revert(cistech-tunnel): restore to working state at 5d54ed6
Some checks failed
Test / test (push) Has been cancelled
Some checks failed
Test / test (push) Has been cancelled
- Removed build/ folder - Restored source/ folder with original Dockerfile and entrypoint.sh - Reverted config files to original working state - Cleaned up shared/ to only contain host routing scripts Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -1,16 +1,16 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Host routing script for cistech-tunnel
|
||||
# Routes TARGET_IP through the VPN container
|
||||
# Routes target subnets through the VPN container
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
ACTION="${1:-start}"
|
||||
|
||||
# Fixed configuration (we assigned these)
|
||||
# Fixed configuration
|
||||
CONTAINER_IP="172.30.0.10"
|
||||
BRIDGE_NAME="br-vpn-static"
|
||||
TARGET_IP="${TARGET_IP:-}"
|
||||
TARGET_SUBNETS="10.3.1.0/24 10.255.255.0/24"
|
||||
LAN_SUBNET="192.168.0.0/23"
|
||||
LAN_INTERFACES="eth0 eth1 wlan0"
|
||||
LOG_FILE="/var/log/cistech-routing.log"
|
||||
@@ -25,12 +25,10 @@ get_lan_interface() {
|
||||
}
|
||||
|
||||
remove_routes() {
|
||||
log "Removing stale routes for $TARGET_IP..."
|
||||
|
||||
# Remove any existing route to TARGET_IP
|
||||
ip route del "$TARGET_IP" 2>/dev/null || true
|
||||
ip route del "$TARGET_IP/32" 2>/dev/null || true
|
||||
|
||||
log "Removing stale routes..."
|
||||
for subnet in $TARGET_SUBNETS; do
|
||||
ip route del "$subnet" 2>/dev/null || true
|
||||
done
|
||||
log "Stale routes removed"
|
||||
}
|
||||
|
||||
@@ -41,35 +39,35 @@ apply_routes() {
|
||||
log "Applying host routing rules..."
|
||||
log " Container IP: $CONTAINER_IP"
|
||||
log " Bridge: $BRIDGE_NAME"
|
||||
log " Target IP: $TARGET_IP"
|
||||
log " Target subnets: $TARGET_SUBNETS"
|
||||
log " LAN interface: ${lan_if:-unknown}"
|
||||
|
||||
# Enable IP forwarding
|
||||
echo 1 > /proc/sys/net/ipv4/ip_forward
|
||||
log "IP forwarding enabled"
|
||||
|
||||
# Add route to TARGET_IP via container
|
||||
ip route replace "$TARGET_IP/32" via "$CONTAINER_IP" dev "$BRIDGE_NAME"
|
||||
log "Route added: $TARGET_IP via $CONTAINER_IP dev $BRIDGE_NAME"
|
||||
# Add routes to target subnets via container
|
||||
for subnet in $TARGET_SUBNETS; do
|
||||
ip route replace "$subnet" via "$CONTAINER_IP" dev "$BRIDGE_NAME"
|
||||
log "Route added: $subnet via $CONTAINER_IP dev $BRIDGE_NAME"
|
||||
done
|
||||
|
||||
# Allow forwarding in DOCKER-USER chain for all LAN interfaces
|
||||
for lan_if in $LAN_INTERFACES; do
|
||||
# Check if interface exists
|
||||
if ip link show "$lan_if" &>/dev/null; then
|
||||
# Allow traffic from LAN to container for TARGET_IP
|
||||
iptables -C DOCKER-USER -i "$lan_if" -o "$BRIDGE_NAME" -d "$TARGET_IP" -j ACCEPT 2>/dev/null || \
|
||||
iptables -I DOCKER-USER 1 -i "$lan_if" -o "$BRIDGE_NAME" -d "$TARGET_IP" -j ACCEPT
|
||||
# Allow traffic from LAN to container bridge
|
||||
iptables -C DOCKER-USER -i "$lan_if" -o "$BRIDGE_NAME" -j ACCEPT 2>/dev/null || \
|
||||
iptables -I DOCKER-USER 1 -i "$lan_if" -o "$BRIDGE_NAME" -j ACCEPT
