jumpserver

jumpserver

环境

主机名	外网ip	内网ip	安装服务
jumpserver	10.0.0.99	172.16.1.99	jumpserver
jumpserver	10.0.0.99	172.16.1.99	mariadb
jumpserver	10.0.0.99	172.16.1.99	redis

官网

配置文件

[root@jumpserver setuptools]# vi config.conf

# 如下设置默认状况下不须要修改

# 须要安装的版本
Version=2.0.0

# Jms 加密配置
SECRET_KEY=
BOOTSTRAP_TOKEN=

# 数据库 配置, 若是 数据库 安装在其余的服务器, 请修改下面设置
DB_HOST=127.0.0.1
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=
DB_NAME=jumpserver

# Redis 配置, 若是 Redis 安装在其余的服务器, 请修改下面设置
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_PASSWORD=

# 服务端口设置, 若是云服务器未备案请修改 http_port 端口为其余端口
http_port=80
ssh_port=2222

# 服务安装目录
install_dir=/opt

Server_IP=`ip addr | grep 'state UP' -A2 | grep inet | egrep -v '(127.0.0.1|inet6|docker)' | awk '{print $2}' | tr -d "addr:" | head -n 1 | cut -d / -f1`
Docker_IP=`ip addr | grep docker.* | grep inet | awk '{print $2}' | head -n 1`

建立角色目录

[root@m01 roles]# ansible-galaxy init jumpserver

编辑tasks

1.安装
[root@m01 jumpserver]# vim tasks/shell.yml
- name: install jumpserver
  shell: "{{shell_jumpserver}}"
2.包含
[root@m01 jumpserver]# vim tasks/main.yml 
- include: shell.yml
3.files
[root@m01 jumpserver]# vim files/config.conf

编辑入口文件

[root@m01 roles]# vim site.yml 
- hosts: all
  roles:
    #- { role: base }
    
    #- { role: rsync_client,when: ansible_fqdn is match 'web*' }
    #- { role: rsync_client,when: ansible_fqdn is match 'nfs*' }
    #- { role: rsync_server,when: ansible_fqdn is match 'backup*' }
    
    #- { role: nfs_server,when: ansible_fqdn is match 'nfs*' }
    #- { role: nfs_client,when: ansible_fqdn is match 'web*' }
    
    #- { role: mount_server,when: ansible_fqdn is match 'nfs*' }
    #- { role: mount_client,when: ansible_fqdn is match 'web*' }
    
    #- { role: sersync,when: ansible_fqdn is match 'nfs' }
    
    #- { role: nginx_web,when: ansible_fqdn is match 'web*' }
    #- { role: nginx_lb,when: ansible_fqdn is match 'lb*' }
    
    #- { role: keepalived_lb,when: ansible_fqdn is match 'lb*' }
    
    #- { role: lb_ssl,when: ansible_fqdn is match 'lb*' }
    
    #- { role: php,when: ansible_fqdn is match 'web*' }
    
    #- { role: mariadb,when: ansible_fqdn is match 'nfs*' }
    
    #- { role: wordpress,when: ansible_fqdn is match 'web*' }
    #- { role: wecenter,when: ansible_fqdn is match 'web*' }
    
    #- { role: mysql_master,when: ansible_fqdn is match 'db01' }
    #- { role: mysql_slave,when: ansible_fqdn is match 'db02' }
    
    #- { role: zabbix_server,when: ansible_fqdn is match 'nfs' }
    #- { role: zabbix_client,when: ansible_fqdn is match 'web02' }
    
    - { role: jumpserver,when: ansible_fqdn is match 'jumpserver' }

执行

[root@m01 roles]# ansible-playbook site.yml