Apache Guacamole
- apache/guacamole-server
- clientless remote desktop gateway
- 无客户端的远程桌面网关
- 支持 VNC, RDP, SSH, telnet, Kubernetes
- Kubernetes - 容器控制台
- 支持 mysql, postgresql, ldap, 2factor, totp, http header, cas, oidc, saml, ad-hoc 认证
- 支持录制
- 基础依赖: Cairo, libjpeg-turbo/libjpeg, libpng, OSSP UUID
- 功能依赖:
- FreeRDP
- SSH - libssh2, OpenSSL, Pango
- SFTP - libssh2, OpenSSL
- WebP - libwebp
- guacenc - FFmpeg
- libtelnnet, Pango
- libVNCserver - PulseAudio
- 参考
- The Guacamole protocol
- 单应用 rdp initial_program https://stackoverflow.com/a/43199970/1870054
组件
- guacd
- 端口 4822
- quickconnect
ssh://linux1.example.com/
vnc://linux1.example.com:5900/
rdp://localuser@windows1.example.com/?security=rdp&ignore-cert=true&disable-audio=true&enable-drive=true&drive-path=/mnt/usb
配置
认证
- postgresql
- POSTGRES_HOSTNAME
- POSTGRES_PORT
- POSTGRES_DATABASE
- POSTGRES_USER
- POSTGRES_PASSWORD
- ldap
- LDAP_HOSTNAME
- LDAP_PORT
- LDAP_ENCRYPTION_METHOD
- LDAP_USER_BASE_DN
- header
- HEADER_ENABLED
- HTTP_AUTH_HEADER=REMOTE_USER
- oidc
- openid-authorization-endpoint
- openid-jwks-endpoint
- openid-issuer
- openid-client-id
- openid-redirect-uri
Docker
- guacamole/guacd
- Daemon
- 支持 VNC, RDP, SSH, telnet, Kubernetes
- guacamole/guacamole
docker run --rm -it -e GUACD_LOG_LEVEL=debug -p 4822:4822 --name guacd guacamole/guacd
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql
# GUACD_HOSTNAME=172.17.42.1
# GUACD_PORT=4822
docker run --rm -it \
--link guacd:guacd \
-p 8080:8080 \
--name guacamole guacamole/guacamole