GUACAMOLE-374: Support absolutely all properties and extensions.

guacamole-docker/entrypoint.d/000-migrate-legacy-variables.sh

@@ -0,0 +1,105 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+## @fn 000-migrate-legacy-variables.sh
+##
+## Checks for usage of any environment variables that were formerly supported
+## but are now deprecated, warning when any deprecated variables are
+## encountered.  Until support for a deprecated variable is entirely removed,
+## the value provided for the deprecated variable is automatically assigned to
+## the currently-supported variable.
+##
+
+##
+## Checks for usage of the given deprecated environment variable, automatically
+## assigning its value to the given currently-supported environment variable.
+## If usage of the deprecated variable is found, a warning is printed to
+## STDERR.
+##
+## @param LEGACY_VAR_NAME
+##     The name of the environment variable that's deprecated.
+##
+## @param CURRENT_VAR_NAME
+##     The name of the environment variable that is currently supported and
+##     replaces the deprecated variable.
+##
+deprecate_variable() {
+
+    local LEGACY_VAR_NAME="$1"
+    local CURRENT_VAR_NAME="$2"
+
+    if [ -n "${!LEGACY_VAR_NAME}" ]; then
+        echo "WARNING: The \"$LEGACY_VAR_NAME\" environment variable has been deprecated in favor of \"$CURRENT_VAR_NAME\". Please migrate your configuration when possible, as support for the older name may be removed in future releases." >&2
+        export "$CURRENT_VAR_NAME"="${!LEGACY_VAR_NAME}"
+    fi
+
+}
+
+##
+## Checks for usage of any environment variables using the given deprecated
+## prefix, automatically assigning their values to corresponding environment
+## variables having the given currently-supported prefix. If usage of the
+## deprecated prefix is found, a warning is printed to STDERR.
+##
+## @param LEGACY_VAR_PREFIX
+##     The environment variable prefix that's deprecated.
+##
+## @param CURRENT_VAR_PREFIX
+##     The environment variable prefix that is currently supported and
+##     replaces the deprecated variable prefix.
+##
+deprecate_variable_prefix() {
+
+    local LEGACY_VAR_PREFIX="$1"
+    local CURRENT_VAR_PREFIX="$2"
+
+    local LEGACY_VAR_NAME
+    local CURRENT_VAR_NAME
+    local HAS_LEGACY_VARIABLES=0
+
+    # Automatically reassign all "POSTGRES_*" variables to "POSTGRESQL_*"
+    while read -r LEGACY_VAR_NAME; do
+        HAS_LEGACY_VARIABLES=1
+        CURRENT_VAR_NAME="$CURRENT_VAR_PREFIX${LEGACY_VAR_NAME#$LEGACY_VAR_PREFIX}"
+        export "$CURRENT_VAR_NAME"="${!LEGACY_VAR_NAME}"
+        unset "$LEGACY_VAR_NAME"
+    done < <(awk 'BEGIN{for(v in ENVIRON) print v}' | grep "^$LEGACY_VAR_PREFIX")
+
+    if [ "$HAS_LEGACY_VARIABLES" = "1" ]; then
+        echo "WARNING: The \"$LEGACY_VAR_PREFIX\" prefix for environment variables has been deprecated in favor of the \"$CURRENT_VAR_PREFIX\" prefix. Please migrate your configuration when possible, as support for the older prefix may be removed in future releases." >&2
+        export "$CURRENT_VAR_NAME"="$LEGACY_VAR_NAME"
+    fi
+
+}
+
+# The old "*_USER" style for configuring the user account to be used to access
+# the database is being replaced with "*_USERNAME" such that all environment
+# variables exactly correspond to the names of configuration properties from
+# guacamole.properties.
+deprecate_variable "MYSQL_USER"     "MYSQL_USERNAME"
+deprecate_variable "POSTGRES_USER"  "POSTGRESQL_USERNAME"
+deprecate_variable "SQLSERVER_USER" "SQLSERVER_USERNAME"
+
+# The old "POSTGRES_" prefix for configuring usage of PostgreSQL is being
+# replaced with "POSTGRESQL_" such that all environment variables exactly
+# correspond to the names of configuration properties from
+# guacamole.properties.
+deprecate_variable_prefix "POSTGRES_" "POSTGRESQL_"
+

