更新最新版的1.10,国内镜像的
wget http://live-rec.ngzb.com.cn/s/sh/centos-app/guacamole-install-script_110_cn.sh
chmod +x guacamole-install-script_110_cn.sh
./guacamole-install-script_110_cn.sh
下面旧版本的想看也可以
首先确定电脑的SELINUX是不是enforcing模式,如果不是
https://blog.csdn.net/moliyiran/article/details/71118026
看怎么设置 将SELinux设置为enforcing
然后,使用一键脚本:(如果没安装wget自己看着办吧)
wget https://raw.githubusercontent.com/Zer0CoolX/guacamole-install-rhel/master/guac-install.sh
chmod +x guac-install.sh
./guac-install.sh
方案1仓库地址:
https://github.com/Zer0CoolX/guacamole-install-rhel
方案2 不过这货是0.9.14的 可以修改脚本改成最新的
yum install -y wget
wget -q https://github.com/ROBERTPASCAL/guacamole/releases/download/release-9.14/guacamole-install-script.sh
chmod +x guacamole-install-script.sh
./guacamole-install-script.sh
方案2仓库地址
https://github.com/ROBERTPASCAL/guacamole/
方案1源码备份下:
#!/bin/env bash
###### NOTES #######################################################
# Project Page: https://github.com/Zer0CoolX/guacamole-install-rhel
# Licence (GPL-3.0): https://github.com/Zer0CoolX/guacamole-install-rhel/blob/master/LICENSE
# Report Issues: https://github.com/Zer0CoolX/guacamole-install-rhel/wiki/How-to-Report-Issues-(Bugs,-Feature-Request-and-Help)
# Wiki: https://github.com/Zer0CoolX/guacamole-install-rhel/wiki
#
# WARNING: For use on RHEL/CentOS 7.x and up only.
# -Use at your own risk!
# -Use only for new installations of Guacamole!
# -Read all documentation (wiki) prior to using this script!
# -Test prior to deploying on a production system!
#
###### PRE-RUN CHECKS ##############################################
if ! [ $(id -u) = 0 ]; then echo "This script must be run as sudo or root, try again..."; exit 1; fi
if ! [ $(getenforce) = "Enforcing" ]; then echo "This script requires SELinux to be active and in \"Enforcing mode\""; exit 1; fi
if ! [ $(uname -m) = "x86_64" ]; then echo "This script will only run on 64 bit versions of RHEL/CentOS"; exit 1; fi
# Allow trap to work in functions
set -E
######################################################################
###### VARIABLES ###################################################
######################################################################
###### UNIVERSAL VARIABLES #########################################
# USER CONFIGURABLE #
# Generic
SCRIPT_BUILD="2020_03_04" # Scripts Date for last modified as "yyyy_mm_dd"
ADM_POC="Local Admin, admin@admin.com" # Point of contact for the Guac server admin
# Versions
GUAC_STBL_VER="1.1.0" # Latest stable version of Guac from https://guacamole.apache.org/releases/
MYSQL_CON_VER="8.0.19" # Working stable release of MySQL Connecter J
MAVEN_VER="3.6.3" # Latest stable version of Apache Maven
# Ports
GUAC_PORT="4822"
MYSQL_PORT="3306"
# Key Sizes
JKSTORE_KEY_SIZE_DEF="4096" # Default Java Keystore key-size
LE_KEY_SIZE_DEF="4096" # Default Let's Encrypt key-size
SSL_KEY_SIZE_DEF="4096" # Default Self-signed SSL key-size
# Default Credentials
MYSQL_PASSWD_DEF="guacamole" # Default MySQL/MariaDB root password
DB_NAME_DEF="guac_db" # Defualt database name
DB_USER_DEF="guac_adm" # Defualt database user name
DB_PASSWD_DEF="guacamole" # Defualt database password
JKS_GUAC_PASSWD_DEF="guacamole" # Default Java Keystore password
JKS_CACERT_PASSWD_DEF="guacamole" # Default CACert Java Keystore password, used with LDAPS
