safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-1572: Merge updated POSTGRESQL environment variable names.

Browse Source
This commit is contained in:
James Muehlner
2023-05-09 15:56:25 -07:00
committed by GitHub
parent 15788eab2c 6d0d3badab
commit ff4854d8f7
3 changed files with 97 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
guacamole-docker/README.md
View File

@@ -56,30 +56,30 @@ Deploying Guacamole with PostgreSQL authentication
docker run --name some-guacamole --link some-guacd:guacd \ docker run --name some-guacamole --link some-guacd:guacd \
--link some-postgres:postgres \ --link some-postgres:postgres \
-e POSTGRES_DATABASE=guacamole_db \ -e POSTGRESQL_DATABASE=guacamole_db \
-e POSTGRES_USER=guacamole_user \ -e POSTGRESQL_USER=guacamole_user \
-e POSTGRES_PASSWORD=some_password \ -e POSTGRESQL_PASSWORD=some_password \
-e POSTGRES_DATABASE_FILE=/run/secrets/<secret_name> \ -e POSTGRESQL_DATABASE_FILE=/run/secrets/<secret_name> \
-e POSTGRES_USER_FILE=/run/secrets/<secret_name> \ -e POSTGRESQL_USER_FILE=/run/secrets/<secret_name> \
-e POSTGRES_PASSWORD_FILE=/run/secrets/<secret_name> \ -e POSTGRESQL_PASSWORD_FILE=/run/secrets/<secret_name> \
-d -p 8080:8080 guacamole/guacamole -d -p 8080:8080 guacamole/guacamole
Linking Guacamole to PostgreSQL requires three environment variables. If any of Linking Guacamole to PostgreSQL requires three environment variables. If any of
these environment variables are omitted, you will receive an error message, and these environment variables are omitted, you will receive an error message, and
the image will stop: the image will stop:
1. `POSTGRES_DATABASE` - The name of the database to use for Guacamole 1. `POSTGRESQL_DATABASE` - The name of the database to use for Guacamole
authentication. authentication.
2. `POSTGRES_USER` - The user that Guacamole will use to connect to PostgreSQL. 2. `POSTGRESQL_USER` - The user that Guacamole will use to connect to PostgreSQL.
3. `POSTGRES_PASSWORD` - The password that Guacamole will provide when 3. `POSTGRESQL_PASSWORD` - The password that Guacamole will provide when
connecting to PostgreSQL as `POSTGRES_USER`. connecting to PostgreSQL as `POSTGRESQL_USER`.
4. `POSTGRES_DATABASE_FILE` - The path of the docker secret containing the name 4. `POSTGRESQL_DATABASE_FILE` - The path of the docker secret containing the name
of database to use for Guacamole authentication. of database to use for Guacamole authentication.
5. `POSTGRES_USER_FILE` - The path of the docker secret containing the name of 5. `POSTGRESQL_USER_FILE` - The path of the docker secret containing the name of
the user that Guacamole will use to connect to PostgreSQL. the user that Guacamole will use to connect to PostgreSQL.
6. `POSTGRES_PASSWORD_FILE` - The path of the docker secret containing the 6. `POSTGRESQL_PASSWORD_FILE` - The path of the docker secret containing the
password that Guacamole will provide when connecting to PostgreSQL as password that Guacamole will provide when connecting to PostgreSQL as
`POSTGRES_USER. `POSTGRESQL_USER.
### Initializing the PostgreSQL database ### Initializing the PostgreSQL database
@@ -91,7 +91,7 @@ To generate a SQL script which can be used to initialize a fresh PostgreSQL
database database
[as documented in the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-postgresql): [as documented in the Guacamole manual](http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-postgresql):
docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgresql > initdb.sql
Alternatively, you can use the SQL scripts included with the Alternatively, you can use the SQL scripts included with the
guacamole-auth-jdbc extension from guacamole-auth-jdbc extension from

6
guacamole-docker/bin/initdb.sh
View File

@@ -26,7 +26,7 @@
## ##
## @param DATABASE ## @param DATABASE
## The database to generate the SQL script for. This may be either ## The database to generate the SQL script for. This may be either
## "--postgres", for PostgreSQL, "--mysql" for MySQL, or "--sqlserver" for Microsoft SQL Server. ## "--postgresql", for PostgreSQL, "--mysql" for MySQL, or "--sqlserver" for Microsoft SQL Server.
