├── .dockerignore ├── .gitignore ├── .travis.yml ├── Dockerfile ├── README.md ├── guacamole-1.0.0.war ├── guacamole-auth-jumpserver-1.0.0.jar ├── guacamole-server-1.2.0.tar.gz ├── root ├── app │ └── guacamole │ │ └── guacamole.properties └── etc │ ├── cont-init.d │ ├── 30-defaults.sh │ └── 50-extensions │ └── services.d │ ├── guacamole │ └── run │ └── guacd │ └── run ├── s6-overlay-amd64.tar.gz └── ssh-forward.tar.gz /.dockerignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | config 2 | .idea/ 3 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | services: 2 | - docker 3 | 4 | before_install: 5 | - git clone https://github.com/oznu/docker-arm-ci.git ~/docker-arm-ci 6 | 7 | before_script: 8 | - export TARGET_IMAGE_TAG=$(if [ "$TRAVIS_PULL_REQUEST" == "false" ]; then if [ "$TRAVIS_BRANCH" = "master" ]; then echo "armhf"; else echo "$TRAVIS_BRANCH-armhf"; fi; else echo ""; fi) 9 | 10 | script: 11 | - ~/docker-arm-ci/run.sh 12 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM library/tomcat:9-jre8 2 | 3 | ARG NO_COPY=0 4 | ENV ARCH=amd64 \ 5 | GUACD_VER=1.2.0 \ 6 | GUAC_VER=1.0.0 \ 7 | GUACAMOLE_HOME=/app/guacamole \ 8 | NO_COPY=$NO_COPY 9 | 10 | # Apply the s6-overlay 11 | COPY s6-overlay-${ARCH}.tar.gz . 12 | 13 | #RUN curl -SLO "https://github.com/just-containers/s6-overlay/releases/download/v1.20.0.0/s6-overlay-${ARCH}.tar.gz" \ 14 | RUN tar -xzf s6-overlay-${ARCH}.tar.gz -C / \ 15 | && tar -xzf s6-overlay-${ARCH}.tar.gz -C /usr ./bin \ 16 | && rm -rf s6-overlay-${ARCH}.tar.gz \ 17 | && mkdir -p ${GUACAMOLE_HOME} \ 18 | ${GUACAMOLE_HOME}/lib \ 19 | ${GUACAMOLE_HOME}/extensions 20 | 21 | WORKDIR ${GUACAMOLE_HOME} 22 | 23 | RUN curl -o /etc/apt/sources.list "https://mirrors.163.com/.help/sources.list.stretch" 24 | # Install dependencies 25 | RUN apt-get update && apt-get install -y \ 26 | libcairo2-dev libjpeg62-turbo-dev libpng-dev \ 27 | libossp-uuid-dev libavcodec-dev libavutil-dev \ 28 | libswscale-dev freerdp2-dev libfreerdp-client2-2 libpango1.0-dev \ 29 | libssh2-1-dev libtelnet-dev libvncserver-dev \ 30 | libpulse-dev libssl-dev libvorbis-dev libwebp-dev libwebsockets-dev \ 31 | ghostscript \ 32 | && rm -rf /var/lib/apt/lists/* 33 | 34 | # Link FreeRDP to where guac expects it to be 35 | RUN [ "$ARCH" = "armhf" ] && ln -s /usr/local/lib/freerdp /usr/lib/arm-linux-gnueabihf/freerdp || exit 0 36 | RUN [ "$ARCH" = "amd64" ] && ln -s /usr/local/lib/freerdp /usr/lib/x86_64-linux-gnu/freerdp || exit 0 37 | 38 | # Install guacamole-server 39 | COPY guacamole-server-${GUACD_VER}.tar.gz . 40 | RUN tar -xzf guacamole-server-${GUACD_VER}.tar.gz 41 | RUN if [ "$NO_COPY" = "1" ];then \ 42 | cd guacamole-server-${GUACD_VER} \ 43 | && sed -i 's@guac_rdp_clipboard_load_plugin.*@guac_client_log(client, GUAC_LOG_INFO, "Copy paste has been disabled");@' ./src/protocols/rdp/rdp.c \ 44 | && echo "Disable copy and paste"; \ 45 | fi 46 | 47 | RUN cd guacamole-server-${GUACD_VER} \ 48 | && ./configure \ 49 | && make -j$(getconf _NPROCESSORS_ONLN) \ 50 | && make install \ 51 | && cd .. \ 52 | && rm -rf guacamole-server-${GUACD_VER}.tar.gz guacamole-server-${GUACD_VER} \ 53 | && ldconfig 54 | 55 | # Install guacamole-client and postgres auth adapter 56 | RUN rm -rf ${CATALINA_HOME}/webapps/ROOT 57 | 58 | COPY guacamole-${GUAC_VER}.war ${CATALINA_HOME}/webapps/ROOT.war 59 | 60 | ENV PATH=/usr/lib/postgresql/${PG_MAJOR}/bin:$PATH 61 | ENV GUACAMOLE_HOME=/config/guacamole 62 | RUN mkdir -p ${GUACAMOLE_HOME}/extensions 63 | COPY guacamole-auth-jumpserver-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions/guacamole-auth-jumpserver-${GUAC_VER}.jar 64 | 65 | # Install ssh-forward for support 66 | COPY ssh-forward.tar.gz /tmp/ 67 | RUN tar xvf /tmp/ssh-forward.tar.gz -C /bin/ && chmod +x /bin/ssh-forward 68 | WORKDIR /config 69 | 70 | COPY root / 71 | 72 | ENTRYPOINT [ "/init" ] 73 | 74 | 75 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [![Docker Build Status](https://img.shields.io/docker/build/jumpserver/guacamole.svg?style=for-the-badge)](https://hub.docker.com/r/jumpserver/guacamole/) 2 | [![Docker Pulls](https://img.shields.io/docker/pulls/jumpserver/guacamole.svg?style=for-the-badge)](https://hub.docker.com/r/jumpserver/guacamole/) 3 | 4 | # Docker Guacamole 5 | 6 | A Docker Container for [Apache Guacamole](https://guacamole.incubator.apache.org/), a client-less remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH over HTML5. 