Jun 24, 2021

CentOS v.7 : Apache Guacamole

 Apache Guacamole is a RDP to HTTP/HTTPS open source remote broker/gateway.

1. Install CentOS v.7.0 with Minimal Installation, follow all on-screen configurations accordingly.

2. During the install, configure the IP Address to Fixed/Manual and the hostname (eg. guacsvr).

3. Install the RPM Fusion repository :-

  • sudo yum install -y epel-release
  • sudo yum -y localinstall --nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm
4. Install some utilities :-
  • sudo yum install -y nano net-tools wget

5. Install MariaDB, Tomcat & Apache Guacamole dependencies :-
  • sudo yum install -y cairo-devel libjpeg-turbo-devel libwebsockets-devel libpng-devel uuid-devel ffmpeg-devel freerdp-devel pango-devel libssh2-devel libvncserver-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel libtool libtelnet-devel freerdp mariadb-server tomcat

6. Download, Extract & Make Apache Guacamole Server (as of writing the latest version is 1.3.0, check for latest version at https://downloads.apache.org/guacamole/) :-
  • sudo wget https://downloads.apache.org/guacamole/1.3.0/source/guacamole-server-1.3.0.tar.gz
  • sudo tar -xzf guacamole-server-1.3.0.tar.gz
  • sudo wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-1.3.0.war
  • cd guacamole-server-1.3.0
  • sudo ./configure --with-init-dir=/etc/init.d
  • sudo make install
  • sudo ldconfig && cd ~
  • cp ~/guacamole-1.3.0.war /var/lib/tomcat/webapps/guacamole.war
  • sudo firewall-cmd --permanent --add-port=8080/tcp
  • sudo firewall-cmd --reload
  • sudo systemctl enable tomcat && systemctl enable mariadb && systemctl enable guacd

7. Download & Install Connector, Extensions & Lib :-
  • sudo mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}
  • sudo wget https://cdn.mysql.com//Downloads/Connector-J/mysql-connector-java-8.0.24.tar.gz
  • sudo tar -xzf mysql-connector-java-8.0.24.tar.gz
  • cp mysql-connector-java-8.0.24/mysql-connector-java-8.0.24.jar /usr/share/tomcat/.guacamole/lib/
Extensions (select whichever you preferred) :-
  • sudo wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-auth-jdbc-1.3.0.tar.gz
  • sudo wget https://downloads.apache.org/guacamole/1.3.0/binary/guacamole-auth-ldap-1.3.0.tar.gz
  • sudo tar -xzf guacamole-auth-jdbc-1.3.0.tar.gz
  • sudo tar -xzf guacamole-auth-ldap-1.3.0.tar.gz
  • cp guacamole-auth-jdbc-1.3.0/mysql/guacamole-auth-jdbc-1.3.0.jar /usr/share/tomcat/.guacamole/extensions/
  • cp guacamole-auth-ldap-1.3.0/guacamole-auth-ldap-1.3.0.jar /usr/share/tomcat/.guacamole/extensions/
  • sudo systemctl start mariadb && systemctl start tomcat

8. To secure MySQL server configurations :-

  • sudo mysql_secure_installation
  • Enter
  • Key-in your new password
  • When prompted = Yes, Yes, Yes, Yes

9. Configure MySQL DB :-
  • sudo mysql -u root -p
  • CREATE DATABASE IF NOT EXISTS guacdb DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
  • GRANT SELECT,INSERT,UPDATE,DELETE ON guacdb.* TO 'guacuser'@'localhost' IDENTIFIED BY 'guacpass' WITH GRANT OPTION;
  • flush privileges;
  • quit

10. Install Apache Guacamole Client :-
  • sudo wget https://downloads.apache.org/guacamole/1.3.0/source/guacamole-client-1.3.0.tar.gz
  • sudo tar -xzf guacamole-client-1.3.0.tar.gz
  • sudo cat guacamole-client-1.3.0/extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/schema/*.sql | mysql -u root -p guacdb
  • sudo mkdir -p /etc/guacamole
Create and configure guacamole properties :-
  • sudo nano /etc/guacamole/guacamole.properties
    • #MySQL properties
    • mysql-hostname: localhost
    • mysql-port: 3306
    • mysql-database: guacdb
    • mysql-username: guacuser
    • mysql-password: guacpass
    • #Additional settings
    • mysql-default-max-connections-per-user: 0
    • mysql-default-max-group-connections-per-user: 0
  • sudo chmod 0400 /etc/guacamole/guacamole.properties
  • sudo chown tomcat:tomcat /etc/guacamole/guacamole.properties
  • ls -alh /etc/guacamole/
  • ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/
  • sudo chown tomcat:tomcat /var/lib/tomcat/webapps/guacamole.war

11. Configure Time Zone for MySQL :-
  • sudo nano /etc/my.cnf
    • default-time-zone='+8:00'

12. Configure the Connector :-
  • sudo setsebool -P tomcat_can_network_connect_db on
  • sudo restorecon -R -v /usr/share/tomcat/.guacamole/lib/mysql-connector-java-8.0.24.jar

13. Restart the server.
  • sudo shutdown now -r

14. On another computer, open any internet browser
  • http://[Server IP]:8080/guacamole
  • Username = guacadmin
  • Password = guacadmin
! Important to change the password !


Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)