Skip to content

Docker composition for Guacamole clientless remote desktop gateway

License

Notifications You must be signed in to change notification settings

cisagov/guacamole-composition

Folders and files

NameName
Last commit message
Last commit date

Latest commit

2bed1e8 · Apr 14, 2023
Feb 13, 2023
Jan 27, 2022
Apr 14, 2023
Nov 4, 2021
Oct 28, 2021
Feb 12, 2020
May 3, 2019
Jul 14, 2021
Oct 19, 2020
Feb 25, 2022
Feb 2, 2023
Jun 7, 2019
Nov 9, 2022
Jul 14, 2021
Jun 24, 2019
Jun 23, 2022
Nov 21, 2022
Apr 14, 2023
Jul 30, 2019
Jan 11, 2021
Jun 19, 2020
Jun 9, 2020
Aug 4, 2021
May 10, 2021

Repository files navigation

guacamole-composition 🥑🐳

GitHub Build Status CodeQL Known Vulnerabilities

Creates a Docker composition containing instances of:

  • guacamole clientless remote desktop gateway.
  • guacd server-side proxy for Guacamole.
  • Postgres relational database.
  • cisagov/guacscanner-docker utility for continually scanning the EC2 instances in an AWS VPC and updating the Guacamole connections in the underlying PostgreSQL database.

Running

A sample Docker composition is included in this repository.

To start the composition, use the command: docker compose up

Connect to the Guacamole web interface at: http://localhost/guacamole.

The default credentials are guacadmin, guacadmin - you should change those as soon as possible.

Volumes

postgres

Mount Point Purpose
dbdata Stores all database data for the postgres container
dbinit Stores the postgres initialization script for the guacamole database resources

Ports

This composition exposes the following port to the localhost:

Port Protocol Service Purpose
80 TCP http Guacamole web interface

Secrets

Sample secrets have been provided - you should change these if you use this composition on a publicly-accessible host:

Filename Purpose
postgres_username Text file containing the username of the postgres user used by the guacamole container
postgres_password Text file containing the password of the postgres user used by the guacamole container
private_ssh_key Text file containing the private SSH key to use for SFTP file transfer in Guacamole.
rdp_username Text file containing the username for Guacamole to use when connecting to an instance via RDP.
rdp_password Text file containing the password for Guacamole to use when connecting to an instance via RDP.
vnc_username Text file containing the username for Guacamole to use when connecting to an instance via VNC.
vnc_password Text file containing the password for Guacamole to use when connecting to an instance via VNC.
windows_sftp_base Text file containing the base path for the SFTP directories that Guacamole will use when connecting to a Windows instance via VNC.

Contributing

We welcome contributions! Please see CONTRIBUTING.md for details.

License

This project is in the worldwide public domain.

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.