JumpServer 环境整合

1 操作过程

1.1 编辑配置文件

  1. vi /etc/nginx/conf.d/jumpserver.conf

1.2 选择部署方式

源代码部署使用 Release

  1. server {
  2. listen 80;
  3. # server_name _;
  4. client_max_body_size 5000m; # 文件大小限制
  5. # Luna 配置
  6. location /luna/ {
  7. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  8. # proxy_pass http://127.0.0.1:4200;
  9. proxy_pass http://luna:4200;
  10. }
  11. # Core data 静态资源
  12. location /media/replay/ {
  13. add_header Content-Encoding gzip;
  14. root /opt/jumpserver-v3.10.1/data/;
  15. }
  16. location /static/ {
  17. root /opt/jumpserver-v3.10.1/data/;
  18. }
  19. # KoKo Lion 配置
  20. location /koko/ {
  21. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  22. # proxy_pass http://127.0.0.1:5000;
  23. proxy_pass http://koko:5000;
  24. proxy_set_header X-Real-IP $remote_addr;
  25. proxy_set_header Host $host;
  26. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  27. proxy_http_version 1.1;
  28. proxy_buffering off;
  29. proxy_set_header Upgrade $http_upgrade;
  30. proxy_set_header Connection "upgrade";
  31. }
  32. # lion 配置
  33. location /lion/ {
  34. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  35. # proxy_pass http://127.0.0.1:8081;
  36. proxy_pass http://lion:8081;
  37. proxy_buffering off;
  38. proxy_request_buffering off;
  39. proxy_http_version 1.1;
  40. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  41. proxy_set_header Upgrade $http_upgrade;
  42. proxy_set_header Connection $http_connection;
  43. proxy_ignore_client_abort on;
  44. proxy_connect_timeout 600;
  45. proxy_send_timeout 600;
  46. proxy_read_timeout 600;
  47. send_timeout 6000;
  48. }
  49. location /ws/ {
  50. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  51. # proxy_pass http://127.0.0.1:8080;
  52. proxy_pass http://core:8080;
  53. proxy_buffering off;
  54. proxy_http_version 1.1;
  55. proxy_set_header Upgrade $http_upgrade;
  56. proxy_set_header Connection "upgrade";
  57. proxy_set_header X-Real-IP $remote_addr;
  58. proxy_set_header Host $host;
  59. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  60. }
  61. location ~ ^/(core|api|media)/ {
  62. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  63. # proxy_pass http://127.0.0.1:8080;
  64. proxy_pass http://core:8080;
  65. proxy_set_header X-Real-IP $remote_addr;
  66. proxy_set_header Host $host;
  67. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  68. }
  69. # 前端 Lina
  70. location /ui/ {
  71. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  72. # proxy_pass http://127.0.0.1:9528;
  73. proxy_pass http://lina:9528;
  74. proxy_set_header X-Real-IP $remote_addr;
  75. proxy_set_header Host $host;
  76. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  77. }
  78. location / {
  79. rewrite ^/(.*)$ /ui/$1 last;
  80. }
  81. }
  1. server {
  2. listen 80;
  3. # server_name _;
  4. client_max_body_size 5000m; # 文件大小限制
  5. # 前端 Lina
  6. location /ui/ {
  7. try_files $uri / /index.html;
  8. alias /opt/lina-v3.10.1/;
  9. expires 24h;
  10. }
  11. # Luna 配置
  12. location /luna/ {
  13. try_files $uri / /index.html;
  14. alias /opt/luna-v3.10.1/;
  15. expires 24h;
  16. }
  17. # Core data 静态资源
  18. location /media/replay/ {
  19. add_header Content-Encoding gzip;
  20. root /opt/jumpserver-v3.10.1/data/;
  21. }
  22. location /static/ {
  23. root /opt/jumpserver-v3.10.1/data/;
  24. expires 24h;
  25. }
  26. # KoKo Lion 配置
  27. location /koko/ {
  28. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  29. # proxy_pass http://127.0.0.1:5000;
  30. proxy_pass http://koko:5000;
  31. proxy_set_header X-Real-IP $remote_addr;
  32. proxy_set_header Host $host;
  33. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  34. proxy_http_version 1.1;
  35. proxy_buffering off;
  36. proxy_set_header Upgrade $http_upgrade;
  37. proxy_set_header Connection "upgrade";
  38. }
  39. # lion 配置
  40. location /lion/ {
  41. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  42. # proxy_pass http://127.0.0.1:8081;
  43. proxy_pass http://lion:8081;
  44. proxy_buffering off;
  45. proxy_request_buffering off;
  46. proxy_http_version 1.1;
  47. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  48. proxy_set_header Upgrade $http_upgrade;
  49. proxy_set_header Connection $http_connection;
  50. proxy_ignore_client_abort on;
  51. proxy_connect_timeout 600;
  52. proxy_send_timeout 600;
  53. proxy_read_timeout 600;
  54. send_timeout 6000;
  55. }
  56. location /ws/ {
  57. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  58. # proxy_pass http://127.0.0.1:8080;
  59. proxy_pass http://core:8080;
  60. proxy_buffering off;
  61. proxy_http_version 1.1;
  62. proxy_set_header Upgrade $http_upgrade;
  63. proxy_set_header Connection "upgrade";
  64. proxy_set_header X-Real-IP $remote_addr;
  65. proxy_set_header Host $host;
  66. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  67. }
  68. location ~ ^/(core|api|media)/ {
  69. # 注意将模板中的组件名称替换为服务实际 ip 地址, 如都在本机部署
  70. # proxy_pass http://127.0.0.1:8080;
  71. proxy_pass http://core:8080;
  72. proxy_set_header X-Real-IP $remote_addr;
  73. proxy_set_header Host $host;
  74. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  75. }
  76. location / {
  77. rewrite ^/(.*)$ /ui/$1 last;
  78. }
  79. }
  1. nginx -t
  1. nginx -s reload