172 lines
6.5 KiB
YAML
172 lines
6.5 KiB
YAML
####################################################################################
|
|
# docker-compose file for Apache Guacamole
|
|
# created by PCFreak 2017-06-28
|
|
#
|
|
# Apache Guacamole is a clientless remote desktop gateway. It supports standard
|
|
# protocols like VNC, RDP, and SSH. We call it clientless because no plugins or
|
|
# client software are required. Thanks to HTML5, once Guacamole is installed on
|
|
# a server, all you need to access your desktops is a web browser.
|
|
####################################################################################
|
|
#
|
|
# What does this file do?
|
|
#
|
|
# Using docker-compose it will:
|
|
#
|
|
# - create a network 'guacnetwork_compose' with the 'bridge' driver.
|
|
# - create a service 'guacd_compose' from 'guacamole/guacd' connected to 'guacnetwork'
|
|
# - create a service 'postgres_guacamole_compose' (1) from 'postgres' connected to 'guacnetwork'
|
|
# - create a service 'guacamole_compose' (2) from 'guacamole/guacamole/' conn. to 'guacnetwork'
|
|
# - create a service 'nginx_guacamole_compose' (3) from 'nginx' connected to 'guacnetwork'
|
|
#
|
|
# (1)
|
|
# DB-Init script is in './init/initdb.sql' it has been created executing
|
|
# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > ./init/initdb.sql'
