[Support] jasonbean - Apache Guacamole


Message added by Taddeusz,

Before upgrading to 1.5.0 you need to have first upgraded to 1.4.0-3 of the container. I discovered that prior to 1.4.0-3 it was not shutting down MariaDB correctly and causing the database to be left in a dirty state.

 

If after upgrading to 1.5.0 you discover that MariaDB is stopping and the log mentions something about needing to open the database in an older version of MariaDB you should downgrade specifically to 1.4.0-3, start the container and make sure it's running correctly. Then you may upgrade to 1.5.0.

Recommended Posts

I could only get it to work if the location was the same as the base URL of guacamole. So these are the entries I use that work great for me:

location ^~ /guacamole/ {
	proxy_pass http://<ip>:<port>/guacamole/;
}

location ^~ /guacamole/websocket-tunnel {
   	proxy_pass http://<ip>:<port>/guacamole/websocket-tunnel;
   	proxy_http_version 1.1;
   	proxy_set_header Upgrade $http_upgrade;
   	proxy_set_header Connection "upgrade";
}

The websocket portion is important so that Guacamole can use websockets rather than standard http for two-way communication.

Link to comment
39 minutes ago, Taddeusz said:

I could only get it to work if the location was the same as the base URL of guacamole. So these are the entries I use that work great for me:


location ^~ /guacamole/ {
	proxy_pass http://<ip>:<port>/guacamole/;
}

location ^~ /guacamole/websocket-tunnel {
   	proxy_pass http://<ip>:<port>/guacamole/websocket-tunnel;
   	proxy_http_version 1.1;
   	proxy_set_header Upgrade $http_upgrade;
   	proxy_set_header Connection "upgrade";
}

The websocket portion is important so that Guacamole can use websockets rather than standard http for two-way communication.

Apparently if you set your ssl user and pass the same as quac, after logging into the ssl domain, it will auto log you into quac... I was not expecting that lol.

 

Thanks for the web socket part, I thought I was going to have to set a baseurl like everything else.

Link to comment
  • 3 weeks later...

I tried installing this docker today and for some reason I can't login with guacadmin/guacadmin  Any ideas why this might be?  If I create a user in the user-mapping.xml file I can get in with that.

 

Another issue I'm having is getting a RDP connection to work.  SSH works fine, but RDP won't seem to connect to my windows servers (NLA is off).

 

Any help would be greatly appreciated!

Link to comment

For the first problem make sure that the option "OPT_MYSQL" is set to "Y" and "OPT_LDAP" set to "N". Were you upgrading an existing installation or is this new?

 

For the second problem I'm not sure as I'm using LDAP through my Windows Active Directory domain.

Link to comment

This is a new installation.  I have OPT_MYSQL set to Y.  I did some digging around and found this in the catalina.out inside the container.  Do you think this is the issue and any ideas on how to fix it?

 

18:25:04.014 [localhost-startStop-1] ERROR o.a.g.extension.ExtensionModule - Extension "guacamole-auth-jdbc-mysql-0.9.12-incubating.jar" could not be loaded: Extension is not a valid zip file: guacamole-auth-jdbc-mysql-0.9.12-incubating.jar
 

Thanks for your help!

Link to comment

Do you know how to ssh into your unRAID server?

 

From ssh with Guacamole running type the following command, change the name to match your instance if you've changed it from the default:

 

docker exec -it ApacheGuacamole /bin/bash

then:

cd /var/lib/guacamole/extensions/
ls

Make sure the file guacamole-auth-jdbc-mysql-0.9.12-incubating.jar is there.

 

If it's not there I would recommend removing the Apache Guacamole docker and then reinstalling it using your "my" template. If it is there try disabling OPT_MYSQL, click Apply and then go back and re-enable OPT_MYSQL. It should copy that file to your /mnt/user/appdata/ApacheGuacamole/guacamole/extensions folder.

Link to comment
  • 3 weeks later...

I think I'm missing some thing...have the same issue where I cannot login and as referenced in a post above:

 

"For the first problem make sure that the option "OPT_MYSQL" is set to "Y" and "OPT_LDAP" set to "N"."

 

Is this referring to an environment variable in the docker setup? If so I did set but still unable to login....or do I have to create a template?

