On Thu, Jan 11, 2024 at 5:39 PM Aaron Meyer <[email protected]> wrote:
> I have a feature idea, how should I go about submitting a feature request? > You'll need to request an account on the ASF Jira site, and then you can submit the Feature Request ticket: https://issues.apache.org/jira/browse/GUACAMOLE > > Unfortunately I am in no way a Java developer so I'm not able to do this > on my own, but I'm hoping the idea has enough value that it could be added > by the team at some point. > That's okay - we still like for people to discuss things that would make Guacamole better! > > Here's a quick rundown of the idea, does this sound like it would be > valuable to others, or is this already possible? > > The idea is to add options to connections to have guacd or guacamole call > a script on the host when a connection starts and ends. If it is not > possible to call a shell script, maybe a webhook or some sort of event > messaging to FaaS etc... I also imagine a boolean option to make the call > blocking to the connection proceeding or not and if set to block a field to > override a default timeout before failing. Some reasonable default would be > set that could be overridden via guacamole.properties. > > You're definitely not the first one to have this idea, and it's something that should be pretty easily doable. Calling a script would be pretty straight-forward - calling a webhook or API may be a bit more challenging just because of the number of options you'd have to make available. > Parameters would need to be sent to the script/event with: timestamp, > connection title, hostname, port, username, ?password?,... > > What I can see this being used for: > 1. To substantiate VDI containers or link-cloned VMs on demand and destroy > after connection closes. > Yeah - and actually making a full-blown VDI platform from Guacamole is one of those things that has been way down on my to-do list and that I periodically get hopes of spending some time on. Hasn't happened, yet. > 2. If using the Keeper Vault to rotate connection credentials and update > the vault / remote system after each connection closes. > Rather than a script or web-hook, this actually might be better off being added to the KSM vault module. > 3. Integrate with any audit / notification backends to log when secured > systems are accessed. > Makes sense. > 4. Used with wake on LAN to power off resources when they're disconnected > and WOL powered on when called. > > Note that Wake-on-LAN is already supported within Guacamole, so there's no need to call a specific script for this. It's also getting some additional features/updates, such as better detection of hosts being already up, etc. https://github.com/apache/guacamole-server/pull/470 -Nick
