[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-02-02 Thread Mike Jumper (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17028640#comment-17028640
 ] 

Mike Jumper commented on GUACAMOLE-939:
---

Yeah, that's pretty much it:

* I don't think we should use {{guacamole.properties}} for anything but being 
{{guacamole.properties}}. It's not a file for defining environment variables.
* I definitely don't see an advantage in creating a new way to define 
environment variables within a file, when there already exists a standard file 
format and tooling for doing the same and more ({{docker-compose.yml}}).

It could be useful to allow the image to consume {{guacamole.properties}} 
directly. I don't think the image as currently designed makes things any more 
difficult, though. There is a 1:1 correspondence between lines of 
{{guacamole.properties}} and environment variables. They equate to the same 
amount of work whether you maintain them in a non-Docker deployment (using 
{{guacamole.properties}}) or a Docker deployment (using {{docker-compose.yml}}).


> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-02-02 Thread Nick Couchman (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17028581#comment-17028581
 ] 

Nick Couchman commented on GUACAMOLE-939:
-

{quote}
Yes, docker-compose is possible, but if you put LDAP and Postgres together, I 
think guacamole.properties is much easier to handle and better documented.
{quote}

But, I think one of the points Mike is making is that what you're suggesting 
results in a very odd behavior.  If we read Docker variables from a 
guacamole.properties file, essentially what we're doing is guacamole.properties 
-> Docker variables -> guacamole.properties - we end up re-writing 
guacamole.properties with values provided already in...guacamole.properties.  
So, if you just map the guacamole.properties file location (GUACAMOLE_HOME) 
through to the container, as Mike suggested, you avoid the need for 
reading/translating/rewriting.  Yes, you still have to specify some other 
properties, like GUACD_HOSTNAME, but its pretty minimal - everything else can 
be specified directly in guacamole.properties.

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-02-02 Thread Thomas Eggers (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17028558#comment-17028558
 ] 

Thomas Eggers commented on GUACAMOLE-939:
-

Hi, sorry for delay.

Yes, docker-compose is possible, but if you put LDAP and Postgres together, I 
think guacamole.properties is much easier to handle and better documented.

In my latest update, I add import a certificate ca from the GUACAMOLE_HOME 
directory into the java cacerts for ldaps communication.

Thomas

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Thomas Eggers (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024680#comment-17024680
 ] 

Thomas Eggers commented on GUACAMOLE-939:
-

You are right, readonly mount works fine.

# docker run --name guacamole-tomcat -v /etc/guacamole:/config:ro -e 
GUACAMOLE-HOME=/config -e GUACD_HOSTNAME=127.0.0.1 -e LDAP_HOSTNAME=1.1.1.1 -e 
LDAP_USER_BASE_DN=o=test guacamole/guacamole

But with LDAP you need GUACD_HOSTNAME, LDAP_HOSTNAME and LDAP_USER_BASE_DN.

I can put all this into the guacamole properties file.

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Mike Jumper (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024675#comment-17024675
 ] 

Mike Jumper commented on GUACAMOLE-939:
---

{quote}
and I can put all LDAP properties only into the guacamole.properties and not 
only a port of it into the docker run command and the rest into to config file.
{quote}

You can already do this. The only environment variable that this wouldn't 
currently work with is {{GUACD_HOSTNAME}} because of the sanity check noted 
above.

{quote}
and I forget with this patch, you can mount the volume readonly,
this make the security higher.
{quote}

You can already do this. The directory pointed to by {{GUACAMOLE_HOME}} is 
copied as a template. It's not written to.


> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Thomas Eggers (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024673#comment-17024673
 ] 

Thomas Eggers commented on GUACAMOLE-939:
-

and I forget the with this patch, you can mount the volume readonly,
this make the security higher.

Thomas

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Thomas Eggers (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024671#comment-17024671
 ] 

Thomas Eggers commented on GUACAMOLE-939:
-

Yes, I do ;)

and I can put all LDAP properties only into the guacamole.properties and not 
only a port of it into the docker run command and the rest into to config file.

Regards

Thomas

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Mike Jumper (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024650#comment-17024650
 ] 

Mike Jumper commented on GUACAMOLE-939:
---

It sounds like what you're looking for is simply for that {{GUACD_HOSTNAME}} 
sanity check to take usage of {{GUACAMOLE_HOME}} into account.

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (GUACAMOLE-939) Read Docker image environment variables from guacamole.properties

2020-01-27 Thread Thomas Eggers (Jira) 


[ 
https://issues.apache.org/jira/browse/GUACAMOLE-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17024635#comment-17024635
 ] 

Thomas Eggers commented on GUACAMOLE-939:
-

Hi Mike,

my experience is 

# /etc/guacamole/guacamole.propeties

# Hostname and port of guacamole proxy
guacd-hostname:guacd
guacd-port:4822

 # LDAP properties
ldap-username-attribute: cn
ldap-config-base-dn: ou=guacamole,o=wb
ldap-user-base-dn:ou=user,o=wb

ldap-hostname:192.168.0.90
ldap-port: 389
ldap-encryption-method: none

 

and start the docker container like this:

 docker run --name guacamole-tomcat -v /etc/guacamole:/config -e 
GUACAMOLE-HOME=/config -p 8080:8080 guacamole/guacamole

I get this error back:

FATAL: Missing GUACD_HOSTNAME or "guacd" link.
---
Every Guacamole instance needs a corresponding copy of guacd running. To
provide this, you must either:

 (a) Explicitly link that container with the link named "guacd".
 (b) If not using a Docker container for guacd, explicitly specify the TCP
   connection information using the following environment variables:

 GUACD_HOSTNAME     The hostname or IP address of guacd. If not using a guacd
                  Docker container and corresponding link, this environment
                  variable is *REQUIRED*.

 GUACD_PORT         The port on which guacd is listening for TCP connections.
                  This environment variable is optional. If omitted, the
                   standard guacd port of 4822 will be used.

My change in the /opt/guacamole/bin/start.sh make this possible.

Mybe I'm doing something wrong.

Regards
  Thomas 

 

> Read Docker image environment variables from guacamole.properties
> -
>
> Key: GUACAMOLE-939
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-939
> Project: Guacamole
>  Issue Type: Improvement
>  Components: guacamole-docker
>Affects Versions: 1.0.0
>Reporter: Thomas Eggers
>Priority: Minor
> Attachments: start.sh
>
>
> Hi,
> I'm not a Software developer,
>  but I have linux script and docker experience.
> I startet to enhance the start.sh file in the docker image.
> This new version is pre read required variable from guacamole.properties to 
> configure the tomcat web interface. This make it much easier to start the 
> docker container without so many options.
> Other things that I like to do is:
>   - import certificate for ldaps connections
>    - docker container health status
>   - and other small things
>  Thomas



--
This message was sent by Atlassian Jira
(v8.3.4#803005)