81 lines
2.0 KiB
Bash
Executable File
81 lines
2.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
NOVNC_PORT="${NOVNC_PORT:-8806}"
|
|
VNC_PASSWORD="${VNC_PASSWORD:-vpnpass}"
|
|
DISPLAY_ADDR="${DISPLAY:-:1}"
|
|
|
|
pids=()
|
|
|
|
setup_hosts() {
|
|
# Add VPN hosts entries (Docker manages /etc/hosts, so add at runtime)
|
|
grep -q "vpn-ord1.dovercorp.com" /etc/hosts || echo "162.209.24.100 vpn-ord1.dovercorp.com" >> /etc/hosts
|
|
grep -q "vpn.dovercorp.com" /etc/hosts || echo "13.67.192.27 vpn.dovercorp.com" >> /etc/hosts
|
|
}
|
|
|
|
start_dbus() {
|
|
# Start dbus for Cisco Secure Client
|
|
mkdir -p /run/dbus
|
|
rm -f /run/dbus/pid
|
|
dbus-daemon --system --fork 2>/dev/null || true
|
|
}
|
|
|
|
start_gui() {
|
|
mkdir -p /root/.vnc
|
|
x11vnc -storepasswd "$VNC_PASSWORD" /root/.vnc/pass >/dev/null 2>&1 || true
|
|
rm -f /tmp/.X1-lock /tmp/.X11-unix/X1 2>/dev/null || true
|
|
Xvfb "$DISPLAY_ADDR" -screen 0 ${XVFB_WxHxD:-1280x800x24} +extension RANDR &
|
|
pids+=($!)
|
|
sleep 0.5
|
|
export DISPLAY="$DISPLAY_ADDR"
|
|
fluxbox >/tmp/fluxbox.log 2>&1 &
|
|
pids+=($!)
|
|
x11vnc -display "$DISPLAY_ADDR" -rfbauth /root/.vnc/pass -forever -shared -rfbport 5900 -quiet &
|
|
pids+=($!)
|
|
websockify --web=/usr/share/novnc/ 0.0.0.0:"$NOVNC_PORT" localhost:5900 >/tmp/websockify.log 2>&1 &
|
|
pids+=($!)
|
|
}
|
|
|
|
start_vpnagent() {
|
|
# Load TUN module if needed
|
|
/opt/cisco/secureclient/bin/load_tun.sh 2>/dev/null || true
|
|
# Clean up stale IPC socket
|
|
rm -f /root/.cisco/hostscan/.libcsd.ipc 2>/dev/null || true
|
|
# Start Cisco VPN agent daemon
|
|
/opt/cisco/secureclient/bin/vpnagentd &
|
|
pids+=($!)
|
|
}
|
|
|
|
setup_tun() {
|
|
mkdir -p /dev/net
|
|
if [ ! -c /dev/net/tun ]; then
|
|
mknod /dev/net/tun c 10 200
|
|
chmod 600 /dev/net/tun
|
|
fi
|
|
}
|
|
|
|
setup_nat() {
|
|
sysctl -w net.ipv4.ip_forward=1 >/dev/null 2>&1 || true
|
|
}
|
|
|
|
start_terminal() {
|
|
sleep 1
|
|
xterm -fa 'Monospace' -fs 11 -bg black -fg white -geometry 120x35+50+50 \
|
|
-T "Rego VPN" -e bash &
|
|
pids+=($!)
|
|
}
|
|
|
|
trap 'kill 0' INT TERM
|
|
|
|
echo "Starting Rego VPN container..."
|
|
setup_hosts
|
|
setup_tun
|
|
setup_nat
|
|
start_dbus
|
|
start_gui
|
|
start_vpnagent
|
|
start_terminal
|
|
|
|
echo "All services started. noVNC available on port $NOVNC_PORT"
|
|
wait
|