diff --git a/guacamole-docker/bin/start.sh b/guacamole-docker/bin/start.sh index 205d9cf85..fd84c0915 100755 --- a/guacamole-docker/bin/start.sh +++ b/guacamole-docker/bin/start.sh @@ -711,61 +711,38 @@ associate_json() { ## ## Sets up Tomcat's remote IP valve that allows gathering the remote IP ## from headers set by a remote proxy +## Upstream documentation: https://tomcat.apache.org/tomcat-8.5-doc/api/org/apache/catalina/valves/RemoteIpValve.html ## enable_remote_ip_valve() { - # Check the required variables + # Use Tomcat defaults if optional variables have not been provided if [ -z "$GUACAMOLE_PROXY_ALLOWED_IPS_REGEX" ]; then - cat < /tmp/valve.xml < -EOF - - # Get the line where the Host configuration ends - LINEN=$(grep -n '' /usr/local/tomcat/conf/server.xml | cut -d ':' -f 1) - - # Split the file in 2 around the Host configuration - head -n "$(( LINEN - 1 ))" < /usr/local/tomcat/conf/server.xml > /tmp/head.xml - tail -n "+$LINEN" < /usr/local/tomcat/conf/server.xml > /tmp/tail.xml - - # Reassemble the file - cat /tmp/head.xml /tmp/valve.xml /tmp/tail.xml > /usr/local/tomcat/conf/server.xml - - # Cleanup - rm -f \ - /tmp/head.xml \ - /tmp/tail.xml \ - /tmp/valve.xml + # Build the new Tomcat configuration inplace + ## Explaination: + ## The initial regex ((\s)+) + ## Matches the spaces before as \1 and individual spaces as \2, ... + ## The replacement will be located at \1\2\2 (original + 2 spaces) + ## ${VAR:+expr} expressions yield either empty (thus using Tomcat's default) or our setting + ## The last line restores the configuration file original tag at its original indentation + sed -i "s|^\(\(\s\)\+\)|\1\2\2\n\1|" \ + /usr/local/tomcat/conf/server.xml } ## @@ -854,7 +831,7 @@ set_property "guacd-hostname" "$GUACD_HOSTNAME" set_property "guacd-port" "$GUACD_PORT" # Set up Tomcat RemoteIPValve -if [ -n "$GUACAMOLE_PROXY_ALLOWED_IPS_REGEX" ]; then +if [ "$REMOTE_IP_VALVE_ENABLED" = "true" ]; then enable_remote_ip_valve fi