|
||||
|
||||
# Allow return traffic
|
||||
iptables -C DOCKER-USER -i "$BRIDGE_NAME" -o "$lan_if" -s "$TARGET_IP" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 2>/dev/null || \
|
||||
iptables -I DOCKER-USER 1 -i "$BRIDGE_NAME" -o "$lan_if" -s "$TARGET_IP" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
|
||||
iptables -C DOCKER-USER -i "$BRIDGE_NAME" -o "$lan_if" -m state --state RELATED,ESTABLISHED -j ACCEPT 2>/dev/null || \
|
||||
iptables -I DOCKER-USER 1 -i "$BRIDGE_NAME" -o "$lan_if" -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
|
||||
log "DOCKER-USER iptables rules added for $lan_if <-> $BRIDGE_NAME"
|
||||
fi
|
||||
done
|
||||
|
||||
# Masquerade traffic from LAN subnet to VPN bridge (so return traffic routes correctly)
|
||||
# Use nft since iptables-nft backend doesn't support iptables -t nat commands
|
||||
# Masquerade traffic from LAN subnet to VPN bridge (using nft)
|
||||
if ! nft list chain ip nat POSTROUTING 2>/dev/null | grep -q "saddr $LAN_SUBNET.*oifname.*$BRIDGE_NAME.*masquerade"; then
|
||||
nft add rule ip nat POSTROUTING ip saddr "$LAN_SUBNET" oifname "$BRIDGE_NAME" counter masquerade
|
||||
log "NAT masquerade rule added for $LAN_SUBNET -> $BRIDGE_NAME"
|
||||
@@ -77,19 +75,21 @@ apply_routes() {
|
||||
log "NAT masquerade rule already exists for $LAN_SUBNET -> $BRIDGE_NAME"
|
||||
fi
|
||||
|
||||
log "OK: Host routing applied - $TARGET_IP via $CONTAINER_IP ($BRIDGE_NAME)"
|
||||
log "OK: Host routing applied"
|
||||
}
|
||||
|
||||
remove_all() {
|
||||
log "Removing all routing rules..."
|
||||
|
||||
# Remove route
|
||||
ip route del "$TARGET_IP/32" via "$CONTAINER_IP" dev "$BRIDGE_NAME" 2>/dev/null || true
|
||||
# Remove routes
|
||||
for subnet in $TARGET_SUBNETS; do
|
||||
ip route del "$subnet" via "$CONTAINER_IP" dev "$BRIDGE_NAME" 2>/dev/null || true
|
||||
done
|
||||
|
||||
# Remove iptables rules for all LAN interfaces
|
||||
for lan_if in $LAN_INTERFACES; do
|
||||
iptables -D DOCKER-USER -i "$lan_if" -o "$BRIDGE_NAME" -d "$TARGET_IP" -j ACCEPT 2>/dev/null || true
|
||||
iptables -D DOCKER-USER -i "$BRIDGE_NAME" -o "$lan_if" -s "$TARGET_IP" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT 2>/dev/null || true
|
||||
iptables -D DOCKER-USER -i "$lan_if" -o "$BRIDGE_NAME" -j ACCEPT 2>/dev/null || true
|
||||
iptables -D DOCKER-USER -i "$BRIDGE_NAME" -o "$lan_if" -m state --state RELATED,ESTABLISHED -j ACCEPT 2>/dev/null || true
|
||||
done
|
||||
|
||||
# Remove masquerade rule (using nft)
|
||||
|
||||
@@ -1,55 +1,68 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Install host-side systemd services for rego-tunnel
|
||||
# Run this ONCE on the host after installing the app in Runtipi
|
||||
# Install host-side systemd services for cistech-tunnel
|
||||
# Run this ONCE on the host after app install
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
APP_DATA_DIR="/etc/runtipi/app-data/runtipi/rego-tunnel"
|
||||
APP_DATA_DIR="/etc/runtipi/app-data/runtipi/cistech-tunnel"
|
||||
|
||||
echo "Installing rego-tunnel host services..."
|
||||
echo "Installing cistech-tunnel host services..."
