runtipi/apps/cistech-tunnel/build/README.md

Rego Tunnel - Build Files

This directory contains the Dockerfile and scripts to build the Cisco VPN Docker image.

Files

• Dockerfile - Docker image definition (Ubuntu 22.04 + Cisco Secure Client + noVNC)
• cisco-secure-client-full.tar.gz - Pre-extracted Cisco Secure Client 5.1.14.145
• build.sh - Build and push script
• scripts/entrypoint.sh - Container entrypoint (starts systemd)

Building

cd /etc/runtipi/repos/runtipi/apps/rego-tunnel/build
./build.sh

This builds and pushes to git.alexzaw.dev/alexz/cisco-vpn:latest

To build without pushing:

docker build -t git.alexzaw.dev/alexz/cisco-vpn:latest .

What's in the image

The Dockerfile creates an image with:

• Ubuntu 22.04 with systemd
• Cisco Secure Client 5.1.14.145 (VPN, DART, Posture modules)
• TigerVNC server + noVNC (web-based VNC)
• Tools: xdotool, oathtool (for TOTP), xclip, openbox

Systemd services (baked in)

• vpnagentd.service - Cisco VPN agent
• vnc.service - VNC server + noVNC websockify

Scripts (baked in via base64 in Dockerfile)

• /opt/scripts/startup-vnc.sh - Starts VNC server and noVNC
• /opt/scripts/entrypoint.sh - Container entrypoint

Runtime mounts (from shared/)

When running as rego-tunnel app, these are mounted from shared/:

• /shared/cisco-vpn - Main VPN automation script
• /shared/xstartup → /root/.vnc/xstartup - VNC session startup

Ports

• 5901 - VNC server
• 6080 - noVNC web interface