Apache Guacamole 1.4 Docker: Difference between revisions

From WikiMLT
Spas (talk | contribs)
Spas (talk | contribs)
Line 104: Line 104:
</syntaxhighlight>The next step that should be done is to create a new Administrator user and remove the default one! Also enable TOTP: the module is already integrated in the Docker container, so we just need to enable it by the docker's configuration - see line <code>36</code> of the above listing.
</syntaxhighlight>The next step that should be done is to create a new Administrator user and remove the default one! Also enable TOTP: the module is already integrated in the Docker container, so we just need to enable it by the docker's configuration - see line <code>36</code> of the above listing.
== References ==
== References ==
* [[Apache Guacamole VNC Client and PulseAudio for Desktop Users]]
* Systems.dance: [https://www.systems.dance/2021/01/apache-guacamole-and-docker-compose/ '''Apache Guacamole and docker-compose''']
* Systems.dance: [https://www.systems.dance/2021/01/apache-guacamole-and-docker-compose/ '''Apache Guacamole and docker-compose''']
*Mauro Frigerio blog: [https://frigi.ch/en/2021/07/install-guacamole-on-docker-with-traefik-and-2fa/ '''Install Guacamole on Docker with Traefik and 2FA''']
*Mauro Frigerio blog: [https://frigi.ch/en/2021/07/install-guacamole-on-docker-with-traefik-and-2fa/ '''Install Guacamole on Docker with Traefik and 2FA''']

Revision as of 11:20, 24 September 2022

Pull the Dock­er im­ages

docker pull guacamole/guacamole
docker pull guacamole/guacd
docker pull mariadb/server

Set­up the Data­base

Gen­er­ate Data­base Ini­tial­iza­tion Script.

docker run -it guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > guac_1.4_db.sql

Cre­at­ing Ini­tial docker-compose.yaml.

docker-compose.yaml
version: '3'
services:

  guacdb:
    container_name: guacdb
    image: mariadb/server:latest
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: 'MariaDBRootPSW'
      MYSQL_DATABASE: 'guacamole_db'
      MYSQL_USER: 'guacamole_user'
      MYSQL_PASSWORD: 'MariaDBUserPSW'
    volumes:
      - ./guacdb-data:/var/lib/mysql

volumes:
  guacdb-data:

Bring the database's con­tain­er up.

docker-compose up -d

Copy the data­base ini­tial­iza­tion script in­to the con­tain­er.

docker cp guac_1.4_db.sql guacdb:/guac_1.4_db.sql

Open a shell in the con­tain­er an ini­tial­ize the data­base.

docker exec -it guacdb bash
mysql guacamole_db < /guac_1.4_db.sql
exit

Bring the database's con­tain­er down.

docker-compose down

Set­up Apache Gua­camole

Here we will mod­i­fy docker-compose.yaml in the fol­low­ing way. Note in my case the host's port is 8082.

docker-compose.yaml
version: "3"
services:

  guacdb:
    container_name: guacdb
    image: mariadb/server:latest
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: "MariaDBRootPSW"
      MYSQL_DATABASE: "guacamole_db"
      MYSQL_USER: "guacamole_user"
      MYSQL_PASSWORD: "MariaDBUserPSW"
    volumes:
      - ./guacdb-data:/var/lib/mysql

  guacd:
    container_name: guacd
    image: guacamole/guacd
    restart: always
    volumes:
      - ./guacd-data/drive:/drive:rw
      - ./guacd-data/record:/record:rw

  guacamole:
    container_name: guacamole
    image: "guacamole/guacamole:latest"
    restart: always
    ports:
      - "8082:8080"
    environment:
      GUACD_HOSTNAME: "guacd"
      MYSQL_HOSTNAME: "guacdb"
      MYSQL_DATABASE: "guacamole_db"
      MYSQL_USER: "guacamole_user"
      MYSQL_PASSWORD: "MariaDBUserPSW"
      TOTP_ENABLED: "true"
    depends_on:
      - "guacdb"
      - "guacd"

volumes:
  guacdb-data:
  guacd-data:

Bring every­thing up.

docker-compose up -d

At this point you should be able to ac­cess http://host.ip.address:8082/gua­camole and lo­gin with gua­cad­min/gua­cad­min.

Apache2 Re­verse Proxy

Fur­ther with­in my dev en­vi­ron­ment I'm us­ing the script a2proxy to cre­ate Apache2 Re­verse Proxy yo the in­stance:

sudo a2proxy guac 8082

The next step that should be done is to cre­ate a new Ad­min­is­tra­tor user and re­move the de­fault one! Al­so en­able TOTP: the mod­ule is al­ready in­te­grat­ed in the Dock­er con­tain­er, so we just need to en­able it by the docker's con­fig­u­ra­tion – see line 36 of the above list­ing.

Ref­er­ences