|
||||
|
||||
# Create the path watcher unit
|
||||
cat << 'EOF' | sudo tee /etc/systemd/system/rego-routing-watcher.path
|
||||
# Create app-data directory for trigger file
|
||||
sudo mkdir -p "$APP_DATA_DIR"
|
||||
|
||||
# Create the path unit (watches for trigger file)
|
||||
sudo tee /etc/systemd/system/cistech-routing-watcher.path > /dev/null << EOF
|
||||
[Unit]
|
||||
Description=Watch for rego-tunnel routing trigger
|
||||
Description=Watch for cistech-tunnel routing trigger
|
||||
|
||||
[Path]
|
||||
PathExists=/etc/runtipi/app-data/runtipi/rego-tunnel/restart-routing
|
||||
Unit=rego-routing-watcher.service
|
||||
PathExists=$APP_DATA_DIR/restart-routing
|
||||
Unit=cistech-routing-watcher.service
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
EOF
|
||||
|
||||
# Create the service unit
|
||||
cat << EOF | sudo tee /etc/systemd/system/rego-routing-watcher.service
|
||||
# Create the service unit (applies routes when triggered)
|
||||
sudo tee /etc/systemd/system/cistech-routing-watcher.service > /dev/null << EOF
|
||||
[Unit]
|
||||
Description=Apply rego-tunnel routing rules
|
||||
Description=Apply cistech-tunnel routing rules
|
||||
After=docker.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=${SCRIPT_DIR}/host-routing.sh restart
|
||||
ExecStartPost=/bin/rm -f ${APP_DATA_DIR}/restart-routing
|
||||
ExecStartPost=/bin/bash -c 'echo "trigger cleared at \$(date)" >> ${APP_DATA_DIR}/watcher.log'
|
||||
ExecStart=$SCRIPT_DIR/host-routing.sh restart
|
||||
ExecStartPost=/bin/rm -f $APP_DATA_DIR/restart-routing
|
||||
ExecStartPost=/bin/bash -c 'echo "trigger cleared at \$(date)" >> $APP_DATA_DIR/watcher.log'
|
||||
EOF
|
||||
|
||||
# Make host-routing.sh executable
|
||||
sudo chmod +x "${SCRIPT_DIR}/host-routing.sh"
|
||||
chmod +x "$SCRIPT_DIR/host-routing.sh"
|
||||
|
||||
# Reload systemd and enable the watcher
|
||||
sudo systemctl daemon-reload
|
||||
sudo systemctl enable --now rego-routing-watcher.path
|
||||
sudo systemctl enable cistech-routing-watcher.path
|
||||
sudo systemctl start cistech-routing-watcher.path
|
||||
|
||||
# Disable the old boot-only service if it exists
|
||||
if systemctl is-enabled cistech-routing.service &>/dev/null; then
|
||||
echo "Disabling old cistech-routing.service (replaced by watcher)..."
|
||||
sudo systemctl stop cistech-routing.service 2>/dev/null || true
|
||||
sudo systemctl disable cistech-routing.service 2>/dev/null || true
|
||||
fi
|
||||
|
||||
# Apply routes now
|
||||
echo "Applying initial routes..."
|
||||
sudo "$SCRIPT_DIR/host-routing.sh" start
|
||||
|
||||
echo ""
|
||||
echo "Done! Services installed:"
|
||||
echo " - rego-routing-watcher.path (watches for trigger file)"
|
||||
echo " - rego-routing-watcher.service (applies routing rules)"
|
||||
echo "Done! Watcher installed and routes applied."
