|
1 | 1 | # 离线安装 |
2 | 2 |
|
3 | | -!!! info "离线包解压需要 tar 命令, 参考 [环境要求](./requirements.md) 手动安装" |
| 3 | +!!! info "安装所需命令, 参考 [环境要求](./requirements.md) 手动安装" |
4 | 4 |
|
5 | | -| OS/Arch | Architecture | Linux Kernel | Offline Name | |
6 | | -| :------------ | :----------- | :----------- | :------------------------------------------------------------------------------------------- | |
7 | | -| linux/amd64 | x86_64 | >= 4.0 | jumpserver-offline-installer-{{ jumpserver.tag }}-amd64.tar.gz | |
| 5 | +| OS/Arch | Architecture | Linux Kernel | Offline Name | |
| 6 | +| :------------ | :----------- | :----------- | :----------------------------------------------- | |
| 7 | +| linux/amd64 | x86_64 | >= 4.0 | jumpserver-ce-{{ jumpserver.tag }}-x86_64.tar.gz | |
8 | 8 |
|
9 | 9 | ## 1. 安装部署 |
10 | 10 |
|
| 11 | +!!! tip "" |
| 12 | + - 离线安装目前只支持 linux/amd64 架构, 其他架构请参考 [在线安装](./online_install.md) |
| 13 | + |
11 | 14 | === "linux/amd64" |
12 | 15 | !!! tip "" |
13 | 16 | 从飞致云社区 [下载最新的 linux/amd64 离线包](https://community.fit2cloud.com/#/products/jumpserver/downloads){:target="_blank"}, 并上传到部署服务器的 /opt 目录 |
14 | 17 |
|
15 | 18 | !!! tip "" |
16 | 19 | ```sh |
17 | 20 | cd /opt |
18 | | - tar -xf jumpserver-offline-installer-{{ jumpserver.tag }}-amd64.tar.gz |
19 | | - cd jumpserver-offline-installer-{{ jumpserver.tag }}-amd64 |
| 21 | + tar -xf jumpserver-ce-{{ jumpserver.tag }}-x86_64.tar.gz |
| 22 | + cd jumpserver-ce-{{ jumpserver.tag }}-x86_64 |
20 | 23 | ``` |
21 | 24 | ```sh |
22 | 25 | # 根据需要修改配置文件模板, 如果不清楚用途可以跳过修改 |
|
25 | 28 | ```vim |
26 | 29 | # JumpServer configuration file example. |
27 | 30 | # |
28 | | - # 如果不了解用途可以跳过修改此配置文件, 系统会自动填入 |
29 | | - # 完整参数文档 https://docs.jumpserver.org/zh/master/admin-guide/env/ |
| 31 | + # If you don't understand the purpose, you can skip modifying this configuration file, the system will automatically fill in |
| 32 | + # Complete parameter documentation https://docs.jumpserver.org/zh/v3/guide/env/ |
30 | 33 |
|
31 | | - ################################## 镜像配置 ################################### |
| 34 | + ################################# Image Configuration ################################# |
32 | 35 | # |
33 | | - # 国内连接 docker.io 会超时或下载速度较慢, 开启此选项使用华为云镜像加速 |
34 | | - # 取代旧版本 DOCKER_IMAGE_PREFIX |
| 36 | + # The connection to docker.io in China will timeout or the download speed will be slow, enable this option to use Huawei Cloud image acceleration |
| 37 | + # Replace the old version DOCKER_IMAGE_PREFIX |
35 | 38 | # |
36 | 39 | # DOCKER_IMAGE_MIRROR=1 |
37 | 40 |
|
38 | | - ################################## 安装配置 ################################### |
| 41 | + # Image pull policy Always, IfNotPresent |
| 42 | + # Always means that the latest image will be pulled every time, IfNotPresent means that the image will be pulled only if it does not exist locally |
| 43 | + # |
| 44 | + # IMAGE_PULL_POLICY=Always |
| 45 | + |
| 46 | + ############################## Installation Configuration ############################# |
39 | 47 | # |
40 | | - # JumpServer 数据库持久化目录, 默认情况下录像、任务日志都在此目录 |
41 | | - # 请根据实际情况修改, 升级时备份的数据库文件(.sql)和配置文件也会保存到该目录 |
| 48 | + # JumpServer database persistence directory, by default, recordings, task logs are in this directory |
| 49 | + # Please modify according to the actual situation, the database file (.sql) and configuration file backed up during the upgrade will also be saved to this directory |
42 | 50 | # |
