Use Docker, so much easier, compose.yaml
services:
mysql:
image: mysql
restart: unless-stopped
container_name: guac-mysql
environment:
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_PASSWORD=<RANDOMPW>
- MYSQL_ROOT_PASSWORD=<RANDOMPW2>
volumes:
- ./data:/var/lib/mysql
- ./docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
guacd:
image: guacamole/guacd
restart: unless-stopped
container_name: guacd
guacamole:
image: guacamole/guacamole
restart: unless-stopped
depends_on:
- mysql
- guacd
ports:
- 8080:8080
environment:
- GUACD_HOSTNAME=guacd
- MYSQL_HOSTNAME=guac-mysql
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_PASSWORD=<RANDOMPW>
mkdir docker-entrypoint-initdb.d
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > ./docker-entrypoint-initdb.d/initdb.sql
docker-compose up -d
OLD WAY
Install Linux (at this time Ubuntu 22.04 LTS)
Install mariadb, guacd and tomcat
apt install mariadb-server guacd tomcat9
download tomcat application bundles
wget https://archive.apache.org/dist/guacamole/1.4.0/binary/guacamole-1.4.0.war
mv guacamole-1.4.0.war /var/lib/tomcat9/webapps/guacamole.war
https://archive.apache.org/dist/guacamole/1.4.0/binary/guacamole-auth-jdbc-1.4.0.tar.gz
tar -xzf guacamole-auth-jdbc-1.4.0.tar.gz
mv guacamole-auth-jdbc-1.4.0/mysql/guacamole-auth-jdbc-mysql-1.4.0.jar /etc/guacamole/extensions/
setup database/driver
RND_PASSWORD=$(tr -dc 'A-Za-z0-9~!@#$%^&*()-_=+[]\\{}|;:,\./?' </dev/urandom | head -c 20 ; echo '')
mysql -e 'CREATE DATABASE guacamole_db;'
cat guacamole-auth-jdbc-1.4.0/mysql/schema/*.sql | mysql guacamole_db
mysql -e "CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY '$RND_PASSWORD';"
mysql -e "GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';"
wget https://cdn.mysql.com//Downloads/Connector-J/mysql-connector-j_8.0.33-1ubuntu22.04_all.deb
dpkg -i mysql-connector-j_8.0.33-1ubuntu22.04_all.deb
cp /usr/share/java/mysql-connector-java-*.jar /etc/guacamole/lib/mysql-connector.jar
Create directories and initial settings
mkdir -p /etc/guacamole/{extensions,lib}
echo "mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: $RND_PASSWORD" >> /etc/guacamole/guacamole.properties
echo "[server]
bind_host = 0.0.0.0
bind_port = 4822" >> /etc/guacamole/guacd.conf
Configure tomcat
echo GUACAMOLE_HOME=/etc/guacamole >> /etc/default/tomcat9
echo '<% response.sendRedirect("/guacamole"); %>' > /var/lib/tomcat9/webapps/ROOT/index.jsp
rm /var/lib/tomcat9/webapps/ROOT/index.html
Now adding https is a little tricker, use your normal way to get a cert, like certbot
sudo certbot certonly --standalone --preferred-challenges http -d example.steveborba.com
and then edit /etc/tomcat9/server.xml and put something like this
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeyFile="/etc/letsencrypt/live/example.steveborba.com/privkey.pem"
certificateFile="/etc/letsencrypt/live/example.steveborba.com/cert.pem"
certificateChainFile="/etc/letsencrypt/live/example.steveborba.com/chain.pem"
type="RSA" />
</SSLHostConfig>
</Connector>