Snipe it资产管理系统安装使用
最近公司需要一个IT资产管理系统,在三个开源的系统(snipe it、glpi、ralph)中选择了Snipe it,ralph偏向机房管理,glpi看起来也行,但是暂时不需要那么多额外的功能,后续可能会试用下。
系统长这样:
1. 本地docker安装测试
为了快速体验,搭建测试环境还是docker方便点(不怕麻烦,主机命令行安装也可以的)
- 1.1 下载镜像
1docker pull snipe/snipe-it
- 1.2 找个目录,创建环境变量文件
1touch my_env_file
公司可以申请测试mysql,就没有使用容器化的mysql(需要使用容器化的mysql,请参考Snipe docker)
示例如下:
1➜ cat my_env_file
2# Mysql Parameters
3MYSQL_PORT_3306_TCP_ADDR=127.0.0.1 #数据库的host
4MYSQL_PORT_3306_TCP_PORT=3306 #数据库的port
5
6MYSQL_DATABASE=xxxx #数据库名
7MYSQL_USER=xxxx #数据库用户名
8MYSQL_PASSWORD=xxxx #数据库密码
9
10# 邮箱设置,暂时注释忽略
11# Email Parameters
12# - the hostname/IP address of your mailserver
13#MAIL_PORT_587_TCP_ADDR=smtp.whatever.com
14#the port for the mailserver (probably 587, could be another)
15#MAIL_PORT_587_TCP_PORT=587
16# the default from address, and from name for emails
17#MAIL_ENV_FROM_ADDR=youremail@yourdomain.com
18#MAIL_ENV_FROM_NAME=Your Full Email Name
19# - pick 'tls' for SMTP-over-SSL, 'tcp' for unencrypted
20#MAIL_ENV_ENCRYPTION=tcp
21# SMTP username and password
22#MAIL_ENV_USERNAME=your_email_username
23#MAIL_ENV_PASSWORD=your_email_password
24
25# Snipe-IT Settings
26APP_ENV=production
27APP_DEBUG=false
28APP_KEY=<<Fill in Later!>> #这里是后续不走生成的,不慌,先不填
29APP_URL=http://192.169.1.33 #系统访问地址,ip或者域名,测试填本机ip,方便测试
30APP_TIMEZONE=Asia/Shanghai #时区,后续都可以调整的
31APP_LOCALE=en #语言,后续也可以调整
32
33# Docker-specific variables
34PHP_UPLOAD_LIMIT=100 #上传文件大小限制
- 1.3 生成APP_KEY
1docker run --rm snipe/snipe-it
运行上面的命令后会输出:
1Please re-run this container with an environment variable $APP_KEY
2An example APP_KEY you could use is:
3base64:D5oGA+zhFSVA3VwuoZoQ21RAcwBtJv/RGiqOcZ7BUvI=
base64:D5oGA+zhFSVA3VwuoZoQ21RAcwBtJv/RGiqOcZ7BUvI= 这一串就是要填入环境变量APP_KEY的值,每个人在自己的环境生成的不一样的,格式一样就行。
- 1.4 运行启动(注意要先填上上一步的
APP_KEY值,保存后再启动)
1➜ docker run -p 80:80 --env-file=my_env_file snipe/snipe-it
2➜ docker ps
3CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
455b39ab3e1ac snipe/snipe-it "/startup.sh" 8 hours ago Up 8 hours 0.0.0.0:80->80/tcp, :::80->80/tcp, 443/tcp jovial_carver
上面可以看出已经运行正常,服务端口为80
- 1.5 浏览器访问APP_URL的地址(上一步环境变量中设置的:http://192.169.1.33),进行系统初始化设置
这一步比较简单,网页上面会显示步骤条,跟着一路按需操作就可以了,这里不赘述,参考官方文档
完成后,测试环境搭建完毕,登入系统,尽情傲游即可!
