I want to update the post Apache Guacamole with LDAP and 2FA TOTP authentication that I posted a while back. The Docker container image is no longer being maintained. This post is how to install the official Docker container images.
This is the docker-compose.yml that I am using:
version: '3' services: guacdb: env_file: .env container_name: guacdb image: mariadb/server:latest restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: '${ROOTDBPASS}' MYSQL_DATABASE: '${DB}' MYSQL_USER: '${DBUSER}' MYSQL_PASSWORD: '${DBPASS}' volumes: - '${APPDATADB}:/var/lib/mysql' networks: guac_net: guacd: env_file: .env container_name: guacd image: guacamole/guacd restart: unless-stopped networks: guac_net: guacamole: env_file: .env container_name: guacamole image: 'guacamole/guacamole:latest' restart: unless-stopped ports: - '8080:8080' environment: GUACD_HOSTNAME: "guacd" MYSQL_HOSTNAME: "guacdb" MYSQL_DATABASE: "${DB}" MYSQL_USER: "${DBUSER}" MYSQL_PASSWORD: "${DBPASS}" #LDAP_HOSTNAME: "${IPA}" #LDAP_PORT: "${IPAPORT}" #LDAP_USER_BASE_DN: "${BASEDN}" #LDAP_SEARCH_BIND_DN: "${BINDDN}" #LDAP_SEARCH_BIND_PASSWORD: "${BINDPASS}" #LDAP_USERNAME_ATTRIBUTE: "uid" depends_on: - guacdb - guacd volumes: - '${DATA}:/opt/guacamole networks: dmz_net: ipv4_address: "${IP4}" guac_net: networks: dmz_net: external: true guac_net:
Below is the content of the .env file. Adjust the value of the variables to your desire values
# Database APPDATADB=/srv/appdata/guacamole/guacdb ROOTDBPASS=ro0tdB5eCr3tp@s%w0rd DB=guacdb DBUSER=guacdbuser DBPASS=dBs3Cr3tp@5%wOrd # Guacamole IP4=192.168.20.23 IPA=192.168.7.25 IPAPORT=636 BASEDN=dc=example,dc=local BINDDN=uid=guac,cn=users,cn=accounts,dc=example,dc=local BINDPASS=b1ndDn%3Cr3tP@5%WoRd DATA=/srv/appdata/guacamole/guacamole
Go ahead and pull the official images.
docker-compose pull
Do not run the docker-compose yet. We need to create a database initialization script first. Make sure you’re located where the docker-compose.yml file is.
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > guacdb.sql
Just bring up the mariadb container and copy the databse initialization script that was created earlier into mariadb container.
docker-compose up -d guacdb docker cp guacdb.sql guacdb:/guacdb.sql
Bash into the mariadb container and cat the content of the script into the database.
docker exec -it guacdb bash cat /guac_db.sql | mysql -u root -p guacdb exit
Bring down the mariadb container and bring the whole package up.
docker-compose down docker-compose up -d
Once they are up and running, navigate to http://<ip>:8080/guacamole to manage the container. The default credential is guacadmin/guacadmin.
Cheers!