ci(api): docker-compose & docs

README.md

@@ -1,4 +1,5 @@
 <h3 align="center">OneTerm</h3>
+
 <p align="center">
   <a href="https://github.com/veops/oneterm/blob/main/LICENSE"><img src="https://img.shields.io/github/license/veops/oneterm" alt="Apache License 2.0"></a>
   <a href="https://github.com/veops/oneterm/releases">
@@ -8,11 +9,10 @@
   <a href="https:https://github.com/sendya/ant-design-pro-vue"><img src="https://img.shields.io/badge/UI-Ant%20Design%20Pro%20Vue-brightgreen" alt="UI"></a>
 </p>
 
-**`OneTerm`** Bastion Host, based on the 4A concept, i.e., Authentication, Authorization, Account, and Audit, is designed and developed.
+<p align="center">
+ A Simple, Lightweight, Flexible Bastion Host.
+</p>
 
-`Main use`: It is mainly used for products that enhance IT internal control and compliance security by implementing control and audit of IT personnel's operating behaviors in enterprises.
-
-`Main functions`: role management, authorization approval, resource access control, session audit, etc.
 
 ---
 English / [中文](README_cn.md)
@@ -40,58 +40,22 @@ docker-compose up -d
 - password: 123456
 
 
-## SSH
-### View
-![Example GIF](./docs/images/ssh-client.gif)
-### Login
-```shell
-ssh -p12229 admin@127.0.0.1 # Note that the port, user, and address need to be replaced with your current environment
-```
-### Passwordless Login Configuration
-> Terminal passwordless login is designed for enhanced security and convenience.
-1. Generate and retrieve the public key, get the MAC address
-```shell
-ssh-keygen -t ed25519 # Generate the key following the prompts
-cat /root/.ssh/id_ed25519.pub # Copy the public key. The public key address is obtained from the generation process as shown in the previous step
-ifconfig | grep -B1 "xxx.xxx.xxx.xxx" | awk '/ether/{print $2}' # Get the MAC address, replace xxx.xxx.xxx.xxx with your local IP
-```
-![img.png](docs/images/img.png)
+## 🎯Features
 
-2. Place the public key and MAC on the platform
-   ![img_1.png](docs/images/img_1.png)
+- Asset Managent (SSH RDP VNC)
+- Account Management
+- Authorization
+- Session Management
+  - Online Session: Monitor, Force Kill
+  - Offline Session: Replay, Download
+- SSH Server
+- Asset & Account Auto Discovery
 
-### More Streamlined Login Method
-```shell
-ssh oneterm
-```
-> To achieve this effect, you can configure as follows:
-1. Create the ssh config file
-```shell
-touch ~/.ssh/config
-```
-2. Add the following content to **`~/.ssh/config`**
-```shell
-Host oneterm
-    HostName 127.0.0.1 # Replace with the address of your oneterm's ssh server
-    Port 12229 # Replace with the port of your oneterm's ssh server
-    User admin # Replace with your platform user on oneterm
-```
-
-## VNC/RDP
-![rdp.png](docs/images/rdp.png)
-
-## 🎯TODO
-- [ ] The asset list is associated with the CMDB authorization service tree.
-- [ ] The web terminal page supports multiple sessions with tabs, etc.
 
 ## 📚Docs
 
 doc link：https://veops.cn/docs/docs/oneterm/onterm_design
 
-## 🔗Releated Projects
-
-[go-ansiterm](https://github.com/veops/go-ansiterm)：Linux terminal emulator
-
 ## Contributing
 
 <a href="https://github.com/veops/oneterm/graphs/contributors">

README_cn.md

@@ -8,11 +8,9 @@
   <a href="https:https://github.com/sendya/ant-design-pro-vue"><img src="https://img.shields.io/badge/UI-Ant%20Design%20Pro%20Vue-brightgreen" alt="UI"></a>
 </p>
 
