noslin005 · September 23, 2021 02:30
diff --git a/0x00-setup-jumpserver.md b/0x00-setup-jumpserver.md
diff --git a/0x01-prepare.sh b/0x01-prepare.sh
 set -e

 # Set firewall
 firewall-cmd --zone=public --add-port=80/tcp --permanent
 firewall-cmd --zone=public --add-port=2222/tcp --permanent
 firewall-cmd --reload


 # Set selinux
 setenforce 0
 sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

 # Set charset
 #localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
 #export LC_ALL=zh_CN.UTF-8
 #echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf

 # Set python
 yum -y install wget gcc epel-release git
 yum -y install python36 python36-devel
 ( cd /opt
  python3.6 -m venv py3
 )

diff --git a/0x02-install-jumpserver.sh b/0x02-install-jumpserver.sh
 set -e
 source /opt/py3/bin/activate

 # Clone project
 ( cd /opt/
  wget --content-disposition https://github.com/jumpserver/jumpserver/archive/1.4.9.tar.gz -O jumpserver-1.4.9.tar.gz
  mkdir /opt/jumpserver && tar xzf jumpserver-1.4.9.tar.gz -C /opt/jumpserver --strip-components 1
 )

 # Install python requirements
 ( cd /opt/jumpserver/requirements
  yum -y install $(cat rpm_requirements.txt)
  pip install -r requirements.txt
 )

 # Install redis
 yum -y install redis
 systemctl enable redis
 systemctl start redis

 # Install mysql
 yum -y install mariadb mariadb-devel mariadb-server
 systemctl enable mariadb
 systemctl start mariadb

 # Set mysql
 export DB_PASSWORD=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 24`
 echo "export DB_PASSWORD=$DB_PASSWORD" >> ~/.bashrc
 mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"

 # Config jumpserver
 ( cd /opt/jumpserver
  cp config_example.yml config.yml
  export SECRET_KEY=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 50`
  export BOOTSTRAP_TOKEN=`cat /dev/urandom | tr -dc A-Za-z0-9 | head -c 16`
  echo "export SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
  echo "export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc

  sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g" /opt/jumpserver/config.yml
  sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /opt/jumpserver/config.yml
  sed -i "s/# DEBUG: true/DEBUG: false/g" /opt/jumpserver/config.yml
  sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" /opt/jumpserver/config.yml
  sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /opt/jumpserver/config.yml
  sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" /opt/jumpserver/config.yml
 )

 # Run jumpserver
 ( cd /opt/jumpserver
  ./jms start all -d
 )
diff --git a/0x03-install-coco.sh b/0x03-install-coco.sh
 set -e
 source /opt/py3/bin/activate

 # Clone project
 ( cd /opt
  wget --content-disposition https://github.com/jumpserver/coco/archive/1.4.9.tar.gz -O coco-1.4.9.tar.gz
  mkdir /opt/coco && tar zxf coco-1.4.9.tar.gz -C /opt/coco --strip-components 1
 )

 # Install python requirements
 ( cd /opt/coco/requirements
  yum -y install $(cat rpm_requirements.txt)
  pip install -r requirements.txt
 )

 # Config coco
 ( cd /opt/coco
  cp config_example.yml config.yml

  sed -i "s/BOOTSTRAP_TOKEN: <PleasgeChangeSameWithJumpserver>/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /opt/coco/config.yml
  sed -i "s/# LOG_LEVEL: INFO/LOG_LEVEL: ERROR/g" /opt/coco/config.yml
 )

 # Run
 ( cd /opt/coco
  ./cocod start -d
 )
diff --git a/0x04-install-luna.sh b/0x04-install-luna.sh
 set -e

 ( cd /opt
  wget --content-disposition https://github.com/jumpserver/luna/releases/download/1.4.9/luna.tar.gz -O luna-1.4.9.tar.gz
  mkdir /opt/luna && tar xzf luna-1.4.9.tar.gz -C /opt/luna --strip-components 1
  chown -R root:root luna
 )
diff --git a/0x05-install-guacamole.sh b/0x05-install-guacamole.sh
 set -e

 # Install freerdp
 mkdir /usr/local/lib/freerdp/
 ln -s /usr/local/lib/freerdp /usr/lib64/freerdp
 rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
 rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
 yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm

