[Support] jasonbean - Apache Guacamole

[themahbfather]

Im trying to set up this via docker on my synology. I cannot for the life of me get the default user log in to work. I got the username2 to log in but i cannot figure out what the admin default is. I have legit tried everything. I found the username2 in the user-mapping.xml but doesnt much access. Any where i can find the default info? Its not gaucadmin. 

 

I did find the first user in that usermapping file but when i log in i just get this big red screen

"The remote desktop server is currently unreachable. If the problem persists, please notify your system administrator, or check your system logs."

 

with a reconnect and logoff button. 

Edited September 6, 2022 by themahbfather
more info

[elco1965]

I don't know if the docker imagine is different in synology but the template page for ApacheGuacamole in unRAID says this,

 

 Initial username and password are guacadmin

[Taddeusz]

9 hours ago, themahbfather said:

Im trying to set up this via docker on my synology. I cannot for the life of me get the default user log in to work. I got the username2 to log in but i cannot figure out what the admin default is. I have legit tried everything. I found the username2 in the user-mapping.xml but doesnt much access. Any where i can find the default info? Its not gaucadmin. 

 

I did find the first user in that usermapping file but when i log in i just get this big red screen

"The remote desktop server is currently unreachable. If the problem persists, please notify your system administrator, or check your system logs."

 

with a reconnect and logoff button. 

Are you using the image with or without MariaDB? Unless you’ve set up and manually initialized a separate MariaDB or MySQL database you should be using the image with MariaDB.

[themahbfather]

1 hour ago, Taddeusz said:

Are you using the image with or without MariaDB? Unless you’ve set up and manually initialized a separate MariaDB or MySQL database you should be using the image with MariaDB.

im using this: https://registry.hub.docker.com/r/jasonbean/guacamole/

 

so it is the one with maria db

Edited September 6, 2022 by themahbfather

[themahbfather]

2 hours ago, elco1965 said:

I don't know if the docker imagine is different in synology but the template page for ApacheGuacamole in unRAID says this,

 

 Initial username and password are guacadmin

That doesnt work currently. I try it for the username and password and i get invalid log in as stated above. 

[Taddeusz]

46 minutes ago, themahbfather said:

That doesnt work currently. I try it for the username and password and i get invalid log in as stated above. 

 

This container was designed for use on Unraid. While I know people have used it on other operating systems or NAS’s successfully I don’t own or have access to a Synology NAS.

 

The only thing I can suggest is looking at the logs to make sure the database is being created and initialized correctly. The only user that should exist after initial start is “guacadmin”. Not sure how “username2” would have ever been created as that’s nowhere in the code.

 

Another thing you can check is to make sure the PGID and PUID variables are correctly set to match your NAS. If they’re not set properly that could prevent the container from being able to write anything to its “/config” folder.

[themahbfather]

14 minutes ago, Taddeusz said:

 

This container was designed for use on Unraid. While I know people have used it on other operating systems or NAS’s successfully I don’t own or have access to a Synology NAS.

 

The only thing I can suggest is looking at the logs to make sure the database is being created and initialized correctly. The only user that should exist after initial start is “guacadmin”. Not sure how “username2” would have ever been created as that’s nowhere in the code.

 

Another thing you can check is to make sure the PGID and PUID variables are correctly set to match your NAS. If they’re not set properly that could prevent the container from being able to write anything to its “/config” folder.

Thanks, my PGID and PUID are definitely correct because i use those same variables across many other containers without issue but i will double check 

[themahbfather]

54 minutes ago, Taddeusz said:

 

This container was designed for use on Unraid. While I know people have used it on other operating systems or NAS’s successfully I don’t own or have access to a Synology NAS.

 

The only thing I can suggest is looking at the logs to make sure the database is being created and initialized correctly. The only user that should exist after initial start is “guacadmin”. Not sure how “username2” would have ever been created as that’s nowhere in the code.

 

Another thing you can check is to make sure the PGID and PUID variables are correctly set to match your NAS. If they’re not set properly that could prevent the container from being able to write anything to its “/config” folder.

