Apache Guacamole

Leave a Comment / Project, server / By /

I want to update the post Apache Guacamole with LDAP and 2FA TOTP authentication that I posted a while back. The Docker container image is no longer being maintained. This post is how to install the official Docker container images.

This is the docker-compose.yml that I am using:

version: '3'
services:

  guacdb:
    env_file: .env
    container_name: guacdb
    image: mariadb/server:latest
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: '${ROOTDBPASS}'
      MYSQL_DATABASE: '${DB}'
      MYSQL_USER: '${DBUSER}'
      MYSQL_PASSWORD: '${DBPASS}'
    volumes:
      - '${APPDATADB}:/var/lib/mysql'
    networks:
      guac_net:
      
  guacd:
    env_file: .env
    container_name: guacd
    image: guacamole/guacd
    restart: unless-stopped
    networks:
      guac_net:

  guacamole:
    env_file: .env
    container_name: guacamole
    image: 'guacamole/guacamole:latest'
    restart: unless-stopped
    ports:
      - '8080:8080'
    environment:
      GUACD_HOSTNAME: "guacd"
      MYSQL_HOSTNAME: "guacdb"
      MYSQL_DATABASE: "${DB}"
      MYSQL_USER: "${DBUSER}"
      MYSQL_PASSWORD: "${DBPASS}"
      #LDAP_HOSTNAME: "${IPA}"
      #LDAP_PORT: "${IPAPORT}"
      #LDAP_USER_BASE_DN: "${BASEDN}"
      #LDAP_SEARCH_BIND_DN: "${BINDDN}"
      #LDAP_SEARCH_BIND_PASSWORD: "${BINDPASS}"
      #LDAP_USERNAME_ATTRIBUTE: "uid"
    depends_on:
      - guacdb
      - guacd
    volumes:
      - '${DATA}:/opt/guacamole
    networks:
      dmz_net:
        ipv4_address: "${IP4}"
      guac_net:

networks:
  dmz_net:
    external: true
  guac_net:

Below is the content of the .env file. Adjust the value of the variables to your desire values

# Database
APPDATADB=/srv/appdata/guacamole/guacdb
ROOTDBPASS=ro0tdB5eCr3tp@s%w0rd
DB=guacdb
DBUSER=guacdbuser
DBPASS=dBs3Cr3tp@5%wOrd

# Guacamole
IP4=192.168.20.23
IPA=192.168.7.25
IPAPORT=636
BASEDN=dc=example,dc=local
BINDDN=uid=guac,cn=users,cn=accounts,dc=example,dc=local
BINDPASS=b1ndDn%3Cr3tP@5%WoRd
DATA=/srv/appdata/guacamole/guacamole

Go ahead and pull the official images.

docker-compose pull

Do not run the docker-compose yet. We need to create a database initialization script first. Make sure you’re located where the docker-compose.yml file is.

docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > guacdb.sql

Just bring up the mariadb container and copy the databse initialization script that was created earlier into mariadb container.

docker-compose up -d guacdb
docker cp guacdb.sql guacdb:/guacdb.sql

Bash into the mariadb container and cat the content of the script into the database.

docker exec -it guacdb bash
cat /guac_db.sql | mysql -u root -p guacdb
exit

Bring down the mariadb container and bring the whole package up.

docker-compose down
docker-compose up -d

Once they are up and running, navigate to http://<ip>:8080/guacamole to manage the container. The default credential is guacadmin/guacadmin.

Cheers!

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x