 # Install other requirements
 yum install -y java-1.8.0-openjdk libtool
 yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
 yum install -y ffmpeg-devel freerdp-devel freerdp-plugins pango-devel \
  libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel \
  openssl-devel libvorbis-devel libwebp-devel ghostscript

 # Install guacamole server
 ( cd /opt
  wget --content-disposition https://github.com/jumpserver/docker-guacamole/archive/1.4.9.tar.gz -O docker-guacamole-1.4.9.tar.gz
  mkdir /opt/docker-guacamole && tar xzf docker-guacamole-1.4.9.tar.gz -C /opt/docker-guacamole --strip-components 1
 )
 ( cd /opt/docker-guacamole/
  tar -xf guacamole-server-0.9.14.tar.gz
 )
 ( cd /opt/docker-guacamole/guacamole-server-0.9.14
  autoreconf -fi
  ./configure --with-init-dir=/etc/init.d
  make && make install
  cd ..
  rm -rf guacamole-server-0.9.14
  ldconfig
 )

 # Install tomcat
 mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions
 ln -sf /opt/docker-guacamole/guacamole-auth-jumpserver-0.9.14.jar /config/guacamole/extensions/guacamole-auth-jumpserver-0.9.14.jar
 ln -sf /opt/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/guacamole.properties 

 ( cd /config
  wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-8/v8.5.39/bin/apache-tomcat-8.5.39.tar.gz
  tar xf apache-tomcat-8.5.39.tar.gz
  rm -rf apache-tomcat-8.5.39.tar.gz
  mv apache-tomcat-8.5.39 tomcat8
  rm -rf /config/tomcat8/webapps/*
  ln -sf /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war
  sed -i 's/Connector port="8080"/Connector port="8081"/g' /config/tomcat8/conf/server.xml
  sed -i 's/FINE/WARNING/g' /config/tomcat8/conf/logging.properties
 )

 ( cd /config
  wget https://github.com/ibuler/ssh-forward/releases/download/v0.0.5/linux-amd64.tar.gz
  tar xf linux-amd64.tar.gz -C /bin/
  chmod +x /bin/ssh-forward
 )

 # Set Environment
 export JUMPSERVER_SERVER=http://127.0.0.1:8080
 echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc

 export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN
 echo "export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
 export JUMPSERVER_KEY_DIR=/config/guacamole/keys
 echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
 export GUACAMOLE_HOME=/config/guacamole
 echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc

 # Run
 /etc/init.d/guacd start
 sh /config/tomcat8/bin/startup.sh
diff --git a/0x06-install-nginx.sh b/0x06-install-nginx.sh
 yum install -y yum-utils

 cat > /etc/yum.repos.d/nginx.repo <<EOF
 [nginx-stable]
 name=nginx stable repo
 baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
 gpgcheck=1
 enabled=1
 gpgkey=https://nginx.org/keys/nginx_signing.key
 EOF

 yum install -y nginx
 rm -rf /etc/nginx/conf.d/default.conf

 cat > /etc/nginx/conf.d/jumpserver.conf <<EOF
 server {
    listen 80;  # 代理端口, 以后将通过此端口进行访问, 不再通过8080端口
    # server_name demo.jumpserver.org;  # 修改成你的域名或者注释掉

    client_max_body_size 100m;  # 录像及文件上传大小限制

    location /luna/ {
        try_files \$uri / /index.html;
        alias /opt/luna/;  # luna 路径, 如果修改安装目录, 此处需要修改
    }

    location /media/ {
        add_header Content-Encoding gzip;
        root /opt/jumpserver/data/;  # 录像位置, 如果修改安装目录, 此处需要修改
    }

    location /static/ {
        root /opt/jumpserver/data/;  # 静态资源, 如果修改安装目录, 此处需要修改
    }

    location /socket.io/ {
        proxy_pass       http://localhost:5000/socket.io/;  # 如果coco安装在别的服务器, 请填写它的ip
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade \$http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        access_log off;
    }

    location /coco/ {
        proxy_pass       http://localhost:5000/coco/;  # 如果coco安装在别的服务器, 请填写它的ip
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        access_log off;
    }

    location /guacamole/ {
        proxy_pass       http://localhost:8081/;  # 如果guacamole安装在别的服务器, 请填写它的ip
        proxy_buffering off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade \$http_upgrade;
        proxy_set_header Connection \$http_connection;
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
        access_log off;
    }

    location / {
        proxy_pass http://localhost:8080;  # 如果jumpserver安装在别的服务器, 请填写它的ip
        proxy_set_header X-Real-IP \$remote_addr;
        proxy_set_header Host \$host;
        proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
    }
 }
 EOF

 nginx -t
 systemctl start nginx
 systemctl enable nginx
diff --git a/coco.service b/coco.service
 [Unit]
 Description=Coco daemon
 After=network.target