Here is the logs, i didnt see anything in regard to db but im far from technical

 

guacd[19]: INFO: Connection ID is "$1769edba-22ef-4297-83be-5bc701d278b6"

guacd[81]: WARNING: Support for protocol "vnc0" is not installed

guacd[19]: INFO: Connection "$1769edba-22ef-4297-83be-5bc701d278b6" removed.

guacd[19]: INFO: Creating new client for protocol "vnc"

guacd[19]: INFO: Connection ID is "$2071eb89-8a3a-457e-8652-372a29088d36"

guacd[86]: INFO: Cursor rendering: local

guacd[86]: INFO: User "@264b9478-b5e9-4b9d-89a3-4446c96e9dc9" joined connection "$2071eb89-8a3a-457e-8652-372a29088d36" (1 users now present)

guacd[86]: ERROR: Unable to connect to VNC server.

guacd[86]: INFO: User "@264b9478-b5e9-4b9d-89a3-4446c96e9dc9" disconnected (0 users remain)

guacd[86]: INFO: Last user of connection "$2071eb89-8a3a-457e-8652-372a29088d36" disconnected

guacd[19]: INFO: Connection "$2071eb89-8a3a-457e-8652-372a29088d36" removed.

2022-09-06 15:26:01,483 WARN received SIGTERM indicating exit request

2022-09-06 15:26:01,484 INFO waiting for guacd, tomcat to die

2022-09-06 15:26:02,272 INFO stopped: tomcat (exit status 143)

2022-09-06 15:26:02,275 INFO stopped: guacd (terminated by SIGTERM)

usermod: no changes

----------------------

User UID: 1026

User GID: 101

----------------------

Using existing properties file.

No permissions changes needed.

2022-09-06 15:26:18,413 INFO Set uid to user 0 succeeded

2022-09-06 15:26:18,416 INFO supervisord started with pid 18

2022-09-06 15:26:19,419 INFO spawned: 'guacd' with pid 21

2022-09-06 15:26:19,421 INFO spawned: 'tomcat' with pid 22

guacd[21]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started

guacd[21]: INFO: Listening on host 0.0.0.0, port 4822

2022-09-06 15:26:20,468 INFO success: guacd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

2022-09-06 15:26:20,469 INFO success: tomcat entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

guacd[21]: INFO: Creating new client for protocol "vnc"

guacd[21]: INFO: Connection ID is "$1669be3b-ff09-434a-9b73-c4595058fa78"

guacd[67]: INFO: Cursor rendering: local

guacd[67]: INFO: User "@4310728b-fc00-4678-bb78-296fef91643e" joined connection "$1669be3b-ff09-434a-9b73-c4595058fa78" (1 users now present)

guacd[67]: ERROR: Unable to connect to VNC server.

guacd[67]: INFO: User "@4310728b-fc00-4678-bb78-296fef91643e" disconnected (0 users remain)

guacd[67]: INFO: Last user of connection "$1669be3b-ff09-434a-9b73-c4595058fa78" disconnected

guacd[21]: INFO: Connection "$1669be3b-ff09-434a-9b73-c4595058fa78" removed.

guacd[21]: INFO: Creating new client for protocol "vnc0"

guacd[21]: INFO: Connection ID is "$f6ffd807-bcfe-480b-925f-1197dabc767d"

guacd[79]: WARNING: Support for protocol "vnc0" is not installed

guacd[21]: INFO: Connection "$f6ffd807-bcfe-480b-925f-1197dabc767d" removed.

guacd[21]: INFO: Creating new client for protocol "vnc0"

guacd[21]: INFO: Connection ID is "$3de7a86f-d739-4668-b724-98875b458bb3"

guacd[84]: WARNING: Support for protocol "vnc0" is not installed

guacd[21]: INFO: Connection "$3de7a86f-d739-4668-b724-98875b458bb3" removed.