2. 生产环境主机部署
生产环境为什么又变成主机部署不用docker了呢?因为Snipe it会允许用户上传图片、文件什么的,这是存在本地的,其实Snipe it提供存储到 Amazon S3等服务的选项(官方文档),但是我们公司私有云没有这种东西,容器部署的方案就不合适了,主机部署定时备份也还行。
下面主要介绍 php + php-fpm + nginx 部署方式:
- 2.1 下载代码
登录到你的生产主机后,下载Snipe it的代码
1git clone https://github.com/snipe/snipe-it
- 2.2 运行安装脚本
源码仓库里面自带装脚本,下载下来后直接执行。该自动化脚本会根据系统类型安装 mariadb、apache2、php等,具体可查搜索查看PACKAGES关键字,为了方便,主要是让它安装php和对应的插件,等安装完成后,不需要mariadb、apache2的可以自行选择禁用或者删除,本教程会选用 nginx + php-fpm
1cd snipe-it
2wget https://raw.githubusercontent.com/snipe/snipe-it/master/install.sh
3chmod 744 install.sh
4./install.sh
- 2.3 安装php-fpm、nginx 安装之前记得先禁用httpd(即apache2),不然nginx无法启动,端口被占用冲突。
1systemctl disable httpd
2systemctl stop httpd
3yum install php-fpm nginx
- 2.4 准备环境变量文件
1cp .env.example .env
按照需要更改.env里面的配置信息,参考测试环境的配置
官方模版
1# --------------------------------------------
2# REQUIRED: BASIC APP SETTINGS
3# --------------------------------------------
4APP_ENV=production
5APP_DEBUG=false
6APP_KEY=ChangeMe
7APP_URL=null
8APP_TIMEZONE='UTC'
9APP_LOCALE=en
10MAX_RESULTS=500
11
12# --------------------------------------------
13# REQUIRED: UPLOADED FILE STORAGE SETTINGS
14# --------------------------------------------
15PRIVATE_FILESYSTEM_DISK=local
16PUBLIC_FILESYSTEM_DISK=local_public
17
18#PRIVATE_FILESYSTEM_DISK=s3_private
19#PUBLIC_FILESYSTEM_DISK=s3_public
20
21
22# --------------------------------------------
23# REQUIRED: DATABASE SETTINGS
24# --------------------------------------------
25DB_CONNECTION=mysql
26DB_HOST=127.0.0.1
27DB_DATABASE=null
28DB_USERNAME=null
29DB_PASSWORD=null
30DB_PREFIX=null
31DB_DUMP_PATH='/usr/bin'
32DB_CHARSET=utf8mb4
33DB_COLLATION=utf8mb4_unicode_ci
34
35# --------------------------------------------
36# OPTIONAL: SSL DATABASE SETTINGS
37# --------------------------------------------
38DB_SSL=false
39DB_SSL_IS_PAAS=false
40DB_SSL_KEY_PATH=null
41DB_SSL_CERT_PATH=null
42DB_SSL_CA_PATH=null
43DB_SSL_CIPHER=null
44
45# --------------------------------------------
46# REQUIRED: OUTGOING MAIL SERVER SETTINGS
47# --------------------------------------------
48MAIL_DRIVER=smtp
49MAIL_HOST=email-smtp.us-west-2.amazonaws.com
50MAIL_PORT=587
51MAIL_USERNAME=YOURUSERNAME
52MAIL_PASSWORD=YOURPASSWORD
53MAIL_ENCRYPTION=null
54MAIL_FROM_ADDR=you@example.com
55MAIL_FROM_NAME='Snipe-IT'
56MAIL_REPLYTO_ADDR=you@example.com
57MAIL_REPLYTO_NAME='Snipe-IT'
58MAIL_AUTO_EMBED_METHOD='attachment'
59
60# --------------------------------------------
61# REQUIRED: IMAGE LIBRARY
62# This should be gd or imagick
63# --------------------------------------------
64IMAGE_LIB=gd
65
66
67# --------------------------------------------
68# OPTIONAL: BACKUP SETTINGS
69# --------------------------------------------
70MAIL_BACKUP_NOTIFICATION_DRIVER=null
