From b3dce273095af1915541ecc3cd76b34eae6a2abc Mon Sep 17 00:00:00 2001 From: "fangfang.dong" Date: Tue, 27 Jun 2023 10:24:47 +0800 Subject: [PATCH 01/10] =?UTF-8?q?perf:=20=E6=8E=A5=E5=8F=A3sql=E4=BC=98?= =?UTF-8?q?=E5=8C=96=20/api/v1/assets/nodes/children/tree/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/api/tree.py | 9 ++++++--- apps/assets/models/node.py | 12 ------------ 2 files changed, 6 insertions(+), 15 deletions(-) diff --git a/apps/assets/api/tree.py b/apps/assets/api/tree.py index 794e093b7..1970d33ba 100644 --- a/apps/assets/api/tree.py +++ b/apps/assets/api/tree.py @@ -127,10 +127,13 @@ class NodeChildrenAsTreeApi(SerializeToTreeNodeMixin, NodeChildrenApi): if not self.instance or not include_assets: return Asset.objects.none() if query_all: - assets = self.instance.get_all_assets_for_tree() + assets = self.instance.get_all_assets() else: - assets = self.instance.get_assets_for_tree() - return assets + assets = self.instance.get_assets() + return assets.only( + "id", "name", "address", "platform_id", + "org_id", "is_active", 'comment' + ).prefetch_related('platform') def filter_queryset_for_assets(self, assets): search = self.request.query_params.get('search') diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py index 3a729ba9f..94ff9aba5 100644 --- a/apps/assets/models/node.py +++ b/apps/assets/models/node.py @@ -429,18 +429,6 @@ class NodeAssetsMixin(NodeAllAssetsMappingMixin): assets = Asset.objects.filter(nodes=self) return assets.distinct() - def get_assets_for_tree(self): - return self.get_assets().only( - "id", "name", "address", "platform_id", - "org_id", "is_active" - ).prefetch_related('platform') - - def get_all_assets_for_tree(self): - return self.get_all_assets().only( - "id", "name", "address", "platform_id", - "org_id", "is_active" - ).prefetch_related('platform') - def get_valid_assets(self): return self.get_assets().valid() From ea07f9e56a240f0835033a2ad5e9023b9d3220c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Fri, 30 Jun 2023 15:55:32 +0800 Subject: [PATCH 02/10] =?UTF-8?q?perf:=20=E6=9B=B4=E6=96=B0=20Chrome?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../deploy_applet_host/playbook.yml | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/apps/terminal/automations/deploy_applet_host/playbook.yml b/apps/terminal/automations/deploy_applet_host/playbook.yml index 3e63bd175..306e6fe85 100644 --- a/apps/terminal/automations/deploy_applet_host/playbook.yml +++ b/apps/terminal/automations/deploy_applet_host/playbook.yml @@ -157,35 +157,43 @@ script: | pip install -r '{{ ansible_env.TEMP }}\pip_packages\pip_packages\requirements.txt' --no-index --find-links='{{ ansible_env.TEMP }}\pip_packages\pip_packages' - - name: Download chromedriver (Chromium) + - name: Download chromedriver (Chrome) ansible.windows.win_get_url: url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chromedriver_win32.zip" dest: "{{ ansible_env.TEMP }}\\chromedriver_win32.zip" validate_certs: "{{ not IGNORE_VERIFY_CERTS }}" - - name: Unzip chromedriver (Chromium) + - name: Unzip chromedriver (Chrome) community.windows.win_unzip: src: "{{ ansible_env.TEMP }}\\chromedriver_win32.zip" dest: C:\Program Files\JumpServer\drivers - - name: Download chromium zip package (Chromium) + - name: Download Chrome zip package (Chrome) ansible.windows.win_get_url: url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/chrome-win.zip" dest: "{{ ansible_env.TEMP }}\\chrome-win.zip" validate_certs: "{{ not IGNORE_VERIFY_CERTS }}" - - name: Unzip Chromium (Chromium) + - name: