Hands-off script for installing Apache Guacamole for Docker

So what’s different with this over other methods of setting up Apache Guacamole?

The main thing is it’s entirely hands-off. It’ll pull the images, set up the network, create the containers, initialize the MySQL database… Everything. Including generating secure random passwords for you using Random.org and writing those to the console for you to store off for later updates. (See sections below.) Just copy the script to a .sh file and run it.

And speaking of later updates, the script sets up the containers on their own network with static IPs assigned to each over using the “link” command. This allows for very easy updates down the line since the containers – especially the MySQL container – can be recreated onto the same IP address as before.

Change what you need to avoid conflicts with any existing Docker networks or if you want the main Guacamole container to be accessible on a different port. Hopefully you won’t need to extend out the 30-second wait for the MySQL container to initialize. Bear in mind as well that the gaucd container takes a few minutes to fully start up and its status to be “Healthy”.

Once everything is running, the default admin login (as of this writing) for the Guacamole web interface is guacadmin/guacadmin.

#!/bin/bash

echo Pulling latest Docker images.

sudo docker pull guacamole/guacamole
sudo docker pull guacamole/guacd
sudo docker pull mysql

echo Creating volumes for MySQL data

sudo docker volume create guac-mysql-data

echo Creating network the containers will use.

sudo docker network create \
--subnet=192.168.10.0/24 \
--gateway=192.168.10.1 \
guacamole-net

echo Contacting Random.org for new 16-character passwords for MySQL root and Guacamole users.

root_secure_password=$(curl -s "https://www.random.org/strings/?num=1&len=16&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new")
guac_secure_password=$(curl -s "https://www.random.org/strings/?num=1&len=16&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new")

sql_create="\
ALTER USER 'root'@'localhost' \
IDENTIFIED BY '$root_secure_password'; \
CREATE DATABASE guacamole_db; \
CREATE USER 'guacamole_user'@'%' \
IDENTIFIED BY '$guac_secure_password'; \
GRANT SELECT,INSERT,UPDATE,DELETE \
ON guacamole_db.* \
TO 'guacamole_user'@'%'; \
FLUSH PRIVILEGES;"

echo Creating MySQL container

sudo docker run -d \
--name guac-mysql \
-e MYSQL_ROOT_PASSWORD=$root_secure_password \
-v guac-mysql-data:/var/lib/mysql \
--network guacamole-net \
--ip 192.168.10.2 \
--restart unless-stopped \
mysql

echo Let\'s wait about 30 seconds for MySQL to completely start up before continuing.
sleep 30

echo Initializing MySQL database

sudo docker exec guac-mysql \
mysql --user=root --password=$root_secure_password -e "$sql_create"

sudo docker exec guac-mysql \
mysql --user=root --password=$root_secure_password \
--database=guacamole_db \
-e "$(sudo docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql)"

echo Creating guacd container

sudo docker run -d \
--name guacd \
--network guacamole-net \
--ip 192.168.10.3 \
--restart unless-stopped \
guacamole/guacd

echo Creating main Guacamole container

sudo docker run -d \
--name guacamole \
--network guacamole-net \
--ip 192.168.10.4 \
--restart unless-stopped \
-e GUACD_HOSTNAME=192.168.10.3 \
-e MYSQL_HOSTNAME=192.168.10.2 \
-e MYSQL_DATABASE=guacamole_db \
-e MYSQL_USER=guacamole_user \
-e MYSQL_PASSWORD=$guac_secure_password \
-p 8080:8080 \
guacamole/guacamole

echo Done.

echo MySQL root password: $root_secure_password
echo MySQL guacamole_user password: $guac_secure_password

echo Store off these passwords as they will be needed for later container updates.

Update Guacamole containers

Just copy off this script and keep it on your server to update the container with the latest Guacamole images.

#!/bin/bash

read -s -p "MySQL Guacamole user password: " guac_secure_password
echo

sudo docker pull mysql
sudo docker pull guacamole/guacamole
sudo docker pull guacamole/guacd

sudo docker stop guacamole
sudo docker stop guacd
sudo docker stop guac-mysql

sudo docker rm guac-mysql
sudo docker rm guacd
sudo docker rm guacamole

sudo docker run -d \
--name guac-mysql \
-v guac-mysql-data:/var/lib/mysql \
--network guacamole-net \
--ip 192.168.10.2 \
--restart unless-stopped \
mysql

sudo docker run -d \
--name guacd \
--network guacamole-net \
--ip 192.168.10.3 \
--restart unless-stopped \
guacamole/guacd

sudo docker run -d \
--name guacamole \
--network guacamole-net \
--ip 192.168.10.4 \
--restart unless-stopped \
-e GUACD_HOSTNAME=192.168.10.3 \
-e MYSQL_HOSTNAME=192.168.10.2 \
-e MYSQL_DATABASE=guacamole_db \
-e MYSQL_USER=guacamole_user \
-e MYSQL_PASSWORD=$guac_secure_password \
-p 8080:8080 \
guacamole/guacamole