diff --git a/docs/_static/img/faq_googleauth.jpg b/docs/_static/img/faq_googleauth.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..34b3472a66b69fa87bd956f5b30d27ca77efd51a
Binary files /dev/null and b/docs/_static/img/faq_googleauth.jpg differ
diff --git a/docs/_static/img/faq_sftp_01.jpg b/docs/_static/img/faq_sftp_01.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..926cc5f8b3fd4955bbcbfaa3128158e938426886
Binary files /dev/null and b/docs/_static/img/faq_sftp_01.jpg differ
diff --git a/docs/_static/img/faq_windows_01.jpg b/docs/_static/img/faq_windows_01.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..759793e96e878596962710077c99191d7d2efa58
Binary files /dev/null and b/docs/_static/img/faq_windows_01.jpg differ
diff --git a/docs/_static/img/faq_windows_02.jpg b/docs/_static/img/faq_windows_02.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..b6ea0163016b8467d7ed3c1a5a17969d93332a77
Binary files /dev/null and b/docs/_static/img/faq_windows_02.jpg differ
diff --git a/docs/_static/img/faq_windows_03.jpg b/docs/_static/img/faq_windows_03.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..f7897142fee824467bb25608c5607346b4eb5698
Binary files /dev/null and b/docs/_static/img/faq_windows_03.jpg differ
diff --git a/docs/_static/img/faq_windows_04.jpg b/docs/_static/img/faq_windows_04.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..8328654bae6a362d32189273b74bd458b0456c26
Binary files /dev/null and b/docs/_static/img/faq_windows_04.jpg differ
diff --git a/docs/_static/img/faq_windows_05.jpg b/docs/_static/img/faq_windows_05.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..3120bc1354bf6de10653d3509f87235a52182ad3
Binary files /dev/null and b/docs/_static/img/faq_windows_05.jpg differ
diff --git a/docs/_static/img/faq_windows_06.jpg b/docs/_static/img/faq_windows_06.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..6e7eb2f1ef39aea4ad535d082ccab08a2904fc95
Binary files /dev/null and b/docs/_static/img/faq_windows_06.jpg differ
diff --git a/docs/_static/img/faq_windows_07.jpg b/docs/_static/img/faq_windows_07.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..e2c9a7b72adb81ef9faa7d2fd33e2207cb2a2b8a
Binary files /dev/null and b/docs/_static/img/faq_windows_07.jpg differ
diff --git a/docs/quickstart.rst b/docs/dockerinstall.rst
similarity index 99%
rename from docs/quickstart.rst
rename to docs/dockerinstall.rst
index b40aff11b98db3ba6b4515391264378469ab8599..18689c75a690f9056411c4cc30cdfcc2b01de114 100644
--- a/docs/quickstart.rst
+++ b/docs/dockerinstall.rst
@@ -1,4 +1,4 @@
-快速安装
+Docker安装
==========================
Jumpserver å°è£…了一个 All in one Docker,å¯ä»¥å¿«é€Ÿå¯åŠ¨ã€‚该镜åƒé›†æˆäº†æ‰€éœ€è¦çš„组件(Windows组件未暂未集æˆ),也支æŒä½¿ç”¨å¤–ç½® Database å’Œ Redis
diff --git a/docs/faq.rst b/docs/faq.rst
index cbcad15ca1e233683865b7a0a14d81abfa75d39b..19191e03d25e559d57d7f72446333a427d5ea837 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -1,5 +1,15 @@
FAQ
==========
+.. toctree::
+ :maxdepth: 1
+
+ Windows 资产连接说明 <faq_windows.rst>
+ Windows sftp使用说明 <faq_sftp.rst>
+ 二次认è¯ï¼ˆGoogle Auth)入å£è¯´æ˜Ž <faq_googleauth.rst>
+
+
+常è§é—®é¢˜
+~~~~~~~~~~~~~~~~~~~~~
1. Windows 资产连接错误排查æ€è·¯
@@ -47,10 +57,9 @@ FAQ