## ##
DATABASE="$1" DATABASE="$1"
@@ -37,7 +37,7 @@ DATABASE="$1"
## ##
incorrect_usage() { incorrect_usage() {
cat <<END cat <<END
USAGE: /opt/guacamole/bin/initdb.sh [--postgres | --mysql | --sqlserver] USAGE: /opt/guacamole/bin/initdb.sh [--postgresql | --mysql | --sqlserver]
END END
exit 1 exit 1
} }
@@ -54,7 +54,7 @@ fi
case $DATABASE in case $DATABASE in
--postgres) --postgresql)
cat /opt/guacamole/postgresql/schema/*.sql cat /opt/guacamole/postgresql/schema/*.sql
;; ;;

115
guacamole-docker/bin/start.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh -e #!/bin/bash -e
# #
# Licensed to the Apache Software Foundation (ASF) under one # Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file # or more contributor license agreements. See the NOTICE file
@@ -242,7 +242,7 @@ END
} }
# Print error message regarding missing required variables for PostgreSQL authentication # Print error message regarding missing required variables for PostgreSQL authentication
postgres_missing_vars() { postgresql_missing_vars() {
cat <<END cat <<END
FATAL: Missing required environment variables FATAL: Missing required environment variables
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
@@ -251,40 +251,63 @@ environment variables or their corresponding Docker secrets by appending _FILE
to the environment variable, and setting the value to the path of the to the environment variable, and setting the value to the path of the
corresponding secret: corresponding secret:
POSTGRES_USER The user to authenticate as when connecting to POSTGRESQL_USER The user to authenticate as when connecting to
PostgreSQL. PostgreSQL.
POSTGRES_PASSWORD The password to use when authenticating with PostgreSQL POSTGRESQL_PASSWORD The password to use when authenticating with PostgreSQL
as POSTGRES_USER. as POSTGRESQL_USER.
POSTGRES_DATABASE The name of the PostgreSQL database to use for Guacamole POSTGRESQL_DATABASE The name of the PostgreSQL database to use for Guacamole
authentication. authentication.
END END
exit 1; exit 1;
} }
## Provide backward compatibility on POSTGRES_* environment variables
## In case of new deployment, please use POSTGRESQL_* equivalent variables.
for VAR_BASE in \
HOSTNAME PORT \
DATABASE USER PASSWORD \
DATABASE_FILE USER_FILE PASSWORD_FILE \
ABSOLUTE_MAX_CONNECTIONS DEFAULT_MAX_CONNECTIONS \
DEFAULT_MAX_GROUP_CONNECTIONS DEFAULT_MAX_CONNECTIONS_PER_USER \
DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER \
DEFAULT_STATEMENT_TIMEOUT SOCKET_TIMEOUT \
USER_REQUIRED \
SSL_KEY_PASSWORD_FILE SSL_KEY_PASSWORD; do
OLD_VAR="POSTGRES_$VAR_BASE"
NEW_VAR="POSTGRESQL_$VAR_BASE"
if [ -n "${!OLD_VAR}" ]; then
printf -v "$NEW_VAR" "%s" "${!OLD_VAR}"
echo "WARNING: ${OLD_VAR} detected, please use ${NEW_VAR} for further deployments."
fi
done
## ##
## Adds properties to guacamole.properties which select the PostgreSQL ## Adds properties to guacamole.properties which select the PostgreSQL
## authentication provider, and configure it to connect to the linked ## authentication provider, and configure it to connect to the linked
## PostgreSQL container. If a PostgreSQL database is explicitly specified using ## PostgreSQL container. If a PostgreSQL database is explicitly specified using
## the POSTGRES_HOSTNAME and POSTGRES_PORT environment variables, that will be ## the POSTGRESQL_HOSTNAME and POSTGRESQL_PORT environment variables, that will be
## used instead of a linked container. ## used instead of a linked container.
## ##
associate_postgresql() { associate_postgresql() {
# Use linked container if specified # Use linked container if specified
if [ -n "$POSTGRES_NAME" ]; then if [ -n "$POSTGRES_NAME" ]; then
POSTGRES_HOSTNAME="$POSTGRES_PORT_5432_TCP_ADDR" POSTGRESQL_HOSTNAME="$POSTGRES_PORT_5432_TCP_ADDR"
POSTGRES_PORT="$POSTGRES_PORT_5432_TCP_PORT" POSTGRESQL_PORT="$POSTGRES_PORT_5432_TCP_PORT"
fi fi
# Use default port if none specified # Use default port if none specified
POSTGRES_PORT="${POSTGRES_PORT-5432}" POSTGRESQL_PORT="${POSTGRESQL_PORT-5432}"
# Verify required connection information is present # Verify required connection information is present
if [ -z "$POSTGRES_HOSTNAME" -o -z "$POSTGRES_PORT" ]; then if [ -z "$POSTGRESQL_HOSTNAME" -o -z "$POSTGRESQL_PORT" ]; then
cat <<END cat <<END
FATAL: Missing POSTGRES_HOSTNAME or "postgres" link. FATAL: Missing POSTGRESQL_HOSTNAME or "postgres" link.