7 | 8 | This container runs the guacamole web client, the guacd server for jumpserver. 9 | 10 | ## Usage 11 | 12 | ```shell 13 | docker run \ 14 | -p 8080:8080 \ 15 | -e JUMPSERVER_SERVER=http://:8080 \ 16 | jumpserver/guacamole 17 | ``` 18 | 19 | ## Nginx Configure 20 | 21 | please add the following configure in you nginx config. 22 | 23 | ``` 24 | location /guacamole/ { 25 | proxy_pass http://:8080/; 26 | } 27 | ``` 28 | -------------------------------------------------------------------------------- /guacamole-1.0.0.war: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jumpserver/docker-guacamole-v1/48548f951051185205ba35dea6af074deb5ccbc8/guacamole-1.0.0.war -------------------------------------------------------------------------------- /guacamole-auth-jumpserver-1.0.0.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jumpserver/docker-guacamole-v1/48548f951051185205ba35dea6af074deb5ccbc8/guacamole-auth-jumpserver-1.0.0.jar -------------------------------------------------------------------------------- /guacamole-server-1.2.0.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jumpserver/docker-guacamole-v1/48548f951051185205ba35dea6af074deb5ccbc8/guacamole-server-1.2.0.tar.gz -------------------------------------------------------------------------------- /root/app/guacamole/guacamole.properties: -------------------------------------------------------------------------------- 1 | #postgresql-hostname: localhost 2 | #postgresql-port: 5432 3 | #postgresql-database: guacamole_db 4 | #postgresql-username: guacamole 5 | #postgresql-password: null 6 | 7 | # ldap-hostname: ldap.example.net 8 | # ldap-port: 389 9 | # ldap-encryption-method: none 10 | # ldap-max-search-results: 1000 11 | # ldap-search-bind-dn: 12 | # ldap-search-bind-password: 13 | # ldap-user-base-dn: ou=people,dc=example,dc=net 14 | # ldap-username-attribute: uid 15 | # ldap-user-search-filter: (objectClass=*) 16 | 17 | enable-clipboard-integration: true 18 | -------------------------------------------------------------------------------- /root/etc/cont-init.d/30-defaults.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv sh 2 | 3 | cp -rn /app/guacamole /config 4 | -------------------------------------------------------------------------------- /root/etc/cont-init.d/50-extensions: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv sh 2 | 3 | # clean up extensions 4 | for i in auth-ldap auth-duo auth-header auth-noauth auth-cas; do 5 | rm -rf ${GUACAMOLE_HOME}/extensions/guacamole-${i}-${GUAC_VER}.jar 6 | done 7 | 8 | # enable extensions 9 | for i in $(echo "$EXTENSIONS" | tr "," " "); do 10 | cp ${GUACAMOLE_HOME}/extensions-available/guacamole-${i}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions 11 | done 12 | -------------------------------------------------------------------------------- /root/etc/services.d/guacamole/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv sh 2 | 3 | #until pg_isready; do 4 | # echo "Waiting for postgres to come up..." 5 | # sleep 1 6 | #done 7 | 8 | # Create database if it does not exist 9 | #psql -U postgres -lqt | cut -d \| -f 1 | grep -qw $POSTGRES_DB 10 | #if [ $? -ne 0 ]; then 11 | # createuser -U postgres $POSTGRES_USER 12 | # createdb -U postgres -O $POSTGRES_USER $POSTGRES_DB 13 | # cat /app/guacamole/schema/*.sql | psql -U $POSTGRES_USER -d $POSTGRES_DB -f - 14 | #fi 15 | 16 | echo "Starting guacamole client..." 17 | s6-setuidgid root catalina.sh run 18 | -------------------------------------------------------------------------------- /root/etc/services.d/guacd/run: -------------------------------------------------------------------------------- 1 | #!/usr/bin/with-contenv sh 2 | 3 | echo "Starting guacamole guacd..." 4 | s6-setuidgid root guacd -f 5 | -------------------------------------------------------------------------------- /s6-overlay-amd64.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jumpserver/docker-guacamole-v1/48548f951051185205ba35dea6af074deb5ccbc8/s6-overlay-amd64.tar.gz -------------------------------------------------------------------------------- /ssh-forward.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/jumpserver/docker-guacamole-v1/48548f951051185205ba35dea6af074deb5ccbc8/ssh-forward.tar.gz --------------------------------------------------------------------------------