一. 準(zhǔn)備 Python3 和 Python 虛擬環(huán)境
cd /opt
yum -y install wget sqlite-devel xz gcc automake zlib-devel openssl-devel epel-release git
wget https://www.python.org/ftp/python/3.6.1/Python-3.6.1.tar.xz
tar xvf Python-3.6.1.tar.xz? && cd Python-3.6.1 -C /usr/local/src
./configure && make && make install
cd /data
python3 -m venv py3
source /data/py3/bin/activate
# 看到下面的提示符代表成功篮条,以后運(yùn)行 Jumpserver 都要先運(yùn)行以上 source 命令同眯,以下所有命令均在該虛擬環(huán)境中運(yùn)行
(py3) [root@localhost py3]
二. 安裝 Jumpserver 1.5.2
2.1 下載或 Clone 項(xiàng)目
項(xiàng)目提交較多 git clone 時(shí)較大竭宰,你可以選擇去 Github 項(xiàng)目頁(yè)面直接下載zip包,我是下載安裝包之后安裝
cd /data/
#git clone --depth=1 https://github.com/jumpserver/jumpserver.git && cd jumpserver && git checkout master? (從官網(wǎng)下載直接安裝)
下載安裝包之后把下載的jumpserver-master.zip上傳到 /data目錄
unzip jumpserver-master.zip
mv jumpserver-master? jumpserver
2.2 安裝依賴(lài) RPM 包
cd /data/jumpserver/requirements
yum -y install $(cat rpm_requirements.txt)? # 如果沒(méi)有任何報(bào)錯(cuò)請(qǐng)繼續(xù)梭纹,報(bào)錯(cuò)多測(cè)試幾次
2.3 安裝 Python 庫(kù)依賴(lài)
pip install -r requirements.txt? # 不要指定-i參數(shù),因?yàn)殓R像上可能沒(méi)有最新的包,如果沒(méi)有任何報(bào)錯(cuò)請(qǐng)繼續(xù)砂沛,報(bào)錯(cuò)多測(cè)試幾次
2.4 安裝 Redis, Jumpserver 使用 Redis 做 cache 和 celery broke
yum -y install redis
systemctl start redis
systemctl enable redis
2.5 安裝 MySQL
yum -y install mariadb mariadb-devel mariadb-server # centos7下安裝的是mariadb
systemctl start mariadb
systemctl enable mariadb
2.6 創(chuàng)建數(shù)據(jù)庫(kù) Jumpserver 并授權(quán)
$ mysql
> create database jumpserver default charset 'utf8';
> grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by 'test12345';
2.7 修改 Jumpserver 配置文件
$ cd /data/jumpserver
$ cp config_example.yml config.yml
$ SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`? # 生成隨機(jī)SECRET_KEY
$ echo "SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
$ BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`? # 生成隨機(jī)BOOTSTRAP_TOKEN
$ echo "BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
$ sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g" /data/jumpserver/config.yml
$ sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /data/jumpserver/config.yml
$ sed -i "s/# DEBUG: true/DEBUG: false/g" /data/jumpserver/config.yml
$ sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" /data/jumpserver/config.yml
$ sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /data/jumpserver/config.yml
$ sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" /data/jumpserver/config.yml
$ echo -e "\033[31m 你的SECRET_KEY是 $SECRET_KEY \033[0m"
$ echo -e "\033[31m 你的BOOTSTRAP_TOKEN是 $BOOTSTRAP_TOKEN \033[0m"
