Installing Guacamole on Docker on Arch Linux

Guacamole is an HTML5 web application used to remotely access computers over RDP, VNC, SSH, and Telnet. The fastest and easiest way to deploy it is via Docker. This is a quick guide for installing Guacamole on Arch Linux.

A working Guacamole environment typically has three parts:

• guacd - the component that connects to the remote protocols (RDP, SSH, etc)
• guacamole - the java web application and user interface
• a database used for storing users/roles and connection information

The database is not required but makes things a lot easier, and will be used here.

This guide assumes you have a stock Arch Linux installation, with the following packages:

base base-devel syslinux openssh tmux open-vm-tools sudo wget htop docker

You may not need all of these packages, but I like to have them in a base install.

Add your user to the docker group:

# gpasswd -a user docker

Then either log out or run

$ newgrp docker

to make your session aware of the group.

Deploy the guacd image:

docker run --name guacd -d glyptodon/guacd

Nothing else needs to be done with it.

Deploy MySQL 5.7.7:

docker run --name mysql -e MYSQL_ROOT_PASSWORD=<PASSWORD> -d mysql:5.7.7

When it completes, copy and save the code produced at the bottom of the output. This is the container ID, and will look similar to this: 4c157241cc824ca0bd3584aa0c9f2dcc8ab40b4695f165e1bd3968ff26146834

Create the tables needed by Guacamole and export them into a file to then be imported into the database:

docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql

This will download guacamole but not run it.

Copy the above file into the MySQL container:

cp initdb.sql /var/lib/docker/btrfs/subvolumes/<container ID>/root

Enter the MySQL container shell:

docker exec -it mysql bash

Enter the MySQL shell:

mysql -uroot

You will be prompted for the password you created earlier.

Create the Guacamole database:

CREATE DATABASE guac_db;

Create the Guacamole user and its password:

CREATE USER 'guac_user'@'%' IDENTIFIED BY 'password';

Give the Guacamole user proper permissions:

GRANT SELECT,INSERT,UPDATE,DELETE ON guac_db.* TO 'guac_user'@'%';

Then finally:

FLUSH PRIVILEGES;

And:

quit

Import the database tables from earlier into the new database:

cat /root/initdb.sql | mysql -uroot guac_db

You'll be prompted for the MySQL password again.

You're now done configuring the MySQL Container, and you can exit it.

exit

Now run the Guacamole container that was downloaded earlier:

docker run --name guacamole --link guacd:guacd --link mysql:mysql \
-e MYSQL_DATABASE=guac_db \
-e MYSQL_USER=guac_user \
-e MYSQL_PASSWORD=<GUAC_PASSWORD> \
-d -p 8080:8080 glyptodon/guacamole

Once it's all up and running, open up http://<machine>:8080/guacamole in a web browser. You should be greeted with a login screen. Use guacadmin for the username and password.