Difference between revisions of "Install Guacamole - HTML5 RDP Gateway"

From Bitbull Wiki
Jump to navigation Jump to search
 
 
(14 intermediate revisions by the same user not shown)
Line 2: Line 2:
 
* guacamole is a great way to present windows apps and desktops to the internet.<br>
 
* guacamole is a great way to present windows apps and desktops to the internet.<br>
 
You have only one https port open to the internet and the application is working pretty nice and fast.
 
You have only one https port open to the internet and the application is working pretty nice and fast.
* http://guac-dev.org/
+
* https://guacamole.apache.org/
 +
* Tested with Rocky Linux 9
 +
 
 +
You can install Ansible on a separated control node as well, then you need to configure ansible target host with ssh keys.<br>
 +
For that, you can look into my ansible course at
 +
* https://github.com/joe-speedboat/workshop.ansible
 +
 
  
 
=install=
 
=install=
yum -y install epel-release
+
* do this steps as root user
 +
 
 +
==setup ansible==
 
  yum  makecache
 
  yum  makecache
 
  yum -y upgrade
 
  yum -y upgrade
 +
curl -L ansible.bitbull.ch | bash
  
yum install -y wget pv dialog gcc cairo-devel libpng-devel libjpeg-turbo-devel uuid-devel freerdp-devel freerdp-plugins pango-devel libssh2-devel libtelnet-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel tomcat gnu-free-mono-fonts mariadb mariadb-server
+
==prepare ansible role==
 +
<pre>
 +
ansible-galaxy install joe-speedboat.guacamole
 +
ansible-galaxy install joe-speedboat.mariadb
 +
ansible-galaxy collection install ansible.posix community.mysql community.general
  
yum -y install ghostscript
+
vim /etc/ansible/playbooks/install_guacamole.yml
 +
----------
 +
- hosts: localhost
 +
  become: True
 +
  vars:
 +
    mariadb_user_password: '.change-this_000.'
 +
    mariadb_root_password: '.change-this_111.'
 +
  tasks:
 +
  - dnf:
 +
      name: firewalld
 +
  - systemd:
 +
      name: firewalld
 +
      state: started
 +
      enabled: True
 +
  - firewalld:
 +
      service: https
 +
      permanent: true
 +
      state: enabled
 +
  - systemd:
 +
      name: firewalld
 +
      state: restarted
 +
      enabled: True
 +
  roles:
 +
  - joe-speedboat.guacamole
 +
----------
 +
</pre>
  
wget http://sourceforge.net/projects/guacamoleinstallscript/files/CentOS/guacamole-install-script.sh
 
sed -i 's/GUACA_VER=.*/GUACA_VER="0.9.11-incubating"/g' guacamole-install-script.sh
 
sed -i 's/|| exit 1//g' guacamole-install-script.sh #/usr/lib64/pkgconfig linking error
 
chmod 700 guacamole-install-script.sh
 
./guacamole-install-script.sh
 
  
*Enter the root password for MariaDB: secret123
 
*Enter the Guacamole DB name: guacamole
 
*Enter the Guacamole DB username: guacamole
 
*Enter the Guacamole DB password: secret123
 
*Enter the Java KeyStore password (least 6 characters): secret123
 
*Do you wish to Install the Proxy feature (Nginx)?: yes
 
*Enter the Guacamole Server IP addres or hostame (default localhost): ras.bitbull.ch
 
*Enter the URI path (default guacamole): ras
 
  
service tomcat stop
 
echo 'JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom -Djava.awt.headless=true -Xmx512m -XX:MaxPermSize=256m -XX:+UseConcMarkSweepGC"' >> /etc/tomcat/tomcat.conf
 
  
 +
 +
==fire==
 +
ansible-playbook /etc/ansible/playbooks/install_guacamole.yml
 +
 +
==remove ansible==
 +
* if not needed anymore
 +
* note passwords from setup above as needed
 
<pre>
 
<pre>
mkdir /var/lib/tomcat/webapps/ROOT
+
dnf -y remove ansible-core
echo '<HTML>
+
rm -rfv /etc/ansible
<HEAD>
+
rm -rf $HOME/.ansible
<TITLE>Automatic Redirection</TITLE>
 
<SCRIPT LANGUAGE="JavaScript"><!--
 
function redirect () { setTimeout("go_now()",1); }
 
function go_now ()  { window.location.href = "guacamole/"; }
 
//--></SCRIPT>
 
</HEAD>
 
<BODY onLoad="redirect()">
 
</BODY>
 
</HTML>' > /var/lib/tomcat/webapps/ROOT/index.html
 
 
</pre>
 
</pre>
  
systemctl enable tomcat
+
[[Category:Ansible]]
systemctl start tomcat
+
[[Category:Howtos]]
  systemctl enable guacd
+
[[Category:Rocky9]]
systemctl start guacd
+
 
 +
==Test==
 +
* firefox: https://guacamole-host.domain.local
 +
:* user: guacadmin
 +
:* password: guacadmin
  
firewall-cmd --permanent --zone=public --add-port=8443/tcp
+
[[Category:Ansible]]
firewall-cmd --reload
 
 
[[Category:Howtos]]
 
[[Category:Howtos]]
 +
[[Category:Rocky9]]

Latest revision as of 06:53, 17 May 2023

1 general

  • guacamole is a great way to present windows apps and desktops to the internet.

You have only one https port open to the internet and the application is working pretty nice and fast.

You can install Ansible on a separated control node as well, then you need to configure ansible target host with ssh keys.
For that, you can look into my ansible course at


2 install

  • do this steps as root user

2.1 setup ansible

yum  makecache
yum -y upgrade
curl -L ansible.bitbull.ch | bash

2.2 prepare ansible role

ansible-galaxy install joe-speedboat.guacamole
ansible-galaxy install joe-speedboat.mariadb
ansible-galaxy collection install ansible.posix community.mysql community.general

vim /etc/ansible/playbooks/install_guacamole.yml
----------
- hosts: localhost
  become: True
  vars:
    mariadb_user_password: '.change-this_000.'
    mariadb_root_password: '.change-this_111.'
  tasks:
  - dnf:
      name: firewalld
  - systemd:
      name: firewalld
      state: started
      enabled: True
  - firewalld:
      service: https
      permanent: true
      state: enabled
  - systemd:
      name: firewalld
      state: restarted
      enabled: True
  roles:
  - joe-speedboat.guacamole
----------



2.3 fire

ansible-playbook /etc/ansible/playbooks/install_guacamole.yml

2.4 remove ansible

  • if not needed anymore
  • note passwords from setup above as needed
dnf -y remove ansible-core
rm -rfv /etc/ansible
rm -rf $HOME/.ansible

2.5 Test

  • user: guacadmin
  • password: guacadmin
Retrieved from "http://www.bitbull.ch/wiki/index.php?title=Install_Guacamole_-_HTML5_RDP_Gateway&oldid=5679"