guacamole-docker/entrypoint.d/100-generate-guacamole-home.sh

@@ -0,0 +1,111 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+## @fn 010-generate-guacamole-home.sh
+##
+## Automatically generates a temporary, skeleton GUACAMOLE_HOME to be used for
+## this run of the container. GUACAMOLE_HOMEs from previous runs are
+## automatically deleted prior to creating the new skeleton. A
+## randomly-generated temporary directory is used instead of a standard
+## directory like "/etc/guacamole" to allow users to use "/etc/guacamole" as a
+## basis for their own configuration.
+##
+
+##
+## The directory to copy/link over as a basis for the GUACAMOLE_HOME actually
+## used by the Guacamole web application. Any configuration generated by this
+## container will be overlaid on top of this configuration. To achieve the
+## overlay, symbolic links will be created for all files inside and beneath
+## this directory. Only the guacamole.properties file will be copied instead of
+## using symbolic links (to ensure property generation performed by the
+## container does not potentially modify an external file).
+##
+GUACAMOLE_HOME_TEMPLATE="$GUACAMOLE_HOME"
+
+##
+## Tests whether a given property is set within the guacamole.properties file
+## in GUACAMOLE_HOME.
+##
+## @param PROPERTY_NAME
+##     The name of the property to check.
+##
+## @returns
+##     Zero if the given property is set to any value within
+##     guacamole.properties, non-zero otherwise.
+##
+is_property_set() {
+    local PROPERTY_NAME="$1"
+    grep "^[[:space:]]*$PROPERTY_NAME\>" "$GUACAMOLE_HOME/guacamole.properties" &> /dev/null
+}
+
+#
+# Start with a fresh GUACAMOLE_HOME
+#
+
+rm -rf /tmp/guacamole-home.*
+GUACAMOLE_HOME="`mktemp -p /tmp -d guacamole-home.XXXXXXXXXX`"
+mkdir -p "$GUACAMOLE_HOME/"{lib,extensions}
+
+cat > "$GUACAMOLE_HOME/guacamole.properties" <<EOF
+# guacamole.properties - generated `date`
+EOF
+
+#
+# Copy contents of provided GUACAMOLE_HOME template, if any
+#
+
+if [ -e "$GUACAMOLE_HOME_TEMPLATE" ]; then
+
+    # Create links for any libraries provided in the template GUACAMOLE_HOME
+    find "$GUACAMOLE_HOME_TEMPLATE/lib" -mindepth 1 -maxdepth 1 \
+        -exec ln -sv "{}" "$GUACAMOLE_HOME/lib/" ";"
+
+    # Create links for any extensions provided in the template GUACAMOLE_HOME
+    find "$GUACAMOLE_HOME_TEMPLATE/extensions" -mindepth 1 -maxdepth 1 \
+        -exec ln -sv "{}" "$GUACAMOLE_HOME/extensions/" ";"
+
+    # Create links for all other files directly within the template
+    # GUACAMOLE_HOME
+    find "$GUACAMOLE_HOME_TEMPLATE" -mindepth 1 -maxdepth 1 \
+        -name guacamole.properties -o -name lib -o -name extensions -prune \
+        -o -exec ln -sv "{}" "$GUACAMOLE_HOME/" ";"
+
+    # Add any properties provided within template GUACAMOLE_HOME
+    if [ -e "$GUACAMOLE_HOME_TEMPLATE/guacamole.properties" ]; then
+        cat "$GUACAMOLE_HOME_TEMPLATE/guacamole.properties" >> "$GUACAMOLE_HOME/guacamole.properties"
+    fi
+
+fi
+
+# Enable reading of properties directly from environment variables unless
+# overridden
+if ! is_property_set "enable-environment-properties"; then
+    cat >> "$GUACAMOLE_HOME/guacamole.properties" <<'EOF'
+#
+# NOTE: The following was automatically added by the container entrypoint to
+# allow all Guacamole configuration properties to be automatically read from
+# environment variables. If this is not desired, you can override this behavior
+# by specifying the "enable-environment-properties" variable yourself in your
+# own guacamole.properties file.
+#
+enable-environment-properties: true
+EOF
+fi
+

guacamole-docker/entrypoint.d/110-configure-guacamole-logging.sh

@@ -0,0 +1,33 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+## @fn 030-configure-guacamole-logging.sh
+##
+## Checks the value of the LOGBACK_LEVEL environment variable, producing a
+## corresponding logback.xml file within GUACAMOLE_HOME if a log level has been
+## explicitly specified.
+##
+
+# Set logback level if specified
+if [ -n "$LOGBACK_LEVEL" ]; then
+    unzip -o -j /opt/guacamole/guacamole.war WEB-INF/classes/logback.xml -d $GUACAMOLE_HOME
+    sed -i "s/level=\"info\"/level=\"$LOGBACK_LEVEL\"/" $GUACAMOLE_HOME/logback.xml
+fi
+

