Update to guacamole 1.5.0 (#51)

- Update to guacamole 1.5.0
- Base image based on tomcat 9 jdk8 (most up-to-date jdk8)
- Update of S6 overlay
- Added 2 new extensions support
- Added support for PPC64el
- Reworked workflows

.github/dependabot.yml

@@ -4,9 +4,15 @@ updates:
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
+    target-branch: "dev"
+     # Add reviewers
+    reviewers:
+      - "MaxWaldorf"
 
   - package-ecosystem: "docker" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
-
+    target-branch: "dev"
+    reviewers:
+      - "MaxWaldorf"

.github/workflows/docker-image-dev.yml

@@ -21,6 +21,8 @@ jobs:
       # Get the repository's code
       - name: Checkout
         uses: actions/checkout@v3
+        with:
+          ref: dev
       # https://github.com/docker/setup-qemu-action
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
@@ -46,15 +48,15 @@ jobs:
           # Docker tags based on the following events/attributes
           tags: |
             type=schedule,pattern=nightly
-            type=raw,value=beta
+            type=raw,value=nightly
           flavor: |
             latest=false
 
       - name: Build and push
         uses: docker/build-push-action@v4
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/ppc64le
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.guac.outputs.tags }}
           labels: ${{ steps.guac.outputs.labels }}

.github/workflows/docker-image.yml

@@ -42,7 +42,6 @@ jobs:
             maxwaldorf/guacamole
           # Docker tags based on the following events/attributes
           tags: |
-            type=schedule
             type=raw,value=latest,enable=${{ endsWith(github.ref, github.event.repository.default_branch) }}
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
@@ -52,7 +51,7 @@ jobs:
         uses: docker/build-push-action@v4
         with:
           context: .
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/ppc64le
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.guac.outputs.tags }}
           labels: ${{ steps.guac.outputs.labels }}

.gitignore

@@ -0,0 +1,2 @@
+/.vs
+.DS_Store

Dockerfile

@@ -1,24 +1,23 @@
 # Select BASE
-FROM tomcat:8.5-jdk8-openjdk-slim-bullseye
-
-SHELL ["/bin/bash", "-c"]
+FROM tomcat:9-jdk8
 
 ARG APPLICATION="guacamole"
-ARG BUILD_RFC3339="2022-01-25T12:00:00Z"
+ARG BUILD_RFC3339="2023-03-16T15:00:00Z"
 ARG REVISION="local"
-ARG DESCRIPTION="Guacamole 1.4.0"
+ARG DESCRIPTION="Guacamole 1.5.0"
 ARG PACKAGE="MaxWaldorf/guacamole"
-ARG VERSION="1.4.0"
+ARG VERSION="1.5.0"
 ARG TARGETPLATFORM
 ARG PG_MAJOR="13"
+ARG S6_OVERLAY_VERSION="3.1.4.1"
 # Do not require interaction during build
 ARG DEBIAN_FRONTEND=noninteractive
 
 STOPSIGNAL SIGKILL
 
 LABEL org.opencontainers.image.ref.name="${PACKAGE}" \
   org.opencontainers.image.created=$BUILD_RFC3339 \
-  org.opencontainers.image.authors="MaxWaldorf,OZNU" \
+  org.opencontainers.image.authors="MaxWaldorf" \
   org.opencontainers.image.documentation="https://github.com/${PACKAGE}/README.md" \
   org.opencontainers.image.description="${DESCRIPTION}" \
   org.opencontainers.image.licenses="GPLv3" \
@@ -33,7 +32,9 @@ ENV \
   REVISION="${REVISION}" \
   DESCRIPTION="${DESCRIPTION}" \
   PACKAGE="${PACKAGE}" \
-  VERSION="${VERSION}"
+  VERSION="${VERSION}" \
+  S6_OVERLAY_VERSION="${S6_OVERLAY_VERSION}" \
+  S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
 
 ENV \
   GUAC_VER=${VERSION} \
@@ -43,35 +44,56 @@ ENV \
   POSTGRES_USER=guacamole \
   POSTGRES_DB=guacamole_db
 
