Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v3.8.0 #140

Merged
merged 10 commits into from
Oct 19, 2023
2 changes: 2 additions & 0 deletions .github/workflows/jms-build-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ jobs:
context: .
push: false
tags: jumpserver/web:test
build-args: |
APT_MIRROR=http://deb.debian.org
file: Dockerfile
cache-from: type=gha
cache-to: type=gha,mode=max
Expand Down
94 changes: 58 additions & 36 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,69 +1,91 @@
FROM nginx:1.24-bullseye

FROM nginx:1.24-bullseye as builder
ARG TARGETARCH
ARG APT_MIRROR=http://mirrors.ustc.edu.cn

ARG APT_MIRROR=http://mirrors.ustc.edu.cn
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=web \
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
&& rm -f /etc/cron.daily/apt-compat \
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& apt-get update \
&& apt-get install -y --no-install-recommends wget vim logrotate locales \
&& apt-get install -y --no-install-recommends wget \
&& echo "no" | dpkg-reconfigure dash \
&& echo "zh_CN.UTF-8" | dpkg-reconfigure locales \
&& rm -f /var/log/nginx/*.log \
&& rm -rf /var/lib/apt/lists/*

ARG DOWNLOAD_URL=https://download.jumpserver.org
ARG PLAY_VERSION=1.1.0-1

# 下载 player 脚本
WORKDIR /opt/player
RUN set -ex \
&& wget -q ${DOWNLOAD_URL}/public/glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz \
&& tar -xf glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz -C /opt/player --strip-components 1 \
&& rm -f glyptodon-enterprise-player-${PLAY_VERSION}.tar.gz

# 下载公共的客户端
WORKDIR /opt/download/public
ARG Client_VERSION=v2.0.1
ARG MRD_VERSION=10.6.7
ARG VIDEO_PLAYER_VERSION=0.1.9
ARG OPENSSH_VERSION=v9.2.0.0
WORKDIR /opt/download/applets

ARG PYTHON_VERSION=3.10.11
RUN set -ex \
&& mkdir -p /etc/nginx/sites-enabled /var/cache/nginx \
&& wget -qO JumpServer-Client-Installer-x86_64.msi https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-x86_64.msi \
&& wget -qO JumpServer-Client-Installer-x86_64.exe https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-x86_64.exe \
&& wget -qO JumpServer-Client-Installer-amd64.dmg https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-amd64.dmg \
&& wget -qO JumpServer-Client-Installer-arm64.dmg https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-arm64.dmg \
&& wget -qO JumpServer-Client-Installer-amd64.deb https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-amd64.deb \
&& wget -qO JumpServer-Client-Installer-arm64.deb https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-arm64.deb \
&& wget -qO JumpServer-Video-Player.dmg https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player-${VIDEO_PLAYER_VERSION}.dmg \
&& wget -qO JumpServer-Video-Player.exe https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player.Setup.${VIDEO_PLAYER_VERSION}.exe \
&& wget -qO OpenSSH-Win64.msi https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_VERSION}p1-Beta/OpenSSH-Win64-${OPENSSH_VERSION}.msi \
&& wget -q ${DOWNLOAD_URL}/public/Microsoft_Remote_Desktop_${MRD_VERSION}_installer.pkg
&& wget -q ${DOWNLOAD_URL}/public/python-${PYTHON_VERSION}-amd64.exe

# 下载 applets 的相关依赖
WORKDIR /opt/download/applets
ARG TINKER_VERSION=v0.1.2
ARG PYTHON_VERSION=3.10.11
ARG CHROME_VERSION=114.0.5735.134
ARG DBEAVER_VERSION=22.3.4

RUN set -ex \
&& wget -qO Tinker_Installer.exe ${DOWNLOAD_URL}/public/Tinker_Installer_${TINKER_VERSION}.exe \
&& wget -qO dbeaver-patch.msi ${DOWNLOAD_URL}/public/dbeaver-patch-${DBEAVER_VERSION}-x86_64-setup.msi \
&& wget -q https://github.com/wojiushixiaobai/Chrome-Portable-Win64/releases/download/${CHROME_VERSION}/chromedriver_win32.zip \
&& wget -q https://github.com/wojiushixiaobai/Chrome-Portable-Win64/releases/download/${CHROME_VERSION}/chrome-win.zip \
&& wget -q https://github.com/wojiushixiaobai/Chrome-Portable-Win64/releases/download/${CHROME_VERSION}/chrome-win.zip

ARG DBEAVER_VERSION=22.3.4
RUN set -ex \
&& wget -q ${DOWNLOAD_URL}/public/dbeaver-ce-${DBEAVER_VERSION}-x86_64-setup.exe \
&& wget -q ${DOWNLOAD_URL}/public/python-${PYTHON_VERSION}-amd64.exe
&& wget -qO dbeaver-patch.msi ${DOWNLOAD_URL}/public/dbeaver-patch-${DBEAVER_VERSION}-x86_64-setup.msi

ARG TINKER_VERSION=v0.1.3
RUN set -ex \
&& wget -qO Tinker_Installer.exe ${DOWNLOAD_URL}/public/Tinker_Installer_${TINKER_VERSION}.exe

