Deploy Guacamole

Some cred to: (I use MariaDB instead of postgres)

Spin up the database container (needed to extract the intidb.sql - there are probably other ways but most seems to be doing it like this)
example docker-compose

services:
  guacdb:
    container_name: guacamoledb
    image: mariadb:11.2
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: '<insert-root-password>'
      MYSQL_DATABASE: 'guacamole_db'
      MYSQL_USER: 'guacamole_user'
      MYSQL_PASSWORD: '<insert-user-password>'
    volumes:
      - 'guac_mariadb_data:/var/lib/mysql'
volumes:
  guac_mariadb_data:

ssh to your docker node and run: docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
Then copy the initdb.sql into the database container deployment: docker cp initdb.sql guacamoledb:/initdb.sql
Enter the shell on the database container: docker exec -it guacamoledb bash
Import: cat initdb.sql | mariadb -u root -p guacamole_db (enter root password when asked)
exit
Stop the db container: docker-compose down
Edit the docker-compose.yml
default port is 8080, change to whatever depending on how you reverse proxy it

services:
  guacdb:
    container_name: guacamoledb
    image: mariadb:latest
    restart: unless-stopped
    networks:
      - traefik-proxy
    environment:
      MYSQL_ROOT_PASSWORD: '<root-password>'
      MYSQL_DATABASE: 'guacamole_db'
      MYSQL_USER: 'guacamole_user'
      MYSQL_PASSWORD: '<mysql-user-pass>'
    volumes:
      - 'guac_mariadb_data:/var/lib/mysql'
  guacd:
    container_name: guacd
    image: guacamole/guacd:latest
    restart: unless-stopped
    networks:
      - traefik-proxy
  guacamole:
    container_name: guacamole
    image: guacamole/guacamole:latest
    restart: unless-stopped
    networks:
      - traefik-proxy
    environment:
      GUACD_HOSTNAME: "guacd"
      MYSQL_HOSTNAME: "guacdb"
      MYSQL_DATABASE: "guacamole_db"
      MYSQL_USER: "guacamole_user"
      MYSQL_PASSWORD: "<mysql-user-pass>"
      TOTP_ENABLED: "true"
    depends_on:
      - guacdb
      - guacd
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.guac.rule=Host(`guacamole.domain.com`)"
      - "traefik.http.routers.guac.entrypoints=websecure"
      - "traefik.http.routers.guac.tls=true"
      - "traefik.http.services.guac.loadbalancer.server.port=8080"
      - "traefik.http.routers.guac.tls.certresolver=letsencrypt"
      - "traefik.http.routers.guac.tls.domains[0].main=domain.com"
      - "traefik.http.routers.guac.tls.domains[0].sans=*.domain.com"
      - "traefik.http.middlewares.add-guacamole.addprefix.prefix=/guacamole"
      - "traefik.http.routers.guac.middlewares=add-guacamole"
volumes:
  guac_mariadb_data:
networks:
  traefik-proxy:
    external: true

Take note of:

      - "traefik.http.middlewares.add-guacamole.addprefix.prefix=/guacamole"
      - "traefik.http.routers.guac.middlewares=add-guacamole"

Which adds the prefix /guacamole to the url, so https://guacamole.domain.com becomes https://guacamole.domain.com/guacamole which is required for the offical image

PreviousInstalling specific version of Docker NextTraefik geoblock

Last updated 7 months ago

Was this helpful?

services: guacdb: container_name: guacamoledb image: mariadb:11.2 restart: unless-stopped environment: MYSQL_ROOT_PASSWORD: '<insert-root-password>' MYSQL_DATABASE: 'guacamole_db' MYSQL_USER: 'guacamole_user' MYSQL_PASSWORD: '<insert-user-password>' volumes: - 'guac_mariadb_data:/var/lib/mysql' volumes: guac_mariadb_data:

services: guacdb: container_name: guacamoledb image: mariadb:latest restart: unless-stopped networks: - traefik-proxy environment: MYSQL_ROOT_PASSWORD: '<root-password>' MYSQL_DATABASE: 'guacamole_db' MYSQL_USER: 'guacamole_user' MYSQL_PASSWORD: '<mysql-user-pass>' volumes: - 'guac_mariadb_data:/var/lib/mysql' guacd: container_name: guacd image: guacamole/guacd:latest restart: unless-stopped networks: - traefik-proxy guacamole: container_name: guacamole image: guacamole/guacamole:latest restart: unless-stopped networks: - traefik-proxy environment: GUACD_HOSTNAME: "guacd" MYSQL_HOSTNAME: "guacdb" MYSQL_DATABASE: "guacamole_db" MYSQL_USER: "guacamole_user" MYSQL_PASSWORD: "<mysql-user-pass>" TOTP_ENABLED: "true" depends_on: - guacdb - guacd labels: - "traefik.enable=true" - "traefik.http.routers.guac.rule=Host(`guacamole.domain.com`)" - "traefik.http.routers.guac.entrypoints=websecure" - "traefik.http.routers.guac.tls=true" - "traefik.http.services.guac.loadbalancer.server.port=8080" - "traefik.http.routers.guac.tls.certresolver=letsencrypt" - "traefik.http.routers.guac.tls.domains[0].main=domain.com" - "traefik.http.routers.guac.tls.domains[0].sans=*.domain.com" - "traefik.http.middlewares.add-guacamole.addprefix.prefix=/guacamole" - "traefik.http.routers.guac.middlewares=add-guacamole" volumes: guac_mariadb_data: networks: traefik-proxy: external: true