User Tools

Site Tools


guacamole

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
Next revision Both sides next revision
guacamole [2018/12/06 19:48]
abeverley created
guacamole [2018/12/06 20:03]
abeverley
Line 1: Line 1:
-==Introduction==+=====Guacamole===== 
 + 
 +===== Introduction ​=====
  
 Guacamole is remote desktop software, which allows any client to connect to it with only a HTML5 browser. No plugins, client software or any other headaches required! Guacamole is remote desktop software, which allows any client to connect to it with only a HTML5 browser. No plugins, client software or any other headaches required!
  
-==Set up a webinar demo machine==+===== Set up a webinar demo machine ​=====
  
 These brief instructions show how to set up Guacamole on a remote server, so that it can be used as a demo machine, controllable and viewable by anyone with a web browser. I use this to perform remote demonstrations of web-based software. The instructions assume that a Debian Jessie system is used, with Apache already installed. These brief instructions show how to set up Guacamole on a remote server, so that it can be used as a demo machine, controllable and viewable by anyone with a web browser. I use this to perform remote demonstrations of web-based software. The instructions assume that a Debian Jessie system is used, with Apache already installed.
Line 9: Line 11:
 * Install required packages: * Install required packages:
  
-    ​apt-get install xfce4 chromium guacamole-tomcat x11vnc xrdp libguac-client-rdp0+    ​apt-get install xfce4 chromium guacamole-tomcat x11vnc xrdp libguac-client-rdp0
  
 * Configure Apache as a proxy to Tomcat (and Guacamole) * Configure Apache as a proxy to Tomcat (and Guacamole)
  
- <​VirtualHost _default_:​443>​ +  ​<​VirtualHost _default_:​443>​ 
-     ​ProxyPass ​      / ​ http://​localhost:​8080/​guacamole/​ flushpackets=on +    ProxyPass ​      / ​ http://​localhost:​8080/​guacamole/​ flushpackets=on 
-     ​ProxyPassReverse / http://​localhost:​8080/​guacamole/​ +    ProxyPassReverse / http://​localhost:​8080/​guacamole/​ 
-     ​ProxyPassReverseCookiePath /guacamole/ / +    ProxyPassReverseCookiePath /guacamole/ / 
-     ​SSLEngine on +    SSLEngine on 
-     ​SSLCertificateFile ​ /​etc/​ssl/​certs/​mycert.pem +    SSLCertificateFile ​ /​etc/​ssl/​certs/​mycert.pem 
-     ​SSLCertificateKeyFile /​etc/​ssl/​private/​mykey.key +    SSLCertificateKeyFile /​etc/​ssl/​private/​mykey.key 
- </​VirtualHost>​+  </​VirtualHost>​
  
-* Add an RDP user to the Guacamole user config (/​etc/​guacamole/​user-mapping.xml)+  ​* Add an RDP user to the Guacamole user config (/​etc/​guacamole/​user-mapping.xml)
  
- <​authorize username="​myuser"​ password="​mypass">​ +<​html>​<​authorize username="​myuser"​ password="​mypass">​</​html>​\\ 
-     ​<​protocol>​rdp</​protocol>​ +''​%%    %%''<​html>​<​protocol>​</​html>''​%%rdp%%''<​html>​</​protocol>​</​html>​\\ 
-     ​<param name="​hostname">​localhost</​param>​ +''​%%    %%''<​html>​<param name="​hostname">​</​html>''​%%localhost%%''<​html>​</​param>​</​html>​\\ 
-     ​<param name="​port">​3389</​param>​ +''​%%    %%''<​html>​<param name="​port">​</​html>''​%%3389%%''<​html>​</​param>​</​html>​\\ 
-     ​<param name="​password">​rdp_pass</​param>​ +''​%%    %%''<​html>​<param name="​password">​</​html>''​%%rdp_pass%%''<​html>​</​param>​</​html>​\\ 
- </​authorize>​+<​html>​</​authorize></​html>
  
 Edit a connection to /​etc/​xrdp/​xrdp.ini Edit a connection to /​etc/​xrdp/​xrdp.ini
  