(3). guacamoleé‡æ–°æ³¨å†Œ
- $ rm /opt/guacamole/key/* # guacamole, å¦‚æžœä½ æ˜¯æŒ‰æ–‡æ¡£å®‰è£…çš„ï¼Œkey应该在这里
$ docker stop jms_guacamole # 如果å称更改过或者ä¸å¯¹ï¼Œè¯·ä½¿ç”¨docker ps 查询容器的 CONTAINER ID ,然åŽdocker stop <CONTAINER ID>
$ docker rm jms_guacamole # 如果å称更改过或者ä¸å¯¹ï¼Œè¯·ä½¿ç”¨docker ps -a 查询容器的 CONTAINER ID ,然åŽdocker rm <CONTAINER ID>
- $ rm /opt/guacamole/key/*
+ $ rm /opt/guacamole/key/* # guacamole, å¦‚æžœä½ æ˜¯æŒ‰æ–‡æ¡£å®‰è£…çš„ï¼Œkey应该在这里
$ systemctl stop docker
$ systemctl start docker
$ docker run —name jms_guacamole -d \
@@ -165,3 +174,16 @@ FAQ
$ source /opt/py3/bin/activate
$ cd /opt/jumpserver/apps
$ python manage.py changepassword <user_name>
+
+ # 新建超级用户的命令如下命令
+ $ python manage.py createsuperuser --username=user --email=user@domain.com
+
+ (11). 清ç†celery产生的数æ®(æ— æ³•æ£å¸¸æŽ¨é€åŠè¿žæŽ¥èµ„产å¯ä»¥ä½¿ç”¨)
+ $ source /opt/py3/bin/activate
+ $ cd /opt/jumpserver/apps
+ $ python manage.py shell
+ $ from celery.task.control import discard_all
+ $ discard_all()
+ $ exit()
+ $ cd /opt/jumpserver
+ $ ./jms restart celery
diff --git a/docs/faq_googleauth.rst b/docs/faq_googleauth.rst
new file mode 100644
index 0000000000000000000000000000000000000000..db0aff834bef6c08f4be8d145f186777792a55ca
--- /dev/null
+++ b/docs/faq_googleauth.rst
@@ -0,0 +1,4 @@
+二次认è¯ï¼ˆGoogle Auth)入å£è¯´æ˜Ž
+--------------------------------------------------------
+
+.. image:: _static/img/faq_googleauth.jpg
diff --git a/docs/faq_sftp.rst b/docs/faq_sftp.rst
new file mode 100644
index 0000000000000000000000000000000000000000..35fb02c73c895ad7843caad50addf37a11e81619
--- /dev/null
+++ b/docs/faq_sftp.rst
@@ -0,0 +1,5 @@
+Windows sftp使用说明
+-------------------------------------------------------
+在Windows上使用 sftp å·¥å…·ä¼ è¾“æ–‡ä»¶åˆ° Linux ç³»ç»Ÿï¼Œé»˜è®¤çš„ä¸Šä¼ ç›®å½•åœ¨ /tmp ,其他目录没有æƒé™
+
+.. image:: _static/img/faq_sftp_01.jpg
diff --git a/docs/faq_windows.rst b/docs/faq_windows.rst
new file mode 100644
index 0000000000000000000000000000000000000000..90ff8c4af98aa785eafb9d570e3dfcf0e4207492
--- /dev/null
+++ b/docs/faq_windows.rst
@@ -0,0 +1,30 @@
+Windows 资产连接说明
+----------------------------
+
+1. 检查终端是å¦åœ¨çº¿ï¼ˆå¦‚æžœä¸åœ¨çº¿ï¼Œå‚考FAQ文档进行处ç†ï¼‰
+
+.. image:: _static/img/faq_windows_01.jpg
+
+2. 登录è¦è¿žæŽ¥çš„windows资产,检查用户和IPä¿¡æ¯ï¼ˆWindowsç›®å‰è¿˜ä¸æ”¯æŒæŽ¨é€ï¼Œæ‰€ä»¥å¿…须使用资产上é¢å·²å˜åœ¨çš„用户进行登录)
+
+.. image:: _static/img/faq_windows_02.jpg
+
+3. 创建Windows资产管ç†ç”¨æˆ·ï¼ˆå¦‚æžœæ˜¯åŸŸèµ„äº§ï¼Œæ ¼å¼æ˜¯uesr@domain.com)
+
+.. image:: _static/img/faq_windows_03.jpg
+
+4. 创建Windowsèµ„äº§ç³»ç»Ÿç”¨æˆ·ï¼ˆå¦‚æžœæ˜¯åŸŸèµ„äº§ï¼Œæ ¼å¼æ˜¯uesr@domain.com,注æ„åè®®ä¸è¦é€‰é”™ï¼‰
+
+.. image:: _static/img/faq_windows_04.jpg
+
+5. 创建Windows资产(注æ„端å£ä¸è¦å¡«é”™ï¼‰
+
+.. image:: _static/img/faq_windows_05.jpg
+
+6. 创建授æƒè§„则
+
+.. image:: _static/img/faq_windows_06.jpg
+
+7. 使用web terminal登录(如果登录报错,检查防ç«å¢™çš„设置,å¯ä»¥å‚考FAQ)
+
+.. image:: _static/img/faq_windows_07.jpg
diff --git a/docs/fool_install.rst b/docs/fool_install.rst
index 64eff68899a3804825119227474d5a211520bca1..4c890fd3cc43b95e4540fe3dc872fd9c45035924 100644
--- a/docs/fool_install.rst
+++ b/docs/fool_install.rst
@@ -1,7 +1,7 @@
傻瓜安装
==========================
-由于大多数用户对 Linux ä¸ç†Ÿæ‚‰ï¼Œè¿™é‡Œæ供基于 CentoOS_7_64 的傻瓜安装脚本。
