# # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information # regarding copyright ownership. The ASF licenses this file # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. # # # Dockerfile for guacamole-client # # Use args for Tomcat image label to allow image builder to choose alternatives # such as `--build-arg TOMCAT_JRE=jre8-alpine` # ARG TOMCAT_VERSION=9 ARG TOMCAT_JRE=jdk21 # Use official maven image for the build FROM maven:3-eclipse-temurin-21 AS builder # Use Mozilla's Firefox PPA (newer Ubuntu lacks a "firefox-esr" package and # provides only a transitional "firefox" package that actually requires Snap # and thus can't be used within Docker) RUN apt-get update \ && apt-get upgrade -y \ && apt-get install -y software-properties-common \ && add-apt-repository -y ppa:mozillateam/ppa # Explicitly prefer packages from the Firefox PPA COPY guacamole-docker/mozilla-firefox.pref /etc/apt/preferences.d/ # Install firefox browser for sake of JavaScript unit tests RUN apt-get update && apt-get install -y firefox # Arbitrary arguments that can be passed to the maven build. By default, an # argument will be provided to explicitly unskip any skipped tests. To, for # example, allow the building of the RADIUS auth extension, pass a build profile # as well: `--build-arg MAVEN_ARGUMENTS="-P lgpl-extensions -DskipTests=false"`. ARG MAVEN_ARGUMENTS="-DskipTests=false" # Versions of JDBC drivers to bundle within image ARG MSSQL_JDBC_VERSION=9.4.1 ARG MYSQL_JDBC_VERSION=8.3.0 ARG PGSQL_JDBC_VERSION=42.7.2 # Build environment variables ENV \ BUILD_DIR=/tmp/guacamole-docker-BUILD # Add configuration scripts COPY guacamole-docker/bin/ /opt/guacamole/bin/ COPY guacamole-docker/build.d/ /opt/guacamole/build.d/ COPY guacamole-docker/entrypoint.d/ /opt/guacamole/entrypoint.d/ COPY guacamole-docker/environment/ /opt/guacamole/environment/ # Copy source to container for sake of build COPY . "$BUILD_DIR" # Run the build itself RUN /opt/guacamole/bin/build-guacamole.sh "$BUILD_DIR" /opt/guacamole RUN rm -rf /opt/guacamole/build.d /opt/guacamole/bin/build-guacamole.sh # For the runtime image, we start with the official Tomcat distribution RUN ls -al /opt/guacamole/ FROM alpine COPY --from=builder /opt/guacamole /opt/guacamole RUN ls -al / ENV TOMCAT_MAJOR=9 \ TOMCAT_VERSION=9.0.78 \ CATALINA_HOME=/opt/guacamole RUN \ apk add --update --no-cache \ openjdk8-jre curl mariadb-client bash openssl && \ curl -jkSL -o /tmp/apache-tomcat.tar.gz \ http://archive.apache.org/dist/tomcat/tomcat-${TOMCAT_MAJOR}/v${TOMCAT_VERSION}/bin/apache-tomcat-${TOMCAT_VERSION}.tar.gz && \ gunzip /tmp/apache-tomcat.tar.gz && \ tar -C /opt -xf /tmp/apache-tomcat.tar && \ ln -s /opt/apache-tomcat-$TOMCAT_VERSION /usr/local/tomcat && \ chmod -R a+rx /usr/local/tomcat/ # cleanup RUN apk del curl && \ rm -rf /tmp/* /var/cache/apk/* /usr/local/tomcat/webapps/* # Create a new user guacamole COPY /start.sh /opt/guacamole/bin/ RUN chmod a+x /opt/guacamole/bin/start.sh ARG UID=1001 ARG GID=1001 RUN addgroup -g $GID guacamole RUN adduser -S -D -s /usr/sbin/nologin -u $UID guacamole --ingroup guacamole # Run with user guacamole USER guacamole EXPOSE 8080 WORKDIR $CATALINA_HOME # Start Guacamole under Tomcat, listening on 0.0.0.0:8080 EXPOSE 8080 CMD ["/opt/guacamole/bin/start.sh"]