- [xrdp0] +''​%%[xrdp0]%%''​\\ 
- name=My connection +''​%%name=My connection%%''​\\ 
- ​lib=libvnc.so +''​%%lib=libvnc.so%%''​\\ 
- ​username= +''​%%username=%%''​\\ 
- ​password=vnc_pass ​or "​ask"​ +''​%%password=vnc_pass or "​ask"​%%''​\\ 
- ​ip=127.0.0.1 +''​%%ip=127.0.0.1%%''​\\ 
- ​port=5900+''​%%port=5900%%''​
  
- ​systemctl restart xrdp.service+''​%%systemctl restart xrdp.service%%''​
  
 Add a normal user to run X as: Add a normal user to run X as:
  
- ​useradd ​--g users -/bin/bash andrew+''​%%useradd --g users -/bin/bash andrew%%''​
  
 Reconfigure X to allow any user to start it: Reconfigure X to allow any user to start it:
  
- dpkg-reconfigure x11-common+''​%%dpkg-reconfigure x11-common%%''​
  
 If running Debian Stretch, then also instal xserver-xorg-legacy:​ If running Debian Stretch, then also instal xserver-xorg-legacy:​
  
- Fixes the following error+''​%%Fixes the following error:%%''​\\ 
- # parse_vt_settings: ​Cannot open /dev/tty0 (Permission denied+''​%%#​ parse_vt_settings:​ Cannot open /dev/tty0 (Permission denied)%%''​\\ 
- apt-get install xserver-xorg-legacy+''​%%apt-get install xserver-xorg-legacy%%''​
  
 Change to the normal user and start the required X services: Change to the normal user and start the required X services:
  
- su andrew +''​%%su andrew%%''​\\ 
- x11vnc ​-storepasswd ​As configured in /​etc/​xrdp/​xrdp.ini +''​%%x11vnc -storepasswd As configured in /​etc/​xrdp/​xrdp.ini%%''​\\ 
- startx ​+''​%%startx &%%''​\\ 
- x11vnc ​-noncache ​-usepw -display ​:-rfbport 5900 -shared+''​%%x11vnc -noncache -usepw -display :-rfbport 5900 -shared%%''​
  
 It should now be possible to browse to the site configured in Apache, login to Guacamole, and see a standard XFCE desktop. Chromium (or Iceweasal/​Firefox) can be launched from the applications menu. It should now be possible to browse to the site configured in Apache, login to Guacamole, and see a standard XFCE desktop. Chromium (or Iceweasal/​Firefox) can be launched from the applications menu.
  
-==Enabling Apache Portable Runtime (APR)==+===== Enabling Apache Portable Runtime (APR) =====
  
 I don't know how much difference it makes (or whether it makes any difference in this environment),​ but APR is recommended for Tomcat to "​provide superior scalability,​ performance,​ and better integration with native server technologies"​. It can be enabled by uncommenting the following section in /​etc/​tomcat8/​server.xml:​ I don't know how much difference it makes (or whether it makes any difference in this environment),​ but APR is recommended for Tomcat to "​provide superior scalability,​ performance,​ and better integration with native server technologies"​. It can be enabled by uncommenting the following section in /​etc/​tomcat8/​server.xml:​
  
- <​Listener className="​org.apache.catalina.core.AprLifecycleListener"​ SSLEngine="​on"​ />+<​html>​<​Listener className="​org.apache.catalina.core.AprLifecycleListener"​ SSLEngine="​on"​ /></​html>
  
 And installing libtcnative-1:​ And installing libtcnative-1:​
  
- apt-get install libtcnative-1+''​%%apt-get install libtcnative-1%%''​
  
-=Links:=+====== Links: ​======
  
 http://​askubuntu.com/​questions/​235905/​use-xrdp-to-connect-to-desktop-session http://​askubuntu.com/​questions/​235905/​use-xrdp-to-connect-to-desktop-session
guacamole.txt · Last modified: 2018/12/06 20:04 by abeverley