+由于部分用户对 Linux ä¸ç†Ÿæ‚‰ï¼Œè¿™é‡Œæ供基于 CentoOS_7_64 的傻瓜安装脚本。
æœ¬è„šæœ¬ä»…æ”¯æŒ CentoOS7 64 ä½çš„系统安装 Jumpserverï¼Œæ— æ³•åœ¨å…¶ä»–ç³»ç»Ÿä¸æ£å¸¸è¿è¡Œã€‚
diff --git a/docs/installation.rst b/docs/installation.rst
index 1ca0537252a6b0be58af90e4c91048f597354437..8965d1f646dda39600a221694728f5639387124a 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -4,7 +4,8 @@
.. toctree::
:maxdepth: 1
- quickstart
+ dockerinstall
+ quickinstall
step_by_step
setup_by_ubuntu
upgrade
diff --git a/docs/quickinstall.rst b/docs/quickinstall.rst
new file mode 100644
index 0000000000000000000000000000000000000000..753b2053763b04cc5549008ed982ea57efce57b4
--- /dev/null
+++ b/docs/quickinstall.rst
@@ -0,0 +1,19 @@
+快速安装
+++++++++++++++++++++++++
+
+å› ä¸ºæ‡’ï¼Œæ‰€ä»¥æ›´ä¸“ä¸šã€‚
+
+组件解释
+~~~~~~~~~~~~~~
+- Jumpserver 为管ç†åŽå°ï¼Œç®¡ç†å‘˜å¯ä»¥é€šè¿‡Web页é¢è¿›è¡Œèµ„产管ç†ã€ç”¨æˆ·ç®¡ç†ã€èµ„产授æƒç‰æ“作
+- Coco 为 SSH Server å’Œ Web Terminal Server 。用户å¯ä»¥é€šè¿‡ä½¿ç”¨è‡ªå·±çš„账户登录 SSH 或者 Web Terminal 直接访问被授æƒèµ„产。ä¸éœ€è¦çŸ¥é“æœåŠ¡å™¨çš„账户密ç
+- Luna 为 Web Terminal Server å‰ç«¯é¡µé¢ï¼Œç”¨æˆ·ä½¿ç”¨ Web Terminal æ–¹å¼ç™»å½•æ‰€éœ€è¦çš„组件
+- Guacamole 为 Windows 组件,用户å¯ä»¥é€šè¿‡ Web Terminal æ¥è¿žæŽ¥ Windows 资产 (暂时åªèƒ½é€šè¿‡ Web Terminal æ¥è®¿é—®ï¼‰
+
+安装文档
+~~~~~~~~~~~~~~
+
+.. toctree::
+ :maxdepth: 1
+
+ CentOS 7 安装文档 <setup_by_centos7.rst>
diff --git a/docs/setup_by_centos7.rst b/docs/setup_by_centos7.rst
new file mode 100644
index 0000000000000000000000000000000000000000..be752d36bc192182768de7ad557ab735062ffe1b
--- /dev/null
+++ b/docs/setup_by_centos7.rst
@@ -0,0 +1,345 @@
+CentOS 7 安装文档
+--------------------------
+
+说明
+~~~~~~~
+- # 开头的行表示注释
+- > 开头的行表示需è¦åœ¨ mysql ä¸æ‰§è¡Œ
+- $ 开头的行表示需è¦æ‰§è¡Œçš„命令
+
+本文档适用于有一定webè¿ç»´ç»éªŒçš„管ç†å‘˜æˆ–者工程师,文ä¸ä¸ä¼šå¯¹å®‰è£…的软件åšè¿‡å¤šçš„解释,仅对需è¦æ‰§è¡Œçš„内容注部分注释,更详细的内容请å‚考一æ¥ä¸€æ¥å®‰è£…。
+
+环境
+~~~~~~~
+
+- 系统: CentOS 7
+- IP: 192.168.244.144
+- 目录: /opt
+- æ•°æ®åº“: mariadb
+- 代ç†: nginx
+
+开始安装
+~~~~~~~~~~~~
+
+::
+
+
+ # å…³é— selinux 与 防ç«å¢™ 仅为了能æ£å¸¸å®‰è£…,安装完æˆåŽéœ€è¦é…置并é‡æ–°æ‰“å¼€
+ $ setenforce 0 # ä¸´æ—¶å…³é— selinux
+ $ systemctl stop iptables.service
+ $ systemctl stop firewalld.service
+
+ # 修改å—符集,å¦åˆ™å¯èƒ½æŠ¥ input/output errorçš„é—®é¢˜ï¼Œå› ä¸ºæ—¥å¿—é‡Œæ‰“å°äº†ä¸æ–‡
+ $ localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
+ $ export LC_ALL=zh_CN.UTF-8
+ $ echo 'LANG=zh_CN.UTF-8' > /etc/locale.conf
+
+ # 安装ä¾èµ–包
+ $ yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git
+
+ # 安装 Redis, Jumpserver 使用 Redis åš cache å’Œ celery broke
+ $ yum -y install redis
+ $ systemctl enable redis
+ $ systemctl start redis
+
+ # 安装 MySQL,如果ä¸ä½¿ç”¨ Mysql å¯ä»¥è·³è¿‡ç›¸å…³ Mysql 安装和é…置,支æŒsqlite3, mysql, postgresç‰
+ $ yum -y install mariadb mariadb-devel mariadb-server # centos7下å«mariadb,用法与mysql一致
+ $ systemctl enable mariadb
+ $ systemctl start mariadb
+ # 创建数æ®åº“ Jumpserver 并授æƒ
+ $ mysql -uroot
+ > create database jumpserver default charset 'utf8';
+ > grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'somepassword';
+ > flush privileges;
+
+ # 安装nginx,用作代ç†æœåŠ¡å™¨æ•´åˆjumpserver与å„个组件
+ $ yum -y install redis
+ $ systemctl enable nginx
+
+ # 下载编译Python3.6.1
+ $ wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
