Docker installation of Guacamole.
What is Guacacmole?
Gucamole is a remote desktop management portal whuch uses HTML5 technologies to bring a remote desktop view into the browser with no additional technologies. The effectively means you have remote access to any machine that is configured for you to have access to from any web browser anywhere. Examples of it's use are below.
Guacacmole Docker Set up Instructions
Install postgres.
Set up a persistent volume for postgres or data will be lost on restart.
docker create volume dock-postgres_vol
and then start docker container as follows.
docker run --name dock-postgres -v dock-postgres_vol:/var/lib/postgres/data --restart=always -d postgres
Initialise the database as directed above.
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql
Copy sql file to postgres container.
docker cp initdb.sql dock-postgres:/tmp
Login to container and create initial database.
docker exec -it dock-postgres /bin/bash
su -c /bin/bash postgres
createdb guacamole_db
psql guacamole_db < /tmp/initdb.sql
Create Guacacmole DB user
$ psql -d guacamole_db
psql (10.1)
Type "help" for help.
guacamole_db=# CREATE USER guacamole_user WITH PASSWORD '$password';
CREATE ROLE
guacamole_db=# GRANT SELECT,INSERT,UPDATE,DELETE ON ALL TABLES IN SCHEMA public TO guacamole_user;
GRANT
guacamole_db=# GRANT SELECT,USAGE ON ALL SEQUENCES IN SCHEMA public TO guacamole_user;
GRANT
guacamole_db=# \q
Install Guacd container
docker run --name guacd -d guacamole/guacd
Install guacamole container
docker run --name guacamole --link guacd:guacd --link dock-postgres:postgres -e POSTGRES_DATABASE=guacamole_db -e POSTGRES_USER=guacamole_user -e POSTGRES_PASSWORD=$password -d -p 8080:8080 guacamole/guacamole
Administer Guacamole.
Point web browser @ http://localhost:8080/guacamole
Login as guacadmin default password guacadmin
create extra users as needed. Create a USER group. Create a Connection in USER group.
Click on Settings then the tab Connections.
Click on New Connection and you will be presented with a long form. Give the connection a name and fill out the parameters as needed. Most of the fields you can leave blank unless you are planning to do more sophisticated things like remote applications (see below)
Assign connection to a user.
NB. RDP Connections take auth credentials from the windows user on the server being connected to.
This will by default serve up the complete desktop as if you were connecting via a RDP client only within the browser. Sound, too, will be forwarded.
Note about customisation.
Login page can be customised using extensions, however adding and extension to a docker is a little more complex. Essentially you have to export a host directory into the container. eg.
docker run --name guacamole --link guacd:guacd --link dock-postgres:postgres -e POSTGRES_DATABASE=guacamole_db -e POSTGRES_USER=guacamole_user -e POSTGRES_PASSWORD=$password -v /var/lib/docker/custom/guacamole:/opt/local -e GUACAMOLE_HOME=/opt/local -d -p 8080:8080 guacamole/guacamole
See the addition of -v for mapping and the environment variable GUACAMOLE_HOME
. The mapped directory will be used as a template base for the actual home directory which is in /root/.guacamole
inside the container. Thus you need to make a folder on your host share called extensions
and drop your custom extension .jar into that. It will then be loaded automatically.
The example extension can be found here
And the result looks like this:
and more information on creating a custom extension can be found here and here
Adding Remote Apps.
By setting up a remote app profile you can export that app via Gucamole so it is the only application available to the user. This means they will not have access to any other program on the system or the ability to break out of the program they are running. In that sense it helps lock down usage and complexity when it comes to user access.
Remote apps are define in the profile:
RemoteApp
Recent versions of Windows provide a feature called RemoteApp which allows individual applications to be used over RDP, without providing access to the full desktop environment. If your RDP server has this feature enabled and configured, you can configure Guacamole connections to use those individual applications.
Parameter name | Description |
---|---|
remote-app | Specifies the RemoteApp to start on the remote desktop. If supported by your remote desktop server, this application, and only this application, will be visible to the user. Windows requires a special notation for the names of remote applications. The names of remote applications must be prefixed with two vertical bars. For example, if you have created a remote application on your server for notepad.exe and have assigned it the name "notepad", you would set this parameter to: :pipe:pipe:notepad |
remote-app-dir | The working directory, if any, for the remote application. This parameter has no effect if RemoteApp is not in use. |
remote-app-args | The command-line arguments, if any, for the remote application. This parameter has no effect if RemoteApp is not in use. |
The RemoteApp Tool is a free software package and can be found here
Installing the portable app is probably the best
Example of set up.
And then in the server connection settings you need to add the command to the remote app.
Posted on Utopian.io - Rewarding Open Source Contributors
Your contribution cannot be approved because it does not follow the Utopian Rules.
Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.
[utopian-moderator]
Well there is no official github project for guacamole so I just picked the one that seemed closest. Of course if there was not such a requirement to tie it to a git hub it could be a stand-alone thing.
So how do you suggest I proceed? Remove the contribution and place it elsewhere or what ? It would be pointless to clone another repo just for one submission and does not help anyone.
Any help would be appreciated.
For this project isn´t worth talking about, because your repository no longer has updates for a long time.
Take a tutorial on another subject.
Hope this helps.
Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.
It is not my repository I was unable to submit a generic tutorial post without allocating it to a repository, so explain again how am am i supposed to submit a tutorial on a project that is not hosted on github ?
Are you saying that generic tutorials are of no value and that there should not be a way of submitting them to the benefit of all ?
You will need to make it clearer because so far you have just given boiler-plate answers to what cannot be an unusual situation.
Thank you for your time.
This Vizuri/guacamole-docker repository no longer receives updates for a long time, so you can't do tutorials for this repository.
Please read the rules.
Need help? Write a ticket on https://support.utopian.io.
Chat with us on Discord.
Yes I understand but you are still missing the point. IF there is no github repo and IF a tutorial covers more than one project where exactly can you place a generic tutorial? The system for submission requires that you associate it with a github project so what can you do if none exist?