vim config.yml? # 確認(rèn)內(nèi)容有沒(méi)有錯(cuò)誤? 修改數(shù)據(jù)庫(kù)配置文件
# SECURITY WARNING: keep the secret key used in production secret!
# 加密秘鑰 生產(chǎn)環(huán)境中請(qǐng)修改為隨機(jī)字符串,請(qǐng)勿外泄, 可使用命令生成
# $ cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 49;echo
SECRET_KEY: dHMiHPFasObnAMEbYZZGgQKKErUDA1zA0Td0zf4Kt0qIMLb
# SECURITY WARNING: keep the bootstrap token used in production secret!
# 預(yù)共享Token coco和guacamole用來(lái)注冊(cè)服務(wù)賬號(hào)曙求,不在使用原來(lái)的注冊(cè)接受機(jī)制
BOOTSTRAP_TOKEN: lajd6483fue6Z
# Development env open this, when error occur display the full process track, Production disable it
# DEBUG 模式 開(kāi)啟DEBUG后遇到錯(cuò)誤時(shí)可以看到更多日志
DEBUG: false
# DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
# 日志級(jí)別
LOG_LEVEL: ERROR
# LOG_DIR:
# Session expiration setting, Default 24 hour, Also set expired on on browser close
# 瀏覽器Session過(guò)期時(shí)間碍庵,默認(rèn)24小時(shí), 也可以設(shè)置瀏覽器關(guān)閉則過(guò)期
# SESSION_COOKIE_AGE: 86400
SESSION_EXPIRE_AT_BROWSER_CLOSE: true
# Database setting, Support sqlite3, mysql, postgres ....
# 數(shù)據(jù)庫(kù)設(shè)置
# See https://docs.djangoproject.com/en/1.10/ref/settings/#databases
# SQLite setting:
# 使用單文件sqlite數(shù)據(jù)庫(kù)
# DB_ENGINE: sqlite3
# DB_NAME:
# MySQL or postgres setting like:
# 使用Mysql作為數(shù)據(jù)庫(kù)
DB_ENGINE: mysql
DB_HOST: 127.0.0.1
DB_PORT: 3306
DB_USER: jumpserver
DB_PASSWORD: test12345
DB_NAME: jumpserver
# When Django start it will bind this host and port
# ./manage.py runserver 127.0.0.1:8080
# 運(yùn)行時(shí)綁定端口
HTTP_BIND_HOST: 127.0.0.1
HTTP_LISTEN_PORT: 8080
# Use Redis as broker for celery and web socket
# Redis配置
REDIS_HOST: 127.0.0.1
# When Django start it will bind this host and port
# ./manage.py runserver 127.0.0.1:8080
# 運(yùn)行時(shí)綁定端口
HTTP_BIND_HOST: 127.0.0.1
HTTP_LISTEN_PORT: 8080
# Use Redis as broker for celery and web socket
# Redis配置
REDIS_HOST: 127.0.0.1
REDIS_PORT: 6379
# REDIS_PASSWORD:
# REDIS_DB_CELERY: 3
# REDIS_DB_CACHE: 4
# Use OpenID authorization
# 使用OpenID 來(lái)進(jìn)行認(rèn)證設(shè)置
# BASE_SITE_URL: http://localhost:8080
# AUTH_OPENID: false? # True or False
# AUTH_OPENID_SERVER_URL: https://openid-auth-server.com/
# AUTH_OPENID_REALM_NAME: realm-name
# AUTH_OPENID_CLIENT_ID: client-id
# AUTH_OPENID_CLIENT_SECRET: client-secret
# AUTH_OPENID_IGNORE_SSL_VERIFICATION: True
# AUTH_OPENID_SHARE_SESSION: False
#
# Use Radius authorization
# 使用Radius來(lái)認(rèn)證
# AUTH_RADIUS: false
# RADIUS_SERVER: localhost
# RADIUS_PORT: 1812
# RADIUS_SECRET:
# OTP settings
# OTP/MFA 配置
# OTP_VALID_WINDOW: 0
# OTP_ISSUER_NAME: Jumpserver
復(fù)制代碼
