Re: AW: [EXTERNAL] Re: Guacamole Installation with separate servers for DMZ and Internal Setup
On Sat, May 30, 2020 at 3:13 AM Mike Jumper wrote: > On Thu, May 28, 2020, 14:18 Nick Couchman wrote: > >> On Thu, May 28, 2020 at 5:10 PM Peter De Tender wrote: >> >>> All, >>> >>> I agree on optimizing documentation could be a good project; maybe it >>> can be moved to a GitHub alike scenario where "anyone" can contribute to it >>> and improve it? >>> >>> >> It already is :-) >> >> https://github.com/apache/guacamole-manual >> >> And we certainly welcome any contributions. They need to follow the >> overall project guidelines for contributions - JIRA issue, style >> guidelines, pull requests, etc. >> > > I think the idea of using a system like Read the Docs has been floated > before. If that would help foster greater community involvement in > documentation, perhaps we should look further into migrating. > > Yeah, it would be nice to have a friendlier way for the community to contribute to documentation. Read the Docs may be a good option. The other thing we could consider is some sort of way of decoupling the documentation update process from the official software release process? So, if we still wanted to follow JIRA issues, pull requests, etc., for documentation, we could do that, but allow documentation to be more "living" and less tied to the version release? Throwing that out there... Also, I think we've also talked about leveraging the Apache Confluence system for the project before, but I seem to recall there were some limitations, there, though I'm fuzzy on the details. Not sure if that's a place we could create a publicly-editable page (subject to review, etc.), or if there's a way to tie that in with a Git repo?? > I believe there is a way to remove the ads that would otherwise be shown > through paying for a membership of some kind with Read the Docs. If that > platform does seem the way to go, my dayjob would be happy to pay for it > (though I'm personally unfamiliar with the ASF procedures for a company > sponsoring project resources). > > That would be quite generous - looks like they have a couple of "For Business" plans, but if we decide to go that route it might be worth reaching out to them, explaining the situation, and asking them what they recommend for an open source project that wants to avoid advertising. After we ask ASF, of course... -Nick
Re: AW: [EXTERNAL] Re: Guacamole Installation with separate servers for DMZ and Internal Setup
On Thu, May 28, 2020, 14:18 Nick Couchman wrote: > On Thu, May 28, 2020 at 5:10 PM Peter De Tender wrote: > >> All, >> >> I agree on optimizing documentation could be a good project; maybe it can >> be moved to a GitHub alike scenario where "anyone" can contribute to it and >> improve it? >> >> > It already is :-) > > https://github.com/apache/guacamole-manual > > And we certainly welcome any contributions. They need to follow the > overall project guidelines for contributions - JIRA issue, style > guidelines, pull requests, etc. > I think the idea of using a system like Read the Docs has been floated before. If that would help foster greater community involvement in documentation, perhaps we should look further into migrating. I believe there is a way to remove the ads that would otherwise be shown through paying for a membership of some kind with Read the Docs. If that platform does seem the way to go, my dayjob would be happy to pay for it (though I'm personally unfamiliar with the ASF procedures for a company sponsoring project resources). - Mike
Re: AW: [EXTERNAL] Re: Guacamole Installation with separate servers for DMZ and Internal Setup
On Thu, May 28, 2020 at 5:10 PM Peter De Tender wrote: > All, > > I agree on optimizing documentation could be a good project; maybe it can > be moved to a GitHub alike scenario where "anyone" can contribute to it and > improve it? > > It already is :-) https://github.com/apache/guacamole-manual And we certainly welcome any contributions. They need to follow the overall project guidelines for contributions - JIRA issue, style guidelines, pull requests, etc. > That said, Mike and Nick are indeed of great help here, and fast in > answering our questions. > > Some days :-). > I used Guacamole as a 'user' for quite some time, and now started looking > into using it myself from the setup to managing it, automation with REST > API,... and going good so far. > > Since my core space is Azure, I obviously run it here; my setup got > extended with Azure App Gateway and Azure Front Door (multiple region LB), > and I am about to publish a blog post on how to set this all up. > > BTW, does anyone know what platform this mail-list is working on? as in > how to set up something similar? > > I can't remember what Apache uses for the mailing list, but it's one of the big open source ones. -Nick
Re: AW: [EXTERNAL] Re: Guacamole Installation with separate servers for DMZ and Internal Setup
On Thu, May 28, 2020, 10:29 Joachim Lindenberg wrote: > Can you please elaborate a little to what risk you are referring? Have you > been able to escape a guacd or guacamole or some other container? Via the > network interfaces exposed or how? Is there some thing to be done by the > project to improve container security? > If there is such an issue with the images, please remember to follow responsible disclosure practices and report the issue privately via secur...@guacamole.apache.org: https://guacamole.apache.org/security/ The other mailing lists are public, including user@, dev@, anything in JIRA, etc. - Mike
Re: AW: [EXTERNAL] Re: Guacamole Installation with separate servers for DMZ and Internal Setup
Docker is popular however it comes with a serious security risk, its always better to build your own Guacamole instance over using Docker. The risk is in exploiting the host server through Docker container. I have actually done this and it can be pretty nasty if someone wanted to be malicious. I agree that documentation could be better, its lacks the show and tell aspect with explanation. I plan on fixing that gap once I complete this project in August, to give proper instructional guides. Don't get me wrong, Mike and Nick have done an outstanding job in maintaining this project and if it wasn't for them Guacamole wouldn't be as tasty as it is now. This is why I will make this pledge, once my company hits $1MM revenue, I will donate to the project $20k. Keep up the good work! - A Cybersecurity Enablement Company We don't just run you through the motions, Our labs teach you how to think! Known good Guacamole installations -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org