guacamole-docker/entrypoint.d/500-generate-tomcat-catalina-base.sh

@@ -0,0 +1,50 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+## 500-generate-tomcat-catalina-base.sh
+##
+## Automcatically generates a fresh, temporary CATALINA_BASE for Apache Tomcat.
+## This allows Tomcat to run as a reduced-privilege user, and allows its
+## configuration to be dynamically generated by the container entrypoint at
+## startup.
+##
+
+#
+# Start with a fresh CATALINA_BASE
+#
+
+rm -rf /tmp/catalina-base.*
+export CATALINA_BASE="`mktemp -p /tmp -d catalina-base.XXXXXXXXXX`"
+
+# User-only writable CATALINA_BASE
+for dir in logs temp webapps work; do
+    mkdir -p $CATALINA_BASE/$dir
+done
+cp -R /usr/local/tomcat/conf $CATALINA_BASE
+
+cat >> "$CATALINA_BASE/conf/catalina.properties" <<EOF
+
+# Point Guacamole at automatically-generated, temporary GUACAMOLE_HOME
+guacamole.home=$GUACAMOLE_HOME
+EOF
+
+# Install webapp
+ln -sf /opt/guacamole/webapp/guacamole.war $CATALINA_BASE/webapps/${WEBAPP_CONTEXT:-guacamole}.war
+

guacamole-docker/entrypoint.d/700-configure-features.sh

@@ -0,0 +1,88 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+
+##
+## @fn 800-configure-features.sh
+##
+## Automatically checks all environment variables currently set and performs
+## configuration tasks related to those variabels, including installing any
+## extensions and external libraries associated with those variables to
+## GUACAMOLE_HOME.  Only environment variable prefixes are considered; this
+## script is not aware of whether an extension actually uses an environment
+## variable.
+##
+
+##
+## Returns whether the feature associated with a particular environment
+## variable prefix has configuration values set. Only the presence of
+## environment variables having that prefix is checked. Features can also be
+## entirely enabled/disabled through setting the [PREFIX_]ENABLED variable to
+## true/false respectively, where "[PREFIX_]" is the specified environment
+## variable prefix (including trailing underscore).
+##
+## @param VAR_BASE
+##     The environment variable prefix to check, including trailing underscore.
+##
+## @returns
+##     Zero if the feature associated with the given environment variable
+##     prefix is enabled, non-zero otherwise.
+##
+is_feature_enabled() {
+
+    local VAR_BASE="$1"
+
+    # Allow any feature to be explicitly enabled/disabled using a
+    # [PREFIX_]ENABLED variable
+    local ENABLED_VAR="${VAR_BASE}ENABLED"
+    if [ "${!ENABLED_VAR}" = "true" ]; then
+        return 0
+    elif [ "${!ENABLED_VAR}" = "false" ]; then
+        return 1
+    fi
+
+    # Lacking an explicit request to enable/disable the feature, rely on
+    # implicit enable/disable via presence of any other variables having the
+    # given prefix
+    awk 'BEGIN{for(v in ENVIRON) print v}' | grep "^${VAR_BASE}" > /dev/null
+
+}
+
+# Search environment for enabled extensions/features based on environment
+# variable prefixes
+for VAR_BASE in /opt/guacamole/environment/*; do
+
+    # Skip any directories without at least one corresponding environment
+    # variable set
+    is_feature_enabled "$(basename "$VAR_BASE")" || continue
+
+    # Execute any associated configuration script
+    [ ! -e "$VAR_BASE/configure.sh" ] || source "$VAR_BASE/configure.sh"
+
+    # Add any required links for extensions/libraries associated with the
+    # configured extension
+    for SUBDIR in lib extensions; do
+        if [ -d "$VAR_BASE/$SUBDIR" ]; then
+            mkdir -p "$GUACAMOLE_HOME/$SUBDIR/"
+            ln -s "$VAR_BASE/$SUBDIR"/* "$GUACAMOLE_HOME/$SUBDIR/"
+        fi
+    done
+
+done
+

guacamole-docker/entrypoint.d/999-start-tomcat.sh

@@ -0,0 +1,30 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+## @fn 999-start-tomcat.sh
+##
+## Starts Tomcat. This script replaces the current process with the Tomcat
+## process and does not exit.
+##
+
+# Start tomcat
+cd /usr/local/tomcat
+exec catalina.sh run
+