[
https://issues.apache.org/jira/browse/GUACAMOLE-1878?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17783900#comment-17783900
]
Bogdan Tomasciuc edited comment on GUACAMOLE-1878 at 11/8/23 7:19 AM:
----------------------------------------------------------------------
In my installation TOTP consistently fails unless TZ is provided:
{{docker run --name guacd --restart=always -v
/GuacamoleRecordings:/var/lib/guacamole/recordings -e GUACD_LOG_LEVEL="info" -e
TZ=Europe/Bucharest -d guacamole/guacd:latest}}
{{{{docker run --name guac-mysql --mount
source=guac-mysql,target=/var/lib/mysql -v /tmp/scripts:/tmp/scripts -e
MYSQL_ROOT_PASSWORD='SomeS3cr3tPassw0rd' -e TZ=Europe/Bucharest
--restart=always -d mysql:latest}}}}
{{docker run --name guacamole --link guacd:guacd --link guac-mysql:mysql -v
/var/log/guacamole:/home/guacamole/logs -v
/GuacamoleRecordings:/var/lib/guacamole/recordings -e
MYSQL_DATABASE='guacamole-db' -e MYSQL_USER='guacamole-user' -e
MYSQL_PASSWORD='MyguacamoleV3ryS3cr3tPassw0rd!ssst!' -e
REMOTE_IP_VALVE_ENABLED='true' --mount source=guac-config,target=/config -e
GUACAMOLE_HOME=/config -e RECORDING_SEARCH_PATH='/var/lib/guacamole/recordings'
-e LOG_LEVEL='info' -e TOTP_ENABLED='true' -e TZ='Europe/Bucharest'
--restart=always -d -p 8080:8080 guacamole/guacamole:latest}}
As soon as I remove TZ environement variable the TOTP fails (host is GMT+2 btw)
consistently. Just a thought but maybe it's something further up the validation
sequence. As in the totp code is validated and the response comes ok but it
comes "too late" or "too early" if the TZ is wrong?
was (Author: bogdansv):
{quote}{{In my installation TOTP consistently fails unless TZ is provided:}}
{{{}docker run --name guacd --restart=always -v
/GuacamoleRecordings:/var/lib/guacamole/recordings -e GUACD_LOG_LEVEL="info" -e
TZ=Europe/Bucharest -d guacamole/guacd:latest{}}}{{{}docker run --name
guac-mysql --mount source=guac-mysql,target=/var/lib/mysql -v
/tmp/scripts:/tmp/scripts -e MYSQL_ROOT_PASSWORD='SomeS3cr3tPassw0rd' -e
TZ=Europe/Bucharest --restart=always -d mysql:latest{}}}{{{}docker run --name
guacamole --link guacd:guacd --link guac-mysql:mysql -v
/var/log/guacamole:/home/guacamole/logs -v
/GuacamoleRecordings:/var/lib/guacamole/recordings -e
MYSQL_DATABASE='guacamole-db' -e MYSQL_USER='guacamole-user' -e
MYSQL_PASSWORD='MyguacamoleV3ryS3cr3tPassw0rd!ssst!' -e
REMOTE_IP_VALVE_ENABLED='true' --mount source=guac-config,target=/config -e
GUACAMOLE_HOME=/config -e RECORDING_SEARCH_PATH='/var/lib/guacamole/recordings'
-e LOG_LEVEL='info' -e TOTP_ENABLED='true' -e TZ='Europe/Bucharest'
--restart=always -d -p 8080:8080 guacamole/guacamole:latest{}}}
{{As soon as I remove TZ environement variable the TOTP fails (host is GMT+2
btw) consistently. Just a thought but maybe it's something further up the
validation sequence. As in the totp code is validated and the response comes ok
but it comes "too late" or "too early" if the TZ is wrong?}}{quote}
> TOTP Authentication - Add documentation relating to usage with docker
> ---------------------------------------------------------------------
>
> Key: GUACAMOLE-1878
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1878
> Project: Guacamole
> Issue Type: Improvement
> Components: Documentation
> Reporter: Bogdan Tomasciuc
> Priority: Trivial
> Fix For: 1.5.4
>
>
> The documentation is missing the actual steps to enable and configure the
> TOTP extension while using docker. Similarly to the passed environment
> variables and the documentation about how the image works with other
> extensions it should also contain a section about configuring and working
> with the TOTP extension. Through my own trials I have found that enabling the
> TOTP extension is accomplished by adding the environment variable
> {{TOTP_ENABLED="true"}}. -But this alone, depending on your timezone, might
> make the extension work unreliably. To make the codes work reliably the
> timezone must be set on the containers using the variable TZ as in
> TZ="Europe/Bucharest".-
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