43 | 51 | VOLUME_DIR=/data/jumpserver |
44 | 52 |
|
45 | | - # 加密密钥, 迁移请保证 SECRET_KEY 与旧环境一致, 请勿使用特殊字符串 |
| 53 | + # Encryption key, please ensure that SECRET_KEY is consistent with the old environment when migrating, do not use special strings |
46 | 54 | # (*) Warning: Keep this value secret. |
47 | | - # (*) 勿向任何人泄露 SECRET_KEY |
| 55 | + # (*) Do not disclose SECRET_KEY to anyone |
48 | 56 | # |
49 | 57 | SECRET_KEY= |
50 | 58 |
|
51 | | - # 组件向 core 注册使用的 token, 迁移请保持 BOOTSTRAP_TOKEN 与旧环境一致, |
52 | | - # 请勿使用特殊字符串 |
| 59 | + # The token used by the component to register with core, please keep BOOTSTRAP_TOKEN consistent with the old environment when migrating, |
| 60 | + # Do not use special strings |
53 | 61 | # (*) Warning: Keep this value secret. |
54 | | - # (*) 勿向任何人泄露 BOOTSTRAP_TOKEN |
| 62 | + # (*) Do not disclose BOOTSTRAP_TOKEN to anyone |
55 | 63 | # |
56 | 64 | BOOTSTRAP_TOKEN= |
57 | 65 |
|
58 | | - # 日志等级 INFO, WARN, ERROR |
| 66 | + # Log level INFO, WARN, ERROR |
59 | 67 | # |
60 | 68 | LOG_LEVEL=ERROR |
61 | 69 |
|
62 | | - # JumpServer 容器使用的网段, 请勿与现有的网络冲突, 根据实际情况自行修改 |
| 70 | + # The network segment used by the JumpServer container, please do not conflict with the existing network, modify according to the actual situation |
63 | 71 | # |
64 | 72 | DOCKER_SUBNET=192.168.250.0/24 |
65 | 73 |
|
66 | | - # ipv6 nat, 正常情况下无需开启 |
67 | | - # 如果宿主不支持 ipv6 开启此选项将会导致无法获取真实的客户端 ip 地址 |
| 74 | + # ipv6 nat, no need to enable under normal circumstances |
| 75 | + # If the host does not support ipv6, enabling this option will prevent the real client ip address from being obtained |
68 | 76 | # |
69 | 77 | USE_IPV6=0 |
70 | 78 | DOCKER_SUBNET_IPV6=fc00:1010:1111:200::/64 |
71 | 79 |
|
72 | | - ################################# MySQL 配置 ################################## |
73 | | - # 外置 MySQL 需要输入正确的 MySQL 信息, 内置 MySQL 系统会自动处理 |
| 80 | + ################################# DB Configuration #################################### |
| 81 | + # For external databases, you need to enter the correct database information, the system will automatically handle the built-in database |
| 82 | + # (*) The password part must not contain single quotes and double quotes |
74 | 83 | # |
75 | | - DB_HOST=mysql |
76 | | - DB_PORT=3306 |
77 | | - DB_USER=root |
| 84 | + DB_ENGINE=postgresql |
| 85 | + DB_HOST=postgresql |
| 86 | + DB_PORT=5432 |
| 87 | + DB_USER=postgres |
78 | 88 | DB_PASSWORD= |
79 | 89 | DB_NAME=jumpserver |
80 | 90 |
|
81 | | - # 如果外置 MySQL 需要开启 TLS/SSL 连接, 参考 https://docs.jumpserver.org/zh/master/install/install_security/#ssl |
| 91 | + # If external MySQL needs to enable TLS/SSL connection, refer to https://docs.jumpserver.org/zh/v3/installation/security_setup/mysql_ssl/ |
82 | 92 | # |
83 | | - # DB_USE_SSL=True |
| 93 | + # DB_USE_SSL=true |
84 | 94 |
|
85 | | - ################################# Redis 配置 ################################## |
86 | | - # 外置 Redis 需要请输入正确的 Redis 信息, 内置 Redis 系统会自动处理 |
| 95 | + ################################# Redis Configuration ################################# |
| 96 | + # For external Redis, please enter the correct Redis information, the system will automatically handle the built-in Redis |
| 97 | + # (*) The password part must not contain single quotes and double quotes |
87 | 98 | # |
88 | 99 | REDIS_HOST=redis |
89 | 100 | REDIS_PORT=6379 |
90 | 101 | REDIS_PASSWORD= |
91 | 102 |
|
92 | | - # 如果使用外置 Redis Sentinel, 请手动填写下面内容 |