guacd[21]: INFO: Creating new client for protocol "vnc"

guacd[21]: INFO: Connection ID is "$a1d5f221-f0e4-42e5-aa66-9552bde00027"

guacd[89]: INFO: Cursor rendering: local

guacd[89]: INFO: User "@1fef3547-b2cd-407d-99d7-3427e5b26b0f" joined connection "$a1d5f221-f0e4-42e5-aa66-9552bde00027" (1 users now present)

guacd[89]: ERROR: Unable to connect to VNC server.

guacd[89]: INFO: User "@1fef3547-b2cd-407d-99d7-3427e5b26b0f" disconnected (0 users remain)

guacd[89]: INFO: Last user of connection "$a1d5f221-f0e4-42e5-aa66-9552bde00027" disconnected

guacd[21]: INFO: Connection "$a1d5f221-f0e4-42e5-aa66-9552bde00027" removed.

2022-09-06 15:27:30,090 WARN received SIGTERM indicating exit request

2022-09-06 15:27:30,091 INFO waiting for guacd, tomcat to die

2022-09-06 15:27:30,900 INFO stopped: tomcat (exit status 143)

2022-09-06 15:27:30,903 INFO stopped: guacd (terminated by SIGTERM)

usermod: no changes

----------------------

User UID: 1026

User GID: 101

----------------------

Using existing properties file.

No permissions changes needed.

2022-09-06 15:27:40,095 INFO Set uid to user 0 succeeded

2022-09-06 15:27:40,099 INFO supervisord started with pid 16

2022-09-06 15:27:41,101 INFO spawned: 'guacd' with pid 19

2022-09-06 15:27:41,103 INFO spawned: 'tomcat' with pid 20

guacd[19]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started

guacd[19]: INFO: Listening on host 0.0.0.0, port 4822

2022-09-06 15:27:42,149 INFO success: guacd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

2022-09-06 15:27:42,150 INFO success: tomcat entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

guacd[19]: INFO: Creating new client for protocol "vnc"

guacd[19]: INFO: Connection ID is "$3930e4fb-c056-4d2d-9692-417412629d4d"

guacd[66]: INFO: Cursor rendering: local

guacd[66]: INFO: User "@436c6eb4-69d6-46ba-a78b-4ec5941e945f" joined connection "$3930e4fb-c056-4d2d-9692-417412629d4d" (1 users now present)

guacd[66]: ERROR: Unable to connect to VNC server.

guacd[66]: INFO: User "@436c6eb4-69d6-46ba-a78b-4ec5941e945f" disconnected (0 users remain)

guacd[66]: INFO: Last user of connection "$3930e4fb-c056-4d2d-9692-417412629d4d" disconnected

guacd[19]: INFO: Connection "$3930e4fb-c056-4d2d-9692-417412629d4d" removed.

2022-09-06 16:01:53,493 WARN received SIGTERM indicating exit request

2022-09-06 16:01:53,493 INFO waiting for guacd, tomcat to die

2022-09-06 16:01:54,227 INFO stopped: tomcat (exit status 143)

2022-09-06 16:01:54,230 INFO stopped: guacd (terminated by SIGTERM)

usermod: no changes

----------------------

User UID: 1026

User GID: 101

----------------------

Using existing properties file.

No permissions changes needed.

2022-09-06 16:36:11,786 INFO Set uid to user 0 succeeded

2022-09-06 16:36:11,790 INFO supervisord started with pid 16

2022-09-06 16:36:12,793 INFO spawned: 'guacd' with pid 19

2022-09-06 16:36:12,796 INFO spawned: 'tomcat' with pid 20

guacd[19]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started

guacd[19]: INFO: Listening on host 0.0.0.0, port 4822

2022-09-06 16:36:13,935 INFO success: guacd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

[Taddeusz]

2 minutes ago, themahbfather said:

Here is the logs, i didnt see anything in regard to db but im far from technical

 

 