+ $ tar xvf Python-3.6.1.tar.xz && cd Python-3.6.1
+ $ ./configure && make && make install
+
+ # é…置并载入python3虚拟环境
+ $ cd /opt
+ $ python3 -m venv py3 # py3 为虚拟环境å称,å¯è‡ªå®šä¹‰
+ $ source /opt/py3/bin/activate # 退出虚拟环境å¯ä»¥ä½¿ç”¨ deactivate 命令
+
+ # 看到下é¢çš„æ示符代表æˆåŠŸï¼Œä»¥åŽè¿è¡Œ Jumpserver 都è¦å…ˆè¿è¡Œä»¥ä¸Š source 命令,载入环境åŽé»˜è®¤ä»¥ä¸‹æ‰€æœ‰å‘½ä»¤å‡åœ¨è¯¥è™šæ‹ŸçŽ¯å¢ƒä¸è¿è¡Œ
+ (py3) [root@localhost py3]
+
+ # 下载jumpserver与coco
+ $ cd /opt/
+ $ git clone https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master
+ $ git clone https://github.com/jumpserver/coco.git && cd coco && git checkout master
+
+ # 安装ä¾èµ– RPM 包
+ $ yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt)
+ $ yum -y install $(cat /opt/coco/requirements/rpm_requirements.txt)
+
+ # 安装 Python 库ä¾èµ–
+ $ pip install --upgrade pip
+ $ pip install -r /opt/jumpserver/requirements/requirements.txt
+ $ pip install -r /opt/coco/requirements/requirements.txt
+
+::
+
+
+ # 修改 Jumpserver é…置文件
+ $ cd /opt/jumpserver
+ $ cp config_example.py config.py
+ $ vi config.py
+
+ #注æ„: é…置文件是 Python æ ¼å¼ï¼Œä¸è¦ç”¨ TAB,而è¦ç”¨ç©ºæ ¼ï¼Œè¯·æ‰‹åŠ¨ä¿®æ”¹ï¼Œæ³¨æ„对其,ä¸è¦ç›´æŽ¥å¤åˆ¶æœ¬æ–‡å†…容
+
+ ...
+ class Config:
+ # Use it to encrypt or decrypt data
+ # SECURITY WARNING: keep the secret key used in production secret!
+ SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'
+
+ # Django security setting, if your disable debug model, you should setting that
+ ALLOWED_HOSTS = ['*']
+
+ # Development env open this, when error occur display the full process track, Production disable it
+ # DEBUG æ¨¡å¼ Trueä¸ºå¼€å¯ False为关é—,默认开å¯
+ DEBUG = True
+
+ # DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
+ # 日志级别,默认为DEBUG,å¯è°ƒæ•´ä¸ºINFO, WARNING, ERROR, CRITICAL
+ LOG_LEVEL = 'DEBUG'
+ LOG_DIR = os.path.join(BASE_DIR, 'logs')
+
+ # Database setting, Support sqlite3, mysql, postgres ....
+ # See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
+ # 使用的数æ®åº“é…置,支æŒsqlite3, mysql, postgresç‰ï¼Œé»˜è®¤ä½¿ç”¨sqlite3
+
+ # SQLite setting:
+ # 默认使用SQLite,如果使用其他数æ®åº“请注释下é¢ä¸¤è¡Œ
+ # DB_ENGINE = 'sqlite3'
+ # DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')
+ # MySQL or postgres setting like:
+ # 如果需è¦ä½¿ç”¨mysql或postgres,请å–消下é¢çš„注释并输入æ£ç¡®çš„ä¿¡æ¯,本例使用mysqlåšæ¼”示
+ DB_ENGINE = 'mysql'
+ DB_HOST = '127.0.0.1'
+ DB_PORT = 3306
+ DB_USER = 'root'
+ DB_PASSWORD = 'somepassword'
+ DB_NAME = 'jumpserver'
+
+ # When Django start it will bind this host and port
+ # Django è¿è¡Œçš„端å£å’Œå®¹å™¨ï¼Œéƒ¨ç½²ä»£ç†æœåŠ¡å™¨åŽåº”该把0.0.0.0修改æˆ127.0.0.1,这里的æ„æ€æ˜¯å…许x.x.x.x访问,127.0.0.1表示仅å…许自身访问。
+ # ./manage.py runserver 127.0.0.1:8080
+ HTTP_BIND_HOST = '0.0.0.0'
+ HTTP_LISTEN_PORT = 8080
+
+ # Use Redis as broker for celery and web socket
+ # Redis 相关设置
+ REDIS_HOST = '127.0.0.1'
+ REDIS_PORT = 6379
+ REDIS_PASSWORD = ''
+ BROKER_URL = 'redis://%(password)s%(host)s:%(port)s/3' % {
+ 'password': REDIS_PASSWORD,
+ 'host': REDIS_HOST,
+ 'port': REDIS_PORT,
+ }
+ ...
+
+ config = DevelopmentConfig()
+
+::
+
+
+ # 修改 coco é…置文件
+ $ cd /opt/coco
+ $ cp conf_example.py conf.py
+ $ vi conf.py
+
+ #注æ„: é…置文件是 Python æ ¼å¼ï¼Œä¸è¦ç”¨ TAB,而è¦ç”¨ç©ºæ ¼ï¼Œè¯·æ‰‹åŠ¨ä¿®æ”¹ï¼Œæ³¨æ„对其,ä¸è¦ç›´æŽ¥å¤åˆ¶æœ¬æ–‡å†…容
+
+ ...
