rdubs Posted July 21, 2016 Share Posted July 21, 2016 Hi, what is the current install procedure for guacamole? I see a version on the community apps, but it's outdated/unsupported. Anyone can point me to some reading material to install manually? Thanks Quote Link to comment
rdubs Posted July 21, 2016 Author Share Posted July 21, 2016 As an update, I've read through the thread and installed the repo from aptalca/guacamole, however opening webgui just gives me a blank screen. I hope this docker is still updated, as I'm completely lost trying to read through the apache documentation on it. I'm basically brand new to linux stuff and it might as well be in a foreign language lol. I've deleted the docker + image. opened up MC and deleted the appdata/guacamole folder. started a new container, deleted my-guacamole template. put in his repo still getting * Starting Tomcat servlet engine tomcat7 ...fail! P.S. for what it's worth, all the documentation talks about keeping dockers on a cache only share. I am only using 1 disk atm, so I don't have a cache only option. Is this a true necessity that is causing me issues? Or just a performance suggestion? My plex seems to be working fine without a cache share Quote Link to comment
rdubs Posted July 21, 2016 Author Share Posted July 21, 2016 Don't mind me, just holding a conversation with myself lol. Hopefully can be helpful to other users to read . I got it working (mostly, now just need to figure out the user-mappings to connect to something), but the issue was me trying to change the port off 8080. It had recommended to do so, but it makes it fail everytime when I do. If I just leave it on 8080, it does work and pulls up the guacamole login screen Everything up and running. Doesn't work if i take port off 8080 for some reason, but oh well Quote Link to comment
trurl Posted July 21, 2016 Share Posted July 21, 2016 You can never change the container port, only the host port, and only if using bridge mode. Quote Link to comment
testdasi Posted July 21, 2016 Share Posted July 21, 2016 I see this guacamole thingie a lot. What does it do? Quote Link to comment
CHBMB Posted July 21, 2016 Share Posted July 21, 2016 I see this guacamole thingie a lot. What does it do? It does a lot, rdp/vnc/ssh guacamole app. Quote Link to comment
rdubs Posted July 21, 2016 Author Share Posted July 21, 2016 Now that I have everything up and running, does anyone have any advice, as to what would be a good way to publish my ip to myself, so that I can still access my guac if my ip changes? I saw dynds has a product, but I would much prefer a free solution. Quote Link to comment
CHBMB Posted July 21, 2016 Share Posted July 21, 2016 I'm not sure making guacamole publicly facing is such a good idea unless it's over a VPN. Quote Link to comment
rdubs Posted July 22, 2016 Author Share Posted July 22, 2016 Well, it's forwarded from an obscure port, at which point they would need to crack guac and then also the rdp win login back to back? Someone that dedicated can have my beach photos and downloaded movies at that point lol. Plus a big point of guac is being able to access your pcs from a location where you can't install programs or control the environment. I will be getting around to vpn anyways just because I enjoy the learning experience of continuing to customize and make my unraid more robust, but for now, I just need to figure out a way to publish my ip - in case of a power cycle or any other antagonist that might cause my ip to switch. Perhaps someone knows of a docker or something that would email me my ip if the eth0 changed or something like that? Although my ifconfig is just going to be returning my lan side IP anyways, which is useless of course. I'm sort of lost how to achieve this function. Thanks for all the help! Quote Link to comment
Squid Posted July 22, 2016 Share Posted July 22, 2016 Well, it's forwarded from an obscure port, at which point they would need to crack guac and then also the rdp win login back to back? Someone that dedicated can have my beach photos and downloaded movies at that point lol. Its not a matter of dedication - its a matter of how long. Everything is all automated nowadays. Brute force attacks work, and can work in a surprisingly short period of time. Quote Link to comment
roland Posted July 22, 2016 Share Posted July 22, 2016 I use DuckDNS (with its docker) and it works very well. But the points raised above are certainly well worth considering! Maybe get the VPN server first before you venture further. BTW I am still looking for a MODEM/ROUTER that has a good VPN server built in or can easily be flashed to DD-WRT? Anyway, that is a bit off-topic. Quote Link to comment
rdubs Posted July 22, 2016 Author Share Posted July 22, 2016 Perhaps I misunderstand the point of guac then. If I'm in a location where I can load up and configure a vpn client, connect on putty, turn on vnc/rdp directly, what would be the point of putting guac in the middle? As I understood, it seemed more like a replacement for teamviewer or a more friendly connect between linux/windows boxes. Otherwise it seems to be just bloatware in the middle of connection protocols? Also, so I can learn better - What features are lacking from guac compared to other wan login portals as well? As my bank account, gmail etc all have internet logins that aren't being bashed open? Also, thanks for the idea about duckdns, I will check it out! Quote Link to comment
rdubs Posted July 22, 2016 Author Share Posted July 22, 2016 Open vn as setup and guac taken off wan access. Would still like to know what makes it so uniquely vulnerable and what it's point kinda is though Quote Link to comment
flaggart Posted July 22, 2016 Share Posted July 22, 2016 It would be sensible to install an Nginx docker and configure it as a reverse proxy so that you can access Guacamole via HTTPS: https://guacamole.incubator.apache.org/doc/gug/proxying-guacamole.html Quote Link to comment
aptalca Posted July 22, 2016 Share Posted July 22, 2016 It would be sensible to install an Nginx docker and configure it as a reverse proxy so that you can access Guacamole via HTTPS: https://guacamole.incubator.apache.org/doc/gug/proxying-guacamole.html Make sure to also use fail2ban to protect against brute force Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.