# Misc
GUACD_USER="guacd" # The user name and group of the user running the guacd service
GUAC_URIPATH_DEF="/" # Default URI for Guacamole
DOMAIN_NAME_DEF="localhost" # Default domain name of server
H_ERR=false # Defualt value of if an error has been triggered, should be false
LIBJPEG_EXCLUDE="exclude=libjpeg-turbo-[0-9]*,libjpeg-turbo-*.*.9[0-9]-*"
DEL_TMP_VAR=true # Default behavior to delete the temp var file used by error handler on completion. Set to false to keep the file to review last values
# ONLY CHANGE IF NOT WORKING #
# URLS
MYSQL_CON_URL="https://dev.mysql.com/get/Downloads/Connector-J/" #Direct URL for download
LIBJPEG_REPO="https://libjpeg-turbo.org/pmwiki/uploads/Downloads/libjpeg-turbo.repo"
# Dirs and File Names
LIB_DIR="/var/lib/guacamole/"
GUAC_CONF="guacamole.properties" # Guacamole configuration/properties file
MYSQL_CON="mysql-connector-java-${MYSQL_CON_VER}"
TMP_VAR_FILE="guac_tmp_vars" # Temp file name used to store varaibles for the error handler
# Formats
Black=`tput setaf 0` #${Black}
Red=`tput setaf 1` #${Red}
Green=`tput setaf 2` #${Green}
Yellow=`tput setaf 3` #${Yellow}
Blue=`tput setaf 4` #${Blue}
Magenta=`tput setaf 5` #${Magenta}
Cyan=`tput setaf 6` #${Cyan}
White=`tput setaf 7` #${White}
Bold=`tput bold` #${Bold}
UndrLn=`tput sgr 0 1` #${UndrLn}
Rev=`tput smso` #${Rev}
Reset=`tput sgr0` #${Reset}
###### END UNIVERSAL VARIABLES #####################################
###### INITIALIZE COMMON VARIABLES #################################
# ONLY CHANGE IF NOT WORKING #
init_vars () {
# Get the release version of Guacamole from/for Git
GUAC_GIT_VER=`curl -s https://raw.githubusercontent.com/apache/guacamole-server/master/configure.ac | grep 'AC_INIT([guacamole-server]*' | awk -F'[][]' -v n=2 '{ print $(2*n) }'`
PWD=`pwd` # Current directory
# Set full path/file name of file used to stored temp variables used by the error handler
VAR_FILE="${PWD}/${TMP_VAR_FILE}"
echo "-1" > "${VAR_FILE}" # create file with -1 to set not as background process
# Determine if OS is RHEL, CentOS or something else
if grep -q "CentOS" /etc/redhat-release; then
OS_NAME="CentOS"
elif grep -q "Red Hat Enterprise" /etc/redhat-release; then
OS_NAME="RHEL"
else
echo "Unable to verify OS from /etc/redhat-release as CentOS or RHEL, this script is intended only for those distro's, exiting."
exit 1
fi
OS_NAME_L="$(echo $OS_NAME | tr '[:upper:]' '[:lower:]')" # Set lower case rhel or centos for use in some URLs
# Outputs the major.minor.release number of the OS, Ex: 7.6.1810 and splits the 3 parts.
MAJOR_VER=`cat /etc/redhat-release | grep -oP "[0-9]+" | sed -n 1p` # Return the leftmost digit representing major version
MINOR_VER=`cat /etc/redhat-release | grep -oP "[0-9]+" | sed -n 2p` # Returns the middle digit representing minor version
# Placeholder in case this info is ever needed. RHEL does not have release number, only major.minor
# RELEASE_VER=`cat /etc/redhat-release | grep -oP "[0-9]+" | sed -n 3p` # Returns the rightmost digits representing release number
#Set arch used in some paths
MACHINE_ARCH=`uname -m`
ARCH="64"
# Set nginx url for RHEL or CentOS
NGINX_URL="https://nginx.org/packages/$OS_NAME_L/$MAJOR_VER/$MACHINE_ARCH/"
}
###### SOURCE VARIABLES ############################################
src_vars () {