2.8 生成數(shù)據(jù)庫(kù)表結(jié)構(gòu)和初始化數(shù)據(jù)
cd /data/jumpserver/utils
bash make_migrations.sh
啟動(dòng)jumpserver
$ cd /data/jumpserver
$ ./jms start all -d? # 后臺(tái)運(yùn)行使用 -d 參數(shù)./jms start all -d
# 新版本更新了運(yùn)行腳本, 使用方式./jms start|stop|status all? 后臺(tái)運(yùn)行請(qǐng)?zhí)砑?-d 參數(shù)
##創(chuàng)建管理員用戶
# 管理密碼忘記了或者重置管理員密碼
$ source /data/py3/bin/activate
$ cd /data/jumpserver/apps
$ python manage.py changepassword? <user_name>
# 新建超級(jí)用戶的命令如下命令
$ python manage.py createsuperuser --username=admin--email=user@domain.com
運(yùn)行不報(bào)錯(cuò), 請(qǐng)繼續(xù)往下操作
三. 安裝 SSH Server 和 WebSocket Server: Coco
新開(kāi)一個(gè)終端,運(yùn)行Python3虛擬環(huán)境
source /data/py3/bin/activate
3.1 下載或 Clone 項(xiàng)目
cd /data
git clone https://github.com/jumpserver/coco.git && cd coco && git checkout master
3.2 安裝依賴(lài)
cd /data/coco/requirements
yum -y? install $(cat rpm_requirements.txt)
pip install -r requirements.txt
# 如果下載速度很慢, 可以換國(guó)內(nèi)源
$ pip install -r requirements.txt -i https://mirrors.aliyun.com/pypi/simple/
3.3 查看配置文件并運(yùn)行
$ cd /data/coco
$ cp config_example.yml config.yml
$ sed -i "s/BOOTSTRAP_TOKEN: <PleasgeChangeSameWithJumpserver>/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /data/coco/config.yml
$ sed -i "s/# LOG_LEVEL: INFO/LOG_LEVEL: ERROR/g" /data/coco/config.yml
$ vi config.yml
復(fù)制代碼
# 項(xiàng)目名稱(chēng), 會(huì)用來(lái)向Jumpserver注冊(cè), 識(shí)別而已, 不能重復(fù)
# NAME: {{ Hostname }}
# Jumpserver項(xiàng)目的url, api請(qǐng)求注冊(cè)會(huì)使用
CORE_HOST: http://127.0.0.1:8080
# Bootstrap Token, 預(yù)共享秘鑰, 用來(lái)注冊(cè)coco使用的service account和terminal
# 請(qǐng)和jumpserver 配置文件中保持一致悟狱,注冊(cè)完成后可以刪除
BOOTSTRAP_TOKEN: lajd6485d73****
# 啟動(dòng)時(shí)綁定的ip, 默認(rèn) 0.0.0.0
# BIND_HOST: 0.0.0.0
# 監(jiān)聽(tīng)的SSH端口號(hào), 默認(rèn)2222
# SSHD_PORT: 2222
# 監(jiān)聽(tīng)的HTTP/WS端口號(hào)静浴,默認(rèn)5000
# HTTPD_PORT: 5000
# 項(xiàng)目使用的ACCESS KEY, 默認(rèn)會(huì)注冊(cè),并保存到 ACCESS_KEY_STORE中,
# 如果有需求, 可以寫(xiě)到配置文件中, 格式 access_key_id:access_key_secret
# ACCESS_KEY: null
# ACCESS KEY 保存的地址, 默認(rèn)注冊(cè)后會(huì)保存到該文件中
# ACCESS_KEY_FILE: data/keys/.access_key
# 加密密鑰
# SECRET_KEY: null
# 設(shè)置日志級(jí)別 [DEBUG, INFO, WARN, ERROR, FATAL, CRITICAL]
LOG_LEVEL: ERROR
# 日志存放的目錄
# LOG_DIR: logs
# SSH白名單
# ALLOW_SSH_USER: all
# SSH黑名單, 如果用戶同時(shí)在白名單和黑名單,黑名單優(yōu)先生效
# BLOCK_SSH_USER:
#? -
# 和Jumpserver 保持心跳時(shí)間間隔
# HEARTBEAT_INTERVAL: 5
# Admin的名字挤渐,出問(wèn)題會(huì)提示給用戶
# ADMINS: ''
# SSH連接超時(shí)時(shí)間 (default 15 seconds)
# SSH_TIMEOUT: 15
# 語(yǔ)言 [en,zh]
# LANGUAGE_CODE: zh
# SFTP的根目錄, 可選 /tmp, Home其他自定義目錄
# SFTP_ROOT: /tmp
# SFTP是否顯示隱藏文件
# SFTP_SHOW_HIDDEN_FILE: false
# 是否復(fù)用和用戶后端資產(chǎn)已建立的連接(用戶不會(huì)復(fù)用其他用戶的連接)
# REUSE_CONNECTION: true
復(fù)制代碼
