You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by tomlawesome <to...@tuta.io.INVALID> on 2021/04/02 15:01:56 UTC
Cannot mount guacamole.properties outside docker container
I'm trying to setup SSL between guacamole and guacd. I have the following in
guac.conf:
[ssl]
server_certificate = /certs/guacamole/guacd/guacd.pem
server_key = /certs/guacamole/guacd/guacd.key
And added the following line in guacamole.properties:
guacd-ssl: true
I'm adding the guacamole.properties and guacd.conf files as volumes in my
docker compose:
Client:
-
$DOCKER_APPDATA/guacamole/client/guacamole.properties:/root/.guacamole/guacamole.properties
Guacd (folder where :
- $DOCKER_APPDATA/guacamole/guacd:/etc/guacamole
I get the following error:
rm: cannot remove '/root/.guacamole/guacamole.properties': Device or
resource busy
I want to mount the settings files outside the container, for the obvious
benefit of easy persistence of data/settings.
Anyone know if I can achieve this, and also if the guacd commandlines must
be specified in docker-compose? If so, what they are?
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Cannot mount guacamole.properties outside docker container
Posted by tomlawesome <to...@tuta.io.INVALID>.
Actually the above new error now looks like it may be an issue somewhere else
in my config, because RDP to a Windows machine is working beautifully with
SSL/TLS enabled on the connection. Woop.
Thanks again Michael, I will dig further into my other issue, which is with
SSH.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Cannot mount guacamole.properties outside docker container
Posted by tomlawesome <to...@tuta.io.INVALID>.
Thanks Michael, this works exactly as you said and I can now see my changes
appearing in the guacamole.properties file in the /root/.guacamole/ location
:)
I am having trouble still connecting via SSL though:
guacd[7]: ERROR: Guacamole protocol violation. Perhaps the version of
guacamole-client is incompatible with this version of guacd?
guacd[7]: DEBUG: Error reading "select": Instruction parse error
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Cannot mount guacamole.properties outside docker container
Posted by Mike Jumper <mi...@glyptodon.com>.
On Fri, Apr 2, 2021 at 10:34 AM tomlawesome <to...@tuta.io.invalid>
wrote:
> The docs state that the .jar files will auto-populate on build, so I
> created
> the folder structure without any .jars, but with my guacamole.properties
> within the rigid defined structure.
>
> I mounted it to /home/guacamole
> I can see the mounted folder, included the folders and my copy of
> guacamole.properties inside the container.
> I have defined the environment variable:
>
> GUACAMOLE_HOME: /home/guacamole
>
> But the logs for guacamole show it is still using /root/.guacamole
>
Yes - it will continue to use /root/.guacamole after copying the contents
of your custom GUACAMOLE_HOME in there as a basis.
Specifying GUACAMOLE_HOME for the Docker image does not change the
GUACAMOLE_HOME used by the web application. It serves as a template that is
copied into /root/.guacamole during startup, to serve as the basis for the
generated GUACAMOLE_HOME.
Michael Jumper
CEO, Lead Developer
Glyptodon Inc <https://glyp.to/>.
Re: Cannot mount guacamole.properties outside docker container
Posted by tomlawesome <to...@tuta.io.INVALID>.
The docs state that the .jar files will auto-populate on build, so I created
the folder structure without any .jars, but with my guacamole.properties
within the rigid defined structure.
I mounted it to /home/guacamole
I can see the mounted folder, included the folders and my copy of
guacamole.properties inside the container.
I have defined the environment variable:
GUACAMOLE_HOME: /home/guacamole
But the logs for guacamole show it is still using /root/.guacamole
02-Apr-2021 17:28:58.191 INFO [localhost-startStop-1]
org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned
for TLDs yet contained no TLDs. Enable debug logging for this logger for a
complete list of JARs that were scanned but no TLDs were found in them.
Skipping unneeded JARs during scanning can improve startup time and JSP
compilation time.
