Tips-Of-Mine/Docker-Guacamole
2
0
Fork 0
Code Pull Requests Wiki Activity

Actualiser docker-compose.yml

Browse Source
This commit is contained in:
Hubert Cornet 2024-03-16 19:15:22 +01:00
parent aee6850c00
commit 8fbd285ecd
1 changed files with 43 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
docker-compose.yml
View File

@ -41,14 +41,43 @@ services:
- ./init:/docker-entrypoint-initdb.d:z - ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:rw - ./data:/var/lib/postgresql/data:rw
# adminer
adminer:
container_name: guacamole-adminer
hostname: guacamole-adminer
depends_on:
- postgres
image: adminer
restart: always
networks:
- interne
labels:
- "traefik.enable=true"
- "traefik.docker.network=interne"
# HTTP
- "traefik.http.routers.adminer-http.rule=Host(`adminer.10.0.4.29.traefik.me`)"
- "traefik.http.routers.adminer-http.entrypoints=http"
# HTTPS
- "traefik.http.routers.adminer-https.rule=Host(`adminer.10.0.4.29.traefik.me`)"
- "traefik.http.routers.adminer-https.entrypoints=https"
- "traefik.http.routers.adminer-https.tls=true"
- "traefik.http.routers.adminer.service=adminer-service"
# Middleware
# Service
- "traefik.http.services.adminer-service.loadbalancer.server.port=8080"
# guacamole # guacamole
guacamole: guacamole:
container_name: guacamole container_name: guacamole-app
hostname: guacamole-app
depends_on: depends_on:
- guacd - guacd
- postgres - postgres
environment: environment:
### GUACD
GUACD_HOME: /guac_home
GUACD_HOSTNAME: guacd GUACD_HOSTNAME: guacd
### PostgreSQL
POSTGRES_HOSTNAME: postgres POSTGRES_HOSTNAME: postgres
POSTGRESQL_PORT: 5432 POSTGRESQL_PORT: 5432
POSTGRES_DATABASE: guacamole_db POSTGRES_DATABASE: guacamole_db
@ -56,23 +85,25 @@ services:
POSTGRES_PASSWORD: 'P@ssword!Here!123456' POSTGRES_PASSWORD: 'P@ssword!Here!123456'
### Active Directory ### Active Directory
# Controler de domaine # Controler de domaine
LDAP_HOSTNAME: "10.0.4.2" LDAP_HOSTNAME: "10.0.4.4"
LDAP_PORT: 389 LDAP_PORT: 389
LDAP_ENCRYPTION_METHOD: "none" LDAP_ENCRYPTION_METHOD: "none"
LDAP_MAX_SEARCH_RESULTS: "10000"
# Recherche des utilisateurs # Recherche des utilisateurs
LDAP_USER_BASE_DN: "ou=utilisateurs,dc=tips-of-mine,dc=local" LDAP_USER_BASE_DN: "OU=Utilisateurs,OU=Societe,DC=tips-of-mine,DC=local"
LDAP_USERNAME_ATTRIBUTE: "userPrincipalName" LDAP_USERNAME_ATTRIBUTE: "samAccountName"
LDAP_USER_SEARCH_FILTER: "(&(objectClass=User)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=GDL-Guacamole-Access,OU=groupes,DC=tips-of-mine,DC=local))" LDAP_USER_SEARCH_FILTER: "(&(objectClass=User)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=GDL-Guacamole-Access,OU=Guacamole,OU=Services,OU=Groupes,OU=Societe,DC=tips-of-mine,DC=local))"
# Utilisateur pour connexion AD # Utilisateur pour connexion AD
LDAP_SEARCH_BIND_DN: "cn=service-guacamole,ou=Services,ou=utilisateurs,dc=tips-of-mine,dc=local" LDAP_SEARCH_BIND_DN: "CN=Service Guacamole,OU=Services,OU=Societe,DC=tips-of-mine,DC=local"
LDAP_SEARCH_BIND_PASSWORD: "some_password" LDAP_SEARCH_BIND_PASSWORD: "some_password"
# Recherche des groupes # Recherche des groupes
LDAP_GROUP_BASE_DN: "ou=groupes,dc=tips-of-mine,dc=local" LDAP_GROUP_BASE_DN: "OU=Groupes,OU=Societe,DC=tips-of-mine,DC=local"
LDAP_GROUP_SEARCH_FILTER: "(objectClass=Group)" LDAP_GROUP_SEARCH_FILTER: "(objectClass=Group)"
# LDAP_GROUP_NAME_ATTRIBUTE: "cn" # LDAP_GROUP_NAME_ATTRIBUTE: "cn"
# LDAP_MEMBER_AATRIBUTE: "member" LDAP_MEMBER_AATRIBUTE: "member"
# Priority # Priority
# EXTENSION-PRIORITY: ldap # EXTENSION_PRIORITY: ldap
### Extension Guacamole
# TOTP_ENABLED: "true" # TOTP_ENABLED: "true"
# TOTP_ISSUER: "Guacamole IT Tips-Of-Mine" # TOTP_ISSUER: "Guacamole IT Tips-Of-Mine"
# TOTP_DIGITS: 6 # TOTP_DIGITS: 6
@ -83,7 +114,6 @@ services:
- guacd - guacd
networks: networks:
- interne - interne
- externe
# ports: # ports:
## enable next line if not using nginx ## enable next line if not using nginx
## - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /. ## - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /.
@ -92,15 +122,15 @@ services:
restart: always restart: always
volumes: volumes:
- ./guacamole-config:/config - ./guacamole-config:/config
- ./guac_home:/guac_home
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.docker.network=interne" - "traefik.docker.network=interne"
# HTTP # HTTP
- "traefik.http.routers.guacamole-http.rule=Host(`guacamole.fr.dgs.group`)" - "traefik.http.routers.guacamole-http.rule=Host(`guacamole.10.0.4.29.traefik.me`)"
- "traefik.http.routers.guacamole-http.entrypoints=http" - "traefik.http.routers.guacamole-http.entrypoints=http"
- "traefik.http.routers.guacamole-http.middlewares="
# HTTPS # HTTPS
- "traefik.http.routers.guacamole-https.rule=Host(`guacamole.fr.dgs.group`)" - "traefik.http.routers.guacamole-https.rule=Host(`guacamole.10.0.4.29.traefik.me`)"
- "traefik.http.routers.guacamole-https.entrypoints=https" - "traefik.http.routers.guacamole-https.entrypoints=https"
- "traefik.http.routers.guacamole-https.service=guacamole-service" - "traefik.http.routers.guacamole-https.service=guacamole-service"
- "traefik.http.routers.guacamole-https.middlewares=guacamole-addprefix" - "traefik.http.routers.guacamole-https.middlewares=guacamole-addprefix"