{"id":957,"date":"2021-10-11T17:30:26","date_gmt":"2021-10-12T00:30:26","guid":{"rendered":"https:\/\/www.xh86.me\/?p=957"},"modified":"2021-10-11T17:30:26","modified_gmt":"2021-10-12T00:30:26","slug":"docker-%e5%ae%89%e8%a3%85-jumpserver","status":"publish","type":"post","link":"https:\/\/www.xh86.me\/?p=957","title":{"rendered":"Docker \u5b89\u88c5 jumpserver"},"content":{"rendered":"<div class=\"document\" role=\"main\">\n<div id=\"docker\" class=\"section\">\n<p>Jumpserver \u5c01\u88c5\u4e86\u4e00\u4e2a All in one Docker, \u53ef\u4ee5\u5feb\u901f\u542f\u52a8\u3002\u8be5\u955c\u50cf\u96c6\u6210\u4e86\u6240\u9700\u8981\u7684\u7ec4\u4ef6, \u652f\u6301\u4f7f\u7528\u5916\u7f6e Database \u548c Redis<\/p>\n<p><strong>\u5feb\u901f\u542f\u52a8<\/strong><\/p>\n<ul class=\"simple\">\n<li>\u4f7f\u7528 root \u8eab\u4efd\u8f93\u5165<\/li>\n<li>\u73af\u5883\u8fc1\u79fb\u548c\u66f4\u65b0\u5347\u7ea7\u8bf7\u68c0\u67e5 SECRET_KEY \u662f\u5426\u4e0e\u4e4b\u524d\u8bbe\u7f6e\u4e00\u81f4, \u4e0d\u80fd\u968f\u673a\u751f\u6210, \u5426\u5219\u6570\u636e\u5e93\u6240\u6709\u52a0\u5bc6\u7684\u5b57\u6bb5\u5747\u65e0\u6cd5\u89e3\u5bc6<\/li>\n<\/ul>\n<div class=\"highlight-shell notranslate\">\n<div class=\"highlight\">\n<pre><span class=\"c1\"># \u751f\u6210\u968f\u673a\u52a0\u5bc6\u79d8\u94a5, \u52ff\u5916\u6cc4<\/span>\r\n$ <span class=\"k\">if<\/span> <span class=\"o\">[<\/span> <span class=\"s2\">\"<\/span><span class=\"nv\">$SECRET_KEY<\/span><span class=\"s2\">\"<\/span> <span class=\"o\">=<\/span> <span class=\"s2\">\"\"<\/span> <span class=\"o\">]<\/span><span class=\"p\">;<\/span> <span class=\"k\">then<\/span> <span class=\"nv\">SECRET_KEY<\/span><span class=\"o\">=<\/span><span class=\"sb\">`<\/span>cat \/dev\/urandom <span class=\"p\">|<\/span> tr -dc A-Za-z0-9 <span class=\"p\">|<\/span> head -c <span class=\"m\">50<\/span><span class=\"sb\">`<\/span><span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"s2\">\"SECRET_KEY=<\/span><span class=\"nv\">$SECRET_KEY<\/span><span class=\"s2\">\"<\/span> &gt;&gt; ~\/.bashrc<span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$SECRET_KEY<\/span><span class=\"p\">;<\/span> <span class=\"k\">else<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$SECRET_KEY<\/span><span class=\"p\">;<\/span> <span class=\"k\">fi<\/span>\r\n$ <span class=\"k\">if<\/span> <span class=\"o\">[<\/span> <span class=\"s2\">\"<\/span><span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"s2\">\"<\/span> <span class=\"o\">=<\/span> <span class=\"s2\">\"\"<\/span> <span class=\"o\">]<\/span><span class=\"p\">;<\/span> <span class=\"k\">then<\/span> <span class=\"nv\">BOOTSTRAP_TOKEN<\/span><span class=\"o\">=<\/span><span class=\"sb\">`<\/span>cat \/dev\/urandom <span class=\"p\">|<\/span> tr -dc A-Za-z0-9 <span class=\"p\">|<\/span> head -c <span class=\"m\">16<\/span><span class=\"sb\">`<\/span><span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"s2\">\"BOOTSTRAP_TOKEN=<\/span><span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"s2\">\"<\/span> &gt;&gt; ~\/.bashrc<span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"p\">;<\/span> <span class=\"k\">else<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"p\">;<\/span> <span class=\"k\">fi<\/span>\r\n\r\n$ docker run --name jms_all -d -p <span class=\"m\">80<\/span>:80 -p <span class=\"m\">2222<\/span>:2222 -e <span class=\"nv\">SECRET_KEY<\/span><span class=\"o\">=<\/span><span class=\"nv\">$SECRET_KEY<\/span> -e <span class=\"nv\">BOOTSTRAP_TOKEN<\/span><span class=\"o\">=<\/span><span