# Rego Tunnel - Build Files

This directory contains the Dockerfile and scripts to build the Cisco VPN Docker image.

## Files

- `Dockerfile` - Docker image definition (Ubuntu 22.04 + Cisco Secure Client + noVNC)
- `cisco-secure-client-full.tar.gz` - Pre-extracted Cisco Secure Client 5.1.14.145
- `build.sh` - Build and push script
- `scripts/entrypoint.sh` - Container entrypoint (starts systemd)

## Building

```bash
cd /etc/runtipi/repos/runtipi/apps/rego-tunnel/build
./build.sh
```

This builds and pushes to `git.alexzaw.dev/alexz/cisco-vpn:latest`

To build without pushing:
```bash
docker build -t git.alexzaw.dev/alexz/cisco-vpn:latest .
```

## What's in the image

The Dockerfile creates an image with:
- Ubuntu 22.04 with systemd
- Cisco Secure Client 5.1.14.145 (VPN, DART, Posture modules)
- TigerVNC server + noVNC (web-based VNC)
- Tools: xdotool, oathtool (for TOTP), xclip, openbox

### Systemd services (baked in)
- `vpnagentd.service` - Cisco VPN agent
- `vnc.service` - VNC server + noVNC websockify

### Scripts (baked in via base64 in Dockerfile)
- `/opt/scripts/startup-vnc.sh` - Starts VNC server and noVNC
- `/opt/scripts/entrypoint.sh` - Container entrypoint

## Runtime mounts (from shared/)

When running as rego-tunnel app, these are mounted from `shared/`:
- `/shared/cisco-vpn` - Main VPN automation script
- `/shared/xstartup` → `/root/.vnc/xstartup` - VNC session startup

## Ports

- `5901` - VNC server
- `6080` - noVNC web interface