| FROM centos:latest |
| |
LABEL maintainer "wojiushixiaobai" |
| |
WORKDIR /opt |
| |
|
| |
ENV GUAC_VER=0.9.14 \ |
| |
LUNA_VER=1.5.0 \ |
| |
TOMCAT_VER=8.5.41 |
| |
|
| |
RUN set -ex \ |
| |
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ |
| |
&& yum -y install kde-l10n-Chinese \ |
| |
&& yum -y reinstall glibc-common \ |
| |
&& localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8 \ |
| |
&& export LC_ALL=zh_CN.UTF-8 \ |
| |
&& echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf \ |
| |
&& yum -y install wget gcc epel-release git yum-utils \ |
| |
&& yum -y install python36 python36-devel \ |
| |
&& yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm \ |
| |
&& rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro \ |
| |
&& rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm \ |
| |
&& yum install -y java-1.8.0-openjdk libtool \ |
| |
&& mkdir /usr/local/lib/freerdp/ \ |
| |
&& ln -s /usr/local/lib/freerdp /usr/lib64/freerdp \ |
| |
&& yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel \ |
| |
&& yum install -y ffmpeg-devel freerdp-devel freerdp-plugins pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel ghostscript \ |
| |
&& echo -e "[nginx-stable]\nname=nginx stable repo\nbaseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/\ngpgcheck=1\nenabled=1\ngpgkey=https://nginx.org/keys/nginx_signing.key" > /etc/yum.repos.d/nginx.repo \ |
| |
&& rpm --import https://nginx.org/keys/nginx_signing.key \ |
| |
&& yum -y install mariadb mariadb-devel mariadb-server redis nginx \ |
| |
&& rm -rf /etc/nginx/conf.d/default.conf \ |
| |
&& mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions \ |
| |
&& wget https://mirrors.tuna.tsinghua.edu.cn/apache/tomcat/tomcat-8/v${TOMCAT_VER}/bin/apache-tomcat-${TOMCAT_VER}.tar.gz \ |
| |
&& tar xf apache-tomcat-${TOMCAT_VER}.tar.gz -C /config \ |
| |
&& rm -rf apache-tomcat-${TOMCAT_VER}.tar.gz \ |
| |
&& mv /config/apache-tomcat-${TOMCAT_VER} /config/tomcat8 \ |
| |
&& rm -rf /config/tomcat8/webapps/* \ |
| |
&& sed -i 's/Connector port="8080"/Connector port="8081"/g' `grep 'Connector port="8080"' -rl /config/tomcat8/conf/server.xml` \ |
| |
&& sed -i 's/FINE/WARNING/g' `grep 'FINE' -rl /config/tomcat8/conf/logging.properties` \ |
| |
&& echo "java.util.logging.ConsoleHandler.encoding = UTF-8" >> /config/tomcat8/conf/logging.properties \ |
| |
&& yum clean all \ |
| |
&& rm -rf /var/cache/yum/* |
| |
|
| |
RUN set -ex \ |
| |
&& git clone --depth=1 https://github.com/jumpserver/jumpserver.git \ |
| |
&& git clone --depth=1 https://github.com/jumpserver/coco.git \ |
| |
&& git clone --depth=1 https://github.com/jumpserver/docker-guacamole.git \ |
| |
&& wget https://github.com/jumpserver/luna/releases/download/${LUNA_VER}/luna.tar.gz \ |
| |
&& tar xf luna.tar.gz \ |
| |
&& chown -R root:root luna \ |
| |
&& yum -y install $(cat /opt/jumpserver/requirements/rpm_requirements.txt) \ |
| |
&& yum -y install $(cat /opt/coco/requirements/rpm_requirements.txt) \ |
| |
&& python3.6 -m venv /opt/py3 \ |
| |
&& source /opt/py3/bin/activate \ |
| |
&& pip install --upgrade pip setuptools \ |
| |
&& pip install -r /opt/jumpserver/requirements/requirements.txt \ |
| |
&& pip install -r /opt/coco/requirements/requirements.txt \ |
| |
&& cd docker-guacamole \ |
| |
&& tar xf guacamole-server-${GUAC_VER}.tar.gz \ |
| |
&& cd guacamole-server-${GUAC_VER} \ |
| |
&& autoreconf -fi \ |
| |
&& ./configure --with-init-dir=/etc/init.d \ |
| |
&& make \ |
| |
&& make install \ |
| |
&& cd .. \ |
| |
&& ln -sf /opt/docker-guacamole/guacamole-${GUAC_VER}.war /config/tomcat8/webapps/ROOT.war \ |
| |
&& ln -sf /opt/docker-guacamole/guacamole-auth-jumpserver-${GUAC_VER}.jar /config/guacamole/extensions/guacamole-auth-jumpserver-${GUAC_VER}.jar \ |
| |
&& ln -sf /opt/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/guacamole.properties \ |
| |
&& rm -rf guacamole-server-${GUAC_VER} \ |
| |
&& ldconfig \ |
| |
&& cd /opt \ |
| |
&& wget https://github.com/ibuler/ssh-forward/releases/download/v0.0.5/linux-amd64.tar.gz \ |
| |
&& tar xf linux-amd64.tar.gz -C /bin/ \ |
| |
&& chmod +x /bin/ssh-forward \ |
| |
&& mkdir -p /opt/coco/keys /opt/coco/logs \ |
| |
&& wget -O /etc/nginx/conf.d/jumpserver.conf https://demo.jumpserver.org/download/nginx/conf.d/jumpserver.conf \ |
| |
&& yum clean all \ |
| |
&& rm -rf /var/cache/yum/* \ |
| |
&& rm -rf /opt/luna.tar.gz \ |
| |
&& rm -rf /var/cache/yum/* \ |
| |
&& rm -rf ~/.cache/pip \ |
| |
&& rm -rf /opt/linux-amd64.tar.gz |
| |
|
| |
COPY readme.txt readme.txt |
| |
COPY entrypoint.sh /bin/entrypoint.sh |
| |
RUN chmod +x /bin/entrypoint.sh |
| |
|
| |
VOLUME /opt/jumpserver/data/media |
| |
VOLUME /var/lib/mysql |
| |
|
| |
ENV SECRET_KEY=kWQdmdCQKjaWlHYpPhkNQDkfaRulM6YnHctsHLlSPs8287o2kW \ |
| |
BOOTSTRAP_TOKEN=KXOeyNgDeTdpeu9q |
| |
|
| |
ENV DB_ENGINE=mysql \ |
| |
DB_HOST=127.0.0.1 \ |
| |
DB_PORT=3306 \ |
| |
DB_USER=jumpserver \ |
| |
DB_PASSWORD=weakPassword \ |
| |
DB_NAME=jumpserver |
| |
|
| |
ENV REDIS_HOST=127.0.0.1 \ |
| |
REDIS_PORT=6379 \ |
| |
REDIS_PASSWORD= |
| |
|
| |
ENV JUMPSERVER_KEY_DIR=/config/guacamole/keys \ |
| |
GUACAMOLE_HOME=/config/guacamole \ |
| |
JUMPSERVER_ENABLE_DRIVE=true \ |
| |
JUMPSERVER_SERVER=http://127.0.0.1:8080 |
| |
|
| |
EXPOSE 80 2222 |
| |
ENTRYPOINT ["entrypoint.sh"] |
浙公网安备 33010602011771号