| 103 | + # If you are using external Redis Sentinel, please manually fill in the following content |
93 | 104 | # |
94 | 105 | # REDIS_SENTINEL_HOSTS=mymaster/192.168.100.1:26379,192.168.100.1:26380,192.168.100.1:26381 |
95 | 106 | # REDIS_SENTINEL_PASSWORD=your_sentinel_password |
96 | 107 | # REDIS_PASSWORD=your_redis_password |
97 | 108 | # REDIS_SENTINEL_SOCKET_TIMEOUT=5 |
98 | 109 |
|
99 | | - # 如果外置 Redis 需要开启 TLS/SSL 连接, 参考 https://docs.jumpserver.org/zh/master/install/install_security/#redis-ssl |
| 110 | + # If external Redis needs to enable TLS/SSL connection, refer to https://docs.jumpserver.org/zh/v3/installation/security_setup/redis_ssl/ |
100 | 111 | # |
101 | | - # REDIS_USE_SSL=True |
| 112 | + # REDIS_USE_SSL=true |
102 | 113 |
|
103 | | - ################################## 访问配置 ################################### |
104 | | - # 对外提供服务端口, 如果与现有服务冲突请自行修改 |
| 114 | + ################################# Access Configuration ################################ |
| 115 | + # The service port provided to the outside, if it conflicts with the existing service, please modify it yourself |
105 | 116 | # |
106 | 117 | HTTP_PORT=80 |
107 | | - SSH_PORT=2222 |
108 | | - MAGNUS_MYSQL_PORT=33061 |
109 | | - MAGNUS_MARIADB_PORT=33062 |
110 | | - MAGNUS_REDIS_PORT=63790 |
111 | 118 |
|
112 | | - ################################# HTTPS 配置 ################################# |
113 | | - # 参考 https://docs.jumpserver.org/zh/master/admin-guide/proxy/ 配置 |
| 119 | + ################################# HTTPS Configuration ################################# |
| 120 | + # Refer to https://docs.jumpserver.org/zh/v3/installation/proxy/ for configuration |
114 | 121 | # |
115 | 122 | # HTTPS_PORT=443 |
116 | 123 | # SERVER_NAME=your_domain_name |
117 | 124 | # SSL_CERTIFICATE=your_cert |
118 | 125 | # SSL_CERTIFICATE_KEY=your_cert_key |
119 | 126 | # |
120 | 127 |
|
121 | | - # Nginx 文件上传下载大小限制 |
| 128 | + # Nginx file upload and download size limit |
122 | 129 | # |
123 | 130 | CLIENT_MAX_BODY_SIZE=4096m |
124 | 131 |
|
125 | | - ################################## 组件配置 ################################### |
126 | | - # 组件注册使用, 默认情况下向 core 容器注册, 集群环境需要修改为集群 vip 地址 |
| 132 | + ################################# Component Configuration ############################# |
| 133 | + # Component registration use, by default, register to the core container, the cluster environment needs to be modified to the cluster vip address |
127 | 134 | # |
128 | 135 | CORE_HOST=http://core:8080 |
129 | | - PERIOD_TASK_ENABLED=True |
| 136 | + PERIOD_TASK_ENABLED=true |
130 | 137 |
|
131 | | - # Core Session 定义, |
132 | | - # SESSION_COOKIE_AGE 表示闲置多少秒后 session 过期, |
133 | | - # SESSION_EXPIRE_AT_BROWSER_CLOSE=true 表示关闭浏览器即 session 过期 |
| 138 | + # Core Session definition, |
| 139 | + # SESSION_COOKIE_AGE indicates how many seconds the session expires after idling, |
| 140 | + # SESSION_EXPIRE_AT_BROWSER_CLOSE=true means that the session expires as soon as the browser is closed |
134 | 141 | # |
135 | 142 | # SESSION_COOKIE_AGE=86400 |
136 | | - SESSION_EXPIRE_AT_BROWSER_CLOSE=True |
| 143 | + SESSION_EXPIRE_AT_BROWSER_CLOSE=false |
137 | 144 |
|
138 | | - # 可信任 DOMAINS 定义, |
139 | | - # 定义可信任的访问 IP, 请根据实际情况修改, 如果是公网 IP 请改成对应的公网 IP, |
140 | | - # DOMAINS="demo.jumpserver.org" |
141 | | - # DOMAINS="172.17.200.191" |
142 | | - # DOMAINS="demo.jumpserver.org,172.17.200.191" |
| 145 | + # Trusted DOMAINS definition, |
