修改文档SECRET_KEY说明

9df97b37 · wojiushixiaobai · 552e0fb5 · 9df97b37 · 9df97b37 · 9df97b37
Commit 9df97b37 authored Jun 19, 2018 by wojiushixiaobai
5 changed files
--- a/docs/distributed_04.rst
+++ b/docs/distributed_04.rst
@@ -69,8 +69,10 @@
    ...
    class Config:
        # Use it to encrypt or decrypt data
-        # SECURITY WARNING: keep the secret key used in production secret!
-        SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+
+        # Jumpserver 使用 SECRET_KEY 进行加密
+        # SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+        SECRET_KEY = os.environ.get('SECRET_KEY') or '请随意输入随机字符串（推荐字符大于等于 50位）'

        # Django security setting, if your disable debug model, you should setting that
        ALLOWED_HOSTS = ['*']

--- a/docs/setup_by_centos7.rst
+++ b/docs/setup_by_centos7.rst
@@ -113,8 +113,9 @@ CentOS 7 安装文档
    ...
    class Config:
        # Use it to encrypt or decrypt data
-        # SECURITY WARNING: keep the secret key used in production secret!
-        SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+        # Jumpserver 使用 SECRET_KEY 进行加密
+        # SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+        SECRET_KEY = os.environ.get('SECRET_KEY') or '请随意输入随机字符串（推荐字符大于等于 50位）'

        # Django security setting, if your disable debug model, you should setting that
        ALLOWED_HOSTS = ['*']

--- a/docs/setup_by_ubuntu.rst
+++ b/docs/setup_by_ubuntu.rst
@@ -124,13 +124,33 @@
 ::

    class Config:
+        # Use it to encrypt or decrypt data
+        # Jumpserver 使用 SECRET_KEY 进行加密
+        # SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+        SECRET_KEY = os.environ.get('SECRET_KEY') or '请随意输入随机字符串（推荐字符大于等于 50位）'

-    ...
+        # Django security setting, if your disable debug model, you should setting that
+        ALLOWED_HOSTS = ['*']
+
+        # Development env open this, when error occur display the full process track, Production disable it
+        # DEBUG 模式 True为开启 False为关闭，默认开启，生产环境推荐关闭
+        DEBUG = False
+
+        # DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
+        # 日志级别，默认为DEBUG，可调整为INFO, WARNING, ERROR, CRITICAL，默认INFO
+        LOG_LEVEL = 'WARNING'
+        LOG_DIR = os.path.join(BASE_DIR, 'logs')

-        # 找到如下所示，修改 sqlite3 为 mysql， 请勿直接复制粘贴
+        # Database setting, Support sqlite3, mysql, postgres ....
+        # See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
+        # 使用的数据库配置，支持sqlite3, mysql, postgres等，默认使用sqlite3
+
+        # SQLite setting:
+        # 默认使用SQLite，如果使用其他数据库请注释下面两行
        # DB_ENGINE = 'sqlite3'
        # DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')
-
+        # MySQL or postgres setting like:
+        # 如果需要使用mysql或postgres，请取消下面的注释并输入正确的信息,本例使用mysql做演示
        DB_ENGINE = 'mysql'
        DB_HOST = '127.0.0.1'
        DB_PORT = 3306
@@ -138,7 +158,22 @@
        DB_PASSWORD = 'somepassword'
        DB_NAME = 'jumpserver'

-        # 到此结束，其他内容如果你不知道用途请勿更改
+        # When Django start it will bind this host and port
+        # Django 监听的ip和端口，生产环境推荐把0.0.0.0修改成127.0.0.1，这里的意思是允许x.x.x.x访问，127.0.0.1表示仅允许自身访问。
+        # ./manage.py runserver 127.0.0.1:8080
+        HTTP_BIND_HOST = '127.0.0.1'
+        HTTP_LISTEN_PORT = 8080
+
+        # Use Redis as broker for celery and web socket
+        # Redis 相关设置
+        REDIS_HOST = '127.0.0.1'
+        REDIS_PORT = 6379
+        REDIS_PASSWORD = ''
+        BROKER_URL = 'redis://%(password)s%(host)s:%(port)s/3' % {
+            'password': REDIS_PASSWORD,
+            'host': REDIS_HOST,
+            'port': REDIS_PORT,
+        }
    ...

