Thanks for taking the time Mike.

So I figured I'd need to mount in certs and I've successfully done this for
the guacamole tomcat server and my web proxy so no issues with this.  I'd
just assumed that the guacd image allowed for more run-time container
flexibility like the guacamole images does but from looking at the image
config...

docker inspect --format='{{.Config.Cmd}}' guacamole/guacd
'[/bin/sh -c /usr/local/guacamole/sbin/guacd -b 0.0.0.0 -L $GUACD_LOG_LEVEL
-f]'

...I'd need to customise the image to commit a change to the above default
CMD behaviour for it recognise and use a /etc/guacamole/guacd.conf file as
I understand the guacd binary will preference the use of command line
parameters over the contents of a guacd.conf file?

Apols if the above is obvious & dumb, I'm new to guacamole and docker so
just making sure I'm going down the right path.

Regards,

Kelvin

On Sun, 12 Jan 2020 at 21:13, Mike Jumper <mjum...@apache.org> wrote:

> On Sun, Jan 12, 2020 at 11:19 AM Kelvin Middleton <
> kelvin.middle...@gmail.com> wrote:
>
>> Hi, I've a working install using Docker on Windows and am wanting to
>> enable encryption between the guacamole tomcat instance and guacd.
>>
>> Reading the manual this seems pretty straightforward if using guacd.conf
>> but from what I can tell the guacd docker image simply luaches the guacd
>> binary at start and the only itemI can change by passing environment
>> variables is the log level.
>>
>> $docker ps -a --no-trunc
>> "/bin/sh -c '/usr/local/guacamole/sbin/guacd -b 0.0.0.0 -L
>> $GUACD_LOG_LEVEL -f'"
>>
>> Would appreciate any pointers as to the correct way to modify the startup
>> of a guacd docker container?
>>
>
> Enabling SSL for guacd within the container would require bringing the
> relevant SSL certificate and key into the container, either as part of an
> image that is built on top of the guacamole/guacd image or via volume
> mounts. Whichever of those mechanisms you intend to use to bring your key
> and certificate into the container, I would recommend you use the same
> mechanism to add an /etc/guacamole/guacd.conf which points to that key and
> certificate.
>
> - Mike
>
>

Reply via email to