| 146 | + # Define the trusted access IP, please modify according to the actual situation, if it is a public IP, please change to the corresponding public IP, |
| 147 | + # DOMAINS="demo.jumpserver.org:443" |
| 148 | + # DOMAINS="172.17.200.191:80" |
| 149 | + # DOMAINS="demo.jumpserver.org:443,172.17.200.191:80" |
143 | 150 | DOMAINS= |
144 | 151 |
|
145 | | - # Lion 开启字体平滑, 优化体验 |
| 152 | + # Configure the components that do not need to be started, by default all components will be started, if you do not need a certain component, you can set {component name}_ENABLED to 0 to turn it off |
| 153 | + # CORE_ENABLED=0 |
| 154 | + # CELERY_ENABLED=0 |
| 155 | + # KOKO_ENABLED=0 |
| 156 | + # LION_ENABLED=0 |
| 157 | + # CHEN_ENABLED=0 |
| 158 | + # WEB_ENABLED=0 |
| 159 | + |
| 160 | + # Lion enables font smoothing to optimize the experience |
146 | 161 | # |
147 | | - JUMPSERVER_ENABLE_FONT_SMOOTHING=True |
| 162 | + JUMPSERVER_ENABLE_FONT_SMOOTHING=true |
148 | 163 |
|
149 | | - ################################# XPack 配置 ################################# |
150 | | - # XPack 包, 开源版本设置无效 |
| 164 | + ################################# XPack Configuration ################################# |
| 165 | + # XPack package, invalid setting in open source version |
151 | 166 | # |
| 167 | + SSH_PORT=2222 |
152 | 168 | RDP_PORT=3389 |
| 169 | + XRDP_PORT=3390 |
| 170 | + MAGNUS_MYSQL_PORT=33061 |
| 171 | + MAGNUS_MARIADB_PORT=33062 |
| 172 | + MAGNUS_REDIS_PORT=63790 |
153 | 173 | MAGNUS_POSTGRESQL_PORT=54320 |
| 174 | + MAGNUS_SQLSERVER_PORT=14330 |
154 | 175 | MAGNUS_ORACLE_PORTS=30000-30030 |
155 | 176 |
|
156 | | - ################################## 其他配置 ################################## |
157 | | - # 终端使用宿主 HOSTNAME 标识, 首次安装自动生成 |
| 177 | + ################################## Other Configuration ################################ |
| 178 | + # The terminal uses the host HOSTNAME as the identifier, automatically generated during the first installation |
158 | 179 | # |
159 | 180 | SERVER_HOSTNAME=${HOSTNAME} |
160 | 181 |
|
161 | | - # 使用内置 SLB,如果 Web 页面获取到的客户端 IP 地址不正确,请将 USE_LB 设置为 0 |
162 | | - # USE_LB 设置为 1 时,使用配置 proxy_set_header X-Forwarded-For $remote_addr |
163 | | - # USE_LB 设置为 0 时,使用配置 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for |
| 182 | + # Use built-in SLB, if the client IP address obtained by the Web page is not correct, please set USE_LB to 0 |
| 183 | + # When USE_LB is set to 1, use the configuration proxy_set_header X-Forwarded-For $remote_addr |
| 184 | + # When USE_LB is set to 0, use the configuration proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for |
164 | 185 | USE_LB=1 |
165 | 186 |
|
166 | | - # 当前运行的 JumpServer 版本号, 安装和升级完成后自动生成 |
| 187 | + # The current running version number of JumpServer, automatically generated after installation and upgrade |
167 | 188 | # |
| 189 | + TZ=Asia/Shanghai |
168 | 190 | CURRENT_VERSION= |
169 | 191 | ``` |
170 | 192 | ```sh |
|
179 | 201 |
|
180 | 202 | !!! tip "" |
181 | 203 | ```sh |
182 | | - cd jumpserver-offline-release-{{ jumpserver.tag }}-amd64 |
| 204 | + cd jumpserver-ce-{{ jumpserver.tag }}-x86_64 |
183 | 205 |
|
184 | 206 | # 启动 |
185 | 207 | ./jmsctl.sh start |
|
199 | 221 | ```sh |
200 | 222 | 地址: http://<JumpServer服务器IP地址>:<服务运行端口> |
201 | 223 | 用户名: admin |
202 | | - 密码: admin |
| 224 | + 密码: ChangeMe |
203 | 225 | ``` |
204 | 226 |
|
205 | 227 |  |
0 commit comments