diff --git a/README.md b/README.md index 78542fb4..28cf9ec1 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ vi .env ``` ```vim # 版本号可以自己根据项目的版本修改 -VERSION=v3.9.3 +VERSION=v3.10.0 # 构建参数, 支持 amd64/arm64/loong64 TARGETARCH=amd64 diff --git a/allinone/Dockerfile b/allinone/Dockerfile index ccc7fe8a..6997980d 100644 --- a/allinone/Dockerfile +++ b/allinone/Dockerfile @@ -1,6 +1,6 @@ FROM jumpserver/redis:7.0-buster as redis FROM jumpserver/guacd:1.5.3-buster as guacd -FROM jumpserver/web-static:v1.0.1 as static +FROM jumpserver/web-static:v1.0.4 as static FROM jumpserver/openjdk:17-slim-buster as openjdk FROM jumpserver/python:3.11-slim-buster as get-core ARG TARGETARCH @@ -22,23 +22,20 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ WORKDIR /opt -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=$VERSION RUN set -ex \ && git clone -b ${VERSION} --depth=1 https://github.com/jumpserver/jumpserver /opt/jumpserver \ && sed -i "s@VERSION = .*@VERSION = \"${VERSION}\"@g" /opt/jumpserver/apps/jumpserver/const.py \ && chmod +x /opt/jumpserver/entrypoint.sh \ - && rm -f /opt/jumpserver/Dockerfile /opt/jumpserver/Dockerfile-ee /opt/jumpserver/poetry.lock /opt/jumpserver/pyproject.toml \ + && rm -f /opt/jumpserver/Dockerfile \ && rm -rf /opt/jumpserver/.git /opt/jumpserver/.github WORKDIR /opt/jumpserver RUN set -ex \ && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/Dockerfile-ce \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/Dockerfile-ee \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/poetry.lock \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/pyproject.toml \ && cd utils \ && bash -ixeu build.sh @@ -289,7 +286,7 @@ COPY --from=build-core /opt/py3 /opt/py3 COPY --from=get-core /opt/jumpserver/release/jumpserver /opt/jumpserver COPY --from=static /opt/download /opt/download -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} ENV PATH=/opt/py3/bin:$PATH diff --git a/allinone/README.md b/allinone/README.md index ceb4d960..08705ce3 100644 --- a/allinone/README.md +++ b/allinone/README.md @@ -102,7 +102,7 @@ docker run --name jms_all -d \ -v /opt/jumpserver/kael/data:/opt/kael/data \ -v /opt/jumpserver/chen/data:/opt/chen/data \ -v /opt/jumpserver/web/log:/var/log/nginx \ - jumpserver/jms_all:v3.9.3 + jumpserver/jms_all:v3.10.0 ``` **升级** @@ -118,7 +118,7 @@ mysqldump -h$DB_HOST -p$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /opt/jumpse # 例: mysqldump -h192.168.100.11 -p3306 -ujumpserver -pnu4x599Wq7u0Bn8EABh3J91G jumpserver > /opt/jumpserver-v2.12.0.sql # 拉取新版本镜像 -docker pull jumpserver/jms_all:v3.9.3 +docker pull jumpserver/jms_all:v3.10.0 # 删掉旧版本容器 docker rm jms_all @@ -147,4 +147,4 @@ docker run --name jms_all -d \ -v /opt/jumpserver/kael/data:/opt/kael/data \ -v /opt/jumpserver/chen/data:/opt/chen/data \ -v /opt/jumpserver/web/log:/var/log/nginx \ - jumpserver/jms_all:v3.9.3 \ No newline at end of file + jumpserver/jms_all:v3.10.0 \ No newline at end of file diff --git a/allinone/nginx.conf b/allinone/nginx.conf index cd3eac93..91f9357c 100644 --- a/allinone/nginx.conf +++ b/allinone/nginx.conf @@ -31,17 +31,14 @@ http { listen 80; server_name _; - proxy_cache cache; - proxy_cache_key $host$request_uri; - proxy_cache_methods GET HEAD; - proxy_cache_valid 200 302 720m; - proxy_cache_valid 404 1m; - proxy_cache_use_stale http_502; - proxy_set_header X-Real-IP $remote_addr; - add_header X-Via $server_addr; - client_max_body_size 4096m; # 录像及文件上传大小限制 + location = /robots.txt { + default_type text/html; + add_header Content-Type "text/plain; charset=UTF-8"; + return 200 "User-agent: *\nDisallow: /\n"; + } + location /download/ { alias /opt/download/; } @@ -63,7 +60,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -74,7 +70,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -85,7 +80,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -96,7 +90,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -106,13 +99,11 @@ http { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ ^/(core|api|media)/ { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $host; + proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:8080; } diff --git a/allinone/readme.txt b/allinone/readme.txt index bc4be6dd..8ee7ed1e 100644 --- a/allinone/readme.txt +++ b/allinone/readme.txt @@ -11,4 +11,4 @@ The Installation is Complete. ╚█████╔╝╚██████╔╝██║ ╚═╝ ██║██║ ███████║███████╗██║ ██║ ╚████╔╝ ███████╗██║ ██║ ╚════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝ - VERSION: v3.9.3 \ No newline at end of file + VERSION: v3.10.0 \ No newline at end of file diff --git a/chen/Dockerfile b/chen/Dockerfile index 2d5c8fae..b89acb7c 100644 --- a/chen/Dockerfile +++ b/chen/Dockerfile @@ -51,7 +51,7 @@ RUN set -ex \ WORKDIR /opt/chen -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/config_example.conf b/config_example.conf index 95cb44dc..75b6f4e4 100644 --- a/config_example.conf +++ b/config_example.conf @@ -1,5 +1,5 @@ # 版本号可以自己根据项目的版本修改 -VERSION=v3.9.3 +VERSION=v3.10.0 # 构建参数, 支持 amd64/arm64/loong64 TARGETARCH=amd64 diff --git a/core/Dockerfile b/core/Dockerfile index dc841f33..8f7b61ae 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -18,23 +18,20 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \ WORKDIR /opt -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=$VERSION RUN set -ex \ && git clone -b ${VERSION} --depth=1 https://github.com/jumpserver/jumpserver /opt/jumpserver \ && sed -i "s@VERSION = .*@VERSION = \"${VERSION}\"@g" /opt/jumpserver/apps/jumpserver/const.py \ && chmod +x /opt/jumpserver/entrypoint.sh \ - && rm -f /opt/jumpserver/Dockerfile /opt/jumpserver/Dockerfile-ee /opt/jumpserver/poetry.lock /opt/jumpserver/pyproject.toml \ + && rm -f /opt/jumpserver/Dockerfile \ && rm -rf /opt/jumpserver/.git /opt/jumpserver/.github WORKDIR /opt/jumpserver RUN set -ex \ && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/Dockerfile-ce \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/Dockerfile-ee \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/poetry.lock \ - && wget -q https://github.com/wojiushixiaobai/jumpserver-patch/raw/${VERSION}/core/pyproject.toml \ && cd utils \ && bash -ixeu build.sh @@ -168,7 +165,7 @@ COPY --from=stage-1 /opt/jumpserver/release/jumpserver /opt/jumpserver WORKDIR /opt/jumpserver -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} VOLUME /opt/jumpserver/data diff --git a/kael/Dockerfile b/kael/Dockerfile index 0a7579a0..66697333 100644 --- a/kael/Dockerfile +++ b/kael/Dockerfile @@ -36,7 +36,7 @@ RUN set -ex \ WORKDIR /opt/kael -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/koko/Dockerfile b/koko/Dockerfile index 28e584f4..7b2fae4e 100644 --- a/koko/Dockerfile +++ b/koko/Dockerfile @@ -78,7 +78,7 @@ RUN set -ex \ WORKDIR /opt/koko -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/lion/Dockerfile b/lion/Dockerfile index bf2d1829..73f29ccf 100644 --- a/lion/Dockerfile +++ b/lion/Dockerfile @@ -26,7 +26,7 @@ RUN set -ex \ WORKDIR /opt/lion -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/magnus/Dockerfile b/magnus/Dockerfile index b5a07965..5d344a9b 100644 --- a/magnus/Dockerfile +++ b/magnus/Dockerfile @@ -34,7 +34,7 @@ RUN set -ex \ WORKDIR /opt/magnus -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/web/Dockerfile b/web/Dockerfile index 617e4776..a962500a 100644 --- a/web/Dockerfile +++ b/web/Dockerfile @@ -1,4 +1,4 @@ -FROM jumpserver/web-static:v1.0.1 as static +FROM jumpserver/web-static:v1.0.4 as static FROM nginx:1.24-buster ARG TARGETARCH ENV LANG=zh_CN.UTF-8 @@ -27,7 +27,7 @@ COPY --from=static /opt/download /opt/download WORKDIR /opt -ARG VERSION=v3.9.3 +ARG VERSION=v3.10.0 ENV VERSION=${VERSION} RUN set -ex \ diff --git a/web/nginx.conf b/web/nginx.conf index 582e3ef9..8501837c 100644 --- a/web/nginx.conf +++ b/web/nginx.conf @@ -37,11 +37,15 @@ http { proxy_cache_valid 200 302 720m; proxy_cache_valid 404 1m; proxy_cache_use_stale http_502; - proxy_set_header X-Real-IP $remote_addr; - add_header X-Via $server_addr; client_max_body_size 4096m; # 录像及文件上传大小限制 + location = /robots.txt { + default_type text/html; + add_header Content-Type "text/plain; charset=UTF-8"; + return 200 "User-agent: *\nDisallow: /\n"; + } + location /download/ { alias /opt/download/; } @@ -63,7 +67,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -74,7 +77,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -85,7 +87,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -96,7 +97,6 @@ http { proxy_request_buffering off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } @@ -106,12 +106,10 @@ http { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~ ^/(core|api|media)/ { - proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://core:8080;