My nginx proxy:
--------------------------------------
location / {
proxy_pass http://127.0.0.1:8090/guacamole/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_buffering off;
}
--------------------------------------
and part of my docker-compose.yml:
--------------------------------------
image: guacamole/guacamole:1.5.3
ports:
- "127.0.0.1:8090:8080"
environment:
GUACD_HOSTNAME: guacd
POSTGRES_HOSTNAME: postgres
POSTGRES_DATABASE: ${POSTGRES_USER:-guacdb}
POSTGRES_USER: ${POSTGRES_USER:-guacdb}
POSTGRES_PASSWORD: secretPassword
GUACAMOLE_HOME: /guac_extensions
REMOTE_IP_VALVE_ENABLED: 'true'
volumes:
- /opt/guacamole/guac_extensions:/guac_extensions
depends_on:
- postgres
- guacd
--------------------------------------
But there is no "RemoteIpValve":
--------------------------------------
# docker exec -ti guacamole_guac_1 sh -c "cat
/usr/local/tomcat/conf/server.xml | grep Valve"
define subcomponents such as "Valves" at this level.
so you may not define subcomponents such as "Valves" at this level.
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
--------------------------------------
pá 11. 8. 2023 v 21:53 odesílatel Nick Couchman <[email protected]> napsal:
> On Fri, Aug 11, 2023 at 10:49 AM Martin Vancl <[email protected]>
> wrote:
> >
> > No. As I wrote:
> > > I just updated to version 1.5.3 (from 1.4.0), and the problem is still
> the same.
> > So now I'm using 1.5.3 in docker.
> >
> > I wrote about version 1.3.0 in the first email three years ago.
>
> Ah, okay - sorry to have missed that. I tried this out with the 1.5.3
> container and adding the "-e REMOTE_IP_VALVE_ENABLED=true" option to
> the container creation command results in the following line being
> written to the server.xml file:
>
> <Valve className="org.apache.catalina.valves.RemoteIpValve"/>
>
> Can you confirm that you've created the container with that option and
> you're definitely not seeing that line??
>
> There are additional properties that can be used to control the
> content of this line:
>
> PROXY_ALLOWED_IPS_REGEX - The IP regex that should show up as valid
> proxy addresses to Tomcat.
> PROXY_IP_HEADER - The HTTP header to use for the remote ip.
> PROXY_PROTOCOL_HEADER - The HTTP header to use for the protocol.
> PROXY_BY_HEADER - The HTTP header to use for the IP of the proxy that
> forwarded the request.
>
> -Nick
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
--
S pozdravem
Ing. Martin Vancl
e-mail: [email protected]
web: www.vancl-it.cz
