From 1c393fc1d670034d0406e01e0a34f1db91ffbd94 Mon Sep 17 00:00:00 2001 From: wanghe-fit2cloud Date: Wed, 2 Aug 2023 23:29:35 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20=E4=BF=AE=E6=94=B9=20JumpServer=20?= =?UTF-8?q?=E4=BE=9D=E8=B5=96=E6=95=B0=E6=8D=AE=E5=BA=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/jumpserver/README.md | 20 ----- apps/jumpserver/v3.4.3/data.yml | 105 ++++++++++------------ apps/jumpserver/v3.4.3/docker-compose.yml | 80 ++++------------- 3 files changed, 61 insertions(+), 144 deletions(-) diff --git a/apps/jumpserver/README.md b/apps/jumpserver/README.md index afc44377..09c13baa 100644 --- a/apps/jumpserver/README.md +++ b/apps/jumpserver/README.md @@ -1,23 +1,3 @@ -

- JumpServer -

-

广受欢迎的开源堡垒机

- -

- License: GPLv3 - Docker pulls - Latest release - Stars -

- - -

- JumpServer v3.0 正式发布。 -
- 9 年时间,倾情投入,用心做好一款开源堡垒机。 -

- - JumpServer 是广受欢迎的开源堡垒机,是符合 4A 规范的专业运维安全审计系统。JumpServer 堡垒机帮助企业以更安全的方式管控和登录各种类型的资产,包括: - **SSH**: Linux / Unix / 网络设备 等; diff --git a/apps/jumpserver/v3.4.3/data.yml b/apps/jumpserver/v3.4.3/data.yml index 2c5c4bce..61b7612d 100644 --- a/apps/jumpserver/v3.4.3/data.yml +++ b/apps/jumpserver/v3.4.3/data.yml @@ -1,12 +1,5 @@ additionalProperties: formFields: - - default: ./data - edit: true - envKey: VOLUME_DIR - labelEn: Data directory - labelZh: 数据目录 - required: true - type: text - default: vYneAbsXUhe4BghEeedNL7nfWLwaTTmhnwQMvjYOIG25Ofzghk edit: true envKey: SECRET_KEY @@ -49,71 +42,65 @@ additionalProperties: value: "ERROR" - label: CRITICAL value: "CRITICAL" - - default: jms_mysql - disabled: true - envKey: DB_HOST - labelEn: Database host - labelZh: 数据库主机 - type: text - - default: 3306 - disabled: true - envKey: DB_PORT - labelEn: Database port - labelZh: 数据库端口 - rule: paramPort - type: number - - default: root - disabled: true - envKey: DB_USER - labelEn: Database user - labelZh: 数据库用户 - type: text - - default: Np2qgqtiUayA857GpuVI0Wtg - edit: true - envKey: DB_PASSWORD - labelEn: Database password - labelZh: 数据库密码 + - default: "" + envKey: PANEL_DB_HOST + key: mysql + labelEn: Database Service + labelZh: 数据库服务 required: true - type: password + type: service - default: jumpserver - envKey: DB_NAME - labelEn: Database name - labelZh: 数据库名称 + envKey: PANEL_DB_NAME + labelEn: Database + labelZh: 数据库名 + random: true required: true + rule: paramCommon type: text - - default: jms_redis - disabled: true - envKey: REDIS_HOST - labelEn: Redis host - labelZh: Redis 主机 - type: text - - default: 6379 - disabled: true - envKey: REDIS_PORT - labelEn: Redis port - labelZh: Redis 端口 - rule: paramPort - type: number - - default: KoJqlTDu1d5HwfXgJ4QTbZQt - edit: true - envKey: REDIS_PASSWORD - labelEn: Redis password - labelZh: Redis 密码 + - default: jumpserver + envKey: PANEL_DB_USER + labelEn: Database User + labelZh: 数据库用户 + random: true required: true + rule: paramCommon + type: text + - default: jumpserver + envKey: PANEL_DB_USER_PASSWORD + labelEn: Database User Password + labelZh: 数据库用户密码 + random: true + required: true + rule: paramComplexity type: password - - default: 80 + - default: "" edit: true - envKey: HTTP_PORT - labelEn: JumpServer Web port - labelZh: JumpServer Web 端口 + envKey: REDIS_HOST + key: redis + labelEn: Redis Service + labelZh: 缓存服务服务 + required: true + type: service + - default: "" + edit: true + envKey: REDIS_PASS + labelEn: Redis Service Password + labelZh: 缓存服务服务密码 + required: true + rule: paramCommon + type: password + - default: 8080 + envKey: PANEL_APP_PORT_HTTP + labelEn: Web Port + labelZh: Web 端口 required: true rule: paramPort type: number - default: 2222 edit: true envKey: SSH_PORT - labelEn: JumpServer SSH port - labelZh: JumpServer SSH 端口 + labelEn: SSH port + labelZh: SSH 端口 required: true rule: paramPort type: number diff --git a/apps/jumpserver/v3.4.3/docker-compose.yml b/apps/jumpserver/v3.4.3/docker-compose.yml index 9da0dbc8..45cae0cb 100644 --- a/apps/jumpserver/v3.4.3/docker-compose.yml +++ b/apps/jumpserver/v3.4.3/docker-compose.yml @@ -1,44 +1,6 @@ -version: '3.8' +version: '3' services: - jms_mysql: - image: mariadb:10.6 - restart: always - labels: - createdBy: "Apps" - environment: - MARIADB_ROOT_PASSWORD: ${DB_PASSWORD} - MARIADB_DATABASE: ${DB_NAME} - healthcheck: - test: "mysql -h127.0.0.1 -uroot -p$$MARIADB_ROOT_PASSWORD -e 'SHOW DATABASES;'" - interval: 10s - timeout: 5s - retries: 3 - start_period: 30s - volumes: - - ${VOLUME_DIR}/mariadb/data:/var/lib/mysql - networks: - - 1panel-network - - jms_redis: - image: redis:6.2 - restart: always - labels: - createdBy: "Apps" - command: redis-server --requirepass ${REDIS_PASSWORD} --maxmemory-policy allkeys-lru - environment: - REDIS_PASSWORD: ${REDIS_PASSWORD} - healthcheck: - test: "redis-cli -h 127.0.0.1 -a $$REDIS_PASSWORD info Replication" - interval: 10s - timeout: 5s - retries: 3 - start_period: 10s - volumes: - - ${VOLUME_DIR}/redis/data:/data - networks: - - 1panel-network - - jms_all: + jumpserver: image: jumpserver/jms_all:v3.4.3 container_name: ${CONTAINER_NAME} privileged: true @@ -50,43 +12,31 @@ services: BOOTSTRAP_TOKEN: ${BOOTSTRAP_TOKEN} DEBUG: ${DEBUG:-FALSE} LOG_LEVEL: ${LOG_LEVEL} - DB_HOST: ${DB_HOST} - DB_PORT: ${DB_PORT} - DB_USER: ${DB_USER} - DB_PASSWORD: ${DB_PASSWORD} - DB_NAME: ${DB_NAME} + DB_HOST: ${PANEL_DB_HOST} + DB_PORT: 3306 + DB_USER: ${PANEL_DB_USER} + DB_PASSWORD: ${PANEL_DB_USER_PASSWORD} + DB_NAME: ${PANEL_DB_NAME} REDIS_HOST: ${REDIS_HOST} - REDIS_PORT: ${REDIS_PORT} - REDIS_PASSWORD: ${REDIS_PASSWORD} + REDIS_PORT: 6379 + REDIS_PASSWORD: ${REDIS_PASS} MAGNUS_MYSQL_PORT: ${MAGNUS_MYSQL_PORT} MAGNUS_MARIADB_PORT: ${MAGNUS_MARIADB_PORT} MAGNUS_REDIS_PORT: ${MAGNUS_REDIS_PORT} ports: - - ${HTTP_PORT}:80 + - ${PANEL_APP_PORT_HTTP}:80 - ${SSH_PORT}:2222 - ${MAGNUS_MYSQL_PORT}:33061 - ${MAGNUS_MARIADB_PORT}:33062 - ${MAGNUS_REDIS_PORT}:63790 - depends_on: - jms_mysql: - condition: service_healthy - jms_redis: - condition: service_healthy - healthcheck: - test: "curl -fsL http://localhost/api/health/ > /dev/null" - interval: 10s - timeout: 5s - retries: 3 - start_period: 90s volumes: - - ${VOLUME_DIR}/core/data:/opt/jumpserver/core/data - - ${VOLUME_DIR}/koko/data:/opt/jumpserver/koko/data - - ${VOLUME_DIR}/lion/data:/opt/jumpserver/lion/data - - ${VOLUME_DIR}/magnus/data:/opt/jumpserver/magnus/data - - ${VOLUME_DIR}/nginx/data:/var/log/nginx + - ./data/core/data:/opt/jumpserver/core/data + - ./data/koko/data:/opt/jumpserver/koko/data + - ./data/lion/data:/opt/jumpserver/lion/data + - ./data/magnus/data:/opt/jumpserver/magnus/data + - ./data/nginx/data:/var/log/nginx networks: - 1panel-network - networks: 1panel-network: external: true \ No newline at end of file