    config = DevelopmentConfig()

--- a/docs/step_by_step.rst
+++ b/docs/step_by_step.rst
@@ -155,8 +155,35 @@ Pip 加速设置请参考 <https://segmentfault.com/a/1190000011875306>

 ::

-    class DevelopmentConfig(Config):
-        DEBUG = True
+    ...
+    class Config:
+        # Use it to encrypt or decrypt data
+        # Jumpserver 使用 SECRET_KEY 进行加密
+        # SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+        SECRET_KEY = os.environ.get('SECRET_KEY') or '请随意输入随机字符串（推荐字符大于等于 50位）'
+
+        # Django security setting, if your disable debug model, you should setting that
+        ALLOWED_HOSTS = ['*']
+
+        # Development env open this, when error occur display the full process track, Production disable it
+        # DEBUG 模式 True为开启 False为关闭，默认开启，生产环境推荐关闭
+        DEBUG = False
+
+        # DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
+        # 日志级别，默认为DEBUG，可调整为INFO, WARNING, ERROR, CRITICAL，默认INFO
+        LOG_LEVEL = 'WARNING'
+        LOG_DIR = os.path.join(BASE_DIR, 'logs')
+
+        # Database setting, Support sqlite3, mysql, postgres ....
+        # See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
+        # 使用的数据库配置，支持sqlite3, mysql, postgres等，默认使用sqlite3
+
+        # SQLite setting:
+        # 默认使用SQLite，如果使用其他数据库请注释下面两行
+        # DB_ENGINE = 'sqlite3'
+        # DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')
+        # MySQL or postgres setting like:
+        # 如果需要使用mysql或postgres，请取消下面的注释并输入正确的信息,本例使用mysql做演示
        DB_ENGINE = 'mysql'
        DB_HOST = '127.0.0.1'
        DB_PORT = 3306
@@ -164,9 +191,25 @@ Pip 加速设置请参考 <https://segmentfault.com/a/1190000011875306>
        DB_PASSWORD = 'somepassword'
        DB_NAME = 'jumpserver'

+        # When Django start it will bind this host and port
+        # Django 监听的ip和端口，生产环境推荐把0.0.0.0修改成127.0.0.1，这里的意思是允许x.x.x.x访问，127.0.0.1表示仅允许自身访问。
+        # ./manage.py runserver 127.0.0.1:8080
+        HTTP_BIND_HOST = '127.0.0.1'
+        HTTP_LISTEN_PORT = 8080
+
+        # Use Redis as broker for celery and web socket
+        # Redis 相关设置
+        REDIS_HOST = '127.0.0.1'
+        REDIS_PORT = 6379
+        REDIS_PASSWORD = ''
+        BROKER_URL = 'redis://%(password)s%(host)s:%(port)s/3' % {
+            'password': REDIS_PASSWORD,
+            'host': REDIS_HOST,
+            'port': REDIS_PORT,
+        }
    ...

-    config = DevelopmentConfig()  # 确保使用的是刚才设置的配置文件
+    config = DevelopmentConfig()

 **2.8 生成数据库表结构和初始化数据**


--- a/docs/upgrade.rst
+++ b/docs/upgrade.rst
@@ -5,7 +5,7 @@

 ::

-    # 新版本更新了自动升级脚本，升级只需要到 utils 目录下执行 sh upgrade.sh 即可，请做好备份
+    # 升级前请做好 jumpserver 与 数据库 备份，谨防意外，具体的备份命令可以参考离线升级
    $ cd /opt/jumpserver
    $ git pull
    $ pip install -r requirements/requirements.txt  # 如果使用其他源下载失败可以使用 -i 参数指定源
@@ -18,7 +18,7 @@

 ::

-    # 新版本更新了自动升级脚本，升级只需要到 utils 目录下执行 sh upgrade.sh 即可
+    # 如果 coco 目录非默认位置请手动修改
    $ cd /opt/coco
    $ git pull && pip install -r requirements/requirements.txt