 [Service]
 Type=forking
 Environment="PATH=/opt/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 ExecStart=/opt/coco/cocod start -d
 ExecStop=/opt/coco/cocod stop -d

 [Install]
 WantedBy=multi-user.target

diff --git a/guacd.service b/guacd.service
 [Unit]
 Description=guacamole daemon
 After=network.target

 [Service]
 Type=forking
 ExecStart=/etc/init.d/guacd start
 ExecStop=/etc/init.d/guacd stop

 [Install]
 WantedBy=multi-user.target

diff --git a/jumpserver.service b/jumpserver.service
 [Unit]
 Description=Jumpserver
 After=network.target

 [Service]
 Type=forking
 Environment="PATH=/opt/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 ExecStart=/opt/jumpserver/jms start all -d
 ExecStop=/opt/jumpserver/jms stop all -d

 [Install]
 WantedBy=multi-user.target

diff --git a/setup.sh b/setup.sh
 #!/usr/bin/env bash

 set -e

 exec > >(tee -ai log)
 exec 2>&1

 run() {
  # :param $1: script to execute
  echo -e "\033[31m $1 \033[0m"
  bash -i "$1"
 }

 steps=(
  0x01-prepare.sh
  0x02-install-jumpserver.sh
  0x03-install-coco.sh
  0x04-install-luna.sh
  0x05-install-guacamole.sh
  0x06-install-nginx.sh
 )

 for step in "${steps[@]}"; do
  run "$step"
 done

diff --git a/tomcat.service b/tomcat.service
 [Unit]
 Description=Tomcat
 After=network.target

 [Service]
 Type=forking
 ExecStart=/config/tomcat8/bin/startup.sh
 ExecStop=/config/tomcat8/bin/shutdown.sh

 [Install]
 WantedBy=multi-user.target
	set -e

	# Set firewall
	firewall-cmd --zone=public --add-port=80/tcp --permanent
	firewall-cmd --zone=public --add-port=2222/tcp --permanent
	firewall-cmd --reload


	# Set selinux
	setenforce 0
	sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config

	# Set charset
	#localedef -c -f UTF-8 -i zh_CN zh_CN.UTF-8
	#export LC_ALL=zh_CN.UTF-8
	#echo 'LANG="zh_CN.UTF-8"' > /etc/locale.conf

	# Set python
	yum -y install wget gcc epel-release git
	yum -y install python36 python36-devel
	( cd /opt
	python3.6 -m venv py3
	)
	set -e
	source /opt/py3/bin/activate

	# Clone project
	( cd /opt/
	wget --content-disposition https://github.com/jumpserver/jumpserver/archive/1.4.9.tar.gz -O jumpserver-1.4.9.tar.gz
	mkdir /opt/jumpserver && tar xzf jumpserver-1.4.9.tar.gz -C /opt/jumpserver --strip-components 1
	)

	# Install python requirements
	( cd /opt/jumpserver/requirements
	yum -y install $(cat rpm_requirements.txt)
	pip install -r requirements.txt
	)

	# Install redis
	yum -y install redis
	systemctl enable redis
	systemctl start redis

	# Install mysql
	yum -y install mariadb mariadb-devel mariadb-server
	systemctl enable mariadb
	systemctl start mariadb

	# Set mysql
	export DB_PASSWORD=`cat /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 24`
	echo "export DB_PASSWORD=$DB_PASSWORD" >> ~/.bashrc
	mysql -uroot -e "create database jumpserver default charset 'utf8'; grant all on jumpserver.* to 'jumpserver'@'127.0.0.1' identified by '$DB_PASSWORD'; flush privileges;"