+ class Config:
+ """
+ Coco config file, coco also load config from server update setting below
+ """
+ # 项目å称, 会用æ¥å‘Jumpserver注册, 识别而已, ä¸èƒ½é‡å¤
+ # NAME = "localhost"
+
+ # Jumpserver项目的url, api请求注册会使用
+ # CORE_HOST = os.environ.get("CORE_HOST") or 'http://127.0.0.1:8080'
+
+ # å¯åŠ¨æ—¶ç»‘定的ip, 默认 0.0.0.0
+ # BIND_HOST = '0.0.0.0'
+
+ # 监å¬çš„SSH端å£å·, 默认2222
+ # SSHD_PORT = 2222
+
+ # 监å¬çš„HTTP/WS端å£å·ï¼Œé»˜è®¤5000
+ # HTTPD_PORT = 5000
+
+ # 项目使用的ACCESS KEY, 默认会注册,并ä¿å˜åˆ° ACCESS_KEY_STOREä¸,
+ # 如果有需求, å¯ä»¥å†™åˆ°é…置文件ä¸, æ ¼å¼ access_key_id:access_key_secret
+ # ACCESS_KEY = None
+
+ # ACCESS KEY ä¿å˜çš„地å€, 默认注册åŽä¼šä¿å˜åˆ°è¯¥æ–‡ä»¶ä¸
+ # ACCESS_KEY_STORE = os.path.join(BASE_DIR, 'keys', '.access_key')
+
+ # åŠ å¯†å¯†é’¥
+ # SECRET_KEY = None
+
+ # 设置日志级别 ['DEBUG', 'INFO', 'WARN', 'ERROR', 'FATAL', 'CRITICAL']
+ # LOG_LEVEL = 'INFO'
+
+ # 日志å˜æ”¾çš„目录
+ # LOG_DIR = os.path.join(BASE_DIR, 'logs')
+
+ # Session录åƒå˜æ”¾ç›®å½•
+ # SESSION_DIR = os.path.join(BASE_DIR, 'sessions')
+
+ # 资产显示排åºæ–¹å¼, ['ip', 'hostname']
+ # ASSET_LIST_SORT_BY = 'ip'
+
+ # 登录是å¦æ”¯æŒå¯†ç 认è¯
+ # PASSWORD_AUTH = True
+
+ # 登录是å¦æ”¯æŒç§˜é’¥è®¤è¯
+ # PUBLIC_KEY_AUTH = True
+
+ # å’ŒJumpserver ä¿æŒå¿ƒè·³æ—¶é—´é—´éš”
+ # HEARTBEAT_INTERVAL = 5
+
+ # Adminçš„åå—,出问题会æ示给用户
+ # ADMINS = ''
+ COMMAND_STORAGE = {
+ "TYPE": "server"
+ }
+ REPLAY_STORAGE = {
+ "TYPE": "server"
+ }
+
+
+ config = Config()
+
+::
+
+
+ # 安装 Web Terminal å‰ç«¯: Luna éœ€è¦ Nginx æ¥è¿è¡Œè®¿é—® 访问(https://github.com/jumpserver/luna/releases)下载对应版本的 release 包,直接解压,ä¸éœ€è¦ç¼–译
+ $ cd /opt
+ $ wget https://github.com/jumpserver/luna/releases/download/v1.0.0/luna.tar.gz
+ $ tar xvf luna.tar.gz
+
+ # 安装 Windows 支æŒç»„件(如果ä¸éœ€è¦ç®¡ç† windows 资产,å¯ä»¥ç›´æŽ¥è·³è¿‡è¿™ä¸€æ¥ï¼‰
+ $ yum remove docker-latest-logrotate docker-logrotate docker-selinux dockdocker-engine
+ $ yum install -y yum-utils device-mapper-persistent-data lvm2
+ $ yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+ $ yum makecache fast
+ $ yum install docker-ce
+ $ systemctl start docker
+ $ docker run --name jms_guacamole -d \
+ -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
+ -e JUMPSERVER_KEY_DIR=/config/guacamole/key \
+ -e JUMPSERVER_SERVER=http://<填写jumpserver的地å€> \
+ registry.jumpserver.org/public/guacamole:1.0.0
+
+::
+
+
+ # é…ç½® Nginx æ•´åˆå„组件
+ $ vim /etc/nginx/conf.d/jumpserver.conf
+
+ server {
+ listen 80;
+
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header Host $host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ location /luna/ {
+ try_files $uri / /index.html;
+ alias /opt/luna/;
+ }
+
+ location /media/ {
+ add_header Content-Encoding gzip;
+ root /opt/jumpserver/data/;
+ }
+
+ location /static/ {
+ root /opt/jumpserver/data/;
+ }
+
+ location /socket.io/ {
+ proxy_pass http://localhost:5000/socket.io/; # 如果coco安装在别的æœåŠ¡å™¨ï¼Œè¯·å¡«å†™å®ƒçš„ip