class=\"nv\">$BOOTSTRAP_TOKEN<\/span> jumpserver\/jms_all:1.4.8\r\n\r\n<span class=\"c1\"># macOS \u751f\u6210\u968f\u673a key \u53ef\u4ee5\u7528\u4e0b\u9762\u7684\u547d\u4ee4<\/span>\r\n$ <span class=\"k\">if<\/span> <span class=\"o\">[<\/span> <span class=\"s2\">\"<\/span><span class=\"nv\">$SECRET_KEY<\/span><span class=\"s2\">\"<\/span> <span class=\"o\">=<\/span> <span class=\"s2\">\"\"<\/span> <span class=\"o\">]<\/span><span class=\"p\">;<\/span> <span class=\"k\">then<\/span> <span class=\"nv\">SECRET_KEY<\/span><span class=\"o\">=<\/span><span class=\"sb\">`<\/span><span class=\"nv\">LC_CTYPE<\/span><span class=\"o\">=<\/span>C tr -dc A-Za-z0-9 &lt; \/dev\/urandom <span class=\"p\">|<\/span> head -c <span class=\"m\">50<\/span><span class=\"sb\">`<\/span><span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"s2\">\"SECRET_KEY=<\/span><span class=\"nv\">$SECRET_KEY<\/span><span class=\"s2\">\"<\/span> &gt;&gt; ~\/.bash_profile<span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$SECRET_KEY<\/span><span class=\"p\">;<\/span> <span class=\"k\">else<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$SECRET_KEY<\/span><span class=\"p\">;<\/span> <span class=\"k\">fi<\/span>\r\n$ <span class=\"k\">if<\/span> <span class=\"o\">[<\/span> <span class=\"s2\">\"<\/span><span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"s2\">\"<\/span> <span class=\"o\">=<\/span> <span class=\"s2\">\"\"<\/span> <span class=\"o\">]<\/span><span class=\"p\">;<\/span> <span class=\"k\">then<\/span> <span class=\"nv\">BOOTSTRAP_TOKEN<\/span><span class=\"o\">=<\/span><span class=\"sb\">`<\/span><span class=\"nv\">LC_CTYPE<\/span><span class=\"o\">=<\/span>C tr -dc A-Za-z0-9 &lt; \/dev\/urandom <span class=\"p\">|<\/span> head -c <span class=\"m\">16<\/span><span class=\"sb\">`<\/span><span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"s2\">\"BOOTSTRAP_TOKEN=<\/span><span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"s2\">\"<\/span> &gt;&gt; ~\/.bash_profile<span class=\"p\">;<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"p\">;<\/span> <span class=\"k\">else<\/span> <span class=\"nb\">echo<\/span> <span class=\"nv\">$BOOTSTRAP_TOKEN<\/span><span class=\"p\">;<\/span> <span class=\"k\">fi<\/span>\r\n<\/pre>\n<\/div>\n<\/div>\n<p><strong>\u8bbf\u95ee<\/strong><\/p>\n<ul class=\"simple\">\n<li>\u6d4f\u89c8\u5668\u8bbf\u95ee:\u00a0<a class=\"reference external\" href=\"http:\">http:\/<\/a>\/&lt;\u5bb9\u5668\u6240\u5728\u670d\u52a1\u5668IP&gt;<\/li>\n<li>SSH \u8bbf\u95ee: ssh -p 2222 &lt;\u5bb9\u5668\u6240\u5728\u670d\u52a1\u5668IP&gt;<\/li>\n<li>XShell \u7b49\u5de5\u5177\u8bf7\u6dfb\u52a0 connection \u8fde\u63a5, \u9ed8\u8ba4 ssh \u7aef\u53e3 2222<\/li>\n<li>\u9ed8\u8ba4\u7ba1\u7406\u5458\u8d26\u6237 admin \u5bc6\u7801 admin<\/li>\n<\/ul>\n<p><strong>\u5916\u7f6e\u6570\u636e\u5e93\u8981\u6c42<\/strong><\/p>\n<ul class=\"simple\">\n<li>mysql \u7248\u672c\u9700\u8981\u5927\u4e8e\u7b49\u4e8e 5.6<\/li>\n<li>mariadb \u7248\u672c\u9700\u8981\u5927\u4e8e\u7b49\u4e8e 5.5.6<\/li>\n<li>\u6570\u636e\u5e93\u7f16\u7801\u8981\u6c42 uft8<\/li>\n<\/ul>\n<p><strong>\u521b\u5efa\u6570\u636e\u5e93<\/strong><\/p>\n<ul class=\"simple\">\n<li>\u521b\u5efa\u6570\u636e\u5e93\u547d\u4ee4\u884c<\/li>\n<\/ul>\n<div class=\"highlight-shell notranslate\">\n<div class=\"highlight\">\n<pre><span class=\"c1\"># mysql<\/span>\r\n$ create database jumpserver default charset <span class=\"s1\">'utf8'<\/span><span class=\"p\">;<\/span>\r\n$ grant all on jumpserver.