先说结论:
经不断踩坑,不断回档尝试,想要在jumpserver3.8.0部署https访问,目前必须手动安装。下载离线安装包到/opt/目录,解压安装文件后:
1、修改/opt/jumpserver-offline-installer-v3.8.0-amd64/compose/docker-compose-web.yml
version: ‘2.4’
services:
web:
image: ${REGISTRY:-docker.io}/jumpserver/web:${VERSION}
container_name: jms_web
hostname: jms_web
ulimits:
core: 0
restart: always
tty: true
environment:
HTTP_PORT: ${HTTP_PORT:-80}
HTTPS_PORT: ${HTTPS_PORT:-443} #增加443
USE_IPV6: ${USE_IPV6:-0}
CLIENT_MAX_BODY_SIZE: ${CLIENT_MAX_BODY_SIZE:-4096m}
USE_LB: ${USE_LB:-1}
CORE_ENABLED: ${CORE_ENABLED:-1}
KOKO_ENABLED: ${KOKO_ENABLED:-1}
LION_ENABLED: ${LION_ENABLED:-1}
CHEN_ENABLED: ${CHEN_ENABLED:-1}
KAEL_ENABLED: ${KAEL_ENABLED:-1}
ports:
- ${HTTP_PORT:-80}:${HTTP_PORT:-80}
- ${HTTPS_PORT:-443}:${HTTPS_PORT:-443} # 增加443
volumes:
- ${VOLUME_DIR}/core/data:/opt/jumpserver/data
- ${VOLUME_DIR}/nginx/data/logs:/var/log/nginx
healthcheck:
test: “curl -fs http://localhost:$${HTTP_PORT}/ > /dev/null”
interval: 10s
timeout: 5s
retries: 3
start_period: 90s
networks:
- net
2、修改/opt/jumpserver-offline-installer-v3.8.0-amd64/config-example.txt
#取消http前的注释,并改crt和key为nginx默认文件
HTTPS_PORT=443
SERVER_NAME=10.150.14.244
SSL_CERTIFICATE=server.crt
SSL_CERTIFICATE_KEY=server.key
3、之后按官网步骤离线安装,遇到y/n直接回车即可。
——————————————————
经过本人反复折腾,如果自动安装,在安装之后参考官网https://docs.jumpserver.org/zh/v3/installation/proxy/ 配置,修改/opt/jumpserver/config/config.txt 里https相关配置,无法打开443端口,更无法部署自己的证书。
如果你也遇到同样的问题,希望能帮到你!