Guacamole
Update Needed | |
---|---|
The contents of this page have become outdated or irrelevant. Please consider updating it. |
What is Guacamole?
Guacamole is an HTML5 remote desktop gateway.
Guacamole provides access to desktop environments using remote desktop protocols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser.
No browser plugins are needed, and no client software needs to be installed. The client requires nothing more than a web browser supporting HTML5 and AJAX.
Installing Guacamole on Amahi
Dependencies
The following dependencies are included so as to make as many features in Guacamole available to the installer.
In terminal, as root, install dependencies with the following:
For Fedora 21 or lower
bash code |
---|
$ su Password: # sudo yum install tomcat gcc cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
|
For Fedora 23 or higher
bash code |
---|
$ su Password: # sudo dnf install tomcat gcc cairo-devel libjpeg-devel libpng-devel uuid-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
|
Some packages may be already included in your Amahi install so Fedora / Amahi will skip it.
Preparing Amahi
Login to your Amahi Dashboard and choose "Set Up" in the upper right. Now select the "Apps" tab. Click on "Webapps" and on the page that comes up choose the "New Web App" button at the bottom. Fill in the name (guacamole) and leave everything else as it is.
- Note: If you do not see the "Webapps" option under "Apps" then you need to activate "Advanced Settings" under the "Settings" tab of your Amahi dashboard.
Setting up MySQL Authentication
Creating the Database
In terminal, run the following command
bash code |
---|
sudo mysql -u root -p
|
The password requested is the root user password for MySQL on Amahi; In MariaDB enter the following:
bash code |
---|
create database guacdb;
|
bash code |
---|
create user 'guacuser'@'localhost' identified by 'guac123';
|
bash code |
---|
grant select,insert,update,delete on guacdb.* to 'guacuser'@'localhost';
|
bash code |
---|
flush privileges;
|
bash code |
---|
quit
|
Installing MySQL Authentication Module
Create a working directory and move there
bash code |
---|
sudo mkdir -p /var/hda/web-apps/guacamole/sqlauth && cd /var/hda/web-apps/guacamole/sqlauth
|
Download Guacamole's authorization module
bash code |
---|
sudo wget http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-0.9.9.tar.gz
|
Unpack it
bash code |
---|
sudo tar -zxf guacamole-auth-jdbc-0.9.9.tar.gz
|
Download MySQL and Java Connector
bash code |
---|
sudo wget http://dev.mysql.com/get/Downloads/Connector/j/mysql-connector-java-5.1.38.tar.gz
|
Unpack it
bash code |
---|
sudo tar -zxf mysql-connector-java-5.1.38.tar.gz
|
Create directories for the extensions in Tomcat's folders
bash code |
---|
sudo mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}
|
Move the modules to their respective directories.
bash code |
---|
sudo mv guacamole-auth-jdbc-0.9.9/mysql/guacamole-auth-jdbc-mysql-0.9.9.jar /usr/share/tomcat/.guacamole/extensions/
|
bash code |
---|
sudo mv mysql-connector-java-5.1.38/mysql-connector-java-5.1.38-bin.jar /usr/share/tomcat/.guacamole/lib/
|
Restart MariaDB
bash code |
---|
sudo systemctl restart mariadb.service
|
Loading Guacamole's schema into the MySQL Tables
The schema for MySQL was downloaded in the previous process. Just change directories to the files location
bash code |
---|
cd /var/hda/web-apps/guacamole/sqlauth/guacamole-auth-jdbc-0.9.9/mysql/schema/
|
and run the following command:
sudo cat ./*.sql | mysql -u root -p guacdb
The above is bash code. I have to format it differently to get all of the code to show on this wiki page.
The password requested is the root user password for MySQL.
Installing Guacamole Server
Guacamole uses "guacd", a Guacamole server and a Guacamole Client for users to connect to the "guacd" server. We first install Guacamole Server.
