Install & Configure Guacamole within LXC - Trying to setup for LXD

bmullan · November 14, 2017, 11:12pm

I use LXD and tried to setup your Guacamole/MySQL/NGINX using LXD (LXD v2) as I don’t use LXC v1 any longer.

All went well except for a couple places where you left out the commands to UNTAR tar.gz files. However, at the very end the restart of the nginx service fails.

$ sudo service nginx restart

error follows:

systemctl status nginx.service

● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2017-11-14 17:35:43 EST; 15s ago
Process: 292 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE

Nov 14 17:35:43 vm-server systemd[1]: Starting A high performance web server and a reverse proxy server…
Nov 14 17:35:43 vm-server nginx[292]: nginx: [emerg] “listen” directive is not allowed here in /etc/nginx/sites-
Nov 14 17:35:43 vm-server nginx[292]: nginx: configuration file /etc/nginx/nginx.conf test failed
Nov 14 17:35:43 vm-server systemd[1]: nginx.service: Control process exited, code=exited status=1
Nov 14 17:35:43 vm-server systemd[1]: Failed to start A high performance web server and a reverse proxy server.
Nov 14 17:35:43 vm-server systemd[1]: nginx.service: Unit entered failed state.
Nov 14 17:35:43 vm-server systemd[1]: nginx.service: Failed with result ‘exit-code’.

and finally as I use ubuntu I’m not sure how to implement Step 5: Configure firewall rules as my ubuntu uses UFW and I’m not sure how to interpret those firewall.xxxxxx rules ? with UFW.

michael_71 · November 15, 2017, 12:57pm

Hi bmullan,

it seems your /etc/nginx/sites-available/https has an error regarding to the log mybe you miss the “server {” line ?
I found another problem in the tutorial at the point where the ssl-cert and key is generatet. There you should use the correct names like vm-server (-keyout /etc/nginx/ssl/bonnes_me.key -out /etc/nginx/ssl/bonnes_me.crt -extensions v3_ca) instead of bonnes_me!

Take a look at the log and you will see which config-file has an error and on which line you should have a look at!

I’ve tried this all first on a Virtual-Box-Machine and i got it running there - next step is config on the Omnia!

I think the Firewall-Rules at the end must be added to the Omnia (cause of wan and lan-devices) - portforwarding !

Regards,
Michael