	# Config jumpserver
	( cd /opt/jumpserver
	cp config_example.yml config.yml
	export SECRET_KEY=`cat /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 50`
	export BOOTSTRAP_TOKEN=`cat /dev/urandom \| tr -dc A-Za-z0-9 \| head -c 16`
	echo "export SECRET_KEY=$SECRET_KEY" >> ~/.bashrc
	echo "export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc

	sed -i "s/SECRET_KEY:/SECRET_KEY: $SECRET_KEY/g" /opt/jumpserver/config.yml
	sed -i "s/BOOTSTRAP_TOKEN:/BOOTSTRAP_TOKEN: $BOOTSTRAP_TOKEN/g" /opt/jumpserver/config.yml
	sed -i "s/# DEBUG: true/DEBUG: false/g" /opt/jumpserver/config.yml
	sed -i "s/# LOG_LEVEL: DEBUG/LOG_LEVEL: ERROR/g" /opt/jumpserver/config.yml
	sed -i "s/# SESSION_EXPIRE_AT_BROWSER_CLOSE: false/SESSION_EXPIRE_AT_BROWSER_CLOSE: true/g" /opt/jumpserver/config.yml
	sed -i "s/DB_PASSWORD: /DB_PASSWORD: $DB_PASSWORD/g" /opt/jumpserver/config.yml
	)

	# Run jumpserver
	( cd /opt/jumpserver
	./jms start all -d
	)
	set -e

	# Install freerdp
	mkdir /usr/local/lib/freerdp/
	ln -s /usr/local/lib/freerdp /usr/lib64/freerdp
	rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
	rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
	yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm

	# Install other requirements
	yum install -y java-1.8.0-openjdk libtool
	yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
	yum install -y ffmpeg-devel freerdp-devel freerdp-plugins pango-devel \
	libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel \
	openssl-devel libvorbis-devel libwebp-devel ghostscript

	# Install guacamole server
	( cd /opt
	wget --content-disposition https://github.com/jumpserver/docker-guacamole/archive/1.4.9.tar.gz -O docker-guacamole-1.4.9.tar.gz
	mkdir /opt/docker-guacamole && tar xzf docker-guacamole-1.4.9.tar.gz -C /opt/docker-guacamole --strip-components 1
	)
	( cd /opt/docker-guacamole/
	tar -xf guacamole-server-0.9.14.tar.gz
	)
	( cd /opt/docker-guacamole/guacamole-server-0.9.14
	autoreconf -fi
	./configure --with-init-dir=/etc/init.d
	make && make install
	cd ..
	rm -rf guacamole-server-0.9.14
	ldconfig
	)

	# Install tomcat
	mkdir -p /config/guacamole /config/guacamole/lib /config/guacamole/extensions
	ln -sf /opt/docker-guacamole/guacamole-auth-jumpserver-0.9.14.jar /config/guacamole/extensions/guacamole-auth-jumpserver-0.9.14.jar
	ln -sf /opt/docker-guacamole/root/app/guacamole/guacamole.properties /config/guacamole/guacamole.properties

	( cd /config
	wget http://mirror.bit.edu.cn/apache/tomcat/tomcat-8/v8.5.39/bin/apache-tomcat-8.5.39.tar.gz
	tar xf apache-tomcat-8.5.39.tar.gz
	rm -rf apache-tomcat-8.5.39.tar.gz
	mv apache-tomcat-8.5.39 tomcat8
	rm -rf /config/tomcat8/webapps/*
	ln -sf /opt/docker-guacamole/guacamole-0.9.14.war /config/tomcat8/webapps/ROOT.war
	sed -i 's/Connector port="8080"/Connector port="8081"/g' /config/tomcat8/conf/server.xml
	sed -i 's/FINE/WARNING/g' /config/tomcat8/conf/logging.properties
	)

	( cd /config
	wget https://github.com/ibuler/ssh-forward/releases/download/v0.0.5/linux-amd64.tar.gz
	tar xf linux-amd64.tar.gz -C /bin/
	chmod +x /bin/ssh-forward
	)

	# Set Environment
	export JUMPSERVER_SERVER=http://127.0.0.1:8080
	echo "export JUMPSERVER_SERVER=http://127.0.0.1:8080" >> ~/.bashrc

	export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN
	echo "export BOOTSTRAP_TOKEN=$BOOTSTRAP_TOKEN" >> ~/.bashrc
	export JUMPSERVER_KEY_DIR=/config/guacamole/keys
	echo "export JUMPSERVER_KEY_DIR=/config/guacamole/keys" >> ~/.bashrc
	export GUACAMOLE_HOME=/config/guacamole
	echo "export GUACAMOLE_HOME=/config/guacamole" >> ~/.bashrc