* to <span class=\"s1\">'jumpserver'<\/span>@<span class=\"s1\">'%'<\/span> identified by <span class=\"s1\">'weakPassword'<\/span><span class=\"p\">;<\/span>\r\n<\/pre>\n<\/div>\n<\/div>\n<p><strong>\u989d\u5916\u73af\u5883\u53d8\u91cf<\/strong><\/p>\n<ul class=\"simple\">\n<li>SECRET_KEY =\u00a0<strong>**<\/strong><\/li>\n<li>BOOTSTRAP_TOKEN =\u00a0<strong>**<\/strong><\/li>\n<li>DB_HOST = mysql_host<\/li>\n<li>DB_PORT = 3306<\/li>\n<li>DB_USER = jumpserver<\/li>\n<li>DB_PASSWORD = weakPassword<\/li>\n<li>DB_NAME = jumpserver<\/li>\n<li>REDIS_HOST = 127.0.0.1<\/li>\n<li>REDIS_PORT = 6379<\/li>\n<li>REDIS_PASSWORD =<\/li>\n<li>VOLUME \/opt\/jumpserver\/data\/media<\/li>\n<li>VOLUME \/var\/lib\/mysql<\/li>\n<\/ul>\n<div class=\"highlight-shell notranslate\">\n<div class=\"highlight\">\n<pre>$ docker run --name jms_all -d <span class=\"se\">\\<\/span>\r\n    -v \/opt\/mysql:\/var\/lib\/mysql <span class=\"se\">\\<\/span>\r\n    -v \/opt\/jumpserver:\/opt\/jumpserver\/data\/media <span class=\"se\">\\<\/span>\r\n    -p <span class=\"m\">80<\/span>:80 <span class=\"se\">\\<\/span>\r\n    -p <span class=\"m\">2222<\/span>:2222 <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">SECRET_KEY<\/span><span class=\"o\">=<\/span>xxxxxx <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">BOOTSTRAP_TOKEN<\/span><span class=\"o\">=<\/span>xxx <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">DB_HOST<\/span><span class=\"o\">=<\/span><span class=\"m\">192<\/span>.168.x.x <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">DB_PORT<\/span><span class=\"o\">=<\/span><span class=\"m\">3306<\/span> <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">DB_USER<\/span><span class=\"o\">=<\/span>root <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">DB_PASSWORD<\/span><span class=\"o\">=<\/span>xxx <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">DB_NAME<\/span><span class=\"o\">=<\/span>jumpserver <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">REDIS_HOST<\/span><span class=\"o\">=<\/span><span class=\"m\">192<\/span>.168.x.x <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">REDIS_PORT<\/span><span class=\"o\">=<\/span><span class=\"m\">6379<\/span> <span class=\"se\">\\<\/span>\r\n    -e <span class=\"nv\">REDIS_PASSWORD<\/span><span class=\"o\">=<\/span>xxx <span class=\"se\">\\<\/span>\r\n    jumpserver\/jms_all:1.4.8\r\n<\/pre>\n<\/div>\n<\/div>\n<p><strong>\u4ed3\u5e93\u5730\u5740<\/strong><\/p>\n<ul class=\"simple\">\n<li><a class=\"reference external\" href=\"https:\/\/github.com\/jumpserver\/Dockerfile\">https:\/\/github.com\/jumpserver\/Dockerfile<\/a><\/li>\n<\/ul>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Jumpserver \u5c01\u88c5\u4e86\u4e00\u4e2a All in one Docker, \u53ef\u4ee5\u5feb\u901f\u542f\u52a8\u3002\u8be5\u955c\u50cf\u96c6\u6210\u4e86\u6240\u9700\u8981\u7684\u7ec4\u4ef6 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-957","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/957","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=957"}],"version-history":[{"count":1,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/957\/revisions"}],"predecessor-version":[{"id":958,"href":"https:\/\/www.xh86.me\/index.php?rest_route=\/wp\/v2\/posts\/957\/revisions\/958"}],"wp:attachment":[{"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=957"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=957"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xh86.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=957"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}