Change Directories
bash code |
---|
cd /var/hda/web-apps/guacamole
|
Download Guacamole Server
bash code |
---|
sudo wget https://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz
|
Unpackage it
bash code |
---|
tar -xzf guacamole-server-0.9.9.tar.gz
|
Move to the Guacamole source code directory
bash code |
---|
cd guacamole-server-0.9.9/
|
Configure, make and install it.
bash code |
---|
sudo ./configure --with-init-dir=/etc/init.d
|
bash code |
---|
sudo make
|
bash code |
---|
sudo make install
|
bash code |
---|
sudo ldconfig
|
Configuring Guacamole to Use MySQL Authentication
You will need to edit /etc/guacamole/guacamole.properties
Start at the line "# Hostname and port of guacamole proxy" and replace everything below it with this:
guacd-hostname: localhost guacd-port: 4822 # Auth provider class (authenticates user/pass combination, needed if using the provided login screen) auth-provider: net.sourceforge.guacamole.net.auth.mysql.MySQLAuthenticationProvider basic-user-mapping: /etc/guacamole/user-mapping.xml # Location to read extra .jar's from lib-directory: /var/lib/guacamole/classpath # MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacamole mysql-username: guacamole mysql-password: some_password
Use the real password you chose when creating the MySQL database for the Guacamole database in place of the string "some_password" as shown above.
Deploying Guacamole
To deploy Guacamole, you must make two symbolic links: one effectively copying the web application (now located at /var/lib/guacamole/guacamole.war) into the directory Tomcat monitors for web application deployment, and the other effectively copying the configuration file, guacamole.properties, into the Tomcat's classpath, such that Guacamole can find it once it runs. This must be done as root:
bash code |
---|
# ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat6/webapps # ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat6/lib
|
Restart Tomcat
bash code |
---|
service tomcat6 restart
|
Start Guacamole's service
bash code |
---|
service guacd start
|
Now configure the tomcat6 and guacd services to run automatically
bash code |
---|
# chkconfig tomcat6 on # chkconfig guacd on
|
Configuring Guacamole and Amahi
Create Symbolic links between guacamole in Tomcat and Amahi's webapp directory
bash code |
---|
# ln -s /var/lib/tomcat6/webapps/guacamole/admin.xhtml /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/agpl-3.0-standalone.html /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/client.xhtml /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/guacamole-common-js /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/images /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/index.xhtml /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/layouts /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/META-INF /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/scripts /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/styles /var/hda/web-apps/guacamole/html # ln -s /var/lib/tomcat6/webapps/guacamole/WEB-INF /var/hda/web-apps/guacamole/html
|
- Hint: Count your links and make sure you have all of them!
As root, create .htaccess file in /var/hda/web-apps/guacamole/html
bash code |
---|
# cd /var/hda/web-apps/guacamole/html # gedit .htaccess
|
This is the text for the .htaccess file:
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule (.*) http://%{HTTP_HOST}:8080/guacamole [R,L]
Make sure the owner of all the file is apache and the group is users.
bash code |
---|
# chown -R apache /var/hda/web-apps/guacamole # chgrp -R users /var/hda/web-apps/guacamole
|
In /etc/httpd/conf.d/####-guacamole.conf, change "AllowOverride AuthConfig" to "AllowOverride FileInfo Limit Options Indexes"
Logging In to Guacamole
You can access the web login screen for Guacamole from the server at http://127.0.0.1:8080/guacamole
The default user is "guacadmin", with the default password of "guacadmin". You can change your password by editing your own user in the administration screen.
With everything configured correctly you should be able to access the web login screen through Amahi at http://guacamole.yourhdaname.com:8080/guacamole/
Port Forwarding
If you want Guacamole's web interface to be accessible outside of your LAN you will have to forward a random, unused port (1111, for example) to port 8080 in your router. Then when you access Guacamole from outside your LAN you will need to add "/guacamole" to the end of your url. (serverblahblah.yourhda.com:1111/guacamole) If you do not add "/guacamole" to your url, you will see a blank page since you did not specify which application in Tomcat you wanted to access.