+ proxy_buffering off;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ }
+
+ location /guacamole/ {
+ proxy_pass http://localhost:8081/; # 如果docker安装在别的æœåŠ¡å™¨ï¼Œè¯·å¡«å†™å®ƒçš„ip
+ proxy_buffering off;
+ proxy_http_version 1.1;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $http_connection;
+ access_log off;
+ }
+
+ location / {
+ proxy_pass http://localhost:8080; # 如果jumpserver安装在别的æœåŠ¡å™¨ï¼Œè¯·å¡«å†™å®ƒçš„ip
+ }
+ }
+
+::
+
+
+ # 生æˆæ•°æ®åº“表结构和åˆå§‹åŒ–æ•°æ®
+ $ cd /opt/jumpserver/utils
+ $ bash make_migrations.sh
+
+ # è¿è¡Œ Jumpserver
+ $ cd /opt/jumpserver
+ $ ./jms start all # åŽå°è¿è¡Œä½¿ç”¨ -d å‚æ•°./jms start all -d
+ # 新版本更新了è¿è¡Œè„šæœ¬ï¼Œä½¿ç”¨æ–¹å¼./jms start|stop|status|restart all åŽå°è¿è¡Œè¯·æ·»åŠ -d å‚æ•°
+
+ # è¿è¡Œ coco
+ $ cd /opt/coco
+ $ cp conf_example.py conf.py
+ $ ./cocod start # åŽå°è¿è¡Œä½¿ç”¨ -d å‚æ•°./cocod start -d
+
+ # 新版本更新了è¿è¡Œè„šæœ¬ï¼Œä½¿ç”¨æ–¹å¼./cocod start|stop|status|restart åŽå°è¿è¡Œè¯·æ·»åŠ -d å‚æ•°
+
+ # è¿è¡Œ Nginx
+ $ nginx -t # ç¡®ä¿é…置没有问题, 有问题请先解决
+ $ systemctl start nginx
+
+ # 访问 http://192.168.244.144 默认账å·: admin 密ç : admin 到会è¯ç®¡ç†-ç»ˆç«¯ç®¡ç† æŽ¥å— Coco Guacamole ç‰åº”用的注册
+ # 测试连接
+ $ ssh -p2222 admin@192.168.244.144
+ $ sftp -p2222 admin@192.168.244.144
+ 密ç : admin
+
+ # 如果是用在 Windows 下,Xshell Terminal 登录è¯æ³•å¦‚下
+ $ ssh admin@192.168.244.144 2222
+ $ sftp admin@192.168.244.144 2222
+ 密ç : admin
+ 如果能登陆代表部署æˆåŠŸ
+
+ # sftpé»˜è®¤ä¸Šä¼ çš„ä½ç½®åœ¨ /tmp 目录下
+
+ # 其他的sshåŠsftp客户端这里就ä¸å¤šåšè¯´æ˜Žï¼Œè‡ªè¡Œæœç´¢ä½¿ç”¨
+
+ # 防ç«å¢™ 与 selinux 设置说明
+ $ firewall-cmd --zone=public --add-port=8080/tcp --permanent # jumpserver 端å£
+ $ firewall-cmd --zone=public --add-port=80/tcp --permanent # nginx 端å£
+ $ firewall-cmd --zone=public --add-port=2222/tcp --permanent # 用户SSHç™»å½•ç«¯å£ coco
+ $ firewall-cmd --zone=public --add-port=5000/tcp --permanent # 用户HTTP/WSç™»å½•ç«¯å£ coco
+ $ firewall-cmd --zone=public --add-port=8081/tcp --permanent # guacamoleç«¯å£ docker
+ --permanent 永久生效,没有æ¤å‚æ•°é‡å¯åŽå¤±æ•ˆ
+
+ # selinux 的白åå•è§„则æ£åœ¨ç ”究ä¸ï¼Œç¨åŽå¦‚果确定开å¯selinuxä¸å½±å“æœåŠ¡çš„æ£å¸¸ä½¿ç”¨ä¼šæŠŠç›¸å…³æ–‡æ¡£è¡¥ä¸Šæ¥
+
+åŽç»çš„使用请å‚考 `快速入门 <admin_create_asset.html>`_
+如é‡åˆ°é—®é¢˜å¯å‚考 `FAQ <faq.html>`_
diff --git a/docs/setup_by_ubuntu.rst b/docs/setup_by_ubuntu.rst
index 1546ff9f4fc451722b97fcd65a5fce1d28dbe11e..d064e32e86914ad2f7f0f1833b8cc701e0da0030 100644
--- a/docs/setup_by_ubuntu.rst
+++ b/docs/setup_by_ubuntu.rst
@@ -44,7 +44,7 @@
# 看到下é¢çš„æ示符代表æˆåŠŸï¼Œä»¥åŽè¿è¡Œ Jumpserver 都è¦å…ˆè¿è¡Œä»¥ä¸Š source 命令,以下所有命令å‡åœ¨è¯¥è™šæ‹ŸçŽ¯å¢ƒä¸è¿è¡Œ
(py3) [root@localhost py3]
-二. 安装 Jumpserver 1.0.0
+二. 安装 Jumpserver
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**2.1 下载或 Clone 项目**
diff --git a/docs/step_by_step.rst b/docs/step_by_step.rst
index 1bd2d656878ee4e59c3111f232beb9b06ccb5629..1fcc55ec4f2723fe19994217497a961b4d55b558 100644
--- a/docs/step_by_step.rst
+++ b/docs/step_by_step.rst
