alexz
6a5ccd5c02
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
43 lines
1.4 KiB
Markdown
Executable File
43 lines
1.4 KiB
Markdown
Executable File
# Cistech Tunnel
|
|
|
|
OpenConnect-SSO VPN client running in a container with noVNC for browser-based access.
|
|
|
|
## Features
|
|
|
|
- **OpenConnect-SSO**: Cisco AnyConnect VPN with SSO/SAML authentication
|
|
- **TOTP Support**: Automatic 2FA via keyring integration
|
|
- **Auto-reconnect**: Automatically reconnects on disconnection
|
|
- **noVNC**: Browser-based VNC access on port 6902
|
|
- **NAT/Masquerade**: Routes traffic through VPN tunnel
|
|
- **Cloudflared**: Optional Cloudflare tunnel support
|
|
- **SSH Tunnels**: Optional SSH port forwarding
|
|
|
|
## Runtipi Installation
|
|
|
|
1. Install from the app store or custom repo
|
|
2. Configure the required environment variables
|
|
3. Start the app via Runtipi dashboard
|
|
|
|
## First-time SSO Login
|
|
|
|
1. Open noVNC at `http://<host>:6902`
|
|
2. Enter VNC password
|
|
3. Complete SSO login in the browser window
|
|
4. VPN will connect and auto-reconnect on disconnect
|
|
|
|
## Source Files
|
|
|
|
- `source/Dockerfile`: Container build file
|
|
- `source/entrypoint.sh`: Container entrypoint with auto-reconnect
|
|
|
|
## Environment Variables
|
|
|
|
| Variable | Required | Description |
|
|
|----------|----------|-------------|
|
|
| OC_URL | Yes | VPN server URL |
|
|
| OC_SERVERCERT | Yes | Server certificate pin |
|
|
| OC_USER | No | Username (enables hidden browser mode) |
|
|
| VNC_PASSWORD | Yes | noVNC access password |
|
|
| OC_TOTP_SECRET | No | TOTP secret for auto 2FA |
|
|
| NOVNC_PORT | No | noVNC port (default: 6901) |
|