Server
Oracle-VPS에 NMP + Guacamole 설치
달빛에취하다
2022. 9. 21. 08:58
자료 보관용 입니다.
Oracle 무료 VPS에 NPM과 Guacamole를 설치하였습니다.
문제는 NPM에서 Guacamole쪽 reverse proxy가 안되어서 이리저리 찾아보다 처리한 내용입니다.
( # 8443 포트로 reverse proxy - http 502 오류 발생시 - 가 동작하지 않는 경우 사용해 주시면 됩니다. )
# 작업 디렉토리 /data
# 관리자 권한 작업
# docker의 network는 bridge 드라이버를 사용하며 user_bride 명명하여 NPM 및 Guacamole 에서 사용
1. 네트워크 생성
# 네트워크 생성
docker network create --driver=bridge \
--opt com.docker.network.bridge.name:user_bridge \
--opt com.docker.network.bridge.enable_icc:true \
--opt com.docker.network.bridge.host_binding_ipv4:0.0.0.0 \
--opt com.docker.network.bridge.enable_ip_masquerade:true user_bridge
2. NPM (Nignx Proxy Manager) 설치 - docker-compose 사용
version: "3.9"
networks:
default:
name: user_bridge
external: true
bridge:
external: true
services:
app:
image: 'jc21/nginx-proxy-manager:latest'
restart: unless-stopped
ports:
# These ports are in format <host-port>:<container-port>
- '80:80' # Public HTTP Port
- '443:443' # Public HTTPS Port
- '81:81' # Admin Web Port
# Add any other Stream port you want to expose
# - '21:21' # FTP
environment:
DB_MYSQL_HOST: "db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "사용자아이디"
DB_MYSQL_PASSWORD: "사용자비밀번호"
DB_MYSQL_NAME: "npm"
# Uncomment this if IPv6 is not enabled on your host
# DISABLE_IPV6: 'true'
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- ./data:/data
- ./letsencrypt:/etc/letsencrypt
depends_on:
- db
db:
image: 'jc21/mariadb-aria:latest'
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: '사용자비밀번호'
MYSQL_DATABASE: 'npm'
MYSQL_USER: '사용자아이디'
MYSQL_PASSWORD: '사용자비밀번호'
volumes:
- ./data/mysql:/var/lib/mysql
3. Guacamole 설치 - docker-compose 사용
version: '3.9'
# networks
# create a network 'guacnetwork_compose' in mode 'bridged'
networks:
default:
name: user_bridge
external: true
bridge:
external: true
# services
services:
# guacd
guacd:
container_name: guacd_compose
image: guacamole/guacd
restart: always
volumes:
- ./drive:/drive:rw
- ./record:/record:rw
# postgres
postgres:
container_name: postgres_guacamole_compose
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: '사용자비번'
POSTGRES_USER: guacamole_user
image: postgres:13.4-buster
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:Z
# guacamole
guacamole:
container_name: guacamole_compose
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRES_DATABASE: guacamole_db
POSTGRES_HOSTNAME: postgres
POSTGRES_PASSWORD: '사용자비번'
POSTGRES_USER: guacamole_user
image: guacamole/guacamole
links:
- guacd
ports:
## enable next line if not using nginx
## - 8080:8080/tcp # Guacamole is on :8080/guacamole, not /.
## enable next line when using nginx
- 8080/tcp
restart: always
############ optional ##############
# # nginx
# nginx:
# container_name: nginx_guacamole_compose
# restart: always
# image: nginx
# volumes:
# - ./nginx/ssl/self.cert:/etc/nginx/ssl/self.cert:ro
# - ./nginx/ssl/self-ssl.key:/etc/nginx/ssl/self-ssl.key:ro
# - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
# - ./nginx/mysite.template:/etc/nginx/conf.d/default.conf:ro
# ports:
# - 8443:443
# links:
# - guacamole
# # run nginx
# command: /bin/bash -c "nginx -g 'daemon off;'"
## nginx-debug-mode
## command: /bin/bash -c "nginx-debug -g 'daemon off;'"
##################################################################################### Guacamole는 git에서 설치 파일을 받아 prepare.sh 실행 후 위의 내용과 비교하여 docker-compose.yml 파일을 편집하는 것을 추천합니다.
# Gucamole git 으로 부터 설치
git clone "https://github.com/boschkundendienst/guacamole-docker-compose.git"
cd guacamole-docker-compose
./prepare.sh
# docker-compose.yml 편집
docker-compose up -d
# 아래 이미지는 기본으로 docker-compose에 묶여 있는 nginx reverse proxy 입니다. (주석처리 후 NPM 사용)
4. NPM 설정 ( guacamole설치용 docker-compose.yml 에 포함된 nginx 에서 설정을 가져옴)
location / {
proxy_pass http://guacamole:8080/guacamole/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_cookie_path /guacamole/ /;
access_log off;
# allow large uploads (default=1m)
# 4096m = 4GByte
client_max_body_size 4096m;
}
더 좋은 방법을 아시는 분은 댓글 부탁드립니다.