@@ -63,7 +63,7 @@ Yum åŠ é€Ÿè®¾ç½®è¯·å‚考 <http://mirrors.163.com/.help/centos.html>
# 看到下é¢çš„æ示符代表æˆåŠŸï¼Œä»¥åŽè¿è¡Œ Jumpserver 都è¦å…ˆè¿è¡Œä»¥ä¸Š source 命令,以下所有命令å‡åœ¨è¯¥è™šæ‹ŸçŽ¯å¢ƒä¸è¿è¡Œ
(py3) [root@localhost py3]
-二. 安装 Jumpserver 1.0.0
+二. 安装 Jumpserver
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
**2.1 下载或 Clone 项目**
diff --git a/docs/upgrade.rst b/docs/upgrade.rst
index 3b2347b724ea1da61be28a6cda763051bea03095..6b4a28607488195fa0b4a0c7f7e9de3a8ece9c96 100644
--- a/docs/upgrade.rst
+++ b/docs/upgrade.rst
@@ -6,7 +6,7 @@
::
$ git pull && pip install -r requirements/requirements.txt && cd utils && sh make_migrations.sh
-
+
  # 1.0.x å‡çº§ 1.2.0 需è¦æ‰§è¡Œè¿ç§»è„šæœ¬ï¼ˆæ–°ç‰ˆæœ¬æŽˆæƒç®¡ç†æ›´æ–°ï¼‰
$ sh 2018_04_11_migrate_permissions.sh
Â
@@ -14,7 +14,11 @@
::
- $ git pull && cd requirements && pip install -r requirements.txt -i https://pypi.org/simple
+
+ $ git pull && pip install -r requirements/requirements.txt
+
+ # 如果使用其他æºä¸‹è½½å¤±è´¥å¯ä»¥ä½¿ç”¨ -i å‚数指定æº
+ $ git pull && pip install -r requirements/requirements.txt -i https://pypi.org/simple
3. å‡çº§ Luna
@@ -22,7 +26,7 @@
4. å‡çº§ guacamole
-::
+::
$ docker pull registry.jumpserver.org/public/guacamole:latest
$ docker stop jms_guacamole # 或者写guacamole的容器ID
@@ -30,9 +34,12 @@
 $ docker run --name jms_guacamole -d \
-p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
-e JUMPSERVER_KEY_DIR=/config/guacamole/key \
- -e JUMPSERVER_SERVER=http://<填写本机的IP地å€>:8080 \
+ -e JUMPSERVER_SERVER=http://<填写JumpserveræœåŠ¡å™¨çš„IP地å€>:8080 \
registry.jumpserver.org/public/guacamole:latest
+ # 确定å‡çº§å®ŒæˆåŽï¼Œå¯ä»¥åˆ 除备份容器
+ $ docker rm jms_guacamole_bak
+
切æ¢åˆ†æ”¯æˆ–离线å‡çº§
-------------------------------
@@ -40,66 +47,40 @@
**Jumpserver**
-说明: 以下æ“作,都在jumpserver所在目录è¿è¡Œï¼ˆå¦‚果是新开的终端,别忘了 source /opt/py3/bin/activate)
+说明: 如果是新开的终端,别忘了 source /opt/py3/bin/activate
-1. 备份é…置文件
+1. 备份jumpserver
::
$ jumpserver_backup=/tmp/jumpserver_backup
$ mkdir -p $jumpserver_backup
- $ cp config.py $jumpserver_backup
+ $ cd /opt/jumpservrer
+ $ cp -r ./ $jumpserver_backup
-2. 备份migrations migrationsä¸å˜çš„是数æ®åº“表结构的å˜æ›´ï¼Œåˆ‡æ¢åˆ†æ”¯ä¼šä¸¢å¤±
-
-::
-
- $ for app in common users assets ops perms terminal;do
- mkdir -p $jumpserver_backup/${app}_migrations
- cp apps/${app}/migrations/*.py $jumpserver_backup/${app}_migrations
- done
-
-
-3. 备份数æ®åº“,已被ä¸æ—¶ä¹‹éœ€
+2. 备份数æ®åº“,已被ä¸æ—¶ä¹‹éœ€
::
$ mysqldump -uä½ çš„æ•°æ®åº“è´¦å· -hæ•°æ®åº“åœ°å€ -p æ•°æ®åº“å称 > $jumpserver_backup/db_backup.sql
-4. 备份录åƒæ–‡ä»¶
+3. 切æ¢åˆ†æ”¯æˆ–下载离线包, 更新代ç
::
- $ cp -r data/media $jumpserver_backup/
+ $ cd /opt
+ $ mv jumpserver jumpserver_bak
+ $ git clone https://github.com/jumpserver/jumpserver.git
+ $ cd jumpserver && git checkout master # or other branch
+ $ git pull
-5. 切æ¢åˆ†æ”¯æˆ–下载离线包, 更新代ç
-
-::
-
- $ git checkout master # or other branch
-
-
-6. 还原é…置文件
-
-::
-
- $ cp $jumpserver_backup/config.py .
