è¦ Nginx æ¥è¿è¡Œè®¿é—®
$ mv apache-tomcat-8.5.34 tomcat8
$ rm -rf /config/tomcat8/webapps/*
$ cp /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war # guacamole client
- $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl"8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
+ $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
$ sed -i 's/FINE/WARNING/g' `grep 'FINE' -rl /config/tomcat8/conf/logging.properties` # 修改 log ç‰çº§ä¸º WARNING
$ export JUMPSERVER_SERVER=http://127.0.0.1:8080 # http://127.0.0.1:8080 指 jumpserver 访问地å€
- $ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> .bashrc
+ $ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc
$ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
- $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> .bashrc
+ $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
$ export GUACAMOLE_HOME=/config/guacamole
- $ echo "export GUACAMOLE_HOME=/config/guacamole" >> .bashrc
+ $ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
$ /etc/init.d/guacd restart
$ sh /config/tomcat8/bin/startup.sh
diff --git a/docs/step_by_step.rst b/docs/step_by_step.rst
index 6558f0cf..f536e130 100644
--- a/docs/step_by_step.rst
+++ b/docs/step_by_step.rst
@@ -447,17 +447,17 @@ Luna 已改为纯å‰ç«¯ï¼Œéœ€è¦ Nginx æ¥è¿è¡Œè®¿é—®
$ tar xf apache-tomcat-8.5.34.tar.gz
$ rm -rf apache-tomcat-8.5.34.tar.gz
$ mv apache-tomcat-8.5.34 tomcat8
- $ rm -rf /var/lib/tomcat/webapps/*
+ $ rm -rf /config/tomcat8/webapps/*
$ cp /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war # guacamole client
- $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl"8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
+ $ sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl /config/tomcat8/conf/server.xml` # 修改默认端å£ä¸º 8081
$ sed -i 's/FINE/WARNING/g' `grep 'FINE' -rl /config/tomcat8/conf/logging.properties` # 修改 log ç‰çº§ä¸º WARNING
$ export JUMPSERVER_SERVER=http://127.0.0.1:8080 # http://127.0.0.1:8080 指 jumpserver 访问地å€
- $ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> .bashrc
+ $ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc
$ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
- $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> .bashrc
+ $ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
$ export GUACAMOLE_HOME=/config/guacamole
- $ echo "export GUACAMOLE_HOME=/config/guacamole" >> .bashrc
+ $ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
$ /etc/init.d/guacd start
$ sh /config/tomcat8/bin/startup.sh
--
2.18.0