From b0731bbc0585bf17661c11815b2434410e96980f Mon Sep 17 00:00:00 2001 From: Virtually Nick Date: Thu, 28 Mar 2024 10:00:24 -0400 Subject: [PATCH] GUACAMOLE-1020: Add Docker option to enable restrict module. --- guacamole-docker/bin/build-guacamole.sh | 9 +++++++++ guacamole-docker/bin/start.sh | 14 ++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/guacamole-docker/bin/build-guacamole.sh b/guacamole-docker/bin/build-guacamole.sh index 2fc6c95827..e41f392c00 100755 --- a/guacamole-docker/bin/build-guacamole.sh +++ b/guacamole-docker/bin/build-guacamole.sh @@ -200,3 +200,12 @@ if [ -f extensions/guacamole-history-recording-storage/target/guacamole-history- mkdir -p "$DESTINATION/recordings" cp extensions/guacamole-history-recording-storage/target/guacamole-history-recording-storage*.jar "$DESTINATION/recordings" fi + +# +# Copy additional restriction module if it was built +# + +if [ -f extensions/guacamole-auth-restrict/target/guacamole-auth-restrict*.jar ]; then + mkdir -p "$DESTINATION/restrict" + cp extensions/guacamole-auth-restrict/target/guacamole-auth-restrict*.jar "$DESTINATION/restrict" +fi diff --git a/guacamole-docker/bin/start.sh b/guacamole-docker/bin/start.sh index 02687d8615..19609009a4 100755 --- a/guacamole-docker/bin/start.sh +++ b/guacamole-docker/bin/start.sh @@ -955,6 +955,15 @@ associate_recordings() { ln -s /opt/guacamole/recordings/guacamole-history-recording-storage-*.jar "$GUACAMOLE_EXT" } +## +## Adds in the JAR file for the additional restrictions module if requested +## by the Docker environment variable. +## +associate_restrict() { + # Add required .jar files to GUACAMOLE_EXT + ln -s /opt/guacamole/restrict/guacamole-auth-restrict-*.jar "$GUACAMOLE_EXT" +} + ## ## Sets up Tomcat's remote IP valve that allows gathering the remote IP ## from headers set by a remote proxy @@ -1189,6 +1198,11 @@ if [ -n "$RECORDING_SEARCH_PATH" ]; then associate_recordings fi +# Add in the additional restrction module if requested +if [ -n "$RESTRICT_ENABLED" ]; then + associate_restrict +fi + # # Validate that at least one authentication backend is installed #