diff --git a/apps/terminal/automations/deploy_applet_host/playbook.yml b/apps/terminal/automations/deploy_applet_host/playbook.yml
index 98b4f6eb1..70bbc03d6 100644
--- a/apps/terminal/automations/deploy_applet_host/playbook.yml
+++ b/apps/terminal/automations/deploy_applet_host/playbook.yml
@@ -3,6 +3,7 @@
- hosts: all
vars:
APPLET_DOWNLOAD_HOST: https://demo.jumpserver.org
+ IGNORE_VERIFY_CERTS: true
HOST_NAME: test
HOST_ID: 00000000-0000-0000-0000-000000000000
CORE_HOST: https://demo.jumpserver.org
@@ -37,6 +38,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/{{ TinkerInstaller }}"
dest: "{{ ansible_env.TEMP }}\\{{ TinkerInstaller }}"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Install JumpServer Tinker (jumpserver)
ansible.windows.win_package:
@@ -57,6 +59,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/python-3.10.8-amd64.exe"
dest: "{{ ansible_env.TEMP }}\\python-3.10.8-amd64.exe"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Install the python-3.10.8
ansible.windows.win_package:
@@ -132,6 +135,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/pip_packages.zip"
dest: "{{ ansible_env.TEMP }}\\pip_packages.zip"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Unzip pip_packages
community.windows.win_unzip:
@@ -147,6 +151,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chromedriver_win32.zip"
dest: "{{ ansible_env.TEMP }}\\chromedriver_win32.zip"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Unzip chromedriver (Chromium)
community.windows.win_unzip:
@@ -157,6 +162,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chrome-win.zip"
dest: "{{ ansible_env.TEMP }}\\chrome-win.zip"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Unzip Chromium (Chromium)
community.windows.win_unzip:
@@ -181,6 +187,7 @@
ansible.windows.win_get_url:
url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/navicat161_premium_en_x64.exe"
dest: "{{ ansible_env.TEMP }}\\navicat161_premium_en_x64.exe"
+ validate_certs: "{{ IGNORE_VERIFY_CERTS }}"
- name: Install navicat (navicat)
ansible.windows.win_package:
@@ -191,7 +198,7 @@
- name: Generate tinkerd component config
ansible.windows.win_shell:
- "tinkerd config --hostname {{ HOST_NAME }} --core_host {{ CORE_HOST }}
+ "tinkerd config --hostname '{{ HOST_NAME }}'' --core_host {{ CORE_HOST }}
--token {{ BOOTSTRAP_TOKEN }} --host_id {{ HOST_ID }}"
- name: Install tinkerd service
diff --git a/apps/terminal/serializers/applet_host.py b/apps/terminal/serializers/applet_host.py
index 583d4e1ca..a10c669d2 100644
--- a/apps/terminal/serializers/applet_host.py
+++ b/apps/terminal/serializers/applet_host.py
@@ -31,14 +31,15 @@ class DeployOptionsSerializer(serializers.Serializer):
CORE_HOST = serializers.CharField(
default=settings.SITE_URL, label=_('Core API'), max_length=1024,
- help_text=_("""
- Tips: The application release machine communicates with the Core service.
- If the release machine and the Core service are on the same network segment,
- it is recommended to fill in the intranet address, otherwise fill in the current site URL
-
+ help_text=_("""
+ Tips: The application release machine communicates with the Core service.
+ If the release machine and the Core service are on the same network segment,
+ it is recommended to fill in the intranet address, otherwise fill in the current site URL
+
eg: https://172.16.10.110 or https://dev.jumpserver.com
""")
)
+ IGNORE_VERIFY_CERTS = serializers.BooleanField(default=True, label=_("Ignore Certificate Verification"))
RDS_Licensing = serializers.BooleanField(default=False, label=_("Existing RDS license"))
RDS_LicenseServer = serializers.CharField(default='127.0.0.1', label=_('RDS License Server'), max_length=1024)
RDS_LicensingMode = serializers.ChoiceField(choices=LICENSE_MODE_CHOICES, default=2, label=_('RDS Licensing Mode'))