Unzip Chrome (Chrome) community.windows.win_unzip: src: "{{ ansible_env.TEMP }}\\chrome-win.zip" - dest: C:\Program Files\Chrome + dest: C:\Program Files\JumpServer\applications - - name: Set chromium and driver on the global system path (Chromium) + - name: Check and Clean global system path (Chrome) ansible.windows.win_path: elements: - 'C:\Program Files\Chrome\chrome-win32' + - 'C:\Program Files\Chrome\chrome-win' + - 'C:\Program Files\chrome-win' + state: absent + + - name: Set Chrome and driver on the global system path (Chrome) + ansible.windows.win_path: + elements: + - 'C:\Program Files\JumpServer\applications\Chrome\Application' - 'C:\Program Files\JumpServer\drivers\chromedriver_win32' - - name: Set Chromium variables disable Google Api (Chromium) + - name: Set Chrome variables disable Google Api (Chrome) ansible.windows.win_environment: level: machine variables: From ce269e315aec25f399e2396d0cc21f6191e689e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Fri, 30 Jun 2023 15:58:20 +0800 Subject: [PATCH 03/10] =?UTF-8?q?perf:=20=E6=9B=B4=E6=96=B0=20Python?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../automations/deploy_applet_host/playbook.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/terminal/automations/deploy_applet_host/playbook.yml b/apps/terminal/automations/deploy_applet_host/playbook.yml index 306e6fe85..25f2b7048 100644 --- a/apps/terminal/automations/deploy_applet_host/playbook.yml +++ b/apps/terminal/automations/deploy_applet_host/playbook.yml @@ -65,15 +65,15 @@ - '%USERPROFILE%\AppData\Local\Programs\Tinker\' scope: user - - name: Download python-3.10.8 + - name: Download python-3.10.11 ansible.windows.win_get_url: - url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/python-3.10.8-amd64.exe" - dest: "{{ ansible_env.TEMP }}\\python-3.10.8-amd64.exe" + url: "{{ APPLET_DOWNLOAD_HOST }}/download/applets/python-3.10.11-amd64.exe" + dest: "{{ ansible_env.TEMP }}\\python-3.10.11-amd64.exe" validate_certs: "{{ not IGNORE_VERIFY_CERTS }}" - - name: Install the python-3.10.8 + - name: Install the python-3.10.11 ansible.windows.win_package: - path: "{{ ansible_env.TEMP }}\\python-3.10.8-amd64.exe" + path: "{{ ansible_env.TEMP }}\\python-3.10.11-amd64.exe" product_id: '{371d0d73-d418-4ffe-b280-58c3e7987525}' arguments: - /quiet From 6001175629b09c5e639f7fa2afaf6bd7076e9250 Mon Sep 17 00:00:00 2001 From: Eric Date: Fri, 30 Jun 2023 18:09:39 +0800 Subject: [PATCH 04/10] perf: add xrdp rdp7 port 3390 --- apps/assets/const/host.py | 8 ++- apps/assets/const/protocol.py | 9 +++ .../migrations/0120_auto_20230630_1555.py | 69 +++++++++++++++++++ apps/authentication/api/connection_token.py | 5 +- apps/terminal/connect_methods.py | 8 +++ .../migrations/0064_endpoint_rdp7_port.py | 20 ++++++ apps/terminal/models/component/endpoint.py | 4 ++ apps/terminal/serializers/endpoint.py | 2 +- 8 files changed, 120 insertions(+), 5 deletions(-) create mode 100644 apps/assets/migrations/0120_auto_20230630_1555.py create mode 100644 apps/terminal/migrations/0064_endpoint_rdp7_port.py diff --git a/apps/assets/const/host.py b/apps/assets/const/host.py index afb92a447..60205ff2c 100644 --- a/apps/assets/const/host.py +++ b/apps/assets/const/host.py @@ -33,10 +33,10 @@ class HostTypes(BaseType): def _get_protocol_constrains(cls) -> dict: return { '*': { - 'choices': ['ssh', 'telnet', 'vnc', 'rdp'] + 'choices': ['ssh', 'telnet', 'vnc', 'rdp', 'rdp7'] }, cls.WINDOWS: { - 'choices': ['rdp', 'ssh', 'vnc', 'winrm'] + 'choices': ['rdp', 'rdp7', 'ssh', 'vnc', 'winrm'] } } @@ -116,6 +116,10 @@ class HostTypes(BaseType): 'required': True } } + }, + { + 'name': 'Windows-RDP7', + '_protocols': ['rdp7',], } ] } diff --git a/apps/assets/const/protocol.py b/apps/assets/const/protocol.py index e66dde209..e0c6ad25e 100644 --- a/apps/assets/const/protocol.py +++ b/apps/assets/const/protocol.py @@ -10,6 +10,7 @@ __all__ = ['Protocol'] class Protocol(ChoicesMixin, models.TextChoices): ssh = 'ssh', 'SSH' rdp = 'rdp', 'RDP' + rdp7 = 'rdp7', 'RDP7' telnet = 'telnet', 'Telnet' vnc = 'vnc', 'VNC' winrm = 'winrm', 'WinRM' @@ -69,6 +70,14 @@ class Protocol(ChoicesMixin, models.TextChoices): # } } }, + cls.rdp7: { + 'port': 3390, + 'secret_types': ['password'], + 'setting': { + 'console': False, + 'security': 'any', + } + }, cls.vnc: { 'port': 5900, 'secret_types': ['password'], diff --git a/apps/assets/migrations/0120_auto_20230630_1555.py b/apps/assets/migrations/0120_auto_20230630_1555.py new file mode 100644 index 000000000..6c303fdd7 --- /dev/null +++ b/apps/assets/migrations/0120_auto_20230630_1555.py @@ -0,0 +1,69 @@ +# Generated by Django 3.2.17 on 2023-06-30 07:55 + +import json + +from django.db import migrations + +platform_json_data = """{ + "category": "host", + "type": "windows", + "internal": true, + "charset": "utf-8", + "domain_enabled": true, + "su_enabled": false, + "name": "Windows-RDP7", + "automation": { + "ansible_enabled": true, + "ansible_config": { + "ansible_shell_type": "cmd", + "ansible_connection": "ssh" + }, + "ping_enabled": true, + "gather_facts_enabled": true, + "gather_accounts_enabled": true, + "verify_account_enabled": true, + "change_secret_enabled": true, + "push_account_enabled": true, + "ping_method": "win_ping", + "gather_facts_method": "gather_facts_windows", + "gather_accounts_method": "gather_accounts_windows", + "verify_account_method": "verify_account_windows", + "change_secret_method": "change_secret_local_windows", + "push_account_method": "push_account_local_windows" + }, + "protocols": [ + { + "name": "rdp7", + "port": 3390, + "setting": { + "console": false, + "security": "any" + }, + "primary": true, + "required": false, + "default": false + } + ] +}""" + + +def create_rdp7_internal_platform(apps, *args): + platform_cls = apps.get_model('assets', 'Platform') + platform_automation_cls = apps.get_model('assets', 'PlatformAutomation') + platform_data = json.loads(platform_json_data) + protocols = platform_data.pop('protocols') + automation_data = platform_data.pop('automation', {}) + rdp7_obj = platform_cls.objects.create(**platform_data) + for p in protocols: + rdp7_obj.protocols.create(**p) + platform_automation_cls.objects.create(platform=rdp7_obj, **automation_data) + + +class Migration(migrations.Migration): + dependencies = [ + ('assets', '0119_assets_add_default_node'), + ] + + operations = [ + migrations.RunPython(create_rdp7_internal_platform), + ] diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py index 23344c9fb..149ecc791 100644 --- a/apps/authentication/api/connection_token.py +++ b/apps/authentication/api/connection_token.py @@ -75,8 +75,9 @@ class RDPFileClientProtocolURLMixin: rdp_options['screen mode id:i'] = '2' if full_screen else '1' # 设置 RDP Server 地址 - endpoint = self.get_smart_endpoint(protocol='rdp', asset=token.asset) - rdp_options['full address:s'] = f'{endpoint.host}:{endpoint.rdp_port}' + endpoint = self.get_smart_endpoint(protocol=token.protocol, asset=token.asset) + protocol_port = endpoint.get_protocol_port(token.protocol, 3389) + rdp_options['full address:s'] = f'{endpoint.host}:{protocol_port}' # 