diff --git a/apps/jumpserver/README.md b/apps/jumpserver/README.md new file mode 100644 index 00000000..afc44377 --- /dev/null +++ b/apps/jumpserver/README.md @@ -0,0 +1,52 @@ +

+ JumpServer +

+

广受欢迎的开源堡垒机

+ +

+ License: GPLv3 + Docker pulls + Latest release + Stars +

+ + +

+ JumpServer v3.0 正式发布。 +
+ 9 年时间,倾情投入,用心做好一款开源堡垒机。 +

+ + +JumpServer 是广受欢迎的开源堡垒机,是符合 4A 规范的专业运维安全审计系统。JumpServer 堡垒机帮助企业以更安全的方式管控和登录各种类型的资产,包括: + +- **SSH**: Linux / Unix / 网络设备 等; +- **Windows**: Web 方式连接 / 原生 RDP 连接; +- **数据库**: MySQL / Oracle / SQLServer / PostgreSQL 等; +- **Kubernetes**: 支持连接到 K8s 集群中的 Pods; +- **Web 站点**: 各类系统的 Web 管理后台; +- **应用**: 通过 Remote App 连接各类应用。 + +## 产品特色 + +- **开源**: 零门槛,线上快速获取和安装; +- **无插件**: 仅需浏览器,极致的 Web Terminal 使用体验; +- **分布式**: 支持分布式部署和横向扩展,轻松支持大规模并发访问; +- **多云支持**: 一套系统,同时管理不同云上面的资产; +- **多租户**: 一套系统,多个子公司或部门同时使用; +- **云端存储**: 审计录像云端存储,永不丢失; + +## UI 展示 + +![UI展示](https://docs.jumpserver.org/zh/v3/img/dashboard.png) + +## 在线体验 + +- 环境地址: + +## 快速开始 + +- [快速入门](https://docs.jumpserver.org/zh/v3/quick_start/) +- [产品文档](https://docs.jumpserver.org) +- [在线学习](https://edu.fit2cloud.com/page/2635362) +- [知识库](https://kb.fit2cloud.com/categories/jumpserver) \ No newline at end of file diff --git a/apps/jumpserver/data.yml b/apps/jumpserver/data.yml new file mode 100644 index 00000000..4b109403 --- /dev/null +++ b/apps/jumpserver/data.yml @@ -0,0 +1,19 @@ +name: JumpServer +tags: + - 工具 +title: JumpServer 开源堡垒机 +type: 工具 +description: JumpServer 开源堡垒机 +additionalProperties: + key: jumpserver + name: JumpServer + tags: + - Tool + shortDescZh: JumpServer 是广受欢迎的开源堡垒机,是符合 4A 规范的专业运维安全审计系统。 + shortDescEn: JumpServer is the world's first open-source Bastion Host and is licensed under the GPLv3. + type: tool + crossVersionUpdate: true + limit: 1 + website: https://www.jumpserver.org + github: https://github.com/jumpserver/jumpserver + document: https://docs.jumpserver.org \ No newline at end of file diff --git a/apps/jumpserver/logo.png b/apps/jumpserver/logo.png new file mode 100644 index 00000000..6ca19d05 Binary files /dev/null and b/apps/jumpserver/logo.png differ diff --git a/apps/jumpserver/v3.4.3/data.yml b/apps/jumpserver/v3.4.3/data.yml new file mode 100644 index 00000000..2c5c4bce --- /dev/null +++ b/apps/jumpserver/v3.4.3/data.yml @@ -0,0 +1,140 @@ +additionalProperties: + formFields: + - default: ./data + edit: true + envKey: VOLUME_DIR + labelEn: Data directory + labelZh: 数据目录 + required: true + type: text + - default: vYneAbsXUhe4BghEeedNL7nfWLwaTTmhnwQMvjYOIG25Ofzghk + edit: true + envKey: SECRET_KEY + labelEn: Cryptographic signing + labelZh: 加密签名 + required: true + type: password + - default: K1ffDfLSIK8SV2PZj6VaxOiv8KuawlJK + edit: true + envKey: BOOTSTRAP_TOKEN + labelEn: Bootstrap token + labelZh: 认证令牌 + required: true + type: password + - default: "false" + envKey: DEBUG + labelEn: Debug mode + labelZh: 调试模式 + required: true + type: select + values: + - label: 开启 + value: "true" + - label: 关闭 + value: "false" + - default: "ERROR" + envKey: LOG_LEVEL + labelEn: Log level + labelZh: 日志级别 + required: true + type: select + values: + - label: DEBUG + value: "DEBUG" + - label: INFO + value: "INFO" + - label: WARNING + value: "WARNING" + - label: ERROR + value: "ERROR" + - label: CRITICAL + value: "CRITICAL" + - default: jms_mysql + disabled: true + envKey: DB_HOST + labelEn: Database host + labelZh: 数据库主机 + type: text + - default: 3306 + disabled: true + envKey: DB_PORT + labelEn: Database port + labelZh: 数据库端口 + rule: paramPort + type: number + - default: root + disabled: true + envKey: DB_USER + labelEn: Database user + labelZh: 数据库用户 + type: text + - default: Np2qgqtiUayA857GpuVI0Wtg + edit: true + envKey: DB_PASSWORD + labelEn: Database password + labelZh: 数据库密码 + required: true + type: password + - default: jumpserver + envKey: DB_NAME + labelEn: Database name + labelZh: 数据库名称 + required: true + type: text + - default: jms_redis + disabled: true + envKey: REDIS_HOST + labelEn: Redis host + labelZh: Redis 主机 + type: text + - default: 6379 + disabled: true + envKey: REDIS_PORT + labelEn: Redis port + labelZh: Redis 端口 + rule: paramPort + type: number + - default: KoJqlTDu1d5HwfXgJ4QTbZQt + edit: true + envKey: REDIS_PASSWORD + labelEn: Redis password + labelZh: Redis 密码 + required: true + type: password + - default: 80 + edit: true + envKey: HTTP_PORT + labelEn: JumpServer Web port + labelZh: JumpServer Web 端口 + required: true + rule: paramPort + type: number + - default: 2222 + edit: true + envKey: SSH_PORT + labelEn: JumpServer SSH port + labelZh: JumpServer SSH 端口 + required: true + rule: paramPort + type: number + - default: 33061 + edit: true + envKey: MAGNUS_MYSQL_PORT + labelEn: Magnus MySQL port + labelZh: Magnus MySQL 端口 + rule: paramPort + type: number + - default: 33062 + edit: true + envKey: MAGNUS_MARIADB_PORT + labelEn: Magnus MariaDB port + labelZh: Magnus MariaDB 端口 + rule: paramPort + type: number + - default: 63790 + edit: true + envKey: MAGNUS_REDIS_PORT + labelEn: Magnus Redis port + labelZh: Magnus Redis 端口 + rule: paramPort + type: number \ No newline at end of file diff --git a/apps/jumpserver/v3.4.3/docker-compose.yml b/apps/jumpserver/v3.4.3/docker-compose.yml new file mode 100644 index 00000000..9da0dbc8 --- /dev/null +++ b/apps/jumpserver/v3.4.3/docker-compose.yml @@ -0,0 +1,92 @@ +version: '3.8' +services: + jms_mysql: + image: mariadb:10.6 + restart: always + labels: + createdBy: "Apps" + environment: + MARIADB_ROOT_PASSWORD: ${DB_PASSWORD} + MARIADB_DATABASE: ${DB_NAME} + healthcheck: + test: "mysql -h127.0.0.1 -uroot -p$$MARIADB_ROOT_PASSWORD -e 'SHOW DATABASES;'" + interval: 10s + timeout: 5s + retries: 3 + start_period: 30s + volumes: + - ${VOLUME_DIR}/mariadb/data:/var/lib/mysql + networks: + - 1panel-network + + jms_redis: + image: redis:6.2 + restart: always + labels: + createdBy: "Apps" + command: redis-server --requirepass ${REDIS_PASSWORD} --maxmemory-policy allkeys-lru + environment: + REDIS_PASSWORD: ${REDIS_PASSWORD} + healthcheck: + test: "redis-cli -h 127.0.0.1 -a $$REDIS_PASSWORD info Replication" + interval: 10s + timeout: 5s + retries: 3 + start_period: 10s + volumes: + - ${VOLUME_DIR}/redis/data:/data + networks: + - 1panel-network + + jms_all: + image: jumpserver/jms_all:v3.4.3 + container_name: ${CONTAINER_NAME} + privileged: true + restart: always + labels: + createdBy: "Apps" + environment: + SECRET_KEY: ${SECRET_KEY} + BOOTSTRAP_TOKEN: ${BOOTSTRAP_TOKEN} + DEBUG: ${DEBUG:-FALSE} + LOG_LEVEL: ${LOG_LEVEL} + DB_HOST: ${DB_HOST} + DB_PORT: ${DB_PORT} + DB_USER: ${DB_USER} + DB_PASSWORD: ${DB_PASSWORD} + DB_NAME: ${DB_NAME} + REDIS_HOST: ${REDIS_HOST} + REDIS_PORT: ${REDIS_PORT} + REDIS_PASSWORD: ${REDIS_PASSWORD} + MAGNUS_MYSQL_PORT: ${MAGNUS_MYSQL_PORT} + MAGNUS_MARIADB_PORT: ${MAGNUS_MARIADB_PORT} + MAGNUS_REDIS_PORT: ${MAGNUS_REDIS_PORT} + ports: + - ${HTTP_PORT}:80 + - ${SSH_PORT}:2222 + - ${MAGNUS_MYSQL_PORT}:33061 + - ${MAGNUS_MARIADB_PORT}:33062 + - ${MAGNUS_REDIS_PORT}:63790 + depends_on: + jms_mysql: + condition: service_healthy + jms_redis: + condition: service_healthy + healthcheck: + test: "curl -fsL http://localhost/api/health/ > /dev/null" + interval: 10s + timeout: 5s + retries: 3 + start_period: 90s + volumes: + - ${VOLUME_DIR}/core/data:/opt/jumpserver/core/data + - ${VOLUME_DIR}/koko/data:/opt/jumpserver/koko/data + - ${VOLUME_DIR}/lion/data:/opt/jumpserver/lion/data + - ${VOLUME_DIR}/magnus/data:/opt/jumpserver/magnus/data + - ${VOLUME_DIR}/nginx/data:/var/log/nginx + networks: + - 1panel-network + +networks: + 1panel-network: + external: true \ No newline at end of file