upload current sources

apps/rego-tunnel-linux/source/entrypoint.sh

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+NOVNC_PORT="${NOVNC_PORT:-8806}"
+VNC_PASSWORD="${VNC_PASSWORD:-vpnpass}"
+DISPLAY_ADDR="${DISPLAY:-:1}"
+
+pids=()
+
+start_gui() {
+  mkdir -p /root/.vnc
+  x11vnc -storepasswd "$VNC_PASSWORD" /root/.vnc/pass >/dev/null 2>&1 || true
+  rm -f /tmp/.X1-lock /tmp/.X11-unix/X1 2>/dev/null || true
+  Xvfb "$DISPLAY_ADDR" -screen 0 ${XVFB_WxHxD:-1280x800x24} +extension RANDR &
+  pids+=($!)
+  sleep 0.5
+  export DISPLAY="$DISPLAY_ADDR"
+  fluxbox >/tmp/fluxbox.log 2>&1 &
+  pids+=($!)
+  x11vnc -display "$DISPLAY_ADDR" -rfbauth /root/.vnc/pass -forever -shared -rfbport 5900 -quiet &
+  pids+=($!)
+  websockify --web=/usr/share/novnc/ 0.0.0.0:"$NOVNC_PORT" localhost:5900 >/tmp/websockify.log 2>&1 &
+  pids+=($!)
+}
+
+start_vpnagent() {
+  /opt/cisco/secureclient/bin/vpnagentd -execv_instance &
+  pids+=($!)
+}
+
+setup_tun() {
+  mkdir -p /dev/net
+  if [ ! -c /dev/net/tun ]; then
+    mknod /dev/net/tun c 10 200
+    chmod 600 /dev/net/tun
+  fi
+}
+
+setup_nat() {
+  sysctl -w net.ipv4.ip_forward=1 >/dev/null 2>&1 || true
+}
+
+start_terminal() {
+  sleep 1
+  xterm -fa 'Monospace' -fs 11 -bg black -fg white -geometry 120x35+50+50 \
+    -T "Rego VPN" -e bash &
+  pids+=($!)
+}
+
+trap 'kill 0' INT TERM
+
+echo "Starting Rego VPN container..."
+setup_tun
+setup_nat
+start_gui
+start_vpnagent
+start_terminal
+
+echo "All services started. noVNC available on port $NOVNC_PORT"
+wait