设置用户名 rdp_options['username:s'] = '{}|{}'.format(token.user.username, str(token.id)) diff --git a/apps/terminal/connect_methods.py b/apps/terminal/connect_methods.py index a4901b93c..c3446a630 100644 --- a/apps/terminal/connect_methods.py +++ b/apps/terminal/connect_methods.py @@ -22,6 +22,7 @@ class WebMethod(TextChoices): Protocol.ssh: [cls.web_cli, cls.web_sftp], Protocol.telnet: [cls.web_cli], Protocol.rdp: [cls.web_gui], + Protocol.rdp7: [cls.web_gui], Protocol.vnc: [cls.web_gui], Protocol.mysql: [cls.web_cli], @@ -67,6 +68,7 @@ class NativeClient(TextChoices): 'windows': [cls.putty], }, Protocol.rdp: [cls.mstsc], + Protocol.rdp7: [cls.mstsc], Protocol.mysql: [cls.db_client], Protocol.mariadb: [cls.db_client], Protocol.redis: [cls.db_client], @@ -214,6 +216,12 @@ class ConnectMethodUtil: 'support': [Protocol.rdp], 'match': 'map' }, + TerminalType.xrdp: { + 'web_methods': [], + 'listen': [Protocol.rdp7], + 'support': [Protocol.rdp7], + 'match': 'map' + }, } return protocols diff --git a/apps/terminal/migrations/0064_endpoint_rdp7_port.py b/apps/terminal/migrations/0064_endpoint_rdp7_port.py new file mode 100644 index 000000000..d76719287 --- /dev/null +++ b/apps/terminal/migrations/0064_endpoint_rdp7_port.py @@ -0,0 +1,20 @@ +# Generated by Django 3.2.17 on 2023-06-30 09:04 + +import common.db.fields +import django.core.validators +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('terminal', '0063_auto_20230621_1133'), + ] + + operations = [ + migrations.AddField( + model_name='endpoint', + name='rdp7_port', + field=common.db.fields.PortField(default=3390, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='RDP7 port'), + ), + ] diff --git a/apps/terminal/models/component/endpoint.py b/apps/terminal/models/component/endpoint.py index f19f72949..1295e3efd 100644 --- a/apps/terminal/models/component/endpoint.py +++ b/apps/terminal/models/component/endpoint.py @@ -16,6 +16,7 @@ class Endpoint(JMSBaseModel): http_port = PortField(default=80, verbose_name=_('HTTP port')) ssh_port = PortField(default=2222, verbose_name=_('SSH port')) rdp_port = PortField(default=3389, verbose_name=_('RDP port')) + rdp7_port = PortField(default=3390, verbose_name=_('RDP7 port')) mysql_port = PortField(default=33061, verbose_name=_('MySQL port')) mariadb_port = PortField(default=33062, verbose_name=_('MariaDB port')) postgresql_port = PortField(default=54320, verbose_name=_('PostgreSQL port')) @@ -42,6 +43,9 @@ class Endpoint(JMSBaseModel): port = getattr(self, f'{protocol}_port', 0) return port + def get_protocol_port(self, protocol, default=0): + return getattr(self, f'{protocol}_port', default) + def is_default(self): return str(self.id) == self.default_id diff --git a/apps/terminal/serializers/endpoint.py b/apps/terminal/serializers/endpoint.py index 82de09fce..aafd68aca 100644 --- a/apps/terminal/serializers/endpoint.py +++ b/apps/terminal/serializers/endpoint.py @@ -26,7 +26,7 @@ class EndpointSerializer(BulkModelSerializer): model = Endpoint fields_mini = ['id', 'name'] fields_small = [ - 'host', 'https_port', 'http_port', 'ssh_port', 'rdp_port', + 'host', 'https_port', 'http_port', 'ssh_port', 'rdp_port', 'rdp7_port', 'mysql_port', 'mariadb_port', 'postgresql_port', 'redis_port', 'oracle_port_range', 'oracle_port', ] From 125dc2adf510e37bde1d1b68b99c525b80915adb Mon Sep 17 00:00:00 2001 From: Eric Date: Fri, 30 Jun 2023 18:25:58 +0800 Subject: [PATCH 05/10] =?UTF-8?q?perf:=20=E9=92=88=E5=AF=B9=20rdp7=20?= =?UTF-8?q?