Docker-Guacamole/docker-compose.yml

version: '3.7'

# networks
# create a network 'guacnetwork_net' in mode 'bridged'
networks:
  interne:
    driver: overlay
    attachable: true
  externe:
    driver: bridge
    attachable: true

# services
services:
  # guacd
  guacd:
    container_name: guacamole-guacd
    hostname: guacamole-guacd
    image: guacamole/guacd:latest
    networks:
    - interne
    restart: always
    volumes:
    - ./drive:/drive:rw
    - ./record:/record:rw

  # postgres
  postgres:
    container_name: guacamole-postgres
    hostname: guacamole-postgres
    environment:
      PGDATA: /var/lib/postgresql/data/guacamole
      POSTGRES_DB: guacamole_db
      POSTGRES_PASSWORD: 'P@ssword!Here!123456'
      POSTGRES_USER: guacamole_user
    image: postgres:15.6-alpine
    networks:
    - interne
    restart: always
    volumes:
    - ./init:/docker-entrypoint-initdb.d:z
    - ./data:/var/lib/postgresql/data:rw

  # guacamole
  guacamole:
    container_name: guacamole
    depends_on:
    - guacd
    - postgres
    environment:
      GUACD_HOSTNAME: guacd
      POSTGRES_HOSTNAME: postgres
      POSTGRESQL_PORT: 5432
      POSTGRES_DATABASE: guacamole_db
      POSTGRES_USER: guacamole_user
      POSTGRES_PASSWORD: 'P@ssword!Here!123456'
      LDAP_HOSTNAME: "10.0.4.2"
      LDAP_PORT: 389
      LDAP_ENCRYPTION_METHOD: "none"
      LDAP_USER_BASE_DN: "ou=utilisateurs,dc=tips-of-mine,dc=local"
      LDAP_USERNAME_ATTRIBUTE: "sAMAccountName"
      LDAP_SEARCH_BIND_DN: "cn=service-guacamole,ou=Services,ou=utilisateurs,dc=tips-of-mine,dc=local"
      LDAP_SEARCH_BIND_PASSWORD: "some_password"
      LDAP_GROUP_BASE_DN: "ou=groupes,dc=tips-of-mine,dc=local"
      LDAP_GROUP_NAME_ATTRIBUTE: "cn"
    image: guacamole/guacamole:latest
    links:
    - guacd
    networks:
    - interne
    - externe
#    ports:
## enable next line if not using nginx
##    - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /.
## enable next line when using nginx
#    - 8080/tcp
    restart: always
    volumes:
      - ./guacamole-config:/config
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=interne"
# HTTP
      - "traefik.http.routers.guacamole-http.rule=Host(`guacamole.fr.dgs.group`)"
      - "traefik.http.routers.guacamole-http.entrypoints=http"
      - "traefik.http.routers.guacamole-http.middlewares="
# HTTPS
      - "traefik.http.routers.guacamole-https.rule=Host(`guacamole.fr.dgs.group`)"
      - "traefik.http.routers.guacamole-https.entrypoints=https"
      - "traefik.http.routers.guacamole-https.service=guacamole-service"
      - "traefik.http.routers.guacamole-https.middlewares=guacamole-addprefix"
      - "traefik.http.routers.guacamole-https.tls=true"
#      - "traefik.http.routers.guacamole-https.tls.certResolver=le"
#      - "traefik.http.routers.guacamole-https.tls.options=default"
# Middleware
#      - "traefik.http.middlewares.guacamole-headers.headers.stsincludesubdomains=true"
#      - "traefik.http.middlewares.guacamole-headers.headers.stsseconds=315360000"
#      - "traefik.http.middlewares.guacamole-headers.headers.forcestsheader=true"
      - "traefik.http.middlewares.guacamole-addprefix.addprefix.prefix=/guacamole"
# Service
      - "traefik.http.services.guacamole-service.loadbalancer.server.port=8080"