Difference between revisions of "Apache Guacamole"
→Guacamole Installation
| (8 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
Apache Guacamole is a | Apache Guacamole is a [[Self hosted applications|Self hosted application]] for Remote Desktop services. Guacamole allows remote desktop services to be accessed over HTTP. | ||
The main page for Apache Guacamole can be accessed here: | The main page for Apache Guacamole can be accessed here: | ||
https://guacamole.apache.org/ | https://guacamole.apache.org/ | ||
== Guacamole Installation == | ==Guacamole Installation == | ||
This guide is best suited for a Guacamole installation on Ubuntu Server 20.04 LTS | This guide is best suited for a Guacamole installation on [[Ubuntu | Ubuntu Server 20.04 LTS]] | ||
'''Run as Root''' | '''Run as Root''' | ||
| Line 25: | Line 25: | ||
'''Install tomcat9''' | '''Install tomcat9''' | ||
<code | <code>sudo apt install tomcat9 -y</code> | ||
'''Enable tomcat''' | '''Enable tomcat''' | ||
| Line 77: | Line 77: | ||
'''Set Up MySQL Connector''' | '''Set Up MySQL Connector''' | ||
<code>wget | <code>wget </nowiki>https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-auth-jdbc-1.4.0.tar.gz</code> | ||
<code>tar -xf guacamole-auth-jdbc-1.4.0.tar.gz</code> | <code>tar -xf guacamole-auth-jdbc-1.4.0.tar.gz</code> | ||
| Line 115: | Line 115: | ||
Add the following: | Add the following: | ||
<code>mysql-hostname: localhost<br /> | <code>mysql-hostname: localhost<br />mysql-port: 3306<br />mysql-database: guacamole_db<br />mysql-username: guacamole_user<br />mysql-password: StrongPassword</code> | ||
mysql-port: 3306<br /> | |||
mysql-database: guacamole_db<br /> | |||
mysql-username: guacamole_user<br /> | |||
mysql-password: StrongPassword</code> | |||
Edit guacd.conf: | Edit guacd.conf: | ||
| Line 127: | Line 123: | ||
Add the following: | Add the following: | ||
<code>[server]<br /> | <code>[server]<br />bind_host = 0.0.0.0<br />bind_port = 4822</code> | ||
bind_host = 0.0.0.0<br /> | |||
bind_port = 4822</code> | |||
'''Restart Services''' | '''Restart Services''' | ||
| Line 137: | Line 131: | ||
'''Get Guacamole client''' | '''Get Guacamole client''' | ||
<code>wget https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war<br /> | <code>wget https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war<br />mv guacamole-1.4.0.war guacamole.war<br />cp guacamole.war /var/lib/tomcat9/webapps<br />ls /var/lib/tomcat9/webapps</code> | ||
mv guacamole-1.4.0.war guacamole.war<br /> | |||
cp guacamole.war /var/lib/tomcat9/webapps<br /> | |||
ls /var/lib/tomcat9/webapps</code> | |||
| Line 149: | Line 140: | ||
Add the following: | Add the following: | ||
<pre> | |||
<Valve className="org.apache.catalina.valves.RemoteIpValve" | <Valve className="org.apache.catalina.valves.RemoteIpValve" | ||
internalProxies="127.0.0.1" | internalProxies="127.0.0.1" | ||
| Line 154: | Line 146: | ||
remoteIpProxiesHeader="x-forwarded-by" | remoteIpProxiesHeader="x-forwarded-by" | ||
protocolHeader="x-forwarded-proto" /> | protocolHeader="x-forwarded-proto" /> | ||
</pre> | |||
'''Restart tomcat9''' | |||
<code>sudo systemctl restart tomcat9</code> | <code>sudo systemctl restart tomcat9</code> | ||
Apache Guacamole should now be installed and reachable at <code>http://localhost:8080/guacamole</code> | Apache Guacamole should now be installed and reachable at <code>http://localhost:8080/guacamole</code> | ||
The default sign in credentials are username:<code>guacadmin</code> password:<code>guacadmin</code> | The default sign in credentials are username:<code>guacadmin</code> password:<code>guacadmin</code> | ||
== Fix RDP Connection Issues == | ==Add TOTP Authentication == | ||
If you have connection issues, | Download the TOTP extension for Apache Guacamole and install it to the extensions folder: | ||
<code>wget <nowiki>https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-auth-totp-1.4.0.tar.gz</nowiki></code> | |||
<code>tar -zxf guacamole-auth-totp-1.4.0.tar.gz guacamole-auth-totp-1.4.0/guacamole-auth-totp-1.4.0.jar</code> | |||
<code>mv guacamole-auth-totp-1.4.0/guacamole-auth-totp-1.4.0.jar /etc/guacamole/extensions/</code> | |||
<code>systemctl restart tomcat9</code> | |||
==Fix RDP Connection Issues == | |||
If you have connection issues, fix by adding a guacd user: | |||
<code>useradd -M -d /var/lib/guacd/ -r -s /sbin/nologin -c "Guacd User" guacd</code> | <code>useradd -M -d /var/lib/guacd/ -r -s /sbin/nologin -c "Guacd User" guacd</code> | ||
| Line 177: | Line 182: | ||
<code>systemctl restart guacd</code> | <code>systemctl restart guacd</code> | ||
== See also == | ==See also == | ||
* [[Reverse Proxy]] | * [[Reverse Proxy]] | ||
* [[Apache Web Server]] | * [[Apache Web Server]] | ||
== References == | ==References == | ||
* https://adamtheautomator.com/apache-guacamole/ | *https://adamtheautomator.com/apache-guacamole/ | ||
* https://kifarunix.com/install-guacamole-on-debian-11/#fix-rdp-security-negotiation-failed | *https://kifarunix.com/install-guacamole-on-debian-11/#fix-rdp-security-negotiation-failed | ||
== Bibliography == | *https://kifarunix.com/configure-totp-two-factor-authentication-on-apache-guacamole/ | ||
== External links == | ==Bibliography == | ||
==External links == | |||
* | * | ||
* | * | ||
{{DEFAULTSORT:}} | {{DEFAULTSORT:}} | ||