|
||||
echo ""
|
||||
echo "To check status:"
|
||||
echo " systemctl status rego-routing-watcher.path"
|
||||
echo "To trigger route refresh from container:"
|
||||
echo " touch /runtime/restart-routing"
|
||||
echo ""
|
||||
echo "To manually trigger routing:"
|
||||
echo " touch ${APP_DATA_DIR}/restart-routing"
|
||||
echo "To check watcher status:"
|
||||
echo " systemctl status cistech-routing-watcher.path"
|
||||
|
||||
@@ -1,209 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Cistech VPN Connection Script with OpenConnect SSO
|
||||
# Uses config.toml for configuration, openconnect-sso handles auto-connect
|
||||
|
||||
# Credentials from environment variables
|
||||
OC_URL="${OC_URL:-}"
|
||||
OC_USER="${OC_USER:-}"
|
||||
OC_PASSWORD="${OC_PASSWORD:-}"
|
||||
OC_TOTP_SECRET="${OC_TOTP_SECRET:-}"
|
||||
OC_INTERFACE="${OC_INTERFACE:-tun0}"
|
||||
|
||||
CONFIG_DIR="$HOME/.config/openconnect-sso"
|
||||
CONFIG_FILE="$CONFIG_DIR/config.toml"
|
||||
|
||||
# Colors
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
CYAN='\033[0;36m'
|
||||
GRAY='\033[0;90m'
|
||||
NC='\033[0m'
|
||||
|
||||
print_banner() {
|
||||
echo -e "${CYAN}========================================${NC}"
|
||||
echo -e "${CYAN} Cistech VPN Connection Script ${NC}"
|
||||
echo -e "${CYAN}========================================${NC}"
|
||||
echo ""
|
||||
}
|
||||
|
||||
log() {
|
||||
local level="$1"
|
||||
local msg="$2"
|
||||
local ts=$(date '+%H:%M:%S')
|
||||
case $level in
|
||||
INFO) echo -e "${GRAY}[$ts]${NC} ${GREEN}[INFO]${NC} $msg" ;;
|
||||
WARN) echo -e "${GRAY}[$ts]${NC} ${YELLOW}[WARN]${NC} $msg" ;;
|
||||
ERROR) echo -e "${GRAY}[$ts]${NC} ${RED}[ERROR]${NC} $msg" ;;
|
||||
DEBUG) echo -e "${GRAY}[$ts]${NC} ${CYAN}[DEBUG]${NC} $msg" ;;
|
||||
*) echo -e "${GRAY}[$ts]${NC} $msg" ;;
|
||||
esac
|
||||
}
|
||||
|
||||
get_totp() {
|
||||
[ -n "$OC_TOTP_SECRET" ] && oathtool --totp -b "$OC_TOTP_SECRET"
|
||||
}
|
||||
|
||||
get_vpn_interface() {
|
||||
ip link show "$OC_INTERFACE" 2>/dev/null | grep -q "UP" && echo "$OC_INTERFACE"
|
||||
}
|
||||
|
||||
get_vpn_ip() {
|
||||
local iface=$(get_vpn_interface)
|
||||
[ -n "$iface" ] && ip addr show "$iface" 2>/dev/null | grep -oP 'inet \K[\d.]+' | head -1
|
||||
}
|
||||
|
||||
check_vpn_status() {
|
||||
local vpn_iface=$(get_vpn_interface)
|
||||
if [ -n "$vpn_iface" ]; then
|
||||
log INFO "VPN: ${GREEN}CONNECTED${NC} ($(get_vpn_ip))"
|
||||
return 0
|
||||
else
|
||||
log WARN "VPN: ${RED}NOT CONNECTED${NC}"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
setup_keyring() {
|
||||
if [[ -n "$OC_TOTP_SECRET" && -n "$OC_USER" ]]; then
|
||||
python3 -c "
|
||||
import keyring
|
||||
keyring.set_password('openconnect-sso', 'totp/$OC_USER', '$OC_TOTP_SECRET'.upper())
|
||||
" 2>/dev/null && log INFO "TOTP stored in keyring"
|
||||
fi
|
||||
}
|
||||
|
||||
setup_config() {
|
||||
mkdir -p "$CONFIG_DIR"
|
||||
|
||||
# Determine browser display mode
|
||||
local browser_mode="hidden"
|
||||
[ -z "$OC_USER" ] && browser_mode="shown"
|
||||
|
||||
cat > "$CONFIG_FILE" << EOF
|
||||
[openconnect]
|
||||
server = "$OC_URL"
|
||||
interface = "$OC_INTERFACE"
|
||||
|
||||
[sso]
|
||||
browser_display_mode = "$browser_mode"
|
||||
EOF
|
||||
|
||||
[ -n "$OC_USER" ] && echo "user = \"$OC_USER\"" >> "$CONFIG_FILE"
|
||||
|
||||
log INFO "Config written to $CONFIG_FILE"
|
||||
}
|
||||
|
||||
setup_forwarding() {
|
||||
log INFO "Setting up IP forwarding..."
