So what’s different with this over other methods of setting up Apache Guacamole?
The main thing is it’s entirely hands-off. It’ll pull the images, set up the network, create the containers, initialize the MySQL database… Everything. Including generating secure random passwords for you using Random.org and writing those to the console for you to store off for later updates. (See sections below.) Just copy the script to a .sh file and run it.
And speaking of later updates, the script sets up the containers on their own network with static IPs assigned to each over using the “link” command. This allows for very easy updates down the line since the containers – especially the MySQL container – can be recreated onto the same IP address as before.
Change what you need to avoid conflicts with any existing Docker networks or if you want the main Guacamole container to be accessible on a different port. Hopefully you won’t need to extend out the 30-second wait for the MySQL container to initialize. Bear in mind as well that the gaucd container takes a few minutes to fully start up and its status to be “Healthy”.
Once everything is running, the default admin login (as of this writing) for the Guacamole web interface is guacadmin/guacadmin.
#!/bin/bash
echo Pulling latest Docker images.
sudo docker pull guacamole/guacamole
sudo docker pull guacamole/guacd
sudo docker pull mysql
echo Creating volumes for MySQL data
sudo docker volume create guac-mysql-data
echo Creating network the containers will use.
sudo docker network create \
--subnet=192.168.10.0/24 \
--gateway=192.168.10.1 \
guacamole-net
echo Contacting Random.org for new 16-character passwords for MySQL root and Guacamole users.
root_secure_password=$(curl -s "https://www.random.org/strings/?num=1&len=16&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new")
guac_secure_password=$(curl -s "https://www.random.org/strings/?num=1&len=16&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new")
sql_create="\
ALTER USER 'root'@'localhost' \
IDENTIFIED BY '$root_secure_password'; \
CREATE DATABASE guacamole_db; \
CREATE USER 'guacamole_user'@'%' \
IDENTIFIED BY '$guac_secure_password'; \
GRANT SELECT,INSERT,UPDATE,DELETE \
ON guacamole_db.* \
TO 'guacamole_user'@'%'; \
FLUSH PRIVILEGES;"
echo Creating MySQL container
sudo docker run -d \
--name guac-mysql \
-e MYSQL_ROOT_PASSWORD=$root_secure_password \
-v guac-mysql-data:/var/lib/mysql \
--network guacamole-net \
--ip 192.168.10.2 \
--restart unless-stopped \
mysql
echo Let\'s wait about 30 seconds for MySQL to completely start up before continuing.
sleep 30
echo Initializing MySQL database
sudo docker exec guac-mysql \
mysql --user=root --password=$root_secure_password -e "$sql_create"
sudo docker exec guac-mysql \
mysql --user=root --password=$root_secure_password \
--database=guacamole_db \
-e "$(sudo docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql)"
echo Creating guacd container
sudo docker run -d \
--name guacd \
--network guacamole-net \
--ip 192.168.10.3 \
--restart unless-stopped \
guacamole/guacd
echo Creating main Guacamole container
sudo docker run -d \
--name guacamole \
--network guacamole-net \
--ip 192.168.10.4 \
--restart unless-stopped \
-e GUACD_HOSTNAME=192.168.10.3 \
-e MYSQL_HOSTNAME=192.168.10.2 \
-e MYSQL_DATABASE=guacamole_db \
-e MYSQL_USER=guacamole_user \
-e MYSQL_PASSWORD=$guac_secure_password \
-p 8080:8080 \
guacamole/guacamole
echo Done.
echo MySQL root password: $root_secure_password
echo MySQL guacamole_user password: $guac_secure_password
echo Store off these passwords as they will be needed for later container updates.Update Guacamole containers
Just copy off this script and keep it on your server to update the container with the latest Guacamole images.
#!/bin/bash
read -s -p "MySQL Guacamole user password: " guac_secure_password
echo
sudo docker pull mysql
sudo docker pull guacamole/guacamole
sudo docker pull guacamole/guacd
sudo docker stop guacamole
sudo docker stop guacd
sudo docker stop guac-mysql
sudo docker rm guac-mysql
sudo docker rm guacd
sudo docker rm guacamole
sudo docker run -d \
--name guac-mysql \
-v guac-mysql-data:/var/lib/mysql \
--network guacamole-net \
--ip 192.168.10.2 \
--restart unless-stopped \
mysql
sudo docker run -d \
--name guacd \
--network guacamole-net \
--ip 192.168.10.3 \
--restart unless-stopped \
guacamole/guacd
sudo docker run -d \
--name guacamole \
--network guacamole-net \
--ip 192.168.10.4 \
--restart unless-stopped \
-e GUACD_HOSTNAME=192.168.10.3 \
-e MYSQL_HOSTNAME=192.168.10.2 \
-e MYSQL_DATABASE=guacamole_db \
-e MYSQL_USER=guacamole_user \
-e MYSQL_PASSWORD=$guac_secure_password \
-p 8080:8080 \
guacamole/guacamole