=E7=AB=AF=E5=8F=A3=E7=89=B9=E6=AE=8A=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/api/connection_token.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py index 149ecc791..ea00cfec6 100644 --- a/apps/authentication/api/connection_token.py +++ b/apps/authentication/api/connection_token.py @@ -76,7 +76,8 @@ class RDPFileClientProtocolURLMixin: # 设置 RDP Server 地址 endpoint = self.get_smart_endpoint(protocol=token.protocol, asset=token.asset) - protocol_port = endpoint.get_protocol_port(token.protocol, 3389) + # 由于 remoteapp 使用 mstsc 客户端连接的时候,都是 rdp 端口, 这里特殊判断 rdp7 端口 + protocol_port = endpoint.rdp7_port if token.protocol == 'rdp7' else endpoint.rdp_port rdp_options['full address:s'] = f'{endpoint.host}:{protocol_port}' # 设置用户名 From 411102ed85a2275b7ba86e8151718ab6fcb82491 Mon Sep 17 00:00:00 2001 From: Eric Date: Fri, 30 Jun 2023 18:40:43 +0800 Subject: [PATCH 06/10] =?UTF-8?q?perf:=20=E5=AE=8C=E5=96=84=20protocol=20?= =?UTF-8?q?=E5=8C=B9=E9=85=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/api/connection_token.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py index ea00cfec6..c779540a1 100644 --- a/apps/authentication/api/connection_token.py +++ b/apps/authentication/api/connection_token.py @@ -75,9 +75,10 @@ class RDPFileClientProtocolURLMixin: rdp_options['screen mode id:i'] = '2' if full_screen else '1' # 设置 RDP Server 地址 - endpoint = self.get_smart_endpoint(protocol=token.protocol, asset=token.asset) + protocol = 'rdp7' if token.protocol == 'rdp7' else 'rdp' + endpoint = self.get_smart_endpoint(protocol=protocol, asset=token.asset) # 由于 remoteapp 使用 mstsc 客户端连接的时候,都是 rdp 端口, 这里特殊判断 rdp7 端口 - protocol_port = endpoint.rdp7_port if token.protocol == 'rdp7' else endpoint.rdp_port + protocol_port = endpoint.get_protocol_port(protocol, default=3389) rdp_options['full address:s'] = f'{endpoint.host}:{protocol_port}' # 设置用户名 From 2f81196874882f3a6dae5fda6dc0293768d756ad Mon Sep 17 00:00:00 2001 From: Eric Date: Mon, 3 Jul 2023 10:22:49 +0800 Subject: [PATCH 07/10] =?UTF-8?q?perf:=20=E6=9B=B4=E6=96=B0=20rdp7=20proto?= =?UTF-8?q?col=20=E8=AE=BE=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/const/protocol.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/apps/assets/const/protocol.py b/apps/assets/const/protocol.py index e0c6ad25e..6779aabc4 100644 --- a/apps/assets/const/protocol.py +++ b/apps/assets/const/protocol.py @@ -74,8 +74,19 @@ class Protocol(ChoicesMixin, models.TextChoices): 'port': 3390, 'secret_types': ['password'], 'setting': { - 'console': False, - 'security': 'any', + 'console': { + 'type': 'bool', + 'default': False, + 'label': _('Console'), + 'help_text': _("Connect to console session") + }, + 'security': { + 'type': 'choice', + 'choices': [('any', _('Any')), ('rdp', 'RDP'), ('tls', 'TLS'), ('nla', 'NLA')], + 'default': 'any', + 'label': _('Security'), + 'help_text': _("Security layer to use for the connection") + }, } }, cls.vnc: { From 3971fce561c23ed3f15ce108434eb474f423a4cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Mon, 3 Jul 2023 10:28:25 +0800 Subject: [PATCH 08/10] =?UTF-8?q?feat:=20=E5=90=88=E5=B9=B6=20Dockerfile?