It looks like you're using the wrong image tag as I don't see that it's starting mariadb. Make sure you're using jasonbean/guacamole:latest (NOT jasonbean/guacamole:latest-nomariadb). This should be kind of what you should see on the very first start of the container that includes MariaDB:

usermod: no changes
----------------------
User UID: 99
User GID: 100
----------------------
Creating properties from template.
Creating Database folders
Copying MySQL extension.
Updating user permissions.
Initializing Guacamole database.
Database installation complete.
Starting MariaDB.
Creating Guacamole database.
Creating Guacamole database user.
Database created. Granting access to 'guacamole' user for localhost.
Creating Guacamole database schema and default admin user.
Stopping MariaDB.
Setting database file permissions
Removing mysql-server logrotate directive
Initialization complete.
2022-09-06 11:48:13,492 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2022-09-06 11:48:13,492 INFO Set uid to user 0 succeeded
2022-09-06 11:48:13,494 INFO supervisord started with pid 388
2022-09-06 11:48:14,496 INFO spawned: 'guacd' with pid 391
2022-09-06 11:48:14,497 INFO spawned: 'mariadb' with pid 392
2022-09-06 11:48:14,498 INFO spawned: 'tomcat' with pid 393
guacd[391]: INFO:       Guacamole proxy daemon (guacd) version 1.4.0 started
guacd[391]: INFO:       Listening on host 0.0.0.0, port 4822
2022-09-06 11:48:15,887 INFO success: guacd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-09-06 11:48:15,887 INFO success: mariadb entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-09-06 11:48:15,887 INFO success: tomcat entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

 

[themahbfather]

1 hour ago, Taddeusz said:

 

It looks like you're using the wrong image tag as I don't see that it's starting mariadb. Make sure you're using jasonbean/guacamole:latest (NOT jasonbean/guacamole:latest-nomariadb). This should be kind of what you should see on the very first start of the container that includes MariaDB:

usermod: no changes
----------------------
User UID: 99
User GID: 100
----------------------
Creating properties from template.
Creating Database folders
Copying MySQL extension.
Updating user permissions.
Initializing Guacamole database.
Database installation complete.
Starting MariaDB.
Creating Guacamole database.
Creating Guacamole database user.
Database created. Granting access to 'guacamole' user for localhost.
Creating Guacamole database schema and default admin user.
Stopping MariaDB.
Setting database file permissions
Removing mysql-server logrotate directive
Initialization complete.
2022-09-06 11:48:13,492 INFO Included extra file "/etc/supervisor/conf.d/supervisord.conf" during parsing
2022-09-06 11:48:13,492 INFO Set uid to user 0 succeeded
2022-09-06 11:48:13,494 INFO supervisord started with pid 388
2022-09-06 11:48:14,496 INFO spawned: 'guacd' with pid 391
2022-09-06 11:48:14,497 INFO spawned: 'mariadb' with pid 392
2022-09-06 11:48:14,498 INFO spawned: 'tomcat' with pid 393
guacd[391]: INFO:       Guacamole proxy daemon (guacd) version 1.4.0 started
guacd[391]: INFO:       Listening on host 0.0.0.0, port 4822
2022-09-06 11:48:15,887 INFO success: guacd entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-09-06 11:48:15,887 INFO success: mariadb entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2022-09-06 11:48:15,887 INFO success: tomcat entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

 

used a different image ( jwetzell/guacamole) and the logs showed the starting of the db so looks like im in better shape. Thanks! 

[Taddeusz]

I realize I've included Microsoft SQL Server support but not PostgreSQL support. I'll be working to correct that oversight for anyone who might wish to use that database over MSSQL or MariaDB/MySQL.

[bones0]

11 hours ago, themahbfather said:

used a different image ( jwetzell/guacamole) and the logs showed the starting of the db so looks like im in better shape. Thanks! 

Looks a lot like the problem I described some weeks ago in this forum. I will try the jwetzell container now too.

 

[rikdegraaff]

I've installed guacamole via my docker.
And I am trying to get it behind a revers proxy via NginxProxyManager.

 

That step fails me until now.
I have set it to the other ip address internally 192.168.2.163, that is the ip where i set Guacamole to and locally that ip address works.
But now Ive set that ip and standard port 8080 as in docker to my NginxProxyManager but, when I am opening it on my subdomain/domain, I get 502 Bad gateway.

 

What could be the problem here?

