- Clinetless SSH, VNC, Remote Desktop (Windows) terminal gateway.
웹을 통해 SSH, VNC, Windows Remote Desktop, SFTP 등에 연결할 수 있는 서비스.
Apache Guacamole 공식홈페이지
- Guacamole는 WAS 상에서 어플리케이션으로 동작한다.
Apache Tomcat 설치
# 추가 리포지터리 활성화를 위한 config-manager 및 epel-release 설치, 리포지터리 활성화
dnf install -y 'dnf-command(config-manager)' epel-release
dnf install -y --nogpgcheck https://mirrors.rpmfusion.org/free/el/rpmfusion-free-release-$(rpm -E %rhel).noarch.rpm
dnf config-manager --set-enabled crb
# 리포지터리 갱신
dnf update -y
# java 설치
dnf install -y java-11-openjdk java-11-openjdk-devel java-11-openjdk-headless java-11-openjdk-javadoc
# 필요 의존성 패키지 설치
dnf install -y cairo-devel libjpeg-turbo-devel libpng-devel libtool libuuid-devel
# Guacamole에서 지원하고자 하는 기능에 따른 패키지
dnf install -y freerdp-devel ffmpeg-devel pango-devel libssh2-devel libvncserver-devel
# 소스코드로부터 컴파일을 위한 패키지 설치
dnf groupinstall -y "Development Tools"
dnf install -y npm maven nodejs
- 미리 컴파일 된 바이너리와 라이브러리가 있다면 다음과 같이 파일들을 위치시킨다.
# guacamole server binary
/usr/bin/guacd
# guacamole server
/lib
libguac-client-rdp.a
libguac-client-rdp.la
libguac-client-rdp.so -> libguac-client-rdp.so.0.0.0
libguac-client-rdp.so.0 -> libguac-client-rdp.so.0.0.0
libguac-client-rdp.so.0.0.0
libguac-client-ssh.a
libguac-client-ssh.la
libguac-client-ssh.so -> libguac-client-ssh.so.0.0.0
libguac-client-ssh.so.0 -> libguac-client-ssh.so.0.0.0
libguac-client-ssh.so.0.0.0
libguac-client-vnc.a
libguac-client-vnc.la
libguac-client-vnc.so -> libguac-client-vnc.so.0.0.0
libguac-client-vnc.so.0 -> libguac-client-vnc.so.0.0.0
libguac-client-vnc.so.0.0.0
libguac-terminal.a
libguac-terminal.la
libguac-terminal.so -> libguac-terminal.so.2.0.0
libguac-terminal.so.2 -> libguac-terminal.so.2.0.0
libguac-terminal.so.2.0.0
libguac.a
libguac.la
libguac.so -> libguac.so.25.0.0
libguac.so.25 -> libguac.so.25.0.0
libguac.so.25.0.0
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/lib
# 소스코드 다운로드 및 압축 해제
curl -L -O https://apache.org/dyn/closer.lua/guacamole/1.6.0/source/guacamole-server-1.6.0.tar.gz?action=download
tar -xvzf guacamole-server-1.6.0.tar
cd guacamole-server-1.6.0
# 빌드
./configure --with-systemd-dir=/usr/local/lib/systemd/system
...중략...
------------------------------------------------
guacamole-server version 1.6.0
------------------------------------------------
Library status:
freerdp ............. yes (2.x)
pango ............... yes
libavcodec .......... yes
libavformat ......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... no
libVNCServer ........ yes
libvorbis ........... no
libpulse ............ no
libwebsockets ....... no
libwebp ............. no
wsock32 ............. no
Protocol support:
Kubernetes .... no
RDP ........... yes
SSH ........... yes
Telnet ........ no
VNC ........... yes
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: /usr/lib/x86_64-linux-gnu/freerdp2
Init scripts: no
Systemd units: /usr/local/lib/systemd/system
Type "make" to compile guacamole-server.
# Make
make
...
make all-recursive
make[1]: Entering directory '/root/temp/guacamole-server-1.6.0'
Making all in src/libguac
make[2]: Entering directory '/root/temp/guacamole-server
...중략...
make[2]: Leaving directory '/root/temp/guacamole-server-1.6.0/src/guaclog'
make[2]: Entering directory '/root/temp/guacamole-server-1.6.0'
make[2]: Leaving directory '/root/temp/guacamole-server-1.6.0'
make[1]: Leaving directory '/root/temp/guacamole-server-1.6.0'
# make install
make install
...중략...
make[1]: Entering directory '/root/temp/guacamole-server-1.6.0'
make[2]: Entering directory '/root/temp/guacamole-server-1.6.0'
make[2]: Nothing to be done for 'install-exec-am'.
make[2]: Nothing to be done for 'install-data-am'.
make[2]: Leaving directory '/root/temp/guacamole-server-1.6.0'
make[1]: Leaving directory '/root/temp/guacamole-server-1.6.0'
# 라이브러리 시스템 캐시 업데이트
ldconfig
- 컴파일을 하면 /usr/local/lib/systemd/system/guacd.service 에 파일이 위치하게된다.
# rm /usr/local/lib/systemd/system/guacd.service
# /lib/systemd/system/guacd.service
[Unit]
Description=Guacamole Server
Documentation=man:guacd(8)
After=network.target
[Service]
Environment="GUACAMOLE_HOME=/etc/guacamole"
User=daemon
ExecStart=/usr/local/sbin/guacd -f -L debug
Restart=on-abnormal
StandardOutput=file:/var/log/guacd/guacd.log
StandardError=file:/var/log/guacd/guacd.log
[Install]
WantedBy=multi-user.target
- $GUACAMOLE_HOME 변수에 할당된 디렉토리에 파일이 위치해야한다.
WAS에 배포된 guacamole lient가 참조하는 설정파일이기도 하다.
export GUACAMOLE_HOME=/etc/guacamole 일 경우
# /etc/guacamole/guacamole.properties
# guacamole server
guacd-hostname:guacamole.host.name
guacd-port:4822
# authentication provider
auth-provider:net.sourceforge.guacamole.net.auth.postgresql.PostgreSQLAuthenticationProvider
# authentication database info
postgresql-hostname:localhost
postgresql-port:5432
postgresql-database:guacamole
postgresql-username:guacamole
postgresql-password:guacamole
# guacamole server log level
libguac-log-level:info
# systemctl
# systemctl start guacd
systemctl enable guacd --now
# 명령줄 실행
# guacd [-l LISTENPORT] [-b LISTENADDRESS] [-p PIDFILE] [-L LOG_LEVEL] [-C CERT_FILE] [-K PEM_FILE] [-f] [-v]
/usr/bin/guacd -f -b 0.0.0.0 -l 4822 -L debug