# Check if selected source is Git or stable release, set variables based on selection
if [ $GUAC_SOURCE == "Git" ]; then
GUAC_VER=${GUAC_GIT_VER}
GUAC_URL="git://github.com/apache/"
GUAC_SERVER="guacamole-server.git"
GUAC_CLIENT="guacamole-client.git"
MAVEN_MAJOR_VER=${MAVEN_VER:0:1}
MAVEN_URL="https://www-us.apache.org/dist/maven/maven-${MAVEN_MAJOR_VER}/${MAVEN_VER}/binaries/"
MAVEN_FN="apache-maven-${MAVEN_VER}"
MAVEN_BIN="${MAVEN_FN}-bin.tar.gz"
else # Stable release
GUAC_VER=${GUAC_STBL_VER}
GUAC_URL="https://apache.org/dyn/closer.cgi?action=download&filename=guacamole/${GUAC_VER}/"
GUAC_SERVER="guacamole-server-${GUAC_VER}"
GUAC_CLIENT="guacamole-${GUAC_VER}"
fi
# JDBC Extension file name
GUAC_JDBC="guacamole-auth-jdbc-${GUAC_VER}"
# LDAP extension file name
GUAC_LDAP="guacamole-auth-ldap-${GUAC_VER}"
# TOTP extension file name
GUAC_TOTP="guacamole-auth-totp-${GUAC_VER}"
# Dirs and file names
INSTALL_DIR="/usr/local/src/guacamole/${GUAC_VER}/" # Guacamole installation dir
FILENAME="${PWD}/guacamole-${GUAC_VER}_"$(date +"%d-%y-%b")"" # Script generated log filename
logfile="${FILENAME}.log" # Script generated log file full name
fwbkpfile="${FILENAME}.firewall.bkp" # Firewall backup file name
}
######################################################################
###### MENUS #######################################################
######################################################################
###### SOURCE MENU #################################################
src_menu () {
clear
echo -e " ${Reset}${Bold}----====Gucamole Installation Script====----\n ${Reset}Guacamole Remote Desktop Gateway\n"
echo -e " ${Bold}*** Source Menu ***\n"
echo " OS: ${Yellow}${OS_NAME} ${MAJOR_VER}.${MINOR_VER} ${MACHINE_ARCH}${Reset}"
echo -e " ${Bold}Stable Version: ${Yellow}${GUAC_STBL_VER}${Reset} || ${Bold}Git Version: ${Yellow}${GUAC_GIT_VER}${Reset}\n"
while true; do
echo -n "${Green} Pick the desired source to install from (enter 'stable' or 'git', default is 'stable'): ${Yellow}"
read GUAC_SOURCE
case $GUAC_SOURCE in
[Ss]table|"" ) GUAC_SOURCE="Stable"; break;;
[Gg][Ii][Tt] ) GUAC_SOURCE="Git"; break;;
* ) echo "${Green} Please enter 'stable' or 'git' to select source/version (without quotes)";;
esac
done
tput sgr0
}
###### START EXECUTION #############################################
init_vars
src_menu
src_vars
###### MENU HEADERS ################################################
# Called by each menu and summary menu to display the dynamic header
menu_header () {
tput sgr0
clear
echo -e " ${Reset}${Bold}----====Gucamole Installation Script====----\n ${Reset}Guacamole Remote Desktop Gateway\n"
echo -e " ${Bold}*** ${SUB_MENU_TITLE} ***\n"
echo " OS: ${Yellow}${OS_NAME} ${MAJOR_VER}.${MINOR_VER} ${MACHINE_ARCH}${Reset}"
echo -e " ${Bold}Source/Version: ${Yellow}${GUAC_SOURCE} ${GUAC_VER}${Reset}\n"
}
###### DATABASE AND JKS MENU #######################################
db_menu () {
SUB_MENU_TITLE="Database and JKS Menu"
menu_header
echo -n "${Green} Enter the Guacamole DB name (default ${DB_NAME_DEF}): ${Yellow}"
read DB_NAME
DB_NAME=${DB_NAME:-${DB_NAME_DEF}}
echo -n "${Green} Enter the Guacamole DB username (default ${DB_USER_DEF}): ${Yellow}"
read DB_USER
DB_USER=${DB_USER:-${DB_USER_DEF}}