WORKDIR /opt/download/public
ARG MRD_VERSION=10.6.7
RUN set -ex \
&& wget -q ${DOWNLOAD_URL}/public/Microsoft_Remote_Desktop_${MRD_VERSION}_installer.pkg

ARG VIDEO_PLAYER_VERSION=0.1.9
RUN set -ex \
&& wget -qO JumpServer-Video-Player.dmg https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player-${VIDEO_PLAYER_VERSION}.dmg \
&& wget -qO JumpServer-Video-Player.exe https://github.com/jumpserver/VideoPlayer/releases/download/v0.1.9/JumpServer.Video.Player.Setup.${VIDEO_PLAYER_VERSION}.exe

ARG OPENSSH_VERSION=v9.4.0.0
RUN set -ex \
&& wget -qO OpenSSH-Win64.msi https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_VERSION}p1-Beta/OpenSSH-Win64-${OPENSSH_VERSION}.msi

ARG Client_VERSION=v2.0.2
RUN set -ex \
&& wget -qO JumpServer-Client-Installer-x86_64.msi https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-x86_64.msi \
&& wget -qO JumpServer-Client-Installer-x86_64.exe https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-x86_64.exe \
&& wget -qO JumpServer-Client-Installer-amd64.dmg https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-amd64.dmg \
&& wget -qO JumpServer-Client-Installer-arm64.dmg https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-arm64.dmg \
&& wget -qO JumpServer-Client-Installer-amd64.deb https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-amd64.deb \
&& wget -qO JumpServer-Client-Installer-arm64.deb https://github.com/jumpserver/clients/releases/download/${Client_VERSION}/JumpServer-Client-Installer-${Client_VERSION}-arm64.deb

FROM nginx:1.24-bullseye
ARG TARGETARCH

ARG APT_MIRROR=http://mirrors.ustc.edu.cn
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=web \
sed -i "s@http://.*.debian.org@${APT_MIRROR}@g" /etc/apt/sources.list \
&& rm -f /etc/cron.daily/apt-compat \
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& apt-get update \
&& apt-get install -y --no-install-recommends wget vim logrotate locales \
&& echo "no" | dpkg-reconfigure dash \
&& echo "zh_CN.UTF-8" | dpkg-reconfigure locales \
&& rm -f /var/log/nginx/*.log \
&& rm -rf /var/lib/apt/lists/*

WORKDIR /opt

WORKDIR /opt/download/
COPY --from=builder /opt /opt
COPY release/lina /opt/lina
COPY release/luna /opt/luna
COPY release/applets /opt/download/applets
COPY nginx.conf /etc/nginx/nginx.conf
COPY includes /etc/nginx/includes
COPY http_server.conf /etc/nginx/conf.d/default.conf
COPY default.conf /etc/nginx/conf.d/default.conf
COPY http_server.conf /etc/nginx/sites-enabled/http_server.conf
COPY init.sh /docker-entrypoint.d/40-init-config.sh
31 changes: 31 additions & 0 deletions default.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
server {
listen 51980;
# listen [::]:51980;

client_max_body_size 5000m;

location /player/ {
try_files $uri / /index.html;
alias /opt/player/;
}

location /ui/ {
try_files $uri / /index.html;
alias /opt/lina/;
}

location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}

location /download/ {
alias /opt/download/;
}

location / {
rewrite ^/(.*)$ /ui/$1 last;
}

include includes/*.conf;
}
48 changes: 20 additions & 28 deletions http_server.conf
Original file line number Diff line number Diff line change
@@ -1,31 +1,23 @@
server {
listen 80;
# listen [::]:80;
listen 80;
# listen [::]:80;
# server_name demo.jumpserver.org; # 取消注释并自行修改成你自己的域名

client_max_body_size 5000m;
client_max_body_size 5000m;

location /player/ {
try_files $uri / /index.html;
alias /opt/player/;
}

location /ui/ {
try_files $uri / /index.html;
alias /opt/lina/;
}

location /luna/ {
try_files $uri / /index.html;
alias /opt/luna/;
}

location /download/ {
alias /opt/download/;
}

location / {
rewrite ^/(.*)$ /ui/$1 last;
}

include includes/*.conf;
}
location / {
proxy_pass http://localhost:51980;
proxy_buffering off;
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_ignore_client_abort on;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 6000;
}
}
1 change: 0 additions & 1 deletion includes/chen.conf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ location /chen/ {
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ignore_client_abort on;
Expand Down
2 changes: 0 additions & 2 deletions includes/core.conf
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,12 @@ location /ws/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location ~ ^/(core|api|media)/ {
proxy_pass http://core:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
1 change: 0 additions & 1 deletion includes/kael.conf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ location /kael/ {
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ignore_client_abort on;
Expand Down
1 change: 0 additions & 1 deletion includes/koko.conf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ location /koko/ {
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ignore_client_abort on;
Expand Down
1 change: 0 additions & 1 deletion includes/lion.conf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ location /lion/ {
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ignore_client_abort on;
Expand Down
Loading