The purpose of this application is to provide a simple single RDP session in a web browser. Mostly it is leveraged by us at linuxserver.io to package up desktop applications as browser accessible web applications. The application is not security hardened, we make a best effort to ensure authentication and application settings are setup properly but make no guarantees that this should ever be exposed to the internet directly. If you are interested in more hardened authentication we highly recommend taking a look at SWAG to use as a reverse proxy for HTTPS and authentication.
All application settings are passed via environment variables:
Variable | Description |
---|---|
CUSTOM_PORT | Port the application listed on, default 3000. |
CUSTOM_USER | Desktop session user for the RDP connection, default abc. |
PASSWORD | Desktop session password for the RDP connection, default abc. |
RDP_HOST | IP address of RDP endpoint, default "127.0.0.1". |
RDP_PORT | RDP port to connect to, default "3389".(quotes important not an integer) |
KEYBOARD | Keyboard layout to use, default "en-us-qwerty". (see keyboard section for available layouts) |
AUTO_LOGIN | Set to false to disable auto login or true to force it, default unset. |
SUBFOLDER | Subfolder for the application if running a subfolder reverse proxy, need both slashes IE /subfolder/ |
TITLE | The page title displayed on the web browser, default "Guacamole Client". |
CYPHER | The cipher key to user for encoding the connection string token for guacamole, default "LSIOGCKYLSIOGCKYLSIOGCKYLSIOGCKY" |
FM_NO_AUTH | This disables authentication for the file manager if set to true, default false. |
FM_HOME | This is the home directory (landing) for the file manager, default "/config". |
You can access advanced features of the Guacamole remote desktop using ctrl+alt+shift enabling you to use remote copy/paste, an onscreen keyboard, or a baked in file manager. This can also be accessed by clicking the small circle on the left side of the screen.
By exposing the sidebar menu you will see a text box where text can be entered and extracted. Anything currently copied to the web applications clipboard will be displayed in this box. Any text you enter will be available on the web appplications clipboard to be pasted. With use, pressing ctrl+alt+shift then ctrl+v to paste in your local desktop clipboard ctrl+alt+shift then ctrl+v in the web browser becomes like second nature.
This is geared towards touch interfaces, though we currently do not optimize for mobile, for tablets with a decent resolution it should be somewhat useable. The reason mobile is not a great experience is the desktop itself is always rendered at a pixel perfect resolution, even resizing the window will reconnect your session to re-render the desktop. At low phone resolutions a normal IDE has difficulty rendering even basic tools.
The keyboard layouts available for use are:
- da-dk-qwerty- Danish keyboard
- de-ch-qwertz- Swiss German keyboard (qwertz)
- de-de-qwertz- German keyboard (qwertz) - OSK available
- en-gb-qwerty- English (UK) keyboard
- en-us-qwerty- English (US) keyboard - OSK available DEFAULT
- es-es-qwerty- Spanish keyboard - OSK available
- fr-ch-qwertz- Swiss French keyboard (qwertz)
- fr-fr-azerty- French keyboard (azerty) - OSK available
- it-it-qwerty- Italian keyboard - OSK available
- ja-jp-qwerty- Japanese keyboard
- pt-br-qwerty- Portuguese Brazilian keyboard
- sv-se-qwerty- Swedish keyboard
- tr-tr-qwerty- Turkish-Q keyboard
- failsafe- this option sends only Unicode events, while supported by the Gucamole RDP client it does not have a linked keymap from xrdp so it will not function as intended. (left here for documentation purposes)
In general while testing localization for keymaps things like right alt for keyboard modifiers would get stuck among other issues. Best effort is made to support this feature, but you might have to pop open the on screen keyboard from time to time to unstick modifier keys.
The file manager is managed in house in this codebase. It supports simple navigation, uploading/downloading files, deleting files, creating folders, and drag and drop of files/folders.
The file manager has nothing to do with the RDP protocol it runs as the user running this nodejs application and will have all the permissions of that user.
The authentication uses pam, so if the password is changed in the web client you will also need to enter that password every time you connect to the file manager. To disable authentication simply pass FM_NO_AUTH=true
.