71MAIL_BACKUP_NOTIFICATION_ADDRESS=null
72BACKUP_ENV=true
73ALLOW_BACKUP_DELETE=false
74ALLOW_DATA_PURGE=false
75
76# --------------------------------------------
77# OPTIONAL: SESSION SETTINGS
78# --------------------------------------------
79SESSION_DRIVER=file
80SESSION_LIFETIME=12000
81EXPIRE_ON_CLOSE=false
82ENCRYPT=false
83COOKIE_NAME=snipeit_session
84COOKIE_DOMAIN=null
85SECURE_COOKIES=false
86API_TOKEN_EXPIRATION_YEARS=15
87
88# --------------------------------------------
89# OPTIONAL: SECURITY HEADER SETTINGS
90# --------------------------------------------
91APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1
92ALLOW_IFRAMING=false
93REFERRER_POLICY=same-origin
94ENABLE_CSP=false
95CORS_ALLOWED_ORIGINS=null
96ENABLE_HSTS=false
97
98# --------------------------------------------
99# OPTIONAL: CACHE SETTINGS
100# --------------------------------------------
101CACHE_DRIVER=file
102QUEUE_DRIVER=sync
103CACHE_PREFIX=snipeit
104
105# --------------------------------------------
106# OPTIONAL: REDIS SETTINGS
107# --------------------------------------------
108REDIS_HOST=null
109REDIS_PASSWORD=null
110REDIS_PORT=null
111
112# --------------------------------------------
113# OPTIONAL: MEMCACHED SETTINGS
114# --------------------------------------------
115MEMCACHED_HOST=null
116MEMCACHED_PORT=null
117
118# --------------------------------------------
119# OPTIONAL: PUBLIC S3 Settings
120# --------------------------------------------
121PUBLIC_AWS_SECRET_ACCESS_KEY=null
122PUBLIC_AWS_ACCESS_KEY_ID=null
123PUBLIC_AWS_DEFAULT_REGION=null
124PUBLIC_AWS_BUCKET=null
125PUBLIC_AWS_URL=null
126PUBLIC_AWS_BUCKET_ROOT=null
127
128# --------------------------------------------
129# OPTIONAL: PRIVATE S3 Settings
130# --------------------------------------------
131PRIVATE_AWS_ACCESS_KEY_ID=null
132PRIVATE_AWS_SECRET_ACCESS_KEY=null
133PRIVATE_AWS_DEFAULT_REGION=null
134PRIVATE_AWS_BUCKET=null
135PRIVATE_AWS_URL=null
136PRIVATE_AWS_BUCKET_ROOT=null
137
138# --------------------------------------------
139# OPTIONAL: AWS Settings
140# --------------------------------------------
141AWS_ACCESS_KEY_ID=null
142AWS_SECRET_ACCESS_KEY=null
143AWS_DEFAULT_REGION=null
144
145# --------------------------------------------
146# OPTIONAL: LOGIN THROTTLING
147# --------------------------------------------
148LOGIN_MAX_ATTEMPTS=5
149LOGIN_LOCKOUT_DURATION=60
150
151# --------------------------------------------
152# OPTIONAL: FORGOTTEN PASSWORD SETTINGS
153# --------------------------------------------
154RESET_PASSWORD_LINK_EXPIRES=15
155PASSWORD_CONFIRM_TIMEOUT=10800
156PASSWORD_RESET_MAX_ATTEMPTS_PER_MIN=50
157
158# --------------------------------------------
159# OPTIONAL: MISC
160# --------------------------------------------
