From 0cdc0df11f5e0263d37ae43fd67c2976ecc0bb31 Mon Sep 17 00:00:00 2001 From: WilliamMiceli Date: Wed, 5 Dec 2018 17:28:33 -0500 Subject: [PATCH] Somewhat basic setup. Still incomplete. --- templates/Guacamole/0/README.md | 5 +- templates/Guacamole/0/docker-compose.yml | 115 +++++++++++++--------- templates/Guacamole/0/rancher-compose.yml | 84 +++++----------- 3 files changed, 92 insertions(+), 112 deletions(-) diff --git a/templates/Guacamole/0/README.md b/templates/Guacamole/0/README.md index b891d90..7ae68c2 100644 --- a/templates/Guacamole/0/README.md +++ b/templates/Guacamole/0/README.md @@ -1 +1,4 @@ -# Guacamole \ No newline at end of file +# Guacamole + +### To-do List +* Allow LDAP authentication in place of MySQL authentication \ No newline at end of file diff --git a/templates/Guacamole/0/docker-compose.yml b/templates/Guacamole/0/docker-compose.yml index 8dd69b7..e051432 100644 --- a/templates/Guacamole/0/docker-compose.yml +++ b/templates/Guacamole/0/docker-compose.yml @@ -1,49 +1,66 @@ -database-data: - image: busybox - labels: - io.rancher.container.start_once: 'true' - net: none - entrypoint: /bin/true - volumes: - - /var/lib/mysql - - /docker-entrypoint-initdb.d -database: - image: mariadb - environment: - MYSQL_DATABASE: ${guacamole_db} - MYSQL_ONETIME_PASSWORD: 'true' - MYSQL_PASSWORD: ${guacamole_password} - MYSQL_RANDOM_ROOT_PASSWORD: 'true' - MYSQL_USER: ${guacamole_user} - volumes_from: - - database-data - labels: - io.rancher.sidekicks: setup-get-db-script, database-data -setup-get-db-script: - image: glyptodon/guacamole:0.9.10-incubating - net: none - volumes_from: - - database-data - command: - - bash - - -c - - /opt/guacamole/bin/initdb.sh --mysql > /docker-entrypoint-initdb.d/initdb.sql - labels: - io.rancher.container.start_once: 'true' -guacd: - image: glyptodon/guacd:0.9.10-incubating -guacamole: - image: glyptodon/guacamole:0.9.10-incubating - environment: - MYSQL_DATABASE: ${guacamole_db} - MYSQL_HOSTNAME: database - MYSQL_PASSWORD: ${guacamole_password} - MYSQL_USER: ${guacamole_user} - links: - - guacd:guacd - ports: - - ${public_port}:8080/tcp - command: - - /bin/bash - - -c - - cd /usr/local/tomcat/webapps;rm -rf ROOT/; ln -s guacamole.war ROOT.war; /opt/guacamole/bin/start.sh; \ No newline at end of file +version: '2' + +services: + guacamole: + image: guacamole/guacamole + dns: + - 1.1.1.1 + - 1.0.0.1 + environment: + + labels: + io.rancher.container.pull_image: always + {{- if .Values.HOST_LABEL}} + io.rancher.scheduler.affinity:host_label: ${HOST_LABEL} + {{- end}} + {{- if .Values.TRAEFIK_HOST}} + traefik.enable: true + ### Start Web Segment + traefik.web.frontend.entryPoints: http,https + traefik.web.frontend.headers.forceSTSHeader: true + traefik.web.frontend.headers.SSLRedirect: true + traefik.web.frontend.headers.STSPreload: true + traefik.web.frontend.headers.STSSeconds: 15552000 + traefik.web.frontend.redirect.entryPoint: https + traefik.web.frontend.redirect.permanent: true + traefik.web.frontend.rule: Host:${TRAEFIK_HOST} + traefik.web.port: "8080" + ### End Web Segment + {{- else}} + traefik.enable: false + {{- end}} + links: + - guacd + - mysql + networks: + - public-proxy + ports: + - "${WEB_PORT}:8080" + restart: on-failure + guacd: + image: guacamole/guacd + dns: + - 1.1.1.1 + - 1.0.0.1 + environment: + labels: + networks: + ports: + restart: on-failure + mysql: + image: + dns: + - 1.1.1.1 + - 1.0.0.1 + environment: + MYSQL_DATABASE: guacamole_db + MYSQL_USER: guacamole_user + MYSQL_PASSWORD: password + labels: + networks: + ports: + restart: on-failure + +networks: + public-proxy: + external: true \ No newline at end of file diff --git a/templates/Guacamole/0/rancher-compose.yml b/templates/Guacamole/0/rancher-compose.yml index 32c9fd9..4c51c82 100644 --- a/templates/Guacamole/0/rancher-compose.yml +++ b/templates/Guacamole/0/rancher-compose.yml @@ -6,70 +6,30 @@ catalog: # minimum_rancher_version: # maximum_rancher_version: # upgrade_from: + # uuid: questions: - - variable: "guacamole_db" - label: "MySQL Database Name" - description: "Your MYSQL guacamole database name" - default: "guacamole_db" - required: true - type: "string" + - variable: "HOST_LABEL" + label: "Host Label Key/Value Pair" + description: | + The Key/Value pair on the host which the stack should be deployed. + default: "host.id=Host1" + required: false + type: string - - variable: "guacamole_user" - label: "MySQL Database User" - description: "Your MYSQL guacamole user name" - required: true - default: "guacamole_user" - type: "string" + - variable: "TRAEFIK_HOST" + label: "Public Host Domain" + description: | + The host that Traefik will use to provide public access. + Leaving this empty will disable Traefik on this stack. + default: "subdomain.domain.tld" + required: false + type: string - - variable: "guacamole_password" - label: "MySQL Database Password" - description: "Your MYSQL guacamole user password. Defaults to \"guacamole_password\"" + - variable: "WEB_PORT" + label: "Local Web Port" + description: | + The port to locally access the web interface on. + default: "10700" required: true - default: "guacamole_password" - type: "password" - - - variable: "public_port" - label: "Public Port" - description: "The public port that Guacamole listens on, defaults to 8080" - required: true - default: 8080 - type: "int" - -services: - guacamole: - scale: 1 - health_check: - healthy_threshold: 2 - response_timeout: 2000 - port: 8080 - unhealthy_threshold: 3 - initializing_timeout: 60000 - interval: 2000 - strategy: recreate - request_line: GET "/guacamole" "HTTP/1.0" - reinitializing_timeout: 60000 - guacd: - scale: 1 - health_check: - healthy_threshold: 2 - response_timeout: 2000 - port: 4822 - unhealthy_threshold: 3 - initializing_timeout: 60000 - interval: 2000 - strategy: recreate - reinitializing_timeout: 60000 - setup-get-db-script: - scale: 1 - database: - scale: 1 - health_check: - healthy_threshold: 2 - response_timeout: 2000 - port: 3306 - unhealthy_threshold: 3 - initializing_timeout: 60000 - interval: 2000 - strategy: recreate - reinitializing_timeout: 60000 \ No newline at end of file + type: string \ No newline at end of file