-#Set working DIR
+# Set working DIR
 WORKDIR ${GUACAMOLE_HOME}
 
-# Look for debian testing packets
-RUN echo "deb http://deb.debian.org/debian bullseye-backports main contrib non-free" >> /etc/apt/sources.list
+# Display variables (Test)
+RUN echo "I'm building for TARGETPLATFORM=${TARGETPLATFORM}"
+
+# Add support for Postgresql 13
+RUN apt-get update && apt-get install -y curl gpg gnupg2 software-properties-common apt-transport-https lsb-release ca-certificates
+RUN curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor | tee /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg >/dev/null
+RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" | tee  /etc/apt/sources.list.d/pgdg.list
 
-#Add essential packages
-RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y curl postgresql-${PG_MAJOR} ghostscript
+# Install initial components
+RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y xz-utils curl postgresql-${PG_MAJOR} ghostscript
 
 #Add Fonts as requested by users
 RUN apt-get install -y fonts-spleen fonty-rg
 
-# Apply the s6-overlay
-RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then ARCH=amd64; elif [ "$TARGETPLATFORM" = "linux/arm/v6" ]; then ARCH=arm; elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then ARCH=armhf; elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then ARCH=aarch64; else ARCH=amd64; fi \
-  && curl -SLO "https://github.com/just-containers/s6-overlay/releases/download/v2.2.0.3/s6-overlay-${ARCH}.tar.gz" \
-  && tar -xzf s6-overlay-${ARCH}.tar.gz -C / \
-  && tar -xzf s6-overlay-${ARCH}.tar.gz -C /usr ./bin \
-  && rm -rf s6-overlay-${ARCH}.tar.gz \
-  && mkdir -p ${GUACAMOLE_HOME} \
-  ${GUACAMOLE_HOME}/lib \
-  ${GUACAMOLE_HOME}/extensions
-
 # Install dependencies
-RUN apt-get update && apt-get -t bullseye-backports install -y \
+RUN apt-get install -y \
   build-essential \
-  libcairo2-dev libjpeg62-turbo-dev libpng-dev libtool-bin uuid-dev libossp-uuid-dev \
+  libcairo2-dev libjpeg-turbo8-dev libpng-dev libtool-bin uuid-dev libossp-uuid-dev \
   libavcodec-dev libavformat-dev libavutil-dev libswscale-dev \
-  freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev \
-  libssl-dev libvorbis-dev libwebp-dev
+  freerdp2-dev libpango1.0-dev libssh2-1-dev libtelnet-dev libvncserver-dev libwebsockets-dev libpulse-dev libssl-dev libvorbis-dev libwebp-dev
+
+# Apply the s6-overlay
+RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; \
+  then S6_ARCH=x86_64; \
+elif [ "$TARGETPLATFORM" = "linux/arm/v6" ]; \
+  then S6_ARCH=arm; \
+elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; \
+  then S6_ARCH=armhf; \
+elif [ "$TARGETPLATFORM" = "linux/arm64" ]; \
+  then S6_ARCH=aarch64; \
+elif [ "$TARGETPLATFORM" = "linux/ppc64le" ]; \
+  then S6_ARCH=powerpc64le; \
+else S6_ARCH=x86_64; \
+fi \
+  && curl -SL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz" > /tmp/s6-overlay-noarch.tar.xz \
+  && tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz \
+  && curl -SL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_ARCH}.tar.xz" > /tmp/s6-overlay-${S6_ARCH}.tar.xz \
+  && tar -C / -Jxpf /tmp/s6-overlay-${S6_ARCH}.tar.xz \
+  && curl -SL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz" > /tmp/s6-overlay-symlinks-noarch.tar.xz \
+  && tar -C / -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz
+  #&& curl -SL "https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/syslogd-overlay-noarch.tar.xz" > /tmp/syslogd-overlay-noarch.tar.xz \
+  #&& tar -C / -Jxpf /tmp/syslogd-overlay-noarch.tar.xz
+
+# Create Required Directories for Guacamole
+RUN mkdir -p ${GUACAMOLE_HOME} \
+  ${GUACAMOLE_HOME}/lib \
+  ${GUACAMOLE_HOME}/extensions
 