|
|
# 'docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql'
|
|
# once.
|
|
# DATA-DIR is in './data'
|
|
# If you want to change the DB password change all lines with 'POSTGRES_PASSWORD:' and
|
|
# change it to your needs before first start.
|
|
# To start from scratch delete './data' dir completely
|
|
# './data' will hold all data after first start!
|
|
# The initdb.d scripts are only executed the first time the container is started
|
|
# (and the database files are empty). If the database files already exist then the initdb.d
|
|
# scripts are ignored (e.g. when you mount a local directory or when docker-compose saves
|
|
# the volume and reuses it for the new container).
|
|
#
|
|
# !!!!! MAKE SURE your folder './init' is executable (chmod +x ./init)
|
|
# !!!!! or 'initdb.sql' will be ignored!
|
|
#
|
|
# './data' will hold all data after first start!
|
|
#
|
|
# (2)
|
|
# Make sure you use the same value for 'POSTGRES_USER' and 'POSTGRES_PASSWORD'
|
|
# as configured under (1)
|
|
#
|
|
# (3)
|
|
# ./nginx/nginx.conf will be mapped read-only into the container at /etc/nginx/nginx.conf
|
|
# ./nginx/mysite.template will be mapped into the container at /etc/nginx/conf.d/mysite.template
|
|
# ./nginx/ssl will be mapped into the container at /etc/nginx/ssl
|
|
# At startup a self-signed certificate will be created. If you want to use your own certs
|
|
# just remove the part that generates the certs from the 'command' section and replace
|
|
# 'self-ssl.key' and 'self.cert' with your certificate.
|
|
# To debug nginx replace '&& nginx -g 'daemon off' with '&& nginx-debug -g 'daemon off'
|
|
# nginx will export port 8443 to the outside world, make sure that this port is reachable
|
|
# on your system from the "outside world". All other traffice is only internal.
|
|
#
|
|
# You could remove the entire 'nginx' service from this file if you want to use your own
|
|
# reverse proxy in front of guacamole. If doing so, make sure you change the line
|
|
# - 8080/tcp
|
|
# to - 8080:8080/tcp
|
|
# within the 'guacamole' service. This will expose the guacamole webinterface directly
|
|
# on port 8080 and you can use it for your own purposes.
|
|
# Do note, guacamole is available on :8080/guacamole, not /.
|
|
#
|
|
# !!!!! FOR INITAL SETUP (after git clone) run ./prepare.sh once
|
|
#
|
|
# !!!!! FOR A FULL RESET (WILL ERASE YOUR DATABASE, YOUR FILES, YOUR RECORDS AND CERTS) DO A
|
|
# !!!!! ./reset.sh
|
|
#
|
|
#
|
|
# The initial login to the guacamole webinterface is:
|
|
#
|
|
# Username: guacadmin
|
|
# Password: guacadmin
|
|
#
|
|
# Make sure you change it immediately!
|
|
#
|
|
# version date comment
|
|
# 0.1 2017-06-28 initial release
|
|
# 0.2 2017-10-09 minor fixes + internal GIT push
|
|
# 0.3 2017-10-09 minor fixes + public GIT push
|
|
# 0.4 2019-08-14 creating of ssl certs now in prepare.sh
|
|
# simplified nginx startup commands
|
|
####################################################################################
|
|
|
|
version: '2.0'
|
|
|
|
# networks
|
|
# create a network 'guacnetwork_compose' in mode 'bridged'
|
|
networks:
|
|
guacnetwork_compose:
|
|
driver: bridge
|
|
|
|
# services
|
|
services:
|
|
# guacd
|
|
guacd:
|
|
container_name: guacd_compose
|
|
image: guacamole/guacd
|
|
networks:
|
|
guacnetwork_compose:
|
|
restart: unless-stopped
|
|
# volumes:
|
|
# - /gurulandia/data/docker/guacamole/drive:/drive:rw
|
|
# - /gurulandia/data/docker/guacamole/record:/record:rw
|
|
# postgres
|
|
#postgres:
|
|
# container_name: postgres_guacamole_compose
|
|
# environment:
|
|
# PGDATA: /var/lib/postgresql/data/guacamole
|
|
# POSTGRES_DB: guacamole_db
|
|
# POSTGRES_PASSWORD: 'ChooseYourOwnPasswordHere1234'
|
|
# POSTGRES_USER: guacamole_user
|
|
# image: postgres:13.4-buster
|
|
# networks:
|
|
# guacnetwork_compose:
|
|
# restart: always
|
|
# volumes:
|
|
# - ./init:/docker-entrypoint-initdb.d:z
|
|
# - ./data:/var/lib/postgresql/data:Z
|
|
|
|
# guacamole
|
|
guacamole:
|
|
container_name: guacamole
|
|
depends_on:
|
|
- guacd
|
|
|
|
environment:
|
|
GUACD_HOSTNAME: guacd
|
|
MYSQL_HOSTNAME: 192.168.5.33
|
|
MYSQL_PORT: 3306
|
|
MYSQL_DATABASE: Guacamole
|
|
MYSQL_USER: guacamole
|
|
MYSQL_PASSWORD: Q&6nbS0FrnPHTw*6KF
|
|
WEBAPP_CONTEXT: 'ROOT'
|
|
#POSTGRES_DATABASE: guacamole_db
|
|
#POSTGRES_HOSTNAME: postgres
|
|
#POSTGRES_PASSWORD: 'ChooseYourOwnPasswordHere1234'
|
|
#POSTGRES_USER: guacamole_user
|
|
image: guacamole/guacamole
|
|
links:
|
|
- guacd
|
|
networks:
|
|
guacnetwork_compose:
|
|
ports:
|
|
## enable next line if not using nginx
|
|
- 8080:8080/tcp # Guacamole is on :8080/guacamole, not /.
|
|
## enable next line when using nginx
|
|
#- 8080/tcp
|
|
restart: unless-stopped
|
|
|
|
########### optional ##############
|
|
# nginx
|
|
#nginx:
|
|
# container_name: nginx_guacamole_compose
|
|
# restart: always
|
|
# image: nginx
|
|
# volumes:
|
|
# - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro
|
|
# - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro
|
|
# - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
|
|
# - ./nginx/mysite.template:/etc/nginx/conf.d/default.conf:ro
|
|
# ports:
|
|
# - 8443:443
|
|
# links:
|
|
# - guacamole
|
|
# networks:
|
|
# guacnetwork_compose:
|
|
# run nginx
|
|
# command: /bin/bash -c "nginx -g 'daemon off;'"
|
|
# nginx-debug-mode
|
|
# command: /bin/bash -c "nginx-debug -g 'daemon off;'"
|