echo -n "${Green} Enter the Java KeyStore key-size to use (default ${JKSTORE_KEY_SIZE_DEF}): ${Yellow}"
read JKSTORE_KEY_SIZE
JKSTORE_KEY_SIZE=${JKSTORE_KEY_SIZE:-${JKSTORE_KEY_SIZE_DEF}}
}
###### PASSWORDS MENU ##############################################
pw_menu () {
SUB_MENU_TITLE="Passwords Menu"
menu_header
echo -n "${Green} Enter the root password for MariaDB: ${Yellow}"
read MYSQL_PASSWD
MYSQL_PASSWD=${MYSQL_PASSWD:-${MYSQL_PASSWD_DEF}}
echo -n "${Green} Enter the Guacamole DB password: ${Yellow}"
read DB_PASSWD
DB_PASSWD=${DB_PASSWD:-${DB_PASSWD_DEF}}
echo -n "${Green} Enter the Guacamole Java KeyStore password, must be 6 or more characters: ${Yellow}"
read JKS_GUAC_PASSWD
JKS_GUAC_PASSWD=${JKS_GUAC_PASSWD:-${JKS_GUAC_PASSWD_DEF}}
}
###### SSL CERTIFICATE TYPE MENU ###################################
ssl_cert_type_menu () {
SUB_MENU_TITLE="SSL Certificate Type Menu"
menu_header
echo "${Green} What kind of SSL certificate should be used (default 2)?${Yellow}"
PS3="${Green} Enter the number of the desired SSL certificate type: ${Yellow}"
options=("LetsEncrypt" "Self-signed" "None")
select opt in "${options[@]}"
do
case $opt in
"LetsEncrypt") SSL_CERT_TYPE="LetsEncrypt"; le_menu; break;;
"Self-signed"|"") SSL_CERT_TYPE="Self-signed"; ss_menu; break;;
"None")
SSL_CERT_TYPE="None"
OCSP_USE=false
echo -e "\n\n${Red} No SSL certificate selected. This can be configured manually at a later time."
sleep 3
break;;
* ) echo "${Green} ${REPLY} is not a valid option, enter the number representing your desired cert type.";;
esac
done
}
###### LETSENCRYPT MENU ############################################
le_menu () {
SUB_MENU_TITLE="LetsEncrypt Menu"
menu_header
echo -n "${Green} Enter a valid e-mail for let's encrypt certificate: ${Yellow}"
read EMAIL_NAME
echo -n "${Green} Enter the Let's Encrypt key-size to use (default ${LE_KEY_SIZE_DEF}): ${Yellow}"
read LE_KEY_SIZE
LE_KEY_SIZE=${LE_KEY_SIZE:-${LE_KEY_SIZE_DEF}}
while true; do
echo -n "${Green} Use OCSP Stapling (default yes): ${Yellow}"
read yn
case $yn in
[Yy]*|"" ) OCSP_USE=true; break;;
[Nn]* ) OCSP_USE=false; break;;
* ) echo "${Green} Please enter yes or no. ${Yellow}";;
esac
done
}
###### SELF-SIGNED SSL CERTIFICATE MENU ############################
ss_menu () {
OCSP_USE=false
SUB_MENU_TITLE="Self-signed SSL Certificate Menu"
menu_header
echo -n "${Green} Enter the Self-Signed SSL key-size to use (default ${SSL_KEY_SIZE_DEF}): ${Yellow}"
read SSL_KEY_SIZE
SSL_KEY_SIZE=${SSL_KEY_SIZE:-${SSL_KEY_SIZE_DEF}}
}
###### NGINX OPTIONS MENU ##########################################
nginx_menu () {
SUB_MENU_TITLE="Nginx Menu"
menu_header
# Server LAN IP
GUAC_LAN_IP_DEF=$(hostname -I | sed 's/ .*//')
echo -n "${Green} Enter the LAN IP of this server (default ${GUAC_LAN_IP_DEF}): ${Yellow}"
read GUAC_LAN_IP
GUAC_LAN_IP=${GUAC_LAN_IP:-${GUAC_LAN_IP_DEF}}
echo -n "${Green} Enter a valid hostname or public domain such as mydomain.com (default ${DOMAIN_NAME_DEF}): ${Yellow}"
read DOMAIN_NAME
DOMAIN_NAME=${DOMAIN_NAME:-${DOMAIN_NAME_DEF}}
echo -n "${Green} Enter the URI path, starting and ending with / for example /guacamole/ (default ${GUAC_URIPATH_DEF}): ${Yellow}"
read GUAC_URIPATH
GUAC_URIPATH=${GUAC_URIPATH:-${GUAC_URIPATH_DEF}}
# Only prompt if SSL will be used
if [ $SSL_CERT_TYPE != "None" ]; then
while true; do
echo -n "${Green}