 # Install guacamole-server
 RUN curl -SLO "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/source/guacamole-server-${GUAC_VER}.tar.gz" \
@@ -88,12 +110,7 @@ RUN curl -SLO "http://apache.org/dyn/closer.cgi?action=download&filename=guacamo
 RUN set -x \
   && rm -rf ${CATALINA_HOME}/webapps/ROOT \
   && curl -SLo ${CATALINA_HOME}/webapps/ROOT.war "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/binary/guacamole-${GUAC_VER}.war" \
-  && curl -SLo ${GUACAMOLE_HOME}/lib/postgresql-42.3.1.jar "https://jdbc.postgresql.org/download/postgresql-42.3.1.jar" \
-  && curl -SLO "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/binary/guacamole-auth-jdbc-${GUAC_VER}.tar.gz" \
-  && tar -xzf guacamole-auth-jdbc-${GUAC_VER}.tar.gz \
-  && cp -R guacamole-auth-jdbc-${GUAC_VER}/postgresql/guacamole-auth-jdbc-postgresql-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions/ \
-  && cp -R guacamole-auth-jdbc-${GUAC_VER}/postgresql/schema ${GUACAMOLE_HOME}/ \
-  && rm -rf guacamole-auth-jdbc-${GUAC_VER} guacamole-auth-jdbc-${GUAC_VER}.tar.gz
+  && curl -SLo ${GUACAMOLE_HOME}/lib/postgresql-42.5.4.jar "https://jdbc.postgresql.org/download/postgresql-42.5.4.jar"
 
 ###############################################################################
 ################################# EXTENSIONS ##################################
@@ -103,15 +120,14 @@ RUN mkdir ${GUACAMOLE_HOME}/extensions-available
 
 # Download all extensions
 RUN set -xe \
-  && for ext_name in auth-duo auth-header auth-jdbc auth-json auth-ldap auth-quickconnect auth-sso auth-totp; do \
-  echo "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/binary/guacamole-${ext_name}-${GUAC_VER}.tar.gz" \
-  && curl -SLO "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/binary/guacamole-${ext_name}-${GUAC_VER}.tar.gz" \
+  && for ext_name in auth-duo auth-header auth-jdbc auth-json auth-ldap auth-quickconnect auth-sso auth-totp vault history-recording-storage; do \
+  curl -SLO "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/binary/guacamole-${ext_name}-${GUAC_VER}.tar.gz" \
   && tar -xzf guacamole-${ext_name}-${GUAC_VER}.tar.gz \
   ;done
 
 # Copy standalone extensions over to extensions-available folder
 RUN set -xe \
-  && for ext_name in auth-duo auth-header auth-json auth-ldap auth-quickconnect auth-totp; do \
+  && for ext_name in auth-duo auth-header auth-json auth-ldap auth-quickconnect auth-totp history-recording-storage; do \
   cp guacamole-${ext_name}-${GUAC_VER}/guacamole-${ext_name}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions-available/ \
   ;done
 
@@ -127,17 +143,23 @@ RUN set -xe \
   cp guacamole-auth-jdbc-${GUAC_VER}/${ext_name}/guacamole-auth-jdbc-${ext_name}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions-available/ \
   ;done
 
+# Copy vault extensions over to extensions-available folder
+RUN set -xe \
+  && for ext_name in ksm; do \
+  cp guacamole-vault-${GUAC_VER}/${ext_name}/guacamole-vault-${ext_name}-${GUAC_VER}.jar ${GUACAMOLE_HOME}/extensions-available/ \
+  ;done
+
 # Clear all extensions leftovers
 RUN set -xe \
-  && for ext_name in auth-duo auth-header auth-jdbc auth-json auth-ldap auth-quickconnect auth-sso auth-totp; do \
+  && for ext_name in auth-duo auth-header auth-jdbc auth-json auth-ldap auth-quickconnect auth-sso auth-totp vault history-recording-storage; do \
   rm -rf guacamole-${ext_name}-${GUAC_VER} guacamole-${ext_name}-${GUAC_VER}.tar.gz \
   ;done
 
 ###############################################################################
 ###############################################################################
 ###############################################################################
 
-# Purge BUild packages
+# Purge Build packages
 RUN apt-get purge -y build-essential \
   && apt-get autoremove -y && apt-get autoclean \
   && rm -rf /var/lib/apt/lists/*
@@ -148,6 +170,8 @@ ENV GUACAMOLE_HOME=/config/guacamole
 
