Guacamole, wallabag, Observium, Paperwork (Zuhkov's Docker Template Repository)


Recommended Posts

just installed the observium docker and the login (observium) doesn't work.

 

pretty much a dead docker, but its observium for username and password

That's what I used. But I'm using netdata instead now for system stats.

Sent from my iPhone using Tapatalk

 

is that in docker form

 

Link to comment

just installed the observium docker and the login (observium) doesn't work.

 

pretty much a dead docker, but its observium for username and password

That's what I used. But I'm using netdata instead now for system stats.

Sent from my iPhone using Tapatalk

 

is that in docker form

 

Yep

 

 

Sent from my iPhone using Tapatalk

Link to comment
  • 2 months later...

I ended up updating it to the latest 0.9.9 and pushed it to my repo on docker hub.

 

There is no new xml or anything, just edit your existing container settings, and replace the "Repository" setting with "aptalca/guacamole" without the quotes. Leave everything else the same and when you hit save, it will retrieve the images from my repo with 0.9.9 (I installed from scratch, and haven't tried updating an existing install, but it will most likely work)

 

I only changed the download links in Zuhkov's Dockerfile, nothing else is touched. I have no intentions of maintaining this going forward.

 

I set it up with one vnc (OS X El Capitan VM) and one rdp (Win10 VM) servers. They both work. But, I had to change one registry setting in Windows because apparently the freerdp package used by guacamole does not yet support the new security setting in Windows. See this page for info: http://boreditguy.com/blog/?p=3784

 

PS. When you switch to my image, dockerman will get confused and won't delete the old image. You can find that orphan image and delete it manually by opening the advanced view on the docker tab.

 

Alternatively, you can set up a VM following this excellent guide, https://thatservernerd.com/2016/02/25/install-guacamole-on-centos-76-the-super-easy-way/

Link to comment
  • 2 weeks later...

Is anyone willing to take on the Guacamole Docker?  I'm surprised that there doesn't seem much demand for it on these forums; I see this being extremely useful especially when paired with a reverse proxy.  I currently use a VPN to connect to my home network while away and RDP into what I need.

Link to comment
  • 1 month later...
  • 2 weeks later...

I cannot for the life of me get the aptalca update of this docker to work. I have followed the procedures in this thread and no matter what I do, Tomcat fails to start.

 

Is anyone else having this issue?

 

Yes I cannot get it to work either... And since Zuhkovs version is making me disconnect all the time I here by have to leave this docker.... It really sucks, I think Guacamole is REALLY good when it works!

Link to comment

Alright.

 

So I thought I would post a small update for anyone who is still trying to use this. I really wanted this to work since I like to access my systems from work and the IT admins recently blocked conventional RDP.

 

Anyway, I had zuks version of this running for a bit and had a ton of problems using it with a reverse proxy. When I went to install apthalca's version I kept getting this weird spinning gear and the page would never load. So I kept thinking there was some issue with tomcat not starting.

 

What I learned in going back and forth within both versions is that tomcat starts in neither, but for some reason zuks version worked.

 

Long story short I cleared my browser cache and 0.9.9 works like a charm. It also works perfectly with my reverse proxy setup.

Link to comment
  • 3 weeks later...
  • 2 weeks later...

I'm trying to get Mythtv working in the docker.  Can someone give me a little more detail on how to connect and manage it with Guacamole?  I'm getting a connection error:  I've been running mythtv for years so that part i will have covered.  Its just the 'getting to manage' i'm confused about.

 

I've tried changing the connection protocol to rdp as was mentioned.  I'm new to the whole docker thing so if there is a tutorial somewhere that I've missed, I'd be glad to do some reading.

 

Thanks

ce

Link to comment

I have forked this and have created my own Guacamole docker. Currently at version 0.9.11-incubating. I have even added the LDAP extension for those that need it. It's not in CA yet but you can add the following as a source:

 

https://github.com/jason-bean/docker-templates

 

Awesome job on the Guacamole docker!  However, I get invalid login when trying to log in with "guadadmin" for user and PW....

 

Any ideas?

 

Thanks!

Link to comment

I have forked this and have created my own Guacamole docker. Currently at version 0.9.11-incubating. I have even added the LDAP extension for those that need it. It's not in CA yet but you can add the following as a source:

 

https://github.com/jason-bean/docker-templates

 

Awesome job on the Guacamole docker!  However, I get invalid login when trying to log in with "guadadmin" for user and PW....

 

Any ideas?

 

Thanks!

 

Ok, I've figured out what it is. I should have an update pushed by the end of the day.

 

One thing I also need to look at is upgrading previous version databases. At this point I'm not sure how I'll tackle that.

Link to comment

I have forked this and have created my own Guacamole docker. Currently at version 0.9.11-incubating. I have even added the LDAP extension for those that need it. It's not in CA yet but you can add the following as a source:

 

https://github.com/jason-bean/docker-templates

 

Awesome job on the Guacamole docker!  However, I get invalid login when trying to log in with "guadadmin" for user and PW....

