From ce2eabd3bf4fa7df55eaf4d7a7ba502fa6da9d04 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Mon, 5 Aug 2024 19:09:23 -0600 Subject: [PATCH] Update Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md --- .../Docker/Docker Compose/Apache Guacamole.md | 32 ++++++++++++++----- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md b/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md index a96e7bf..5e02a45 100644 --- a/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md +++ b/Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md @@ -53,7 +53,7 @@ ports: - 8080:8080 volumes: - - /srv/containers/guacamole:/config + - /srv/containers/apache-guacamole:/config environment: - OPT_MYSQL=Y - OPT_MYSQL_EXTENSION=N @@ -61,17 +61,22 @@ - OPT_LDAP=N - OPT_DUO=N - OPT_CAS=N - - OPT_TOTP=N # (1) + - OPT_TOTP=N - OPT_QUICKCONNECT=N - OPT_HEADER=N - OPT_SAML=N + - OPT_OIDC=Y # Enable OpenID Connect + - OIDC_ISSUER=${OPENID_REALM_URL} # Your Keycloak realm URL + - OIDC_CLIENT_ID=${OPENID_CLIENT_ID} # Client ID for Guacamole in Keycloak + - OIDC_CLIENT_SECRET=${OPENID_CLIENT_SECRET} # Client Secret for Guacamole in Keycloak + - OIDC_REDIRECT_URI=${OPENID_REDIRECT_URI} # Redirect URI for Guacamole - PUID=99 - PGID=100 - - TZ=America/Denver # (2) + - TZ=America/Denver restart: unless-stopped networks: - docker_network: - ipv4_address: 192.168.5.43 + docker_network: + ipv4_address: 192.168.5.43 networks: default: @@ -84,9 +89,20 @@ 1. You cannot enable TOTP / Multi-factor authentication if you have OpenID configured. This is just a known issue. 2. Set to your own timezone. -```jsx title=".env" -N/A -``` +=== ".env" + + ``` sh + N/A + ``` + +=== ".env (OpenID / Keycloak Integration)" + + ``` sh + OPENID_REALM_URL=https://auth.bunny-lab.io/realms/master + OPENID_CLIENT_ID=apache-guacamole + OPENID_CLIENT_SECRET= + OPENID_REDIRECT_URI=http://remote.bunny-lab.io + ``` ## Reverse Proxy Configuration