- install-host-services.sh: Creates watcher path/service units
- uninstall-host-services.sh: Removes units and cleans up
- Run once on host after app install
- Removed get_vm_bridge_ip() and get_container_gateway()
- Added get_container_ip() for eth0 (172.31.0.x network)
- Updated setup_forwarding() and show_network_status()
- No more ens3/VM references
- Hardcoded container IP (172.31.0.10) and bridge (br-rego-vpn)
- Simple start/stop/restart actions
- Removes stale routes before applying new ones
- Logs to /var/log/rego-routing.log
- Removed: redsocks, nft, VM subnet, container_apply
- Removed all sudo commands since container runs as root
- Added LOG_FILE at /var/log/cisco-vpn.log
- Modified log() to write to both console and file
- Added startup logging with env var status
- Delete init-vpn.sh, vpn-connect.sh, xstartup from build/scripts
- Change cisco-vpn monitor to background process so menu shows after connect
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
These two files cannot be overridden at runtime, so they're now
baked directly into the Dockerfile using heredocs.
Remaining scripts (can be overridden at runtime):
- init-vpn.sh
- xstartup
- vpn-connect.sh
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add init-rego.sh and xstartup to repo's shared folder
- Update docker-compose.json with all volume mounts
- Update docker-compose.yml with cgroup: host
- Mount scripts directly from repo (not user-config)
Now works on fresh install without any user-config overrides.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Includes the pre-extracted Cisco Secure Client 5.1.14.145 installation
for building the Docker image.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Includes:
- Dockerfile for native Cisco Secure Client in Docker
- Build scripts (init-vpn.sh, startup-vnc.sh, vpn-connect.sh)
- VNC configuration (xstartup, vnc.service)
- build.sh for manual image builds
- README documenting the architecture
Note: cisco-secure-client-full.tar.gz is gitignored (large binary)
Copy it from ~/projects/cisco-vpn/build/ before building.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Switch from linux-vm QEMU image to cisco-vpn native Docker image
- Change port from 8006 to 6080 (noVNC)
- Remove VM-specific config (RAM, CPU, bridges, taps, QEMU)
- Add VPN credential fields (email, password, TOTP, VPN host)
- Add auto-connect and VNC password options
- Update description.md with new documentation
- Simplify Docker requirements (no /dev/kvm needed)
Benefits:
- No QEMU/VM overhead - runs natively in Docker
- Full Cisco Secure Client 5.1.14.145 with GUI
- Auto-login with TOTP support
- Auto-reconnect on disconnect
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Added schemaVersion: 2 to docker-compose.json
- Changed internalPort from env var to number (81)
- Fixes 'invalid hostPort: NaN' error
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
