Restructure cistech-tunnel to match rego-tunnel pattern

- build/: Dockerfile + entrypoint.sh (base image with VNC/noVNC)
- shared/: Runtime scripts mounted into container
  - xstartup: VNC startup, launches openconnect-vpn in xterm
  - openconnect-vpn: Main VPN script with menu, auto-connect, watchdog
- Removed source/ folder (replaced by build/)
- Updated docker-compose.json with proper volume mounts
- Changed port to 6080 (noVNC default)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

apps/cistech-tunnel/build/Dockerfile

@@ -0,0 +1,105 @@
+FROM ubuntu:22.04
+
+LABEL maintainer="alexz"
+LABEL description="OpenConnect SSO VPN in Docker with noVNC"
+LABEL version="1.0.0"
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV container=docker
+
+# VNC/noVNC settings
+ENV DISPLAY=:1
+ENV VNC_PORT=5901
+ENV NOVNC_PORT=6080
+
+# Python/Playwright settings
+ENV PLAYWRIGHT_BROWSERS_PATH=/ms-playwright
+ENV VIRTUAL_ENV=/opt/venv
+ENV PATH=/opt/venv/bin:$PATH
+ENV QTWEBENGINE_DISABLE_SANDBOX=1
+ENV QTWEBENGINE_CHROMIUM_FLAGS="--no-sandbox --disable-gpu"
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y \
+    openconnect \
+    iproute2 \
+    iptables \
+    ca-certificates \
+    python3 \
+    python3-pip \
+    python3-venv \
+    vpnc-scripts \
+    curl \
+    wget \
+    openssh-client \
+    tigervnc-standalone-server \
+    tigervnc-common \
+    novnc \
+    websockify \
+    openbox \
+    xterm \
+    procps \
+    net-tools \
+    nano \
+    x11vnc \
+    xvfb \
+    fluxbox \
+    oathtool \
+    xauth \
+    libnss3 \
+    libatk1.0-0 \
+    libatk-bridge2.0-0 \
+    libx11-6 \
+    libx11-xcb1 \
+    libxcomposite1 \
+    libxrandr2 \
+    libgbm1 \
+    libxdamage1 \
+    libpango-1.0-0 \
+    fonts-liberation \
+    libegl1 \
+    libgl1 \
+    libopengl0 \
+    libdbus-1-3 \
+    libglib2.0-0 \
+    libxkbcommon0 \
+    libxkbcommon-x11-0 \
+    libxcb1 \
+    libxcb-cursor0 \
+    libxcb-icccm4 \
+    libxcb-image0 \
+    libxcb-keysyms1 \
+    libxcb-render0 \
+    libxcb-render-util0 \
+    libxcb-shm0 \
+    libxcb-xfixes0 \
+    libxcb-xinerama0 \
+    libxcb-randr0 \
+    libxcb-glx0 \
+    sudo \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Install libasound (different package name on different Ubuntu versions)
+RUN apt-get update && (apt-get install -y libasound2t64 || apt-get install -y libasound2) && rm -rf /var/lib/apt/lists/*
+
+# Python venv + openconnect-sso + playwright
+RUN python3 -m venv "$VIRTUAL_ENV"
+RUN pip install --no-cache-dir openconnect-sso[full] playwright keyring keyrings.alt && \
+    python -m playwright install --with-deps chromium
+
+# Create directories
+RUN mkdir -p /opt/scripts /shared /root/.vnc
+
+# Create VNC startup script (embedded)
+RUN echo 'IyEvYmluL2Jhc2gKc2V0IC1lCmV4cG9ydCBIT01FPScvcm9vdCcKZXhwb3J0IFVTRVI9J3Jvb3QnCnJtIC1mIC90bXAvLlgxLWxvY2sgL3RtcC8uWDExLXVuaXgvWDEgMj4vZGV2L251bGwgfHwgdHJ1ZQpybSAtcmYgL3RtcC8uWCotbG9jayAvdG1wLy5YMTEtdW5peC8qIDI+L2Rldi9udWxsIHx8IHRydWUKZWNobyAiU3RhcnRpbmcgVGlnZXJWTkMgc2VydmVyIG9uIGRpc3BsYXkgOjEuLi4iCnZuY3NlcnZlciA6MSAtZ2VvbWV0cnkgMTI4MHg4MDAgLWRlcHRoIDI0IC1TZWN1cml0eVR5cGVzIFZuY0F1dGggLWxvY2FsaG9zdCBubwpzbGVlcCAyCmVjaG8gIlN0YXJ0aW5nIG5vVk5DIG9uIHBvcnQgJHtOT1ZOQ19QT1JUOi02MDgwfS4uLiIKd2Vic29ja2lmeSAtLXdlYj0vdXNyL3NoYXJlL25vdm5jLyAke05PVk5DX1BPUlQ6LTYwODB9IGxvY2FsaG9zdDo1OTAxICYKdGFpbCAtZiAvcm9vdC8udm5jLyoubG9nCg==' \
+    | base64 -d > /opt/scripts/startup-vnc.sh && \
+    chmod +x /opt/scripts/startup-vnc.sh
+
+# Copy entrypoint script
+COPY scripts/entrypoint.sh /opt/scripts/
+RUN chmod +x /opt/scripts/entrypoint.sh
+
+EXPOSE 5901 6080
+
+CMD ["/opt/scripts/entrypoint.sh"]