Am I right to post the problem here, or do I need to ask this in the NginxProxyManager thread? I really not know.

Hope you'll can help me.

 

I've set up guacamole behind a reverse proxy via this video:

 

[Kivikaki]

On 10/3/2022 at 12:03 PM, rikdegraaff said:

I've installed guacamole via my docker.
And I am trying to get it behind a revers proxy via NginxProxyManager.

 

That step fails me until now.
I have set it to the other ip address internally 192.168.2.163, that is the ip where i set Guacamole to and locally that ip address works.
But now Ive set that ip and standard port 8080 as in docker to my NginxProxyManager but, when I am opening it on my subdomain/domain, I get 502 Bad gateway.

 

What could be the problem here?

 

Hi,

i do have the exact same problem. Did you find a solution?

[rikdegraaff]

4 hours ago, Kivikaki said:

Hi,

i do have the exact same problem. Did you find a solution?

 

Yeah, I set my network to bridge and not as shown in the video to proxynet.
So setting your network type of the docker to bridge would work.

[bull]

so installed via spaceinvaders video but  the  docker stalls at starting mariadb

 

any help?

[Taddeusz]

58 minutes ago, bull said:

so installed via spaceinvaders video but  the  docker stalls at starting mariadb

 

any help?

What does the log look like?

[cpthook]

Guys is the @hot22shot fix the only answer to get Guac SSH to unRAID when configured on Bridge or Custom docker network??

_______________________________________________________________________________________

 

So the SSH connection fails because guacd and sshd couldn't find a common ground.

The only way I could make it worked is allowing ssh-rsa again in unraid :

 

***To permit using old RSA keys for OpenSSH 8.8+, add the following lines to your sshd_config: HostKeyAlgorithms=ssh-rsa,[email protected] PubkeyAcceptedAlgorithms=+ssh-rsa,[email protected]***

 

[hot22shot]

To my knowledge it's the only fix while we're waiting for Guacamole 1.5 release.

[cpthook]

10 hours ago, hot22shot said:

To my knowledge it's the only fix while we're waiting for Guacamole 1.5 release.

 

Thank you.  Will I need to add these lines after each reboot or is there a way to make changes permanent?

[hot22shot]

13 hours ago, cpthook said:

 

Thank you.  Will I need to add these lines after each reboot or is there a way to make changes permanent?

 

To make it permanent you need to edit the sshd_config file located on your USB key in /boot/config/ssh

 

[nik82]

For some reason OPT_TOTP has stopped working for me. 

 

When trying to login today I get an error saying the code is incorrect. 

 

After messing around I disabled OPT_TOTP in the docker and could log in. 

 

I created a new "superadmin" user and enabled OPT_TOTP again. When login in with the new user I get asked to scan a QR as per normal. I scan the QR with google authenticator on my phone but again I get an error saying incorrect code.........

 

Any clue on what has happened as it was working perfectly fine before for over a year.

 

 

Is this related to the SSH issue ppl keep discussing in here? 

Edited November 8, 2022 by nik82

[colincoates]

Hi,

I've done a NMAP vulners scan on my network and picking up loads of vulnerabilities in tomcat 8.5.73.

I noticed an update was made in github to automatically use the latest buid of tomcat.

I've deleted my guacamole docker and redeployed, but it is still building with this version of tomcat.

I believe 8.5.83 is now available.

Any hints on how I can get it updated?

Thanks,

CC

[Taddeusz]

54 minutes ago, colincoates said:

Hi,

I've done a NMAP vulners scan on my network and picking up loads of vulnerabilities in tomcat 8.5.73.

I noticed an update was made in github to automatically use the latest buid of tomcat.

I've deleted my guacamole docker and redeployed, but it is still building with this version of tomcat.

I believe 8.5.83 is now available.

Any hints on how I can get it updated?

Thanks,

CC

This is done at build time. I’ll have to build a new version to update the Tomcat in the container.

[nik82]

So no one else has problem with OPT_TOTP at the moment? 

 

Only thing I have done lately is upgrading Unraid to the latest version.