Guacamole
WARNING | |
---|---|
This is recommended only for advanced users, proceed with caution. |
What is Guacamole?
Guacamole is an HTML5 remote desktop gateway that can be installed on Amahi 9 (Fedora 23). This guidance may work with other Amahi versions with some modification.
Guacamole provides access to desktop environments using remote desktop protocols like VNC and RDP. A centralized server acts as a tunnel and proxy, allowing access to multiple desktops through a web browser.
No browser plugins are needed, and no client software needs to be installed. The client requires nothing more than a web browser supporting HTML5 and AJAX.
REF: Setting Up Web-Based Guacamole Tool to Access Remote Linux/Windows Machines
Install Guacamole
root
(or precede with sudo
).
We have created a bash script to make installation simple or you can manually install using the guidance below. You MUST complete the Create Amahi Web App step prior to executing the following:
amahi-download https://www.dropbox.com/s/4hadafih8ahuj2n/install-guacamole.sh d5c16b482f33ad9c046fc2876cfa38f184ac9a8b chmod 755 install-guacamole.sh ./install-guacamole.sh
Create Amahi Web App
Login to your Amahi Dashboard and install the Amahi Web Apps plug-in to use this guidance. Ensure you enable Advanced Settings.
Now select the "Apps" tab. Click on "Webapps" and on the page that comes up choose the "New Web App" button at the bottom. Fill in the name (guacamole) and leave everything else as it is.
Edit ####-guacamole.conf in /etc/httpd/conf.d (replacing #### with the appropriate number):
vi /etc/httpd/conf.d/####-guacamole.conf
Right below the ServerAlias line, add the following:
ProxyPass / http://localhost:8080/guacamole/ ProxyPassReverse / http://localhost:8080/guacamole/
Again, if you use vi for creating this file, press the Esc key to get back in command mode and :wq to write the changes and quit vi.
Restart Apache
systemctl restart httpd
Install Dependencies
Due to the Fedora freerdp packages being unstable, we must use the CentOS stable version. To install:
wget https://www.dropbox.com/s/p2uc1rcpckky75v/libxkbfile-1.0.8-5.el7.x86_64.rpm wget https://www.dropbox.com/s/0tjm7q93z9pw0hj/freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpm wget https://www.dropbox.com/s/aysml7coehz0hqi/freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpm rpm -Uvh libxkbfile-1.0.8-5.el7.x86_64.rpm rpm -Uvh freerdp-libs-1.0.2-6.el7_2.1.x86_64.rpm rpm -Uvh freerdp-devel-1.0.2-6.el7_2.1.x86_64.rpm
To install the Fedora dependencies, execute the following:
For Fedora 23 or newer (Fedora 21, substitute yum
for dnf
):
dnf install tomcat gcc cairo-devel libjpeg-devel libpng-devel uuid-devel \ pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel \ libvorbis-devel libwebp-devel dejavu-sans-mono-fonts terminus-fonts terminus-fonts-console
Configure MySQL Authentication
Install MySQL Authentication Module
Create a working directory and move there
mkdir -p /var/hda/web-apps/guacamole/sqlauth && cd /var/hda/web-apps/guacamole/sqlauth
Download Guacamole's authorization module
wget http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-0.9.9.tar.gz
Unpack it
tar -zxf guacamole-auth-jdbc-0.9.9.tar.gz
Download MySQL and Java Connector
wget http://dev.mysql.com/get/Downloads/Connector/j/mysql-connector-java-5.1.38.tar.gz
Unpack it
tar -zxf mysql-connector-java-5.1.38.tar.gz
Create directories for the extensions in Tomcat's folders
mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}
Move the modules to their respective directories.
mv guacamole-auth-jdbc-0.9.9/mysql/guacamole-auth-jdbc-mysql-0.9.9.jar /usr/share/tomcat/.guacamole/extensions/ mv mysql-connector-java-5.1.38/mysql-connector-java-5.1.38-bin.jar /usr/share/tomcat/.guacamole/lib/
Restart MariaDB
systemctl restart mariadb
Create the Database
hda-create-db-and-user guacdb
Configure Database Settings
Create a file called "guacamole.properties" in that directory
vi /etc/guacamole/guacamole.properties
Press the i key to begin inserting text into the guacamole.properties file and include the following contents:
# MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacdb mysql-username: guacdb mysql-password: guacdb # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0
If you use vi for creating this file, press the Esc key to get back in command mode and :wq to write the changes and quit vi.
Now create a symbolic link of this file for Tomcat
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/
Load Guacamole Data
The schema for MySQL was downloaded in the previous process. Just change directories to the files location
cd /var/hda/web-apps/guacamole/sqlauth/guacamole-auth-jdbc-0.9.9/mysql/schema/
and run the following command:
cat ./*.sql | mysql -uroot -phda guacdb
Create a directory for the configuration file.
mkdir -p /etc/guacamole/
Install Guacamole Server
Guacamole uses "guacd", a Guacamole server and a Guacamole Client for users to connect to the "guacd" server. We first install Guacamole Server.
Change Directories
cd /var/hda/web-apps/guacamole
Download Guacamole Server
wget https://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz
Unpackage it
tar -xzf guacamole-server-0.9.9.tar.gz
Move to the Guacamole source code directory
cd guacamole-server-0.9.9/
Configure, make and install it.
./configure --with-init-dir=/etc/init.d make make install ldconfig
Install Guacamole Client
Create a new directory and move to it.
mkdir -p /var/lib/guacamole && cd /var/lib/guacamole/
Download Guacamole Client.
wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.9.war -O guacamole.war
Create a symbolic link of the file for Tomcat.
ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat/webapps/
Update Amahi Web App Files
Create Symbolic links between guacamole in Tomcat and Amahi's web app directory
ln -s /var/lib/tomcat/webapps/guacamole/* /var/hda/web-apps/guacamole/html
Make sure the owner of all the file is apache and the group is users.
chown -R apache:users /var/hda/web-apps/guacamole
Start Guacamole Server
Restart Tomcat.
systemctl restart tomcat
Start Guacamole Server.
/etc/init.d/guacd start
Configure Guacamole Server to start at boot.
systemctl enable tomcat chkconfig guacd on
Log In to Guacamole
You can access the web login screen for Guacamole from computers in the network via http://****:8080/guacamole (Where the **** is the IP address of your Amahi server).
The default user name/password is guacadmin/guacadmin. You can change your password by editing your own user in the administration screen.
Access Outside Network
If you want Guacamole's web interface to be accessible outside of your LAN you will have to forward a random, unused port (1111, for example) to port 8080 in your router.
Then when you access Guacamole from outside your LAN you will need to add /guacamole to the end of your url. (http://servername.yourhda.com:1111/guacamole).
If you do not add /guacamole to your url, you will see a blank page since you did not specify which application in Tomcat you wanted to access.