-**`OneTerm`** 堡垒机，基于4A理念，即认证(Authen)、授权(Authorize)、账号(Account)、审计(Audit)设计开发。
-
-`主要用途`：主要用于企业通过实现对IT人员操作行为的控制和审计来提升IT内部控制、合规安全性的产品。
-
-`主要功能`：角色管理、授权审批、资源访问控制、会话审计等。
+<p align="center">
+ 一款简单、轻量、灵活的堡垒机服务.
+</p>
 
 ---
 [English](README.md) / 中文
@@ -23,8 +21,6 @@
 > **重要提示**:  **`main`** 分支在开发过程中可能处于不稳定的状态，请通过[release](https://github.com/veops/oneterm/releases)获取，或者直接通过镜像部署
 
 
-
-
 ## 🚀安装
 
 ### docker-compose
@@ -36,64 +32,26 @@ docker-compose up -d
 ```
 
 ## ✅验证
-- 浏览器打开: [http://127.0.0.1:8000](http://127.0.0.1:8000)
-- username: admin
-- password: 123456
+- 浏览器: [http://127.0.0.1:8666](http://127.0.0.1:8666)
+- 账号: admin
+- 密码: 123456
 
-## SSH终端
-### 效果
-![Example GIF](./docs/images/ssh-client.gif)
-### 登录
-```shell
-ssh -p12229 admin@127.0.0.1 # 注意这里端口,用户，地址需要换成您当前环境的
-```
-### 免密登录配置
-> 终端免密登录是为了增加安全性以及便捷性而设计
-1. 生成并获取公钥, 获取mac地址
-```shell
-ssh-keygen -t ed25519 # 根据提示生成key
-cat /root/.ssh/id_ed25519.pub # 拷贝公钥, 公钥地址从上一步生成的过程中获取，如下图所示
-ifconfig | grep -B1 "xxx.xxx.xxx.xxx" | awk '/ether/{print $2}' # 获取mac地址， 其中xxx.xxx.xxx.xxx换成您本机的IP
-```
+## 🎯功能
 
-![img.png](docs/images/img.png)
-
-2. 将公钥和mac放在平台上
-![img_1.png](docs/images/img_1.png)
-
-### 更精简的的登录方式
-```shell
-ssh oneterm
-```
-> 要达到这种效果，可进行如下配置
-1. 创建ssh config文件
-```shell
-touch ~/.ssh/config
-```
-2. 将以下内容添加到 **`~/.ssh/config`**
-```shell
-Host oneterm
-    HostName 127.0.0.1 # 此处替换为您oneterm的ssh server的地址
-    Port 12229 # 此处替换为您oneterm的ssh server的端口
-    User admin # 此处替换为您oneterm上的平台用户
-```
-
-## VNC/RDP
-![rdp.png](docs/images/rdp.png)
-
-## 🎯下一步计划
-- [ ] 资产列表关联CMDB授权服务树
-- [ ] web终端页面多个session支持tab等
+- 资产管理 (SSH RDP VNC)
+- 账号管理
+- 权限认证
+- 会话管理
+  - 在线会话: 监控、强制关闭
+  - 离线会话: 回放, 下载
+- SSH服务
+- 资产账号自动发现
 
 ## 📚产品文档
 
 文档地址：https://veops.cn/docs/docs/oneterm/onterm_design
 
 
-## 🔗相关项目
-
-[go-ansiterm](https://github.com/veops/go-ansiterm)：linux终端仿真器,主要是根据终端输入和服务器回显解析命令
-
 ## 如何贡献
 
 <a href="https://github.com/veops/oneterm/graphs/contributors">

deploy/docker-compose.yaml

@@ -16,6 +16,9 @@ services:
       new:
         aliases:
           - oneterm-api
+    tty: true
+    ports:
+      - "2222:2222"
 
   oneterm-guacd:
     image: registry.cn-hangzhou.aliyuncs.com/veops/oneterm-guacd:latest
@@ -100,6 +103,7 @@ services:
       - |
         sleep 2
         flask db-setup
+        flask common-check-new-columns
         flask init-acl
         flask init-department