17:28:58.907 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
17:28:59.011 [localhost-startStop-1] INFO
o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 20 minutes
of inactivity.
17:28:59.318 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
17:29:00.753 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule -
Extension "MySQL Authentication" loaded.
17:29:00.760 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
17:29:01.030 [localhost-startStop-1] WARN o.a.g.e.LanguageResourceService -
Overlay language resource "de" does not exist.
17:29:01.032 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule -
Extension "LDAP Authentication" loaded.
17:29:01.035 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
Can I get around this by telling guacamole to use a different user/PID/GUID?
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Cannot mount guacamole.properties outside docker container
Posted by tomlawesome <to...@tuta.io.INVALID>.
Hi Michael,
Thanks for your reply, I really appreciate it. Just to be clear in my own
head, I need to create a folder on my host server with the following
structure:
<MyFolderName>/guacamole.properties
<MyFolderName>/lib
<MyFolderName>/lib/MyLibFile1.jar
<MyFolderName>/lib/MyLibFile2.jar
etc
<MyFolderName>/extensions
<MyFolderName>/extensions/MyExtension1.jar
<MyFolderName>/extensions/MyExtension2.jar
etc
I would continue to use my environment variables as normal in
docker-compose, but add GUACAMOLE_HOME as follows?
environment:
GUACAMOLE_HOME: /some/non-default/location
GUACD_HOSTNAME: guacd
TOTP_ENABLED: "true"
LDAP_HOSTNAME: ${LDAP_HOSTNAME}
..... etc
MYSQL_PORT: $MARIADB_PORT
MYSQL_PASSWORD: <MyPassword>
Then, to finish I will mount the folder location (on my host server) to the
guacamole container:
volumes:
- /my/host/folder/for/guac/home:/location/listed/in/envrionment/variable
Cheers,
Tom
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: Cannot mount guacamole.properties outside docker container
Posted by Mike Jumper <mi...@glyptodon.com>.
On Fri, Apr 2, 2021 at 9:35 AM tomlawesome <to...@tuta.io.invalid>
wrote:
> To add -- I have also tried to change GUACAMOLE_HOME to an alternate
> directory so that I might be able to then mount guacamole.properties into
> it.
>
> This does not work however (I believe from the docs) because the official
> guacamole image has a /root/.guacamole/ folder and guacamole looks for it
> first, and if it exists it over-rides any GUACAMOLE_HOME environment
> variables.
>
> I'm really stuck because the official guacamole image does not include
> either vi, vim or nano so I'm unsure how to even edit the
> guacamole.properties file directly in the container??
>
The Docker image interprets the GUACAMOLE_HOME environment variable
independently of the web application, using the variable to represent the
location of a directory with the structure of GUACAMOLE_HOME that should be
used as the basis for the one generated by the image startup process. The
directory is used as a template. See:
http://guacamole.apache.org/doc/gug/guacamole-docker.html#guacamole-docker-guacamole-home
To provide your own guacamole.properties, you need to volume mount your own
equivalent of GUACAMOLE_HOME within the container (do not use one of the
standard locations for GUACAMOLE_HOME), and point the container's
GUACAMOLE_HOME environment variable at that. If you specify any additional
environment variables that are supported by the image, those variables will
also be taken into account when producing the merged guacamole.properties.
Michael Jumper
CEO, Lead Developer
Glyptodon Inc <https://glyp.to/>.
Re: Cannot mount guacamole.properties outside docker container
Posted by tomlawesome <to...@tuta.io.INVALID>.
To add -- I have also tried to change GUACAMOLE_HOME to an alternate
directory so that I might be able to then mount guacamole.properties into
it.
This does not work however (I believe from the docs) because the official
guacamole image has a /root/.guacamole/ folder and guacamole looks for it
first, and if it exists it over-rides any GUACAMOLE_HOME environment
variables.
I'm really stuck because the official guacamole image does not include
either vi, vim or nano so I'm unsure how to even edit the
guacamole.properties file directly in the container??
Any help greatly appreciated.
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org