This post is for installing the latest version of Guacamole on CentOS 7, as there are several difference from the previous guide I did. If you want to read more about Guacamole, and how awesome it is, I recommend you take a glance at my previous post here.
**Note, I am installing the MySQL Authentication package which allows me to store connections and authentication information in a database, instead of a plain-text XML file.
Let’s Get Started!
1.) prerequisites:
yum -y install epel-release wget wget -O /etc/yum.repos.d/home:felfert.repo http://download.opensuse.org/repositories/home:/felfert/Fedora_19/home:felfert.repo yum -y install cairo-devel freerdp-devel gcc java-1.8.0-openjdk.x86_64 libguac libguac-client-rdp libguac-client-ssh libguac-client-vnc \ libjpeg-turbo-devel libpng-devel libssh2-devel libtelnet-devel libvncserver-devel libvorbis-devel libwebp-devel openssl-devel pango-devel \ pulseaudio-libs-devel terminus-fonts tomcat tomcat-admin-webapps tomcat-webapps uuid-devel
Above we are just installing adding the EPEL and Felfert repositories that contain the files we need, and installing all our prereqs. Easy.
2.) guacd install
mkdir ~/guacamole && cd ~/ wget http://sourceforge.net/projects/guacamole/files/current/source/guacamole-server-0.9.9.tar.gz tar -xzf guacamole-server-0.9.9.tar.gz && cd guacamole-server-0.9.9 ./configure --with-init-dir=/etc/init.d make make install ldconfig
Guacamole is delivered in two different pieces. The back-end is what we just installed above, from source, called guacd (or guacamole daemon). The other piece is the guacamole client, or web frontend. This is delivered via Jetty, and installed next.
3.) guacamole client
mkdir -p /var/lib/guacamole && cd /var/lib/guacamole/ wget http://sourceforge.net/projects/guacamole/files/current/binary/guacamole-0.9.9.war -O guacamole.war ln -s /var/lib/guacamole/guacamole.war /var/lib/tomcat/webapps/ rm -rf /usr/lib64/freerdp/guacdr.so ln -s /usr/local/lib/freerdp/guacdr.so /usr/lib64/freerdp/
We now have the guacamole server daemon and the guacamole client installed. Next up is the MySQL Authentication piece, using MariaDB.
4.) mysql authentication
yum -y install mariadb mariadb-server
mkdir -p ~/guacamole/sqlauth && cd ~/guacamole/sqlauth
wget http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-jdbc-0.9.9.tar.gz
tar -zxf guacamole-auth-jdbc-0.9.9.tar.gz
wget http://dev.mysql.com/get/Downloads/Connector/j/mysql-connector-java-5.1.38.tar.gz
tar -zxf mysql-connector-java-5.1.38.tar.gz
mkdir -p /usr/share/tomcat/.guacamole/{extensions,lib}
mv guacamole-auth-jdbc-0.9.9/mysql/guacamole-auth-jdbc-mysql-0.9.9.jar /usr/share/tomcat/.guacamole/extensions/
mv mysql-connector-java-5.1.38/mysql-connector-java-5.1.38-bin.jar /usr/share/tomcat/.guacamole/lib/
systemctl restart mariadb.service
The above is installing mariadb, downloading the needed .jar’s, and moving them to where they belong. All but one jar file is included in the Guacamole MySQL Auth download, which is the MySQL Java Connector.
5.) configure database
mysqladmin -u root password MySQLRootPass mysql -u root -p # Enter above password create database guacdb; create user 'guacuser'@'localhost' identified by 'guacDBpass'; grant select,insert,update,delete on guacdb.* to 'guacuser'@'localhost'; flush privileges; quit
Here we created the database and user for guacd to use.
6.) extend database schema
cd ~/guacamole/sqlauth/guacamole-auth-jdbc-0.9.9/mysql/schema/ cat ./*.sql | mysql -u root -p guacdb # Enter SQL root password set above
And here we extend the schema of the database we created.
7.) configure guacamole
mkdir -p /etc/guacamole/ && vi /etc/guacamole/guacamole.properties
The above is creating our needed directories, and then creating the guacamole.properties file. This file is what tomcat uses to know what port to talk to guacd on as well as how to access the database. Here is a basic guacamole.properties file that will do what you need.
# MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacdb mysql-username: guacuser mysql-password: guacDBpass # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0
This will configure guacamole to use the database and user that we created on the default port of 4822. Note, this is for internal communication only and is not the port that you will be accessing the web interface on.
And we have to create a symlink so Guacamole can find the config file:
ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat/.guacamole/
8.) Cleanup
All that’s left is a little housecleaning!
cd ~ && rm -rf guacamole* systemctl enable tomcat.service && systemctl enable mariadb.service && chkconfig guacd on systemctl reboot
Once your server boots, you’ll have Guacamole running and ready to be used! Head on over to http://guac_server_ip:8080/guacamole to start using your new Guacamole server! default username and password are both ‘guacadmin’.
If you’re having trouble accessing the webpage for Guacamole, make sure you have configured firewalld (or disabled it) to allow access to port 8080.
Leave me some feedback!