-
-7. 还原数æ®åº“表结构记录
-
-::
-
- $ for app in common users assets ops perms terminal;do
- cp $jumpserver_backup/${app}_migrations/*.py apps/${app}/migrations/
- done
-
-8. 还原录åƒæ–‡ä»¶
+4. 还原录åƒæ–‡ä»¶
::
$ cp -r $jumpserver_backup/media/* data/media/
-9. æ›´æ–°ä¾èµ–或表结构
+5. æ›´æ–°ä¾èµ–或表结构
::
@@ -143,5 +124,3 @@ cocoæ˜¯æ— çŠ¶æ€çš„,备份 keys 目录å³å¯
**Guacamole**
直接å‚考上é¢çš„å‡çº§å³å¯, 需è¦æ³¨æ„的是如果更æ¢æœºå™¨ï¼Œè¯·å¤‡ä»½
-
-
diff --git a/docs/upgrade.rst.orig b/docs/upgrade.rst.orig
new file mode 100644
index 0000000000000000000000000000000000000000..18b88bccdffedd2d4dadae9bb2e46a67bc4e5b46
--- /dev/null
+++ b/docs/upgrade.rst.orig
@@ -0,0 +1,126 @@
+æ›´æ–°å‡çº§
+-------------
+
+1. å‡çº§ Jumpserver(如果是新开的终端,别忘了 source /opt/py3/bin/activate)
+
+::
+
+ $ git pull && pip install -r requirements/requirements.txt && cd utils && sh make_migrations.sh
+
+   # 1.0.x å‡çº§ 1.2.0 需è¦æ‰§è¡Œè¿ç§»è„šæœ¬ï¼ˆæ–°ç‰ˆæœ¬æŽˆæƒç®¡ç†æ›´æ–°ï¼‰
+ $ sh 2018_04_11_migrate_permissions.sh
+Â
+2. å‡çº§ Coco(如果是新开的终端,别忘了 source /opt/py3/bin/activate)
+
+::
+
+<<<<<<< HEAD
+ $ git pull && pip install -r requirements/requirements.txt # ä¸è¦æŒ‡å®š -iå‚æ•°
+=======
+ $ git pull && cd requirements && pip install -r requirements.txt -i https://pypi.org/simple
+>>>>>>> upstream/docs
+
+3. å‡çº§ Luna
+
+é‡æ–°ä¸‹è½½ release 包(https://github.com/jumpserver/luna/releases)
+
+4. å‡çº§ guacamole
+
+::
+
+ $ docker pull registry.jumpserver.org/public/guacamole:latest
+ $ docker stop jms_guacamole # 或者写guacamole的容器ID
+  $ docker rename jms_guacamole jms_guacamole_bak # 如果å称ä¸æ£ç¡®è¯·æ‰‹åŠ¨ä¿®æ”¹
+ Â $ docker run --name jms_guacamole -d \
+ -p 8081:8080 -v /opt/guacamole/key:/config/guacamole/key \
+ -e JUMPSERVER_KEY_DIR=/config/guacamole/key \
+ -e JUMPSERVER_SERVER=http://<填写JumpserveræœåŠ¡å™¨çš„IP地å€>:8080 \
+ registry.jumpserver.org/public/guacamole:latest
+
+ # 确定å‡çº§å®ŒæˆåŽï¼Œå¯ä»¥åˆ 除备份容器
+ $ docker rm jms_guacamole_bak
+
+
+切æ¢åˆ†æ”¯æˆ–离线å‡çº§
+-------------------------------
+
+
+**Jumpserver**
+
+说明: 如果是新开的终端,别忘了 source /opt/py3/bin/activate
+
+1. 备份jumpserver
+
+::
+
+ $ jumpserver_backup=/tmp/jumpserver_backup
+ $ mkdir -p $jumpserver_backup
+ $ cd /opt/jumpservrer
+ $ cp -r ./ $jumpserver_backup
+
+2. 备份数æ®åº“,已被ä¸æ—¶ä¹‹éœ€
+
+::
+
+ $ mysqldump -uä½ çš„æ•°æ®åº“è´¦å· -hæ•°æ®åº“åœ°å€ -p æ•°æ®åº“å称 > $jumpserver_backup/db_backup.sql
+
+3. 切æ¢åˆ†æ”¯æˆ–下载离线包, 更新代ç
+
+::
+
+ $ cd /opt
+ $ mv jumpserver jumpserver_bak
+ $ git clone https://github.com/jumpserver/jumpserver.git
+ $ cd jumpserver && git checkout master # or other branch
+ $ git pull
+
+4. 还原录åƒæ–‡ä»¶
+
+::
+
+ $ cp -r $jumpserver_backup/media/* data/media/
+
+5. æ›´æ–°ä¾èµ–或表结构
+
+::
+
+ $ pip install -r requirements/requirements.txt && cd utils && sh make_migrations.sh
+
+
+**Coco**
+
+说明: 以下æ“作都在 coco 项目所在目录
+
+cocoæ˜¯æ— çŠ¶æ€çš„,备份 keys 目录å³å¯
+
+1. 备份keys
+
+::
+
+ $ cp -r keys $jumpserver_backup/
+
+
+2. 离线更新å‡çº§coco(如果是新开的终端,别忘了 source /opt/py3/bin/activate)
+
+3. 还原 keys目录
+
+::
+
+ $ mv keys keys_backup
+ $ cp -r $jumpserver_backup/keys .
+
+4. å‡çº§ä¾èµ–
+
+::
+
+ $ git pull && cd requirements && pip install -r requirements.txt
+
+
+**Luna**
+
+直接下载最新Release包替æ¢å³å¯
+
+
+**Guacamole**
+
+直接å‚考上é¢çš„å‡çº§å³å¯, 需è¦æ³¨æ„的是如果更æ¢æœºå™¨ï¼Œè¯·å¤‡ä»½