|
||||
local vpn_iface=$(get_vpn_interface)
|
||||
if [ -z "$vpn_iface" ]; then
|
||||
log ERROR "No VPN interface found!"
|
||||
return 1
|
||||
fi
|
||||
sysctl -w net.ipv4.ip_forward=1 >/dev/null
|
||||
iptables -t nat -C POSTROUTING -o "$vpn_iface" -j MASQUERADE 2>/dev/null || \
|
||||
iptables -t nat -A POSTROUTING -o "$vpn_iface" -j MASQUERADE
|
||||
touch /runtime/restart-routing 2>/dev/null
|
||||
log INFO "Forwarding configured"
|
||||
}
|
||||
|
||||
kill_vpn() {
|
||||
log INFO "Stopping VPN..."
|
||||
pkill -f "openconnect" 2>/dev/null
|
||||
sleep 1
|
||||
}
|
||||
|
||||
start_vpn() {
|
||||
log INFO "Starting OpenConnect SSO..."
|
||||
|
||||
setup_keyring
|
||||
setup_config
|
||||
|
||||
log INFO "Credentials:"
|
||||
echo -e " ${CYAN}URL: $OC_URL${NC}"
|
||||
echo -e " ${CYAN}User: $OC_USER${NC}"
|
||||
[ -n "$OC_TOTP_SECRET" ] && echo -e " ${CYAN}TOTP: $(get_totp)${NC}"
|
||||
echo ""
|
||||
|
||||
# Run openconnect-sso (it handles reconnection)
|
||||
if [[ -n "$OC_PASSWORD" ]]; then
|
||||
echo "$OC_PASSWORD" | openconnect-sso
|
||||
else
|
||||
echo "" | openconnect-sso
|
||||
fi
|
||||
}
|
||||
|
||||
show_totp() {
|
||||
[ -z "$OC_TOTP_SECRET" ] && { log ERROR "No TOTP secret"; return 1; }
|
||||
log INFO "Live TOTP (Ctrl+C to stop)"
|
||||
while true; do
|
||||
echo -ne "\r TOTP: ${GREEN}$(get_totp)${NC} (${YELLOW}$((30 - $(date +%s) % 30))s${NC}) "
|
||||
sleep 1
|
||||
done
|
||||
}
|
||||
|
||||
main_menu() {
|
||||
echo -e "${GREEN}Options:${NC}"
|
||||
echo -e " ${CYAN}1${NC} - Start VPN"
|
||||
echo -e " ${CYAN}2${NC} - Stop VPN"
|
||||
echo -e " ${CYAN}3${NC} - Show TOTP"
|
||||
echo -e " ${CYAN}4${NC} - Setup forwarding"
|
||||
echo -e " ${CYAN}5${NC} - Check status"
|
||||
echo -e " ${CYAN}6${NC} - Show routes"
|
||||
echo -e " ${CYAN}q${NC} - Quit"
|
||||
echo ""
|
||||
}
|
||||
|
||||
# Parse args
|
||||
for arg in "$@"; do
|
||||
case $arg in
|
||||
-m|--menu) SKIP_AUTO=true ;;
|
||||
-s|--status) check_vpn_status; exit 0 ;;
|
||||
--help) echo "Usage: $0 [-m|--menu] [-s|--status]"; exit 0 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Main
|
||||
print_banner
|
||||
log INFO "openconnect-vpn started"
|
||||
|
||||
if [ "${SKIP_AUTO:-false}" = "true" ]; then
|
||||
log INFO "Menu mode - skipping auto-connect"
|
||||
elif check_vpn_status; then
|
||||
setup_forwarding
|
||||
else
|
||||
log INFO "Auto-starting VPN..."
|
||||
start_vpn &
|
||||
VPN_PID=$!
|
||||
|
||||
# Wait for connection
|
||||
for i in {1..60}; do
|
||||
sleep 2
|
||||
if [ -n "$(get_vpn_interface)" ]; then
|
||||
log INFO "VPN connected!"
