User Tools

Site Tools


guacamole

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
guacamole [2018/12/06 19:48]
abeverley created
guacamole [2018/12/06 20:04] (current)
abeverley
Line 1: Line 1:
-==Introduction==+=====Guacamole===== 
 + 
 +===== Introduction ​=====
  
 Guacamole is remote desktop software, which allows any client to connect to it with only a HTML5 browser. No plugins, client software or any other headaches required! Guacamole is remote desktop software, which allows any client to connect to it with only a HTML5 browser. No plugins, client software or any other headaches required!
  
-==Set up a webinar demo machine==+===== Set up a webinar demo machine ​=====
  
 These brief instructions show how to set up Guacamole on a remote server, so that it can be used as a demo machine, controllable and viewable by anyone with a web browser. I use this to perform remote demonstrations of web-based software. The instructions assume that a Debian Jessie system is used, with Apache already installed. These brief instructions show how to set up Guacamole on a remote server, so that it can be used as a demo machine, controllable and viewable by anyone with a web browser. I use this to perform remote demonstrations of web-based software. The instructions assume that a Debian Jessie system is used, with Apache already installed.
Line 9: Line 11:
 * Install required packages: * Install required packages:
  
-    ​apt-get install xfce4 chromium guacamole-tomcat x11vnc xrdp libguac-client-rdp0+''​apt-get install xfce4 chromium guacamole-tomcat x11vnc xrdp libguac-client-rdp0''​
  
 * Configure Apache as a proxy to Tomcat (and Guacamole) * Configure Apache as a proxy to Tomcat (and Guacamole)
  
- <​VirtualHost _default_:​443>​ +  ​<​VirtualHost _default_:​443>​ 
-     ​ProxyPass ​      / ​ http://​localhost:​8080/​guacamole/​ flushpackets=on +    ProxyPass ​      / ​ http://​localhost:​8080/​guacamole/​ flushpackets=on 
-     ​ProxyPassReverse / http://​localhost:​8080/​guacamole/​ +    ProxyPassReverse / http://​localhost:​8080/​guacamole/​ 
-     ​ProxyPassReverseCookiePath /guacamole/ / +    ProxyPassReverseCookiePath /guacamole/ / 
-     ​SSLEngine on +    SSLEngine on 
-     ​SSLCertificateFile ​ /​etc/​ssl/​certs/​mycert.pem +    SSLCertificateFile ​ /​etc/​ssl/​certs/​mycert.pem 
-     ​SSLCertificateKeyFile /​etc/​ssl/​private/​mykey.key +    SSLCertificateKeyFile /​etc/​ssl/​private/​mykey.key 
- </​VirtualHost>​+  </​VirtualHost>​
  
-* Add an RDP user to the Guacamole user config (/​etc/​guacamole/​user-mapping.xml)+  ​* Add an RDP user to the Guacamole user config (/​etc/​guacamole/​user-mapping.xml)
  
- <​authorize username="​myuser"​ password="​mypass">​ +  ​<​authorize username="​myuser"​ password="​mypass">​ 
-     ​<​protocol>​rdp</​protocol>​ +    <​protocol>​rdp</​protocol>​ 
-     ​<param name="​hostname">​localhost</​param>​ +    <param name="​hostname">​localhost</​param>​ 
-     ​<param name="​port">​3389</​param>​ +    <param name="​port">​3389</​param>​ 
-     ​<param name="​password">​rdp_pass</​param>​ +    <param name="​password">​rdp_pass</​param>​ 
- </​authorize>​+  </​authorize>​
  
 Edit a connection to /​etc/​xrdp/​xrdp.ini Edit a connection to /​etc/​xrdp/​xrdp.ini
  
- [xrdp0] +  ​[xrdp0] 
- ​name=My connection +  name=My connection 
- ​lib=libvnc.so +  lib=libvnc.so 
- ​username= +  username= 
- ​password=vnc_pass # or "​ask"​ +  password=vnc_pass # or "​ask"​ 
- ​ip=127.0.0.1 +  ip=127.0.0.1 
- ​port=5900+  port=5900
  
- ​systemctl restart xrdp.service+''​%%systemctl restart xrdp.service%%''​
  
 Add a normal user to run X as: Add a normal user to run X as:
  
- ​useradd ​--g users -/bin/bash andrew+''​%%useradd --g users -/bin/bash andrew%%''​
  
 Reconfigure X to allow any user to start it: Reconfigure X to allow any user to start it:
  
- dpkg-reconfigure x11-common+''​%%dpkg-reconfigure x11-common%%''​
  
 If running Debian Stretch, then also instal xserver-xorg-legacy:​ If running Debian Stretch, then also instal xserver-xorg-legacy:​
  
- # Fixes the following error: +  ​# Fixes the following error: 
- # parse_vt_settings:​ Cannot open /dev/tty0 (Permission denied) +  # parse_vt_settings:​ Cannot open /dev/tty0 (Permission denied) 
- ​apt-get install xserver-xorg-legacy+  apt-get install xserver-xorg-legacy
  
 Change to the normal user and start the required X services: Change to the normal user and start the required X services:
  
- su andrew +  ​su andrew 
- ​x11vnc -storepasswd # As configured in /​etc/​xrdp/​xrdp.ini +  x11vnc -storepasswd # As configured in /​etc/​xrdp/​xrdp.ini 
- ​startx & +  startx & 
- ​x11vnc -noncache -usepw -display :0 -rfbport 5900 -shared+  x11vnc -noncache -usepw -display :0 -rfbport 5900 -shared
  
 It should now be possible to browse to the site configured in Apache, login to Guacamole, and see a standard XFCE desktop. Chromium (or Iceweasal/​Firefox) can be launched from the applications menu. It should now be possible to browse to the site configured in Apache, login to Guacamole, and see a standard XFCE desktop. Chromium (or Iceweasal/​Firefox) can be launched from the applications menu.
  
-==Enabling Apache Portable Runtime (APR)==+===== Enabling Apache Portable Runtime (APR) =====
  
 I don't know how much difference it makes (or whether it makes any difference in this environment),​ but APR is recommended for Tomcat to "​provide superior scalability,​ performance,​ and better integration with native server technologies"​. It can be enabled by uncommenting the following section in /​etc/​tomcat8/​server.xml:​ I don't know how much difference it makes (or whether it makes any difference in this environment),​ but APR is recommended for Tomcat to "​provide superior scalability,​ performance,​ and better integration with native server technologies"​. It can be enabled by uncommenting the following section in /​etc/​tomcat8/​server.xml:​
  
- <​Listener className="​org.apache.catalina.core.AprLifecycleListener"​ SSLEngine="​on"​ />+<​html>​<​Listener className="​org.apache.catalina.core.AprLifecycleListener"​ SSLEngine="​on"​ /></​html>
  
 And installing libtcnative-1:​ And installing libtcnative-1:​
  
- apt-get install libtcnative-1+''​%%apt-get install libtcnative-1%%''​
  
-=Links:=+====== Links: ​======
  
 http://​askubuntu.com/​questions/​235905/​use-xrdp-to-connect-to-desktop-session http://​askubuntu.com/​questions/​235905/​use-xrdp-to-connect-to-desktop-session
guacamole.1544125705.txt.gz · Last modified: 2018/12/06 19:48 by abeverley