Apache Guacamole Setup

This document contains steps to install Guacamole using a script. This works in Ubuntu v18.04

Pre-Requisite

  1. Ubuntu v18.04

  2. openjdk v8.0

Once you have installed Ubuntu 18.04, you'll need to install java. Please run the command below.

InstallOpenJdk8.sh
$ sudo apt install openjdk-8-jdk

Once you're Set the environmental variables for ubuntu in the ~/.bashrc file. Enter into the file (nano ~/.bashrc) add the following lines at the end of the fileenough, save the world:

SetEnvironmentVars.sh
export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
export PATH=$PATH:HOME/bin:$JAVA_HOME/bin

Save the file by pressing ctrl + o and exit from the nano editor by pressing ctrl + x and run the command to refresh the environmental variables

source ~/.bashrc

Move to the root folder by using “su –“. If you are new, set the root password by using the command “sudo passwd”

Move the Automated script in current location to the root folder by using the command “mv CloudAssert-InstallGuacamole1-0-0.sh /root/”

Run the following script by using the command “sh CloudAssert-InstallGuacamole1-0-0.sh"

Guacamole Setup

If you are unable to download the above CloudAssert-InstallGuacamole1-0-0.sh, Please copy paste this script on your shell and execute.

Port access: Guac uses 8080 port as part of Tomcat server. If you enable SSL (https) for tomcat. Please make sure to allow the port 443 in guac server.

The default guac portal cred is set as admin in authorize tag at line# 45. Please feel free to change it before you run.

CloudAssert-InstallGuacamole1-0-0.sh
ufw enable
ufw allow 22
ufw allow 8080
eval "apt-get update"
eval "apt-get install git -y"
eval "apt-get install autoconf -y"
eval "apt-get install libavcodec-dev -y"
eval "apt-get install libavcodec-extra -y"
eval "apt-get install libtool-bin -y"
eval "apt-get install fail2ban build-essential htop libcairo2-dev libjpeg62-dev libossp-uuid-dev tomcat8 -y"
eval "apt-get install libfreerdp-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libpulse-dev libssl-dev libvorbis-dev -y"
eval "wget https://downloads.apache.org/guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz"
eval "wget https://downloads.apache.org/guacamole/1.0.0/source/guacamole-client-1.0.0.tar.gz"
eval "tar -xzf guacamole-server-1.0.0.tar.gz"
eval "tar -xzf guacamole-client-1.0.0.tar.gz"
eval "apt-get install tomcat8 -y"
cd guacamole-server-1.0.0
eval "autoreconf -fi"
eval "./configure --with-init-dir=/etc/init.d && make && make install"
eval "ldconfig && update-rc.d guacd defaults"
eval "mkdir /etc/guacamole"
echo "guacd-hostname: localhost\nguacd-port: 4822\nuser-mapping: /etc/guacamole/user-mapping.xml\nauth-provider: com.aiden0z.guacamole.net.jwt.JwtAuthenticationProvider\nbasic-user-mapping: /etc/guacamole/user-mapping.xml\nsecret-key: secure string for encryption needs to be high" | sudo tee -a /etc/guacamole/guacamole.properties
echo "<user-mapping>\n<authorize username='admin' password='admin'>\n<connection name='RDP Connection'>\n<protocol>rdp</protocol>\n<param name='hostname'>192.168.1.142</param>\n<param name='port'>3389</param>\n</connection>\n<connection name='SSH Connection'>\n<protocol>ssh</protocol>\n<param name='hostname'>192.168.5.88</param>\n<param name='port'>22</param>\n</connection>\n</authorize>\n</user-mapping>" | sudo tee -a /etc/guacamole/user-mapping.xml
eval "mkdir /usr/share/tomcat8/.guacamole"
eval "ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat8/.guacamole"
cd
#eval "sudo apt install openjdk-8-jdk -y"
#echo "export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64" | sudo tee -a ~/.bashrc
#echo "export PATH=$PATH:HOME/bin:$JAVA_HOME/bin" | sudo tee -a ~/.bashrc
#source ~/.bashrc
eval "sudo apt install maven -y"
cd guacamole-client-1.0.0
eval "mvn install"
eval "cp guacamole/target/guacamole-1.0.0.war /var/lib/tomcat8/webapps/guacamole.war"
eval "sudo chmod 600 /etc/guacamole/user-mapping.xml"
eval "sudo chown tomcat8:tomcat8 /etc/guacamole/user-mapping.xml"
eval "chown -R tomcat8:tomcat8 /etc/guacamole/"
eval "sudo ln -s /etc/guacamole/user-mapping.xml /usr/share/tomcat8/.guacamole/"
echo "guacamole.home=/etc/guacamole" | sudo tee -a /etc/tomcat8/catalina.properties
cd /etc/guacamole/
mkdir extensions
cd /etc/guacamole/extensions
eval "wget https://hybrbuild.blob.core.windows.net/iiht/guacamole-auth-jwt-1.0.0.jar"
cd /etc/guacamole/
mkdir lib
cd /etc/guacamole/lib
eval "wget https://repository.liferay.com/nexus/content/groups/public/com/fasterxml/jackson/core/jackson-annotations/2.8.0/jackson-annotations-2.8.0.jar"
eval "wget https://www.instantor.com/nexus/content/groups/public/com/fasterxml/jackson/core/jackson-databind/2.8.2/jackson-databind-2.8.2.jar"
eval "wget https://repository.liferay.com/nexus/content/groups/public/com/fasterxml/jackson/core/jackson-core/2.8.2/jackson-core-2.8.2.jar"
eval "wget https://repository.mulesoft.org/nexus/content/groups/public/io/jsonwebtoken/jjwt/0.7.0/jjwt-0.7.0.jar"
cd /etc/guacamole/
echo "<configuration>\n\t<appender name='GUAC-DEBUG' class='ch.qos.logback.core.FileAppender'>\n\t<file>/etc/guacamole/GuacamoleLog.log</file>\n\t<encoder>\n\t\t<pattern>%date %level [%thread] %logger{10} [file:%line] %msg%n</pattern>\n\t</encoder>\n\t</appender>\n\t<root level='debug'>\n\t\t<appender-ref ref='GUAC-DEBUG' />\n\t</root>\n</configuration>" | sudo tee -a /etc/guacamole/logback.xml