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
If using a PostgreSQL database, you must either: If using a PostgreSQL database, you must either:
@@ -293,12 +316,12 @@ If using a PostgreSQL database, you must either:
(b) If not using a Docker container for PostgreSQL, explicitly specify the TCP (b) If not using a Docker container for PostgreSQL, explicitly specify the TCP
connection to your database using the following environment variables: connection to your database using the following environment variables:
POSTGRES_HOSTNAME The hostname or IP address of the PostgreSQL server. If POSTGRESQL_HOSTNAME The hostname or IP address of the PostgreSQL server. If
not using a PostgreSQL Docker container and not using a PostgreSQL Docker container and
corresponding link, this environment variable is corresponding link, this environment variable is
*REQUIRED*. *REQUIRED*.
POSTGRES_PORT The port on which the PostgreSQL server is listening for POSTGRESQL_PORT The port on which the PostgreSQL server is listening for
TCP connections. This environment variable is option. If TCP connections. This environment variable is option. If
omitted, the standard PostgreSQL port of 5432 will be omitted, the standard PostgreSQL port of 5432 will be
used. used.
@@ -307,68 +330,68 @@ END
fi fi
# Verify that the required Docker secrets are present, else, default to their normal environment variables # Verify that the required Docker secrets are present, else, default to their normal environment variables
if [ -n "$POSTGRES_USER_FILE" ]; then if [ -n "$POSTGRESQL_USER_FILE" ]; then
set_property "postgresql-username" "`cat "$POSTGRES_USER_FILE"`" set_property "postgresql-username" "`cat "$POSTGRESQL_USER_FILE"`"
elif [ -n "$POSTGRES_USER" ]; then elif [ -n "$POSTGRESQL_USER" ]; then
set_property "postgresql-username" "$POSTGRES_USER" set_property "postgresql-username" "$POSTGRESQL_USER"
else else
postgres_missing_vars postgresql_missing_vars
exit 1; exit 1;
fi fi
if [ -n "$POSTGRES_PASSWORD_FILE" ]; then if [ -n "$POSTGRESQL_PASSWORD_FILE" ]; then
set_property "postgresql-password" "`cat "$POSTGRES_PASSWORD_FILE"`" set_property "postgresql-password" "`cat "$POSTGRESQL_PASSWORD_FILE"`"
elif [ -n "$POSTGRES_PASSWORD" ]; then elif [ -n "$POSTGRESQL_PASSWORD" ]; then
set_property "postgresql-password" "$POSTGRES_PASSWORD" set_property "postgresql-password" "$POSTGRESQL_PASSWORD"
else else
postgres_missing_vars postgresql_missing_vars
exit 1; exit 1;
fi fi
if [ -n "$POSTGRES_DATABASE_FILE" ]; then if [ -n "$POSTGRESQL_DATABASE_FILE" ]; then
set_property "postgresql-database" "`cat "$POSTGRES_DATABASE_FILE"`" set_property "postgresql-database" "`cat "$POSTGRESQL_DATABASE_FILE"`"
elif [ -n "$POSTGRES_DATABASE" ]; then elif [ -n "$POSTGRESQL_DATABASE" ]; then
set_property "postgresql-database" "$POSTGRES_DATABASE" set_property "postgresql-database" "$POSTGRESQL_DATABASE"
else else
postgres_missing_vars postgresql_missing_vars
exit 1; exit 1;
fi fi
# Update config file # Update config file
set_property "postgresql-hostname" "$POSTGRES_HOSTNAME" set_property "postgresql-hostname" "$POSTGRESQL_HOSTNAME"
set_property "postgresql-port" "$POSTGRES_PORT" set_property "postgresql-port" "$POSTGRESQL_PORT"
set_optional_property \ set_optional_property \
"postgresql-absolute-max-connections" \ "postgresql-absolute-max-connections" \
"$POSTGRES_ABSOLUTE_MAX_CONNECTIONS" "$POSTGRESQL_ABSOLUTE_MAX_CONNECTIONS"
set_optional_property \ set_optional_property \
"postgresql-default-max-connections" \ "postgresql-default-max-connections" \
"$POSTGRES_DEFAULT_MAX_CONNECTIONS" "$POSTGRESQL_DEFAULT_MAX_CONNECTIONS"