啟動(dòng)cocod
$ ./cocod start -d? # 后臺(tái)運(yùn)行使用 -d 參數(shù)./cocod start -d
# 新版本更新了運(yùn)行腳本, 使用方式./cocod start|stop|status? 后臺(tái)運(yùn)行請(qǐng)?zhí)砑?-d 參數(shù)
四. 安裝 Web Terminal 前端: Luna
另開(kāi)一個(gè)終端苹享,運(yùn)行Python3虛擬環(huán)境
Luna 已改為純前端,需要 Nginx 來(lái)運(yùn)行訪問(wèn)
訪問(wèn)(https://github.com/jumpserver/luna/releases)下載對(duì)應(yīng)版本的 release 包浴麻,放在/data目錄下得问,直接解壓,不需要編譯
4.1 解壓 Luna
tar xvf luna.tar.gz
五. 安裝 Windows 支持組件(如果不需要管理 windows 資產(chǎn), 可以直接跳過(guò)這一步)
5.1 安裝依賴(lài)
$ rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
$ rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
$ yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm
$ yum install -y java-1.8.0-openjdk libtool
$ yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
$ yum install -y ffmpeg-devel freerdp-devel freerdp-plugins pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel ghostscript
5.2 編譯安裝 guacamole 服務(wù)
$ cd /data
$ git clone --depth=1 https://github.com/jumpserver/docker-guacamole.git
$ cd /data/docker-guacamole/
$ tar -xf guacamole-server-0.9.14.tar.gz
$ cd guacamole-server-0.9.14
$ autoreconf -fi
$ ./configure --with-init-dir=/etc/init.d
$ make && make install
$ ln -s /usr/local/lib/freerdp/*.so /usr/lib64/freerdp/
$ cd ..
$ rm -rf guacamole-server-0.9.14
$ ldconfig
5.3 配置 Tomcat
$ mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions? # 創(chuàng)建 guacamole 目錄
$ ln -sf /data/docker-guacamole/guacamole-auth-jumpserver-0.9.14.jar /config/guacamole/extensions/guacamole-auth-jumpserver-0.9.14.jar
$ ln -sf /data/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/guacamole.properties? # guacamole 配置文件
$ cd /config
$ wget http://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-8/v8.5.40/bin/apache-tomcat-8.5.40.tar.gz
$ tar xf apache-tomcat-8.5.40.tar.gz
$ rm -rf apache-tomcat-8.5.40.tar.gz
$ mv apache-tomcat-8.5.40 tomcat8
$ rm -rf /config/tomcat8/webapps/*
$ ln -sf /data/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war? # guacamole client
$ sed -i 's/Connector port="8080"/Connector port="8081"/g' /config/tomcat8/conf/server.xml? # 修改默認(rèn)端口為 8081
$ sed -i 's/FINE/WARNING/g' /config/tomcat8/conf/logging.properties? # 修改 log 等級(jí)為 WARNING
$ cd /config
$ wget https://github.com/ibuler/ssh-forward/releases/download/v0.0.5/linux-amd64.tar.gz
# 如果網(wǎng)絡(luò)有問(wèn)題導(dǎo)致下載無(wú)法完成可以使用下面地址
$ wget https://demo.jumpserver.org/download/ssh-forward/v0.0.5/linux-amd64.tar.gz
$ tar xf linux-amd64.tar.gz -C /bin/
