Thanks both, appreciate the correction.


On Tue, 14 Jan 2020 at 18:28, Mike Jumper <> wrote:

> On Tue, Jan 14, 2020 at 7:54 AM Kelvin Middleton <
>> wrote:
>> Okay, so I've gotten TOTP authentication working but wanted to validate
>> my solution is valid and I'm not walking into a trap down the line...
>> I obtained the guacamole-auth-totp-1.0.0.jar file and placed it with the
>> $GUACAMOLE_HOME/Extensions directory which in a docker container is
>> /root.guacamole/extensions.  However I noticed that when you restart the
>> container the jar file is missing.  So I consult the
>> /opt/guacamole/bin/ script which seems to be creating the entire
>> $GUACAMOLE_HOME directory and file structure from scratch at container
>> start, it is linking in the necessary database and ldap archives as
>> necessary but I see nothing in the script dealing specifically with TOTP.
>> My hack to get this working is to place the guacamole-auth-totp-1.0.0.jar
>> inside of /opt/guacamole/mysql/ so that line 177 of the script
>> then links it into the right location when building the  $GUACAMOLE_HOME
>> structure.  Line 177 states...
>>     ln -s /opt/guacamole/mysql/guacamole-auth-*.jar "$GUACAMOLE_EXT"
>> Is this valid or is there a better approach I should be observing?
> You definitely shouldn't do this. There's no need for hacks; the Docker
> image already supports usage of arbitrary extensions. It does this by
> wrapping its own behavior around GUACAMOLE_HOME:
> You volume-mount your extensions, etc. within a skeleton of a typical
> GUACAMOLE_HOME somewhere within the image (not the directory that you've
> found the webapp is already using as its GUACAMOLE_HOME, not a directory
> already used internally for something else, but a place of your own
> choosing that isn't already the standard location of something else), and
> point the startup process at that directory by setting the GUACAMOLE_HOME
> variable to that location. The image's startup process will dynamically
> construct its GUACAMOLE_HOME by combining the skeleton you've provided with
> the settings and extensions indicated by any other environment variables.
> - Mike

Reply via email to