set_optional_property \ set_optional_property \
"postgresql-default-max-group-connections" \ "postgresql-default-max-group-connections" \
"$POSTGRES_DEFAULT_MAX_GROUP_CONNECTIONS" "$POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS"
set_optional_property \ set_optional_property \
"postgresql-default-max-connections-per-user" \ "postgresql-default-max-connections-per-user" \
"$POSTGRES_DEFAULT_MAX_CONNECTIONS_PER_USER" "$POSTGRESQL_DEFAULT_MAX_CONNECTIONS_PER_USER"
set_optional_property \ set_optional_property \
"postgresql-default-max-group-connections-per-user" \ "postgresql-default-max-group-connections-per-user" \
"$POSTGRES_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER" "$POSTGRESQL_DEFAULT_MAX_GROUP_CONNECTIONS_PER_USER"
set_optional_property \ set_optional_property \
"postgresql-default-statement-timeout" \ "postgresql-default-statement-timeout" \
"$POSTGRES_DEFAULT_STATEMENT_TIMEOUT" "$POSTGRESQL_DEFAULT_STATEMENT_TIMEOUT"
set_optional_property \ set_optional_property \
"postgresql-user-required" \ "postgresql-user-required" \
"$POSTGRES_USER_REQUIRED" "$POSTGRESQL_USER_REQUIRED"
set_optional_property \ set_optional_property \
"postgresql-socket-timeout" \ "postgresql-socket-timeout" \
"$POSTGRES_SOCKET_TIMEOUT" "$POSTGRESQL_SOCKET_TIMEOUT"
set_optional_property \ set_optional_property \
"postgresql-ssl-mode" \ "postgresql-ssl-mode" \
@@ -387,10 +410,10 @@ END
"$POSTGRESQL_SSL_ROOT_CERT_FILE" "$POSTGRESQL_SSL_ROOT_CERT_FILE"
# For SSL key password, check secrets, first, then standard env variable # For SSL key password, check secrets, first, then standard env variable
if [ -n "$POSTGRES_SSL_KEY_PASSWORD_FILE" ]; then if [ -n "$POSTGRESQL_SSL_KEY_PASSWORD_FILE" ]; then
set_property "postgresql-ssl-key-password" "`cat "$POSTGRES_SSL_KEY_PASSWORD_FILE"`" set_property "postgresql-ssl-key-password" "`cat "$POSTGRESQL_SSL_KEY_PASSWORD_FILE"`"
elif [ -n "$POSTGRES_SSL_KEY_PASSWORD" ]; then elif [ -n "$POSTGRESQL_SSL_KEY_PASSWORD" ]; then
set_property "postgresql-ssl-key-password" "$POSTGRES_SSL_KEY_PASSWORD" set_property "postgresql-ssl-key-password" "$POSTGRESQL_SSL_KEY_PASSWORD"
fi fi
set_optional_property \ set_optional_property \
@@ -1077,9 +1100,9 @@ if [ -n "$MYSQL_DATABASE" -o -n "$MYSQL_DATABASE_FILE" ]; then
fi fi
# Use PostgreSQL if database specified # Use PostgreSQL if database specified
if [ -n "$POSTGRES_DATABASE" -o -n "$POSTGRES_DATABASE_FILE" ]; then if [ -n "$POSTGRESQL_DATABASE" -o -n "$POSTGRESQL_DATABASE_FILE" ]; then
associate_postgresql associate_postgresql
INSTALLED_AUTH="$INSTALLED_AUTH postgres" INSTALLED_AUTH="$INSTALLED_AUTH postgresql"
fi fi
# Use SQLServer if database specified # Use SQLServer if database specified
@@ -1149,7 +1172,7 @@ FATAL: No authentication configured
The Guacamole Docker container needs at least one authentication mechanism in The Guacamole Docker container needs at least one authentication mechanism in
order to function, such as a MySQL database, PostgreSQL database, SQLServer order to function, such as a MySQL database, PostgreSQL database, SQLServer
database, LDAP directory or RADIUS server. Please specify at least the database, LDAP directory or RADIUS server. Please specify at least the
MYSQL_DATABASE or POSTGRES_DATABASE or SQLSERVER_DATABASE environment variables, MYSQL_DATABASE or POSTGRESQL_DATABASE or SQLSERVER_DATABASE environment variables,
or check Guacamole's Docker documentation regarding configuring LDAP and/or or check Guacamole's Docker documentation regarding configuring LDAP and/or
custom extensions. custom extensions.
END END