Update Docker & Kubernetes/Docker/Docker Compose/Apache Guacamole.md

2024-08-05 19:09:23 -06:00
parent 63e315d2d6
commit ce2eabd3bf
1 changed files with 24 additions and 8 deletions
--- a/Kubernetes/Docker/Docker
+++ b/Kubernetes/Docker/Docker
@ -53,7 +53,7 @@
        ports:
          - 8080:8080
        volumes:
-          - /srv/containers/guacamole:/config
+          - /srv/containers/apache-guacamole:/config
        environment:
          - OPT_MYSQL=Y
          - OPT_MYSQL_EXTENSION=N
@ -61,13 +61,18 @@
          - OPT_LDAP=N
          - OPT_DUO=N
          - OPT_CAS=N
-          - OPT_TOTP=N # (1)
+          - OPT_TOTP=N
          - OPT_QUICKCONNECT=N
          - OPT_HEADER=N
          - OPT_SAML=N
+          - OPT_OIDC=Y # Enable OpenID Connect
+          - OIDC_ISSUER=${OPENID_REALM_URL} # Your Keycloak realm URL
+          - OIDC_CLIENT_ID=${OPENID_CLIENT_ID} # Client ID for Guacamole in Keycloak
+          - OIDC_CLIENT_SECRET=${OPENID_CLIENT_SECRET} # Client Secret for Guacamole in Keycloak
+          - OIDC_REDIRECT_URI=${OPENID_REDIRECT_URI} # Redirect URI for Guacamole
          - PUID=99
          - PGID=100
-          - TZ=America/Denver # (2)
+          - TZ=America/Denver
        restart: unless-stopped
        networks:
          docker_network:
@ -84,10 +89,21 @@
    1.  You cannot enable TOTP / Multi-factor authentication if you have OpenID configured.  This is just a known issue.
    2.  Set to your own timezone.

-```jsx title=".env"
+=== ".env"
+
+    ``` sh
    N/A
    ```

+=== ".env (OpenID / Keycloak Integration)"
+
+    ``` sh
+    OPENID_REALM_URL=https://auth.bunny-lab.io/realms/master
+    OPENID_CLIENT_ID=apache-guacamole
+    OPENID_CLIENT_SECRET=<YOUR-CLIENT-ID-SECRET>
+    OPENID_REDIRECT_URI=http://remote.bunny-lab.io
+    ```
+
 ## Reverse Proxy Configuration

 === "Traefik"