	# Run
	/etc/init.d/guacd start
	sh /config/tomcat8/bin/startup.sh
	yum install -y yum-utils

	cat > /etc/yum.repos.d/nginx.repo <<EOF
	[nginx-stable]
	name=nginx stable repo
	baseurl=http://nginx.org/packages/centos/\$releasever/\$basearch/
	gpgcheck=1
	enabled=1
	gpgkey=https://nginx.org/keys/nginx_signing.key
	EOF

	yum install -y nginx
	rm -rf /etc/nginx/conf.d/default.conf

	cat > /etc/nginx/conf.d/jumpserver.conf <<EOF
	server {
	listen 80; # 代理端口, 以后将通过此端口进行访问, 不再通过8080端口
	# server_name demo.jumpserver.org; # 修改成你的域名或者注释掉

	client_max_body_size 100m; # 录像及文件上传大小限制

	location /luna/ {
	try_files \$uri / /index.html;
	alias /opt/luna/; # luna 路径, 如果修改安装目录, 此处需要修改
	}

	location /media/ {
	add_header Content-Encoding gzip;
	root /opt/jumpserver/data/; # 录像位置, 如果修改安装目录, 此处需要修改
	}

	location /static/ {
	root /opt/jumpserver/data/; # 静态资源, 如果修改安装目录, 此处需要修改
	}

	location /socket.io/ {
	proxy_pass http://localhost:5000/socket.io/; # 如果coco安装在别的服务器, 请填写它的ip
	proxy_buffering off;
	proxy_http_version 1.1;
	proxy_set_header Upgrade \$http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header X-Real-IP \$remote_addr;
	proxy_set_header Host \$host;
	proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
	access_log off;
	}

	location /coco/ {
	proxy_pass http://localhost:5000/coco/; # 如果coco安装在别的服务器, 请填写它的ip
	proxy_set_header X-Real-IP \$remote_addr;
	proxy_set_header Host \$host;
	proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
	access_log off;
	}

	location /guacamole/ {
	proxy_pass http://localhost:8081/; # 如果guacamole安装在别的服务器, 请填写它的ip
	proxy_buffering off;
	proxy_http_version 1.1;
	proxy_set_header Upgrade \$http_upgrade;
	proxy_set_header Connection \$http_connection;
	proxy_set_header X-Real-IP \$remote_addr;
	proxy_set_header Host \$host;
	proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
	access_log off;
	}

	location / {
	proxy_pass http://localhost:8080; # 如果jumpserver安装在别的服务器, 请填写它的ip
	proxy_set_header X-Real-IP \$remote_addr;
	proxy_set_header Host \$host;
	proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
	}
	}
	EOF

	nginx -t
	systemctl start nginx
	systemctl enable nginx
	[Unit]
	Description=Coco daemon
	After=network.target

	[Service]
	Type=forking
	Environment="PATH=/opt/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
	ExecStart=/opt/coco/cocod start -d
	ExecStop=/opt/coco/cocod stop -d

	[Install]
	WantedBy=multi-user.target
	[Unit]
	Description=guacamole daemon
	After=network.target

	[Service]
	Type=forking
	ExecStart=/etc/init.d/guacd start
	ExecStop=/etc/init.d/guacd stop

	[Install]
	WantedBy=multi-user.target
	[Unit]
	Description=Jumpserver
	After=network.target

	[Service]
	Type=forking
	Environment="PATH=/opt/py3/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
	ExecStart=/opt/jumpserver/jms start all -d
	ExecStop=/opt/jumpserver/jms stop all -d

	[Install]
	WantedBy=multi-user.target
	#!/usr/bin/env bash

	set -e

	exec > >(tee -ai log)
	exec 2>&1

	run() {
	# :param $1: script to execute
	echo -e "\033[31m $1 \033[0m"
	bash -i "$1"
	}

	steps=(
	0x01-prepare.sh
	0x02-install-jumpserver.sh
	0x03-install-coco.sh
	0x04-install-luna.sh
	0x05-install-guacamole.sh
	0x06-install-nginx.sh
	)

	for step in "${steps[@]}"; do
	run "$step"
	done
	[Unit]
	Description=Tomcat
	After=network.target

	[Service]
	Type=forking
	ExecStart=/config/tomcat8/bin/startup.sh
	ExecStop=/config/tomcat8/bin/shutdown.sh

	[Install]
	WantedBy=multi-user.target