mirror of
https://github.com/itiligent/Easy-Guacamole-Installer.git
synced 2025-12-13 18:02:32 +00:00
5032e5ba29
add scripts improved, backup gaucd before nginx, standalone install of ssl for existing nginx, allow space in sql passwords, added upgrade script, improved tomcat self detection, simplified how SSL scrips detect local settings, many tidy ups
58 lines
2.3 KiB
Bash
58 lines
2.3 KiB
Bash
#!/bin/bash
|
|
#######################################################################################################################
|
|
# Add Duo (MFA) support to Guacamole
|
|
# For Ubuntu / Debian / Raspian
|
|
# David Harrop
|
|
# April 2023
|
|
#######################################################################################################################
|
|
|
|
# Prepare text output colours
|
|
GREY='\033[0;37m'
|
|
DGREY='\033[0;90m'
|
|
GREYB='\033[1;37m'
|
|
LRED='\033[0;91m'
|
|
LGREEN='\033[0;92m'
|
|
LYELLOW='\033[0;93m'
|
|
NC='\033[0m' #No Colour
|
|
|
|
clear
|
|
|
|
if ! [ $( id -u ) = 0 ]; then
|
|
echo
|
|
echo -e "${LGREEN}Please run this script as sudo or root${NC}" 1>&2
|
|
exit 1
|
|
fi
|
|
TOMCAT_VERSION=$(ls /etc/ | grep tomcat)
|
|
GUAC_VERSION=$(grep -oP 'Guacamole.API_VERSION = "\K[0-9\.]+' /var/lib/${TOMCAT_VERSION}/webapps/guacamole/guacamole-common-js/modules/Version.js)
|
|
GUAC_SOURCE_LINK="http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VERSION}"
|
|
|
|
echo
|
|
wget -q --show-progress -O guacamole-auth-duo-${GUAC_VERSION}.tar.gz ${GUAC_SOURCE_LINK}/binary/guacamole-auth-duo-${GUAC_VERSION}.tar.gz
|
|
tar -xzf guacamole-auth-duo-${GUAC_VERSION}.tar.gz
|
|
echo
|
|
mv -f guacamole-auth-duo-${GUAC_VERSION}/guacamole-auth-duo-${GUAC_VERSION}.jar /etc/guacamole/extensions/
|
|
chmod 664 /etc/guacamole/extensions/guacamole-auth-duo-${GUAC_VERSION}.jar
|
|
echo "duo-integration-key: " >> /etc/guacamole/guacamole.properties
|
|
echo "duo-secret-key: " >> /etc/guacamole/guacamole.properties
|
|
echo "duo-api-hostname: " >> /etc/guacamole/guacamole.properties
|
|
echo "duo-application-key: " >> /etc/guacamole/guacamole.properties
|
|
|
|
systemctl restart ${TOMCAT_VERSION}
|
|
sudo systemctl restart guacd
|
|
|
|
echo -e "${LYELLOW}You must now set up your online Duo account with a new 'Web SDK' application."
|
|
echo
|
|
echo "Next you must copy the API settings from your Duo account into /etc/guacamole/guacamole.properties in the EXACT below format."
|
|
echo -e "Be VERY careful to avoid extra trailing spaces or other line feed characters when pasting!${GREY}"
|
|
echo
|
|
echo "duo-integration-key: ??????????"
|
|
echo "duo-api-hostname: ??????????"
|
|
echo "duo-secret-key: ??????????"
|
|
echo "duo-application-key: (this is locally created - run 'pwgen 40 1' to manually generate this 40 char random value)"
|
|
echo
|
|
echo "Once this change is complete, restart Guacamole with sudo systemctl restart tomcat9"
|
|
|
|
rm -rf guacamole-*
|
|
|
|
echo
|
|
echo -e ${NC}
|