$ chmod +x /bin/ssh-forward
5.4 配置環(huán)境變量
# 勿多次執(zhí)行以下環(huán)境設(shè)置
$ export JUMPSERVER_SERVER=http://127.0.0.1:8080? # http://127.0.0.1:8080 指 jumpserver 訪問(wèn)地址
$ echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc
# BOOTSTRAP_TOKEN 為 Jumpserver/config.yml 里面的 BOOTSTRAP_TOKEN
$ export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN
$ echo "export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
$ export JUMPSERVER_KEY_DIR=/config/guacamole/keys
$ echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
$ export GUACAMOLE_HOME=/config/guacamole
$ echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc
5.5 啟動(dòng) Guacamole
$ /etc/init.d/guacd start
$ sh /config/tomcat8/bin/startup.sh
六. 配置 Nginx 整合各組件
6.1 安裝 Nginx
$ yum install yum-utils
$ vim /etc/yum.repos.d/nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
$ yum makecache fast
$ yum install -y nginx
$ rm -rf /etc/nginx/conf.d/default.conf
$ systemctl enable nginx
6.3 準(zhǔn)備配置文件 修改 /etc/nginx/conf.d/jumpserver.conf
先刪掉默認(rèn)的配置文件default.conf
vim /etc/nginx/conf.d/jumpserver.conf
復(fù)制代碼
server {
? ? listen 80;
? ? client_max_body_size 100m;? # 錄像及文件上傳大小限制
? ? location /luna/ {
? ? ? ? try_files $uri / /index.html;
? ? ? ? alias /data
? ? ? /luna/;? # luna 路徑, 如果修改安裝目錄, 此處需要修改
? ? }
? ? location /media/ {
? ? ? ? add_header Content-Encoding gzip;
? ? ? ? root /data
? ? ? /jumpserver/data/;? # 錄像位置, 如果修改安裝目錄, 此處需要修改
? ? }
? ? location /static/ {
? ? ? ? root /data
? ? ? /jumpserver/data/;? # 靜態(tài)資源, 如果修改安裝目錄, 此處需要修改
? ? }
? ? location /socket.io/ {
? ? ? ? proxy_pass? ? ? http://localhost:5000/socket.io/;
? ? ? ? proxy_buffering off;
? ? ? ? proxy_http_version 1.1;
? ? ? ? proxy_set_header Upgrade $http_upgrade;
? ? ? ? proxy_set_header Connection "upgrade";
? ? ? ? proxy_set_header X-Real-IP $remote_addr;
? ? ? ? proxy_set_header Host $host;
? ? ? ? proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
? ? ? ? access_log off;
? ? }
? ? location /coco/ {
? ? ? ? proxy_pass? ? ? http://localhost:5000/coco/;
? ? ? ? proxy_set_header X-Real-IP $remote_addr;
? ? ? ? proxy_set_header Host $host;
? ? ? ? proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
? ? ? ? access_log off;
? ? }
? ? location /guacamole/ {
? ? ? ? proxy_pass? ? ? http://localhost:8081/;
? ? ? ? proxy_buffering off;
? ? ? ? proxy_http_version 1.1;
? ? ? ? proxy_set_header Upgrade $http_upgrade;
? ? ? ? proxy_set_header Connection $http_connection;
? ? ? ? proxy_set_header X-Real-IP $remote_addr;
? ? ? ? proxy_set_header Host $host;
? ? ? ? proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
? ? ? ? access_log off;
? ? }
? ? location / {
? ? ? ? proxy_pass http://localhost:8080;
? ? ? ? proxy_set_header X-Real-IP $remote_addr;
? ? ? ? proxy_set_header Host $host;
? ? ? ? proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
? ? }
}
復(fù)制代碼
6.3 運(yùn)行 Nginx
nginx -t? # 確保配置沒(méi)有問(wèn)題, 有問(wèn)題請(qǐng)先解決
systemctl start nginx
systemctl enable nginx
6.4 開(kāi)始使用 Jumpserver
檢查應(yīng)用是否已經(jīng)正常運(yùn)行
服務(wù)全部啟動(dòng)后, 訪問(wèn) http://192.168.0.68, 訪問(wèn)nginx代理的端口, 不要再通過(guò)8080端口訪問(wèn)
默認(rèn)賬號(hào): admin 密碼: admin
到Jumpserver 會(huì)話管理-終端管理 檢查 Coco Guacamole 等應(yīng)用的注冊(cè)软免。
測(cè)試連接
如果登錄客戶端是 macOS 或 Linux, 登錄語(yǔ)法如下
$ ssh -p2222 admin@192.168.0.68
$ sftp -P2222 admin@192.168.0.68
密碼: admin
如果登錄客戶端是 Windows, Xshell Terminal 登錄語(yǔ)法如下
$ ssh admin@192.168.0.68 2222
$ sftp admin@192.168.0.68 2222
密碼: admin
如果能登陸代表部署成功
# sftp默認(rèn)上傳的位置在資產(chǎn)的 /tmp 目錄下
# windows拖拽上傳的位置在資產(chǎn)的 Guacamole RDP上的 G 目錄下
七.開(kāi)機(jī)自啟動(dòng)
Jumpserver自啟動(dòng)
vim /usr/lib/systemd/system/jms.service
復(fù)制代碼
[Unit]
Description=jms
After=network.target mariadb.service redis.service
Wants=mariadb.service redis.service
[Service]
Type=forking
Environment="PATH=/data/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin"
ExecStart=/data/jumpserver/jms start all -d
ExecReload=
ExecStop=/data/jumpserver/jms stop
[Install]
WantedBy=multi-user.target
復(fù)制代碼
Coco自啟動(dòng)
vim /usr/lib/systemd/system/coco.service
復(fù)制代碼
[Unit]
Description=coco
After=network.target jms.service
[Service]
Type=forking
PIDFile=/data/coco/coco.pid
Environment="PATH=/data/py3/bin"
ExecStart=/data/coco/cocod start -d
ExecReload=
ExecStop=/data/coco/cocod stop
[Install]
WantedBy=multi-user.target
復(fù)制代碼
Guacamole自啟動(dòng)
chkconfig guacd on
vim /usr/lib/systemd/system/guacamole.service
復(fù)制代碼
[Unit]
Description=guacamole
After=network.target jms.service
Wants=jms.service
[Service]
Type=forking
# PIDFile=/config/tomcat8/tomcat.pid
# BOOTSTRAP_TOKEN 根據(jù)實(shí)際情況修改
Environment="JUMPSERVER_SERVER=http://127.0.0.1:8080" "JUMPSERVER_KEY_DIR=/config/guacamole/keys" "GUACAMOLE_HOME=/config/guacamole" "BOOTSTRAP_TOKEN=lajd6485d73fue***"
ExecStart=/config/tomcat8/bin/startup.sh
ExecReload=
ExecStop=/config/tomcat8/bin/shutdown.sh
[Install]
WantedBy=multi-user.target
復(fù)制代碼
復(fù)制代碼
# 開(kāi)機(jī)自啟設(shè)置
systemctl enable jms
systemctl enable coco
systemctl enable guacamole
# 啟動(dòng)
systemctl start jms
systemctl start coco
systemctl start guacamole
# 停止
systemctl stop jms
systemctl stop coco
systemctl stop guacamole
