From dc463f4cf0e09d955e63638d7ea6efafa37fe92c Mon Sep 17 00:00:00 2001
From: alexz <me@alexzaw.dev>
Date: Fri, 16 Jan 2026 22:44:58 +0000
Subject: [PATCH] .

---
 apps/rego-tunnel/build/Dockerfile            | 16 ++++---------
 apps/rego-tunnel/build/scripts/entrypoint.sh | 24 ++++++++++++++++++++
 2 files changed, 28 insertions(+), 12 deletions(-)
 create mode 100644 apps/rego-tunnel/build/scripts/entrypoint.sh

diff --git a/apps/rego-tunnel/build/Dockerfile b/apps/rego-tunnel/build/Dockerfile
index 4637c21..41c7bae 100755
--- a/apps/rego-tunnel/build/Dockerfile
+++ b/apps/rego-tunnel/build/Dockerfile
@@ -72,17 +72,9 @@ RUN echo 'W1VuaXRdCkRlc2NyaXB0aW9uPVZOQyBhbmQgbm9WTkMgU2VydmVyCkFmdGVyPW5ldHdvcm
 RUN chmod 644 /lib/systemd/system/vnc.service && \
     systemctl enable vnc.service
 
-# Copy scripts that CAN be overridden at runtime
-COPY scripts/init-vpn.sh /opt/scripts/
-COPY scripts/xstartup /root/.vnc/xstartup
-COPY scripts/vpn-connect.sh /opt/scripts/
-RUN chmod +x /opt/scripts/*.sh /root/.vnc/xstartup
-
-# Setup VNC password (default, can be overridden via mount)
-ARG VNC_PASSWORD=cisco123
-RUN mkdir -p /root/.vnc && \
-    echo "${VNC_PASSWORD}" | vncpasswd -f > /root/.vnc/passwd && \
-    chmod 600 /root/.vnc/passwd
+# Copy entrypoint script
+COPY scripts/entrypoint.sh /opt/scripts/
+RUN chmod +x /opt/scripts/entrypoint.sh
 
 VOLUME ["/sys/fs/cgroup"]
 
@@ -90,4 +82,4 @@ EXPOSE 5901 6080
 
 STOPSIGNAL SIGRTMIN+3
 
-CMD ["/opt/scripts/init-vpn.sh"]
+CMD ["/opt/scripts/entrypoint.sh"]
diff --git a/apps/rego-tunnel/build/scripts/entrypoint.sh b/apps/rego-tunnel/build/scripts/entrypoint.sh
new file mode 100644
index 0000000..d51a154
--- /dev/null
+++ b/apps/rego-tunnel/build/scripts/entrypoint.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+# Entrypoint: VNC setup + DNS fix + systemd
+
+# Setup VNC password from environment variable (passed by runtipi)
+if [ -n "$VNC_PASSWORD" ]; then
+    mkdir -p /root/.vnc
+    echo "$VNC_PASSWORD" | vncpasswd -f > /root/.vnc/passwd
+    chmod 600 /root/.vnc/passwd
+fi
+
+# Backup current DNS config
+cp /etc/resolv.conf /tmp/resolv.conf.bak 2>/dev/null || true
+cp /etc/hosts /tmp/hosts.bak 2>/dev/null || true
+
+# Unmount Docker's bind mounts (allows VPN to modify DNS)
+umount /etc/resolv.conf 2>/dev/null || true
+umount /etc/hosts 2>/dev/null || true
+
+# Restore DNS config as regular files
+cat /tmp/resolv.conf.bak > /etc/resolv.conf 2>/dev/null || echo "nameserver 8.8.8.8" > /etc/resolv.conf
+cat /tmp/hosts.bak > /etc/hosts 2>/dev/null || echo "127.0.0.1 localhost" > /etc/hosts
+
+# Start systemd
+exec /sbin/init