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 31 +++++++++------ Dockerfile.loong64 | 97 ---------------------------------------------- 2 files changed, 20 insertions(+), 108 deletions(-) delete mode 100644 Dockerfile.loong64 diff --git a/Dockerfile b/Dockerfile index 2183c7b36..5a6c5451d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.9-slim-bullseye as stage-build +FROM jumpserver/python:3.9-slim-buster as stage-build ARG TARGETARCH ARG VERSION @@ -8,7 +8,7 @@ WORKDIR /opt/jumpserver ADD . . RUN cd utils && bash -ixeu build.sh -FROM python:3.9-slim-bullseye +FROM jumpserver/python:3.9-slim-buster ARG TARGETARCH MAINTAINER JumpServer Team @@ -24,6 +24,7 @@ ARG DEPENDENCIES=" \ libjpeg-dev \ libldap2-dev \ libsasl2-dev \ + libssl-dev \ libxml2-dev \ libxmlsec1-dev \ libxmlsec1-openssl \ @@ -66,27 +67,35 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \ ARG DOWNLOAD_URL=https://download.jumpserver.org -RUN mkdir -p /opt/oracle/ \ - && cd /opt/oracle/ \ - && wget ${DOWNLOAD_URL}/public/instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip \ - && unzip instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip \ - && sh -c "echo /opt/oracle/instantclient_19_10 > /etc/ld.so.conf.d/oracle-instantclient.conf" \ - && ldconfig \ - && rm -f instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip +RUN set -ex \ + && \ + if [ "${TARGETARCH}" == "amd64" ] || [ "${TARGETARCH}" == "arm64" ]; then \ + mkdir -p /opt/oracle; \ + wget ${DOWNLOAD_URL}/public/instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip; \ + unzip instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip; \ + echo "/opt/oracle/instantclient_19_10" > /etc/ld.so.conf.d/oracle-instantclient.conf; \ + ldconfig; \ + rm -f instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip; \ + fi WORKDIR /tmp/build COPY ./requirements ./requirements ARG PIP_MIRROR=https://pypi.douban.com/simple -ENV PIP_MIRROR=$PIP_MIRROR ARG PIP_JMS_MIRROR=https://pypi.douban.com/simple -ENV PIP_JMS_MIRROR=$PIP_JMS_MIRROR RUN --mount=type=cache,target=/root/.cache/pip \ set -ex \ && pip config set global.index-url ${PIP_MIRROR} \ && pip install --upgrade pip \ && pip install --upgrade setuptools wheel \ + && \ + if [ "${TARGETARCH}" == "loong64" ]; then \ + pip install https://download.jumpserver.org/pypi/simple/cryptography/cryptography-38.0.4-cp39-cp39-linux_loongarch64.whl; \ + pip install https://download.jumpserver.org/pypi/simple/greenlet/greenlet-1.1.2-cp39-cp39-linux_loongarch64.whl; \ + pip install https://download.jumpserver.org/pypi/simple/PyNaCl/PyNaCl-1.5.0-cp39-cp39-linux_loongarch64.whl; \ + pip install https://download.jumpserver.org/pypi/simple/grpcio/grpcio-1.54.2-cp39-cp39-linux_loongarch64.whl; \ + fi \ && pip install $(grep -E 'jms|jumpserver' requirements/requirements.txt) -i ${PIP_JMS_MIRROR} \ && pip install -r requirements/requirements.txt diff --git a/Dockerfile.loong64 b/Dockerfile.loong64 deleted file mode 100644 index f5682aec2..000000000 --- a/Dockerfile.loong64 +++ /dev/null @@ -1,97 +0,0 @@ -FROM python:3.9-slim-buster as stage-build -ARG TARGETARCH - -ARG VERSION -ENV VERSION=$VERSION - -WORKDIR /opt/jumpserver -ADD . . -RUN cd utils && bash -ixeu build.sh - -FROM python:3.9-slim-buster -ARG TARGETARCH -MAINTAINER JumpServer Team - -ARG BUILD_DEPENDENCIES=" \ - g++ \ - make \ - pkg-config" - -ARG DEPENDENCIES=" \ - freetds-dev \ - libpq-dev \ - libffi-dev \ - libjpeg-dev \ - libldap2-dev \ - libsasl2-dev \ - libssl-dev \ - libxml2-dev \ - libxmlsec1-dev \ - libxmlsec1-openssl \ - freerdp2-dev \ - libaio-dev" - -ARG TOOLS=" \ - ca-certificates \ - curl \ - default-libmysqlclient-dev \ - default-mysql-client \ - locales \ - openssh-client \ - procps \ - sshpass \ - telnet \ - unzip \ - vim \ - git \ - wget" - -RUN --mount=type=cache,target=/var/cache/apt,sharing=locked,id=core \ - set -ex \ - && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ - && apt-get update \ - && apt-get -y install --no-install-recommends ${BUILD_DEPENDENCIES} \ - && apt-get -y install --no-install-recommends ${DEPENDENCIES} \ - && apt-get -y install --no-install-recommends ${TOOLS} \ - && mkdir -p /root/.ssh/ \ - && echo "Host *\n\tStrictHostKeyChecking no\n\tUserKnownHostsFile /dev/null\n\tCiphers +aes128-cbc\n\tKexAlgorithms +diffie-hellman-group1-sha1\n\tHostKeyAlgorithms +ssh-rsa" > /root/.ssh/config \ - && echo "set mouse-=a" > ~/.vimrc \ - && echo "no" | dpkg-reconfigure dash \ - && echo "zh_CN.UTF-8" | dpkg-reconfigure locales \ - && sed -i "s@# export @export @g" ~/.bashrc \ - && sed -i "s@# alias @alias @g" ~/.bashrc \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /tmp/build -COPY ./requirements ./requirements - -ARG PIP_MIRROR=https://pypi.douban.com/simple -ENV PIP_MIRROR=$PIP_MIRROR -ARG PIP_JMS_MIRROR=https://pypi.douban.com/simple -ENV PIP_JMS_MIRROR=$PIP_JMS_MIRROR - -RUN --mount=type=cache,target=/root/.cache/pip \ - set -ex \ - && pip config set global.index-url ${PIP_MIRROR} \ - && pip install --upgrade pip \ - && pip install --upgrade setuptools wheel \ - && pip install https://download.jumpserver.org/pypi/simple/cryptography/cryptography-38.0.4-cp39-cp39-linux_loongarch64.whl \ - && pip install https://download.jumpserver.org/pypi/simple/greenlet/greenlet-1.1.2-cp39-cp39-linux_loongarch64.whl \ - && pip install https://download.jumpserver.org/pypi/simple/PyNaCl/PyNaCl-1.5.0-cp39-cp39-linux_loongarch64.whl \ - && pip install https://download.jumpserver.org/pypi/simple/grpcio/grpcio-1.54.2-cp39-cp39-linux_loongarch64.whl \ - && pip install $(grep -E 'jms|jumpserver' requirements/requirements.txt) -i ${PIP_JMS_MIRROR} \ - && pip install -r requirements/requirements.txt - -COPY --from=stage-build /opt/jumpserver/release/jumpserver /opt/jumpserver -RUN echo > /opt/jumpserver/config.yml \ - && rm -rf /tmp/build - -WORKDIR /opt/jumpserver -VOLUME /opt/jumpserver/data -VOLUME /opt/jumpserver/logs - -ENV LANG=zh_CN.UTF-8 - -EXPOSE 8080 - -ENTRYPOINT ["./entrypoint.sh"] From eb49beaf468829fafe9aab4d9ee3ee59c7f44cb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E5=B0=8F=E7=99=BD?= <296015668@qq.com> Date: Mon, 3 Jul 2023 10:37:42 +0800 Subject: [PATCH 09/10] =?UTF-8?q?fix:=20=E4=BF=AE=E6=AD=A3=20oracle=20?= =?UTF-8?q?=E8=B7=AF=E5=BE=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 5a6c5451d..d8fd27492 100644 --- a/Dockerfile +++ b/Dockerfile @@ -71,6 +71,7 @@ RUN set -ex \ && \ if [ "${TARGETARCH}" == "amd64" ] || [ "${TARGETARCH}" == "arm64" ]; then \ mkdir -p /opt/oracle; \ + cd /opt/oracle; \ wget ${DOWNLOAD_URL}/public/instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip; \ unzip instantclient-basiclite-linux.${TARGETARCH}-19.10.0.0.0.zip; \ echo "/opt/oracle/instantclient_19_10" > /etc/ld.so.conf.d/oracle-instantclient.conf; \ From d7f9f3b6706046bcbec931cc016b65ae29eb4123 Mon Sep 17 00:00:00 2001 From: Eric Date: Mon, 3 Jul 2023 19:19:20 +0800 Subject: [PATCH 10/10] =?UTF-8?q?perf:=20=E4=BF=AE=E5=A4=8D=20ConnectionTo?= =?UTF-8?q?ken=20=E4=B8=AD=20account=20id=20=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/models/connection_token.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/authentication/models/connection_token.py b/apps/authentication/models/connection_token.py index acef092b1..b721cb982 100644 --- a/apps/authentication/models/connection_token.py +++ b/apps/authentication/models/connection_token.py @@ -222,6 +222,7 @@ class ConnectionToken(JMSOrgBaseModel): } else: data = { + 'id': account.id, 'name': account.name, 'username': account.username, 'secret_type': account.secret_type,