alexz/runtipi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

upload current sources
Some checks failed
Test / test (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Alex Zaw
2025-12-24 07:12:55 +00:00
parent 60855d6a85
commit a3d18358db
110 changed files with 42163 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
apps/rego-tunnel-linux/metadata/README.md Normal file
View File

@@ -0,0 +1,168 @@
# Rego-Tunnel Linux VPN Bridge
This app runs a Linux VM (Ubuntu) inside a Docker container with Cisco Secure Client VPN, providing transparent access to VPN-protected resources (IBM i at 10.35.33.230) from the local network.
## Architecture
```
┌─────────────────────────────────────────────────────────────────────────┐
│ Linux Host (192.168.0.150) │
│ │
│ Bridge: br-vpn-linux (172.31.1.1/24) │
└─────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────────────────┐
│ Container: rego-tunnel-linux (172.31.1.10) │
│ │
│ qemux/qemu running Ubuntu VM │
│ Port 8007 → Web console (noVNC) │
│ Port 2222 → SSH to VM │
│ │
│ Internal bridge: 172.32.1.1/24 │
└─────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────────────────┐
│ Ubuntu VM (172.32.1.20) │
│ │
│ Cisco Secure Client VPN: connected to corporate network │
│ VPN IP: 10.215.x.x │
│ │
│ cisco-vpn.sh: │
│ - Auto-login to Cisco via xdotool │
│ - TOTP authentication (oathtool) │
│ - iptables forwarding for target IP │
└─────────────────────────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────────────────────────┐
│ IBM i (10.35.33.230) │
│ Via Cisco VPN tunnel │
└─────────────────────────────────────────────────────────────────────────┘
```
## Installation
### Step 1: Install the app via Runtipi
1. Go to Runtipi App Store
2. Install "Rego Tunnel Linux"
3. Configure RAM, CPU, and disk size
### Step 2: Set up the VM
1. Open the web console at port 8007
2. Complete Ubuntu installation (use Ubuntu Server for faster boot)
3. After installation, open a terminal
### Step 3: Install Cisco Secure Client
```bash
# Mount the shared folder (contains Cisco installation)
sudo mkdir -p /mnt/shared
sudo mount -t 9p shared /mnt/shared -o trans=virtio
# Run the install script
sudo bash /mnt/shared/install-cisco.sh
```
### Step 4: Connect VPN
```bash
# Run the VPN automation script
~/cisco-vpn.sh
```
The script will:
1. Start the Cisco VPN agent
2. Launch the VPN UI
3. Auto-type credentials and TOTP
4. Set up IP forwarding for the target
## Files
### vpn_scripts/secureclient/
Complete Cisco Secure Client installation.
### vpn_scripts/cisco-vpn.sh
Automated VPN login script:
- Starts vpnagentd if not running
- Launches vpnui
- Uses xdotool to type credentials
- Generates TOTP codes with oathtool
- Sets up iptables forwarding
### vpn_scripts/install-cisco.sh
One-time setup script to install Cisco Secure Client in the VM.
## Configuration
### VPN Credentials
Edit `~/cisco-vpn.sh` and update:
```bash
EMAIL="your-email@company.com"
PASSWORD="your-password"
TOTP_SECRET="your-totp-secret"
VPN_HOST="vpn.company.com"
TARGET_IP="10.x.x.x"
```
### Network Configuration
Add route on your laptop:
```cmd
route add 172.31.1.0 mask 255.255.255.0 192.168.0.150 -p
```
## User Config
Create `/etc/runtipi/user-config/runtipi/rego-tunnel-linux/docker-compose.yml`:
```yaml
networks:
vpn_static-linux:
driver: bridge
driver_opts:
com.docker.network.bridge.name: "br-vpn-linux"
ipam:
config:
- subnet: 172.31.1.0/24
services:
rego-tunnel-linux:
sysctls:
- net.ipv4.conf.all.rp_filter=0
- net.ipv4.conf.default.rp_filter=0
cap_add:
- NET_ADMIN
environment:
- VM_NET_IP=172.32.1.20
networks:
vpn_static-linux:
ipv4_address: 172.31.1.10
```
## Troubleshooting
### VPN UI doesn't start
- Ensure vpnagentd is running: `systemctl status cisco-vpnagentd`
- Check for missing libraries: `ldd /opt/cisco/secureclient/bin/vpnui`
### TOTP codes failing
- Sync time: `sudo timedatectl set-ntp true`
- Verify TOTP secret is correct
### Can't reach target IP
- Check if VPN is connected: `ip addr show cscotun0`
- Verify iptables rules: `sudo iptables -L -n`
## Comparison: Windows vs Linux
| Feature | Windows VM | Linux VM |
|---------|-----------|----------|
| Image | dockurr/windows | qemux/qemu |
| Boot time | ~3-5 min | ~1-2 min |
| RAM usage | ~2GB min | ~512MB min |
| Disk usage | ~15GB | ~5GB |
| Automation | DevTools/WebSocket | xdotool |

35
apps/rego-tunnel-linux/metadata/description.md Normal file
View File

@@ -0,0 +1,35 @@
<h1 align="center">QEMU<br />
<div align="center">
<a href="https://github.com/qemus/qemu"><img src="https://github.com/qemus/qemu/raw/master/.github/logo.png" title="Logo" style="max-width:100%;" width="128" /></a>
</div>
<div align="center">
</div></h1>
Linux VM in a Docker container with Cisco Secure Client VPN.
## Features
- KVM acceleration
- Web-based viewer
- Cisco Secure Client VPN pre-installed
- Auto-login with TOTP support
## Quick Start
1. Start the container and connect to the web viewer
2. After Ubuntu installation completes, open a terminal
3. Mount the shared folder and run the install script:
```bash
sudo mkdir -p /mnt/shared
sudo mount -t 9p shared /mnt/shared
sudo bash /mnt/shared/install-cisco.sh
```
4. Run the VPN automation: `~/cisco-vpn.sh`
## VPN Connection
The container includes automated VPN login with:
- TOTP code generation
- xdotool automation for GUI
- Watchdog mode for auto-reconnection