|
||||
setup_forwarding
|
||||
break
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Menu loop
|
||||
while true; do
|
||||
echo ""
|
||||
main_menu
|
||||
echo -ne "${CYAN}Choice: ${NC}"
|
||||
read -r choice
|
||||
echo ""
|
||||
[[ -z "${choice// }" ]] && continue
|
||||
case $choice in
|
||||
1) start_vpn ;;
|
||||
2) kill_vpn ;;
|
||||
3) show_totp ;;
|
||||
4) setup_forwarding ;;
|
||||
5) check_vpn_status ;;
|
||||
6) ip -4 route show ;;
|
||||
q|Q) log INFO "Goodbye!"; exit 0 ;;
|
||||
esac
|
||||
done
|
||||
@@ -1,21 +1,21 @@
|
||||
#!/usr/bin/env bash
|
||||
#
|
||||
# Uninstall host-side systemd services for rego-tunnel
|
||||
# Uninstall host-side systemd services for cistech-tunnel
|
||||
#
|
||||
set -euo pipefail
|
||||
|
||||
echo "Removing rego-tunnel host services..."
|
||||
echo "Removing cistech-tunnel host services..."
|
||||
|
||||
# Stop and disable the watcher
|
||||
sudo systemctl stop rego-routing-watcher.path 2>/dev/null || true
|
||||
sudo systemctl disable rego-routing-watcher.path 2>/dev/null || true
|
||||
sudo systemctl stop cistech-routing-watcher.path 2>/dev/null || true
|
||||
sudo systemctl disable cistech-routing-watcher.path 2>/dev/null || true
|
||||
|
||||
# Remove routing rules
|
||||
/etc/runtipi/repos/runtipi/apps/rego-tunnel/shared/host-routing.sh stop 2>/dev/null || true
|
||||
/etc/runtipi/repos/runtipi/apps/cistech-tunnel/shared/host-routing.sh stop 2>/dev/null || true
|
||||
|
||||
# Remove systemd units
|
||||
sudo rm -f /etc/systemd/system/rego-routing-watcher.path
|
||||
sudo rm -f /etc/systemd/system/rego-routing-watcher.service
|
||||
sudo rm -f /etc/systemd/system/cistech-routing-watcher.path
|
||||
sudo rm -f /etc/systemd/system/cistech-routing-watcher.service
|
||||
|
||||
# Reload systemd
|
||||
sudo systemctl daemon-reload
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
#!/bin/bash
|
||||
# VNC xstartup - launches terminal with openconnect-vpn script
|
||||
|
||||
unset SESSION_MANAGER
|
||||
unset DBUS_SESSION_BUS_ADDRESS
|
||||
|
||||
# Import environment variables from container (PID 1)
|
||||
# Systemd services don't inherit Docker env vars, so we source them here
|
||||
while IFS= read -r -d '' line; do
|
||||
export "$line"
|
||||
done < /proc/1/environ
|
||||
|
||||
export XDG_RUNTIME_DIR=/tmp/runtime-root
|
||||
mkdir -p $XDG_RUNTIME_DIR
|
||||
chmod 700 $XDG_RUNTIME_DIR
|
||||
|
||||
# GPU/WebKit workarounds for browser
|
||||
export GDK_BACKEND=x11
|
||||
export WEBKIT_DISABLE_DMABUF_RENDERER=1
|
||||
|
||||
# Start dbus session
|
||||
[ -x /usr/bin/dbus-launch ] && eval $(dbus-launch --sh-syntax --exit-with-session)
|
||||
|
||||
# Start window manager
|
||||
openbox &
|
||||
sleep 2
|
||||
|
||||
# Disable screen blanking and power saving
|
||||
xset s off 2>/dev/null || true
|
||||
xset -dpms 2>/dev/null || true
|
||||
xset s noblank 2>/dev/null || true
|
||||
|
||||
# Make script executable and launch in terminal
|
||||
chmod +x /shared/openconnect-vpn 2>/dev/null || true
|
||||
xterm -fa 'Monospace' -fs 11 -bg black -fg white -geometry 130x45+10+10 \
|
||||
-title "Cistech VPN Terminal" \
|
||||
-e "bash -c '/shared/openconnect-vpn; exec bash'" &
|
||||
|
||||
wait
|
||||
Reference in New Issue
Block a user