Guacamole is a really nifty piece of software to use, but can be somewhat annoying to initially set up. Here we bring up a basic installation (SSL and various MFA/LDAP auth add-ons are beyond the scope of this tutorial) using docker-compose.
downloading the images:
docker pull guacamole/guacamole
docker pull guacamole/guacd
docker pull mariadb/server
creating the database initialization script:
docker run –rm guacamole/guacamole /opt/guacamole/bin/initdb.sh –mysql > guac_db.sql
creating our initial docker-compose.yaml:
version: '3'
services:
guacdb:
container_name: guacdb
image: mariadb/server:latest
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'MariaDBRootPSW'
MYSQL_DATABASE: 'guacamole_db'
MYSQL_USER: 'guacamole_user'
MYSQL_PASSWORD: 'MariaDBUserPSW'
volumes:
- 'guacdb-data:/var/lib/mysql'
volumes:
guacdb-data:
Bringing the db container up:
docker-compose up -d
Copying db initialization script into the container:
docker cp guac_db.sql guacdb:/guac_db.sql
Opening a shell and initializing the db:
docker exec -it guacdb bash
cat /guac_db.sql | mysql -u root -p guacamole_db
exit
Shutting down db container:
docker-compose down
Expanding our docker-compose.yaml:
version: '3'
services:
guacdb:
container_name: guacdb
image: mariadb/server:latest
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'MariaDBRootPSW'
MYSQL_DATABASE: 'guacamole_db'
MYSQL_USER: 'guacamole_user'
MYSQL_PASSWORD: 'MariaDBUserPSW'
volumes:
- 'guacdb-data:/var/lib/mysql'
guacd:
container_name: guacd
image: guacamole/guacd
restart: unless-stopped
guacamole:
container_name: guacamole
image: 'guacamole/guacamole:latest'
restart: unless-stopped
ports:
- '8080:8080'
environment:
GUACD_HOSTNAME: "guacd"
MYSQL_HOSTNAME: "guacdb"
MYSQL_DATABASE: "guacamole_db"
MYSQL_USER: "guacamole_user"
MYSQL_PASSWORD: "MariaDBUserPSW"
depends_on:
- guacdb
- guacd
volumes:
guacdb-data:
Bringing everything up again:
docker-compose up -d
Logging in:
At this point you should be able to browse to http://my.docker.ip.address:8080/guacamole and login with guacadmin/guacadmin.
P.S: Despite the application container having a dependency on guacdb and guacd in the compose file, you can still run into minor trouble after system reboots: bringing up the containers on the reboot is handled by the docker daemon (and not docker-compose) which is unaware of the dependancy and will happily start all containers at once without waiting for the required dependancies to become healthy.
The “restart: unless-stopped” should bring guacamole right back up and successfully connect, but you might see signs of a previously failed container launch in the logs immediately after a reboot. If this concerns you, you can disable the container autostart and run docker-compose via cron upon reboots to bring up your stack or use some alternative orchestration tool.