 WORKDIR /config
 
-COPY root /
+COPY rootfs /
+
+EXPOSE 8080
 
 ENTRYPOINT [ "/init" ]

README.md

@@ -2,19 +2,13 @@
 
 # Docker Guacamole
 
-⚠️ **Starting version 1.4.2, compatibility with previous versions is broken due to Postgresql upgrade from 11 to 13!** <br />
-ℹ️ Make sure to backup "guacamole_db" in postgres before upgrade to inject it later... <br />
-<br />
-<br />
-**Disclaimer:** This work is based on the work of: https://github.com/oznu/docker-guacamole
-
 A Docker Container for [Apache Guacamole](https://guacamole.apache.org/), a client-less remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH over HTML5.
 
-This image will run on most platforms that support Docker including Docker for arm64 boards (Raspberry ARM64v8 on an 64bit OS).
+Supported Linux OS: amd64, arm64, ppc64el
 
-This container runs the guacamole web client, the guacd server and a postgres database.
+This container runs the guacamole web client, the guacd server and a postgres database (version 13).
 
-## Usage (works for x86_64 and arm64v8, no support for 32 bits)
+## Usage (works for x86_64, aarch64 and ppc64le, no support for 32 bits)
 
 ```shell
 docker run \
@@ -58,8 +52,10 @@ docker run \
 - auth-sso-saml
 - auth-sso-cas
 - auth-totp
+- vault-ksm
+- history-recording-storage
 
-More information: [Guacamole v1.4.0 release notes](https://guacamole.apache.org/releases/1.4.0/)
+More information: [Guacamole v1.5.0 release notes](https://guacamole.apache.org/releases/1.5.0/)
 
 You should only enable the extensions you require, if an extensions is not configured correctly in the `guacamole.properties` file it may prevent the system from loading. See the [official documentation](https://guacamole.apache.org/doc/gug/) for more details.
 
@@ -88,8 +84,6 @@ volumes:
 
 ## License
 
-(Based on OZNU choice GPLv3)
-
 This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 
 This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the [GNU General Public License](./LICENSE) for more details.

root/etc/cont-init.d/30-defaults.sh → rootfs/etc/cont-init.d/30-defaults.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 cp -rn /app/guacamole /config
 mkdir -p /root/.config/freerdp/known_hosts

root/etc/cont-init.d/40-postgres.sh → rootfs/etc/cont-init.d/40-postgres.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 mkdir -p /config/postgres
 mkdir -p /var/run/postgresql 

root/etc/cont-init.d/50-extensions → rootfs/etc/cont-init.d/50-extensions.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 # clean up extensions
 for i in auth-ldap auth-duo auth-header auth-cas auth-openid auth-quickconnect auth-totp; do

root/etc/services.d/guacamole/run → rootfs/etc/services.d/guacamole/run

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 until pg_isready; do
   echo "Waiting for postgres to come up..."
@@ -14,14 +14,14 @@ if [ $? -ne 0 ]; then
   echo "$GUAC_VER" > /config/.database-version
 
   /etc/cont-init.d/30-defaults.sh
-  /etc/cont-init.d/50-extensions
+  /etc/cont-init.d/50-extensions.sh
 else
   if [ "$(cat /config/.database-version)" != "$GUAC_VER" ]; then
     cat /app/guacamole/schema/upgrade/upgrade-pre-$GUAC_VER.sql | psql -U $POSTGRES_USER -d $POSTGRES_DB -f -
     echo "$GUAC_VER" > /config/.database-version
 
     /etc/cont-init.d/30-defaults.sh
-    /etc/cont-init.d/50-extensions
+    /etc/cont-init.d/50-extensions.sh
   fi
 fi
 

root/etc/services.d/guacd/run → rootfs/etc/services.d/guacd/run

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 echo "Starting guacamole guacd..."
 s6-setuidgid root guacd -b 0.0.0.0 -f

root/etc/services.d/postgres/run → rootfs/etc/services.d/postgres/run

@@ -1,4 +1,4 @@
-#!/usr/bin/with-contenv sh
+#!/command/with-contenv bash
 
 echo "Starting postgres..."
 s6-setuidgid postgres postgres