 

Any ideas?

 

Thanks!

 

Ok, I've figured out what it is. I should have an update pushed by the end of the day.

 

One thing I also need to look at is upgrading previous version databases. At this point I'm not sure how I'll tackle that.

 

Thanks!

 

Ill keep an eye out for the update...

 

 

 

Sent from my iPhone using Tapatalk

Link to comment

 

Thanks!

 

Ill keep an eye out for the update...

 

Ok, the update is available. I also updated the template so you may have to remove and reinstall. There are now a few Y/N options to choose which authentication method you want. You can pick either MySQL or LDAP. You can also add the Duo extension to add two factor authentication.

Link to comment
  • 3 weeks later...

I have Guacamole all setup but cant get it to connect RDP to a windows 10 VM hosted in Unraid 6. I can RDP the VM from my laptop without issue

 

Mar 2 19:07:58 06dfe454288d guacd[1555]: Connection did not succeed
Mar 2 19:08:01 06dfe454288d guacd[1557]: Protocol "rdp" selected
Mar 2 19:08:01 06dfe454288d guacd[1557]: Connection ID is "$e99f75a0-8518-43dd-91c4-a13b36f116e4"
Mar 2 19:08:01 06dfe454288d guacd[1557]: No security mode specified. Defaulting to RDP.
Mar 2 19:08:01 06dfe454288d guacd[1557]: Loading keymap "base"
Mar 2 19:08:01 06dfe454288d guacd[1557]: Loading keymap "en-us-qwerty"
Mar 2 19:08:01 06dfe454288d guacd[1557]: Error connecting to RDP server

 

Update

After a bit more testing its my letsencrypt nginx docker thats causing the issue. if i connect without nginx it works using rdp auth but with nginx i get the following

 

Mar 2 19:52:57 06dfe454288d guacd[1578]: Protocol "rdp" selected
Mar 2 19:52:57 06dfe454288d guacd[1578]: Connection ID is "$3540a352-74c6-4c88-9e5e-ceae386c04e6"
Mar 2 19:52:57 06dfe454288d guacd[1578]: Security mode: RDP
Mar 2 19:52:57 06dfe454288d guacd[1578]: Loading keymap "base"
Mar 2 19:52:57 06dfe454288d guacd[1578]: Loading keymap "en-us-qwerty"
Mar 2 19:52:57 06dfe454288d guacd[1578]: Starting client
Mar 2 19:52:57 06dfe454288d guacd[1578]: guacdr connected.
Mar 2 19:52:57 06dfe454288d guacd[1578]: guacsnd connected.
Mar 2 19:53:15 06dfe454288d guacd[1578]: Client disconnected
Mar 2 19:53:15 06dfe454288d guacd[1578]: Client disconnected

 

Here is my nginx config

 

# redirect all traffic to https
server {
	listen 80;
	server_name _;
	return 301 https://$host$request_uri;
}

server {
	listen 443 ssl;

	root /config/www;
	index index.html index.htm index.php;

	server_name rdp.*;

	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;

	client_max_body_size 0;

	location / {
		auth_basic "Restricted";
		auth_basic_user_file /config/nginx/.htpasswd;
		include /config/nginx/proxy.conf;
		proxy_pass http://192.168.0.100:8085;
	}

}

 

Update

OK, i got it working. Here is the final nginx letsencrypt config file.

 

server {
	listen 443 ssl;

	root /config/www;
	index index.html index.htm index.php;

	server_name rdp.*;

	ssl_certificate /config/keys/letsencrypt/fullchain.pem;
	ssl_certificate_key /config/keys/letsencrypt/privkey.pem;
	ssl_dhparam /config/nginx/dhparams.pem;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
	ssl_prefer_server_ciphers on;

	client_max_body_size 0;

	location / {
		auth_basic "Restricted";
		auth_basic_user_file /config/nginx/.htpasswd;
		proxy_pass http://192.168.0.100:8085;
		proxy_buffering off;
		proxy_http_version 1.1;
		proxy_set_header X_Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection $http_connection;
		access_log off;
	}

}

 

Edited by rcmpayne
Link to comment

Are you just using Nginx to proxy pass Guacamole or do you have other services also? If this is all you have now and want to proxy other services in the future you will have a more difficult time getting multiple services to work. I have multiple services I'm proxying so I kept "/guacamole" as the base address and am using this configuration to proxy both the http and web sockets:

	location ^~ /guacamole/ {
		proxy_pass http://192.168.22.90:8088/guacamole/;
	}

	location ^~ /guacamole/websocket-tunnel {
    	proxy_pass http://192.168.22.90:8088/guacamole/websocket-tunnel;
    	proxy_http_version 1.1;
    	proxy_set_header Upgrade $http_upgrade;
    	proxy_set_header Connection "upgrade";
	}

Like you I'm using the letsencrypt docker. Also, I can't remember the exact reason but the ending slashes on the paths are very important.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.