update dockerfile

2026-01-16 21:45:38 +00:00
parent ee6cb6c90d
commit 99fc5a5600
2 changed files with 7 additions and 36 deletions
--- a/apps/rego-tunnel/build/Dockerfile
+++ b/apps/rego-tunnel/build/Dockerfile
@@ -62,44 +62,15 @@ RUN tar -xzf /tmp/cisco-secure-client-full.tar.gz -C / && rm /tmp/cisco-secure-c
 # Enable vpnagentd service
 RUN systemctl enable vpnagentd.service

-# Create scripts directory
 RUN mkdir -p /opt/scripts /shared
+RUN echo 'IyEvYmluL2Jhc2gKc2V0IC1lCmV4cG9ydCBIT01FPScvcm9vdCcKZXhwb3J0IFVTRVI9J3Jvb3QnCnJtIC1mIC90bXAvLlAxLWxvY2sgL3RtcC8uWDExLXVuaXgvWDEgMj4vZGV2L251bGwgfHwgdHJ1ZQpybSAtcmYgL3RtcC8uWCotbG9jayAvdG1wLy5YMTQtdW5peC8qIDI+L2Rldi9udWxsIHx8IHRydWUKZWNobyAiU3RhcnRpbmcgVGlnZXJWTkMgc2VydmVyIG9uIGRpc3BsYXkgOjEuLi4iCnZuY3NlcnZlciA6MSAtZ2VvbWV0cnkgMTI4MHg4MDAgLWRlcHRoIDI0IC1TZWN1cml0eVR5cGVzIFZuY0F1dGggLWxvY2FsaG9zdCBubwpzbGVlcCAyCmVjaG8gIlN0YXJ0aW5nIG5vVk5DIG9uIHBvcnQgJHtOT1ZOQ19QT1JULTYwODB9Li4uIgp3ZWJzb2NraWZ5IC0td2ViPS91c3Ivc2hhcmUvbm92bmMvICR7Tk9WTkNfUE9SVC06LTYwODB9IGxvY2FsaG9zdDo1OTAxICYKdGFpbCAtZiAvcm9vdC8udm5jLyoubG9nCg==' \
+| base64 -d > /opt/scripts/startup-vnc.sh && \
+chmod +x /opt/scripts/startup-vnc.sh

-# Inline startup-vnc.sh (cannot be overridden at runtime)
-RUN cat > /opt/scripts/startup-vnc.sh << 'EOF'
-#!/bin/bash
-set -e
-export HOME=/root
-export USER=root
-rm -f /tmp/.X1-lock /tmp/.X11-unix/X1 2>/dev/null || true
-rm -rf /tmp/.X*-lock /tmp/.X11-unix/* 2>/dev/null || true
-echo "Starting TigerVNC server on display :1..."
-vncserver :1 -geometry 1280x800 -depth 24 -SecurityTypes VncAuth -localhost no
-sleep 2
-echo "Starting noVNC on port ${NOVNC_PORT:-6080}..."
-websockify --web=/usr/share/novnc/ ${NOVNC_PORT:-6080} localhost:5901 &
-tail -f /root/.vnc/*.log
-EOF
-RUN chmod +x /opt/scripts/startup-vnc.sh
-
-# Inline vnc.service (cannot be overridden at runtime)
-RUN cat > /lib/systemd/system/vnc.service << 'EOF'
-[Unit]
-Description=VNC and noVNC Server
-After=network.target vpnagentd.service
-
-[Service]
-Type=simple
-ExecStart=/opt/scripts/startup-vnc.sh
-Restart=always
-RestartSec=5
-Environment=HOME=/root
-Environment=USER=root
-
-[Install]
-WantedBy=multi-user.target
-EOF
-RUN systemctl enable vnc.service
+RUN echo 'W1VuaXRdCkRlc2NyaXB0aW9uPVZOQyBhbmQgbm9WTkMgU2VydmVyCkFmdGVyPW5ldHdvcmsudGFyZ2V0IHZwbmFnZW50ZC5zZXJ2aWNlCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9vcHQvc2NyaXB0cy9zdGFydHVwLXZuYy5zaApSZXN0YXJ0PWFsd2F5cwpSZXN0YXJ0U2VjPTUKRW52aXJvbm1lbnQ9SE9NRT0vcm9vdApFbnZpcm9ubWVudD1VU0VSPXJvb3QKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=' \
+| base64 -d > /lib/systemd/system/vnc.service
+RUN chmod 644 /lib/systemd/system/vnc.service && \
+    systemctl enable vnc.service

 # Copy scripts that CAN be overridden at runtime
 COPY scripts/init-vpn.sh /opt/scripts/