 

I do see these errors, which I presume is due to the mysql database not being created:

 

May 22 10:11:43 guacamole mysqld_safe: Starting mysqld daemon with databases from /config/databases
stdout
10:11:43
May 22 10:11:43 guacamole mysqld: 170522 10:11:43 [Note] /usr/sbin/mysqld (mysqld 5.5.54-MariaDB-1~trusty) starting as process 782 ...
stdout
10:11:43
May 22 10:11:43 guacamole mysqld: 170522 10:11:43 [ERROR] mysqld: File '/var/log/mysql/mariadb-bin.~rec~' not found (Errcode: 13)
stdout
10:11:43
May 22 10:11:43 guacamole mysqld: 170522 10:11:43 [ERROR] MYSQL_BIN_LOG::open_purge_index_file failed to open register  file.
stdout
10:11:43
May 22 10:11:43 guacamole mysqld: 170522 10:11:43 [ERROR] MYSQL_BIN_LOG::open_index_file failed to sync the index file.
stdout
10:11:43
May 22 10:11:43 guacamole mysqld: 170522 10:11:43 [ERROR] Aborting

 

------

Any help appreciated.

Link to comment

Apache Guacamole 0.9.13-incubating is out. Looks to include a lot of bug fixes. Adds CAS single sign-on authentication for those who might need it.

 

Since this is the first update to include database schema changes it now upgrades the database to to 0.9.13 and records the current version in a file for future schema upgrades.

Link to comment
8 minutes ago, surfshack66 said:

Is there an error log in the config directory, or is there just the docker log. I'm having trouble connecting to rdp but can't find the error.

 

I believe all its error output goes to the Docker log. That's where I've looked when I've had trouble connecting.

Link to comment

I just installed it for the first time and when I try to connect to a SSH I get an error message

An internal error has occurred within the Guacamole server, and the connection has been terminated. If the problem persists, please notify your system administrator, or check your system logs.

And the container log is full of 

Aug 3 20:02:56 f4c825db8449 guacd[69]: Guacamole protocol violation. Perhaps the version of guacamole-client is incompatible with this version of guacd?

 

Link to comment
3 minutes ago, Taddeusz said:

What is the console output in your browser? Are you connecting locally on your network or remotely through a proxy?

 

All I get after Iog is this https://i.imgur.com/pLlok1q.png  . Nothing else.

I am connecting locally.

 

To resume : 

  • I installed the container for the first time
  • Logged in fine and went to the setting
  • added an SSH connection where I filled the host, user and pwd
  • used that connexion and now when I log in I get the screenshot I just posted. No menu, no console.
Link to comment
4 minutes ago, Taddeusz said:

What I mean is your browser's console log. Hit F12 and use the developer tools to view your browser's log.

Oh :)

VM957:1 POST http://192.168.1.3:18080/tunnel?connect 500 (Internal Server Error)

And the content of that 500 reply itself is

<html><head><title>Apache Tomcat/7.0.52 (Ubuntu) - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error that prevented it from fulfilling this request.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.52 (Ubuntu)</h3></body></html>

 

Link to comment

In your successful RDP connection, do you see the following warning?

 

Quote

*** Running /etc/rc.local...
* Starting Tomcat servlet engine tomcat7
*** Running /etc/my_init.d/firstrun.sh...
Using existing properties file.
Using existing MySQL extension.
Using existing Duo extension.
ln: failed to create symbolic link ‘/usr/share/tomcat7/.guacamole/guacamole’: File exists
*** Running /etc/rc.local...
* Starting Tomcat servlet engine tomcat7
...fail!

 

Link to comment

Yes, it always shows that warning because the firstrun.sh script always tries to set that symbolic link. I'll see if that can be moved to the Dockerfile to prevent confusion. My OCD self also just finds that pointless warning annoy.

 

The only thing that I can guess is that on my upgrade the part of the image that didn't need upgrading contained some libraries that are for whatever reason not in the complete 0.9.13 image.

Link to comment

Ok, total pebkac that I'm completely guilty of myself. Move the hostname you're connecting to from the "Guacamole Proxy Parameters (GUACD)" section to the "Parameters -> Network" section. I'm not sure because I can't remember what the connection configuration screens looked like in 0.9.12 but the Guacamole Proxy may be a new feature in this version.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.