Sign in Subscribe
docker

Deploy Guacamole to access remotely your servers

Deploy Guacamole quickly using docker compose

2nistech

3 min read

Prerequisites

You will need to have a working docker environment, for that you can follow this post:

Start with docker and docker compose
How to install docker and docker compose on Debian 12
2nis Tech World2nistech

Deploy Guacamole with docker compose

Preparing the Docker Compose File

Create a Docker Compose file that defines the guacamole service and its dependencies. Open a text editor and create a new file named docker-compose.yml. Paste the following content into the file:

  guacdb:
    container_name: guacdb
    image: mariadb/server:latest
    restart: unless-stopped
    environment:
      - MYSQL_ROOT_PASSWORD=A_STRONG_PASSWORD
      - MYSQL_DATABASE=guacamole_db
      - MYSQL_USER=guacamole_user
      - MYSQL_PASSWORD=ANOTHER_STRONG_PASSWORD
      - PUID=1000
      - PGID=100
    volumes:
      - /PATH/LOCAL/STORAGE/guacamole/bd:/var/lib/mysql

  guacd:
    container_name: guacd
    image: guacamole/guacd
    restart: unless-stopped

  guacamole:
    container_name: guacamole
    image: 'guacamole/guacamole:latest'
    restart: unless-stopped
    ports:
      - 8080:8080
    environment:
      - GUACD_HOSTNAME=guacd
      - MYSQL_HOSTNAME=guacdb
      - MYSQL_DATABASE=guacamole_db
      - MYSQL_USER=guacamole_user
      - MYSQL_PASSWORD=ANOTHER_STRONG_PASSWORD #Same as above
    depends_on:
      - guacdb
      - guacd

Make sure to replace  A_STRONG_PASSWORD and ANOTHER_STRONG_PASSWORD with secure passwords of your choice and also /PATH/LOCAL/STORAGE to a folder to store your the database datas.

Save the file once  you've made the necessary changes.

Running Guacamole with Docker Compose

Initialize the Database

Before starting all the services we need to start the database first and import the dbdatabase initialization file.

Start the database (guacdb) with

docker compose up -d guacdb

Once the container started use this command to get the initdb.sql file in the local folder of the database

docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > /PATH/LOCAL/STORAGE/guacamole/bd/initdb.sql

Now use the followings command to import the file into the database from the guacdb container

docker exec -it guacdb bash
mysql -u root -p guacamole_db < /var/lib/mysql/initdb.sql
Enter password: # put what you set in ANOTHER_STRONG_PASSWORD
exit

Deploy the other containers

Now the database is imported you can start the rest of the containerd with

docker compose up -d

Once all containers started, you can access Guacamole through your web browser at

http://your_server_ip:8080/guacamole

Login with the default login and password guacadmin / guacadmin

Configure the SSL reverse proxy

To access Guacamole using https the best way  is to use a reverse proxy, like usual we will use swag as the reverse proxy, if you don't have swag installed you can see how to do it here

Use the Swag docker container as reverse proxy
We are going to see how to use swag as an SSL reverse proxy for your dockers app.
2nis Tech World2nistech

Swag as a pre-configured file for Guacamole, so go to the folder nginx/proxy-confs of your Swag installation folder and rename / copy the file guacamole.subdomain.conf.sample to guacamole.subdomain.conf

Restart swag with

docker compose restart swag

And now you can access Guacamole using https://guacamole.your.domain/guacamole

Sources: https://guacamole.apache.org/doc/gug/guacamole-docker.html