centos7 installation jumpserver fortress machine numerous problems detailed explanation (exchange post)

Keywords: ssh MySQL Django Database

Prepare materials:

ip:192.168.220.130

System: centos7

Reference documents:

I found a Chinese version that is easy to see

http://docs.jumpserver.org/zh/docs/

 

1. The first two problems are the configuration file is wrong:

So I want to put the configuration file here. If I don't want the vi command, it's recommended to change the file directly with xftp6

Use two py configuration files (modified according to specific ip)

config.py

"""
    jumpserver.config
    ~~~~~~~~~~~~~~~~~

    Jumpserver project setting file

    :copyright: (c) 2014-2017 by Jumpserver Team
    :license: GPL v2, see LICENSE for more details.
"""
import os

BASE_DIR = os.path.dirname(os.path.abspath(__file__))


class Config:
    # Use it to encrypt or decrypt data
    # SECURITY WARNING: keep the secret key used in production secret!
    SECRET_KEY = os.environ.get('SECRET_KEY') or '2vym+ky!997d5kkcc64mnz06y1mmui3lut#(^wd=%s_qj$1%x'

    # Django security setting, if your disable debug model, you should setting that
    ALLOWED_HOSTS = ['*']

    # Development env open this, when error occur display the full process track, Production disable it
    DEBUG = os.environ.get("DEBUG") or True

    # DEBUG, INFO, WARNING, ERROR, CRITICAL can set. See https://docs.djangoproject.com/en/1.10/topics/logging/
    LOG_LEVEL = os.environ.get("LOG_LEVEL") or 'DEBUG'
    LOG_DIR = os.path.join(BASE_DIR, 'logs')

    # Database setting, Support sqlite3, mysql, postgres ....
    # See https://docs.djangoproject.com/en/1.10/ref/settings/#databases

    # SQLite setting:
    #DB_ENGINE = 'sqlite3'
    #DB_NAME = os.path.join(BASE_DIR, 'data', 'db.sqlite3')

    # MySQL or postgres setting like:
    DB_ENGINE = os.environ.get("DB_ENGINE") or 'mysql'
    DB_HOST = os.environ.get("DB_HOST") or '127.0.0.1'
    DB_PORT = os.environ.get("DB_PORT") or 3306
    DB_USER = os.environ.get("DB_USER") or 'jumpserver'
    DB_PASSWORD = os.environ.get("DB_PASSWORD") or 'weakPassword'
    DB_NAME = os.environ.get("DB_NAME") or 'jumpserver'

    # When Django start it will bind this host and port
    # ./manage.py runserver 127.0.0.1:8080
    HTTP_BIND_HOST = '0.0.0.0'
    HTTP_LISTEN_PORT = 8080

    # Use Redis as broker for celery and web socket
    REDIS_HOST = os.environ.get("REDIS_HOST") or '127.0.0.1'
    REDIS_PORT = os.environ.get("REDIS_PORT") or 6379
    REDIS_PASSWORD = os.environ.get("REDIS_PASSWORD") or ''
    REDIS_DB_CELERY = os.environ.get('REDIS_DB') or 3
    REDIS_DB_CACHE = os.environ.get('REDIS_DB') or 4

    def __init__(self):
        pass

    def __getattr__(self, item):
        return None


class DevelopmentConfig(Config):
    pass


class TestConfig(Config):
    pass


class ProductionConfig(Config):
    pass


# Default using Config settings, you can write if/else for different env
config = DevelopmentConfig()

conf.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#

import os

BASE_DIR = os.path.dirname(__file__)


class Config:
    """
    Coco config file, coco also load config from server update setting below
    """
    # The project name will be used to register with Jumpserver. It's just an identification. It can't be duplicate
    # NAME = "localhost"
    NAME = "coco"
    # The URL of Jumpserver project. API request registration will use
    # CORE_HOST = os.environ.get("CORE_HOST") or 'http://127.0.0.1:8080'
    CORE_HOST = 'http://127.0.0.1:8080'
    # ip bound at startup, default 0.0.0.0
    # BIND_HOST = '0.0.0.0'

    # SSH port number listening, 2222 by default
    # SSHD_PORT = 2222

    # The HTTP/WS port number to listen to, 5000 by default
    # HTTPD_PORT = 5000

    # The ACCESS KEY used by the project will be registered by default and saved in the ACCESS KEY store,
    # If necessary, it can be written to the configuration file in the form of access ﹣ key ﹣ ID: access ﹣ key ﹣ secret
    # ACCESS_KEY = None

    # The address saved by ACCESS KEY will be saved to this file after registration by default
    # ACCESS_KEY_STORE = os.path.join(BASE_DIR, 'keys', '.access_key')

    # encryption key
    # SECRET_KEY = None

    # Set log level ['debug ',' info ',' warn ',' error ',' fatal ',' critical ']
    # LOG_LEVEL = 'INFO'
    LOG_LEVEL = 'WARN'
    # Directory where logs are stored
    # LOG_DIR = os.path.join(BASE_DIR, 'logs')

    # Session video storage directory
    # SESSION_DIR = os.path.join(BASE_DIR, 'sessions')

    # Asset display sorting method, ['Ip ',' hostname ']
    # ASSET_LIST_SORT_BY = 'ip'

    # Does login support password authentication
    # PASSWORD_AUTH = True

    # Does the login support secret key authentication
    # PUBLIC_KEY_AUTH = True
    
    # SSH white list
    # ALLOW_SSH_USER = 'all'  # ['test', 'test2']

    # SSH blacklist. If the user is in the whitelist and blacklist at the same time, the blacklist takes precedence
    # BLOCK_SSH_USER = []

    # Keep heartbeat interval with Jumpserver
    # HEARTBEAT_INTERVAL = 5

    # Name of Admin. If there is a problem, the user will be prompted
    # ADMINS = ''
    COMMAND_STORAGE = {
        "TYPE": "server"
    }
    REPLAY_STORAGE = {
        "TYPE": "server"
    }

    # SSH connection timeout (default 15 seconds)
    # SSH_TIMEOUT = 15

    # Language = en
    LANGUAGE_CODE = 'zh'


config = Config()

2. The second time is to install the jumpserver and visit it. The login fails. If there is a big God, please help to see it

Visit http://192.168.220.130:8080/users/login/?next=/

The login name and password are both admin, but they can't pass

3. To be continued, you can leave a message to communicate with each other if you have any questions... I made this fortress machine for the first time, only accept light spray

 

Posted by bachx on Mon, 30 Dec 2019 12:13:21 -0800

Hot Keywords

©2024 Programmer Group