From 63e315d2d658e6bbcdcfb2345ca70c98bf2d5159 Mon Sep 17 00:00:00 2001
From: Nicole Rappe <nicole.rappe@bunny-lab.io>
Date: Mon, 5 Aug 2024 18:51:04 -0600
Subject: [PATCH] Update Docker & Kubernetes/Docker/Docker Compose/Apache
 Guacamole.md

---
 .../Docker/Docker Compose/Apache Guacamole.md | 114 ++++++++++++------
 1 file changed, 80 insertions(+), 34 deletions(-)

diff --git a/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md b/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md
index 4807a25..a96e7bf 100644
--- a/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md	
+++ b/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md	
@@ -1,42 +1,88 @@
 **Purpose**: HTML5-based Remote Access Broker for SSH, RDP, and VNC.  Useful for remote access into an environment.
 
-## Docker Configuration
-```jsx title="docker-compose.yml"
-version: '3'
+=== "docker-compose.yml"
+
+    ``` sh
+    version: '3'
+
+    services:
+      app:
+        image: jasonbean/guacamole
+        ports:
+          - 8080:8080
+        volumes:
+          - /srv/containers/guacamole:/config
+        environment:
+          - OPT_MYSQL=Y
+          - OPT_MYSQL_EXTENSION=N
+          - OPT_SQLSERVER=N
+          - OPT_LDAP=N
+          - OPT_DUO=N
+          - OPT_CAS=N
+          - OPT_TOTP=Y # (1)
+          - OPT_QUICKCONNECT=N
+          - OPT_HEADER=N
+          - OPT_SAML=N
+          - PUID=99
+          - PGID=100
+          - TZ=America/Denver # (2)
+        restart: unless-stopped
+        networks:
+            docker_network:
+              ipv4_address: 192.168.5.43
 
-services:
-  app:
-    image: jasonbean/guacamole
-    ports:
-      - 8080:8080
-    volumes:
-      - /srv/containers/guacamole:/config
-    environment:
-      - OPT_MYSQL=Y
-      - OPT_MYSQL_EXTENSION=N
-      - OPT_SQLSERVER=N
-      - OPT_LDAP=N
-      - OPT_DUO=N
-      - OPT_CAS=N
-      - OPT_TOTP=Y
-      - OPT_QUICKCONNECT=N
-      - OPT_HEADER=N
-      - OPT_SAML=N
-      - PUID=99
-      - PGID=100
-      - TZ=America/Denver
-    restart: unless-stopped
     networks:
-        docker_network:
-          ipv4_address: 192.168.5.43
+      default:
+        external:
+          name: docker_network
+      docker_network:
+        external: true
+    ```
+    
+    1.  Enable this if you want multi-factor authentication enabled.  Must be set BEFORE the container is initially deployed.  Cannot be added retroactively.
+    2.  Set to your own timezone.
 
-networks:
-  default:
-    external:
-      name: docker_network
-  docker_network:
-    external: true
-```
+=== "docker-compose.yml (OpenID / Keycloak Integration)"
+
+    ``` sh
+    version: '3'
+
+    services:
+      app:
+        image: jasonbean/guacamole
+        ports:
+          - 8080:8080
+        volumes:
+          - /srv/containers/guacamole:/config
+        environment:
+          - OPT_MYSQL=Y
+          - OPT_MYSQL_EXTENSION=N
+          - OPT_SQLSERVER=N
+          - OPT_LDAP=N
+          - OPT_DUO=N
+          - OPT_CAS=N
+          - OPT_TOTP=N # (1)
+          - OPT_QUICKCONNECT=N
+          - OPT_HEADER=N
+          - OPT_SAML=N
+          - PUID=99
+          - PGID=100
+          - TZ=America/Denver # (2)
+        restart: unless-stopped
+        networks:
+            docker_network:
+              ipv4_address: 192.168.5.43
+
+    networks:
+      default:
+        external:
+          name: docker_network
+      docker_network:
+        external: true
+    ```
+    
+    1.  You cannot enable TOTP / Multi-factor authentication if you have OpenID configured.  This is just a known issue.
+    2.  Set to your own timezone.
 
 ```jsx title=".env"
 N/A