upgrade to 1.5.0 with postgres

.env.template

@@ -0,0 +1,6 @@
+HOSTNAME=guacamole.example.com
+GUACADMIN_PASSWORD=ReplaceWithYourSecretPassword
+PORTMAPPING=127.0.0.1:8080:8080
+GUACAMOLE_VER=1.5.0
+MYSQL_VER=8-debian
+POSTGRES_VER=15-bullseye

.gitignore

@@ -0,0 +1,2 @@
+.env
+data/

README.md

@@ -2,7 +2,7 @@
 
 
 1. Populate database PRIOR to first startup:
-Run `./initdb.sh` to create the database in mysql and update your guacadmin password from .env
+Run `./initdb.sh` to create the database in postgres and update your guacadmin password from .env
 
 
 2. Browse http://localhost:8080/guacamole/
@@ -35,7 +35,7 @@ Run `./initdb.sh` to create the database in mysql and update your guacadmin pass
      - Protocol = SSH
      - Parameters
        - Hostname or IP
-       - Port =  3389
+       - Port = 22 
        - Username
        - Password
        - Security mode: Any

docker-compose.yml

@@ -1,40 +1,37 @@
 version: '2'
 services:
 
-  mysql:
-    # We have to use an old mysql version here as the driver in guacamole is outdated
-    image: mysql:8.0
-    container_name: mysql
-    hostname: mysql
+  guacamole-db:
+    image: postgres:${POSTGRES_VER}
+    container_name: guacamole-db 
+    hostname: guacamole-db 
     restart: on-failure:3
 
     environment:
-      MYSQL_ROOT_PASSWORD: Passw0rd!
-      MYSQL_DATABASE: guacamole
-      MYSQL_USER: guacamole
-      MYSQL_PASSWORD: guacamole
+      POSTGRES_DATABASE: guacamole
+      POSTGRES_USER: guacamole
+      POSTGRES_PASSWORD: guacamole 
     volumes:
-      - ./data/mysql:/var/lib/mysql
+      - ./data/postgres:/var/lib/postgresql
+      # *.sql in here will run when no db exists yet
+      - ./data/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
     networks:
       - default
-#    command:
-#      - "mysqld"
-#      - "--verbose"
 
   guacd:
-    image: guacamole/guacd:1.4.0
+    image: guacamole/guacd:${GUACAMOLE_VER}
     container_name: guacd
     hostname: guacd
     restart: on-failure:3
 
     depends_on:
-      - mysql
+      - guacamole-db 
     networks:
       - default
       - terminalserver_default
 
   guacamole:
-    image: guacamole/guacamole:1.4.0
+    image: guacamole/guacamole:${GUACAMOLE_VER}
     container_name: guacamole
     hostname: guacamole
     restart: on-failure:3    
@@ -44,17 +41,17 @@ services:
       - 8080
     depends_on:
       - guacd
-      - mysql
+      - guacamole-db
     environment:
       GUACD_HOSTNAME: guacd
-      MYSQL_HOSTNAME: mysql
-      MYSQL_PORT: 3306
-      MYSQL_DATABASE: guacamole
-      MYSQL_USER: guacamole
-      MYSQL_PASSWORD: guacamole
+      POSTGRES_HOSTNAME: guacamole-db
+      POSTGRES_DATABASE: guacamole
+      POSTGRES_USER: guacamole
+      POSTGRES_PASSWORD: guacamole
       VIRTUAL_HOST: ${HOSTNAME} 
       LETSENCRYPT_HOST: ${HOSTNAME} 
       LETSENCRYPT_EMAIL: webmaster@${HOSTNAME}
+      REMOTE_IP_VALVE_ENABLED: true
     networks:
       - default
       - reverse-proxy_default

initdb.sh

@@ -1,33 +1,24 @@
-#!/bin/bash
+#!/bin/bash -e
+
+# Create terminalserver network in case it doesn't exist
+docker network inspect terminalserver_default 1>/dev/null \
+  || docker network create terminalserver_default
 
 # Get query for DB creation
-docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
+mkdir -p ./data/docker-entrypoint-initdb.d
+docker compose run --rm --no-deps guacamole /opt/guacamole/bin/initdb.sh --postgres > ./data/docker-entrypoint-initdb.d/10-initdb.sql
 
-# Create query to update the guacadmin password
-cat >user.sql <<'EOL'
-SET @salt = UNHEX(SHA2(UUID(), 256));
+# Update default password for guacadmin
+source .env
+cat << EOF >> ./data/docker-entrypoint-initdb.d/10-initdb.sql 
 UPDATE guacamole_user
-  SET  password_salt = @salt, password_hash = UNHEX(SHA2(CONCAT('_PASSWORD_', HEX(@salt)), 256))
+  SET  password_salt = NULL, password_hash = SHA256('$GUACADMIN_PASSWORD')
      WHERE user_id = 1;
-EOL
-
-source .env
-sed -i user.sql -e "s/_PASSWORD_/$PASSWORD/g"
+EOF
 
-# Start mysql and create database as it is up 
-docker-compose up -d mysql \
-  && docker cp initdb.sql mysql:/ \
-  && docker exec mysql \
-    sh -c "while [ ! -S /var/run/mysqld/mysqld.sock ] ; do sleep 2 && echo 'Wait for mysql to come up...'; done; sleep 5; echo 'go'" \
-  && docker exec mysql \
-    sh -c "mysql --verbose --user=guacamole --password=guacamole guacamole < /initdb.sql" \
-  && docker exec mysql \
-    sh -c "mysql --verbose --user=guacamole --password=guacamole guacamole -e 'show tables;'"
 
-# Update guacadmin password
-docker cp user.sql mysql:/ \
-  && docker exec mysql \
-    sh -c "mysql --verbose --user=guacamole --password=guacamole guacamole < /user.sql" \
+# Start database 
+docker compose up -d guacamole-db 
 
-# Start guacamole
-docker-compose up -d
+# Print tables
+docker exec guacamole-db sh -c 'until pg_isready; do sleep 3; done; psql --username=guacamole --dbname=guacamole --command="\dt"'