alexz/runtipi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7b874169cb884a7c7242a7c622b479b4d09a1aca
runtipi/apps/rego-tunnel/build/README.md
alexz 838b33d6c5
Some checks failed
Test / test (push) Has been cancelled
Details
feat(rego-tunnel): Add Dockerfile and build scripts for cisco-vpn image 
Includes:
- Dockerfile for native Cisco Secure Client in Docker
- Build scripts (init-vpn.sh, startup-vnc.sh, vpn-connect.sh)
- VNC configuration (xstartup, vnc.service)
- build.sh for manual image builds
- README documenting the architecture

Note: cisco-secure-client-full.tar.gz is gitignored (large binary)
Copy it from ~/projects/cisco-vpn/build/ before building.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-16 20:47:20 +00:00

42 lines
1.5 KiB
Markdown
Raw Blame History

# Rego Tunnel - Build Files
This directory contains the Dockerfile and scripts to build the Cisco VPN Docker image.
## Files
- `Dockerfile` - Main Docker image definition
- `cisco-secure-client-full.tar.gz` - Pre-extracted Cisco Secure Client installation
- `build.sh` - Build script to create the Docker image
- `scripts/` - Container scripts:
- `init-vpn.sh` - Container init (unmounts DNS files for VPN, starts systemd)
- `startup-vnc.sh` - VNC/noVNC startup script
- `vpn-connect.sh` - VPN automation script (inside container)
- `xstartup` - VNC session startup
- `vnc.service` - Systemd service for VNC
## Building
```bash
cd /etc/runtipi/repos/runtipi/apps/rego-tunnel/build
./build.sh
```
To push to registry:
```bash
docker push git.alexzaw.dev/alexz/cisco-vpn:latest
```
## Architecture
1. **init-vpn.sh**: Unmounts Docker's bind-mounted `/etc/resolv.conf` and `/etc/hosts` (required for VPN to modify DNS), then starts systemd
2. **systemd**: Manages vpnagentd (Cisco VPN agent) and vnc (VNC server) services
3. **xstartup**: Runs when VNC session starts - by default launches vpnui, but can be overridden via volume mount
4. **vpn-connect.sh**: Optional automation script for auto-login with TOTP
## Runtime Mounts
When running as rego-tunnel app, these are mounted:
- `/shared` - Contains the `cisco-vpn` script with full automation
- `/root/.vnc/xstartup` - Custom xstartup that launches terminal with cisco-vpn script
- `/opt/scripts/init-vpn.sh` - Custom init script with network setup
Reference in New Issue View Git Blame Copy Permalink