161APP_LOG=single
162APP_LOG_MAX_FILES=10
163APP_LOG_LEVEL=warning
164APP_LOCKED=false
165APP_CIPHER=AES-256-CBC
166APP_FORCE_TLS=false
167APP_ALLOW_INSECURE_HOSTS=false
168GOOGLE_MAPS_API=
169LDAP_MEM_LIM=500M
170LDAP_TIME_LIM=600
171IMPORT_TIME_LIMIT=600
172IMPORT_MEMORY_LIMIT=500M
173REPORT_TIME_LIMIT=12000
174REQUIRE_SAML=false
175API_THROTTLE_PER_MINUTE=120
个人示例:敏感信息已用xxx替换
1[root@snipe-it]# egrep -v '^#|^$' .env | head -n 25
2APP_ENV=production
3APP_DEBUG=false
4APP_KEY= xxx
5APP_URL=http://xxx
6APP_TIMEZONE='Asia/Shanghai'
7APP_LOCALE=en
8MAX_RESULTS=500
9
10PRIVATE_FILESYSTEM_DISK=local
11PUBLIC_FILESYSTEM_DISK=local_public
12
13
14
15DB_CONNECTION=mysql
16DB_HOST=xxx
17DB_PORT=xxx
18DB_DATABASE=xxx
19DB_USERNAME=xx
20DB_PASSWORD=xxx
21DB_PREFIX=null
22DB_DUMP_PATH='/usr/bin'
23DB_CHARSET=utf8mb4
24DB_COLLATION=utf8mb4_unicode_ci
25
26DB_SSL=false
- 2.5 安装php包依赖
1curl -sS https://getcomposer.org/installer | php
2php composer.phar install --no-dev --prefer-source
- 2.6 生成APP_KEY
1php artisan key:generate
- 2.7 Nginx 和 PHP-FPM 配置
nginx 配置参考
1[root@conf.d]# cat snipe-it.conf
2server {
3 listen 80;
4 server_name localhost;
5
6 root /data/snipe-it/public;
7 index index.php index.html index.htm;
8
9 location / {
10 try_files $uri $uri/ /index.php$is_args$args;
11 }
12
13 location ~ \.php$ {
14 try_files $uri $uri/ =404;
15 fastcgi_pass unix:/var/run/php7-fpm-www.sock;
16 fastcgi_index index.php;
17 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
18 include fastcgi_params;
19 }
20}
php-fpm 配置参考
1[root@php-fpm.d]# egrep -v '^;|^$' www.conf
2[www]
3user = nginx
4group = nginx
5listen = /var/run/php7-fpm-www.sock
6listen.owner = nginx
7listen.group = nginx
8listen.mode = 0660
9listen.allowed_clients = 127.0.0.1
10pm = dynamic
11pm.max_children = 50
12pm.start_servers = 5
13pm.min_spare_servers = 5
14pm.max_spare_servers = 35
15slowlog = /var/log/php-fpm/www-slow.log
16php_admin_value[error_log] = /var/log/php-fpm/www-error.log
17php_admin_flag[log_errors] = on
18php_value[session.save_handler] = files
19php_value[session.save_path] = /var/lib/php/session
20php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
注意,这里php-fpm、nginx都是用nginx这个用户运行,不一致会遇到权限问题,接着把代码目录也改为nginx, 当然你你也可以改成自己想要的用户运行,记得对应的配置文件也要一并修改。
更改目录权限和启动相关服务
1chown -R nginx:nginx /data/snipe-it
2systemctl start php-fpm
3systemctl start nginx
如有需要可往源码目录放一个test.php文件,用于测试相关环境配置是否正常。
1echo -e '<?php\nphpinfo();\n?>' > test.php
- 2.8 最后测试验证
访问http://xxx.xxx.xxx/test.php 确认正常显示phpinfo信息。
如果有错误,请查看nginx和php-fpm的错误日志,根据报错解决问题。
再访问http://xxx.xxx.xxx/ 根据指引设置登录使用系统。
没有怎么接触的新手,初次使用可以参考官方demo
最后修改于: Monday, August 28, 2023
版权申明:
- 未标注来源的内容全部为原创,未经授权请勿转载(因转载后排版往往错乱、内容不可控、无法持续更新等);
- 非营利为目的,演绎本博客任何内容,请以'原文出处'或者'参考链接'等方式给出本站相关网页地址(方便读者)。