diff --git a/docker-compose.yml b/docker-compose.yml index 13a99ab..266d30d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,7 +17,9 @@ services: retries: 10 guacd: - image: guacamole/guacd:latest + build: + context: . + dockerfile: docker/guacd.Dockerfile restart: unless-stopped environment: GUACD_LOG_LEVEL: debug diff --git a/docker/guacd.Dockerfile b/docker/guacd.Dockerfile new file mode 100644 index 0000000..996785e --- /dev/null +++ b/docker/guacd.Dockerfile @@ -0,0 +1,66 @@ +# syntax=docker/dockerfile:1 +# +# Custom guacd image built against FreeRDP 3.x on Ubuntu 24.04. +# +# Why: The official guacamole/guacd image uses FreeRDP 2.x, which crashes +# silently when connecting to Windows 11 22H2+ hosts due to NLA/CredSSP +# cipher-suite changes introduced by Microsoft. FreeRDP 3.x fixes this. +# guacamole-server 1.6.0 (June 2025) has explicit FreeRDP 3.x support. +# Ubuntu 24.04 ships freerdp3-dev (FreeRDP 3.5.1+) in its universe repo. +# +# Note: FreeRDP 3.x support in guacamole is currently marked experimental +# for some features (RemoteApp), but basic RDP/NLA works correctly. + +FROM ubuntu:24.04 + +ENV DEBIAN_FRONTEND=noninteractive + +# Build dependencies +RUN apt-get update && apt-get install -y --no-install-recommends \ + autoconf \ + automake \ + build-essential \ + ca-certificates \ + curl \ + freerdp3-dev \ + libcairo2-dev \ + libjpeg-turbo8-dev \ + libossp-uuid-dev \ + libpango1.0-dev \ + libpng-dev \ + libpulse-dev \ + libssl-dev \ + libssh2-1-dev \ + libtelnet-dev \ + libtool \ + libvncserver-dev \ + libwebp-dev \ + libwebsockets-dev \ + pkgconf \ + && rm -rf /var/lib/apt/lists/* + +ARG GUACAMOLE_VERSION=1.6.0 + +RUN FREERDP_PLUGIN_DIR=$(pkg-config --variable=libdir freerdp3 2>/dev/null)/freerdp3 \ + && echo "Building guacamole-server ${GUACAMOLE_VERSION} with FreeRDP plugin dir: ${FREERDP_PLUGIN_DIR}" \ + && curl -fsSL \ + "https://downloads.apache.org/guacamole/${GUACAMOLE_VERSION}/source/guacamole-server-${GUACAMOLE_VERSION}.tar.gz" \ + | tar -xzf - \ + && cd "guacamole-server-${GUACAMOLE_VERSION}" \ + && autoreconf -fi \ + && CPPFLAGS="-Wno-error=deprecated-declarations" \ + ./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --with-freerdp-plugin-dir="${FREERDP_PLUGIN_DIR}" \ + && make -j"$(nproc)" \ + && make install \ + && ldconfig \ + && cd / && rm -rf "guacamole-server-${GUACAMOLE_VERSION}" + +# guacd log level is passed via -L flag; exposed as env var for docker-compose +ENV GUACD_LOG_LEVEL=info + +EXPOSE 4822 + +CMD sh -c "exec /usr/sbin/guacd -b 0.0.0.0 -f -L \"${GUACD_LOG_LEVEL}\""