37 lines
1.4 KiB
Bash
Executable File
37 lines
1.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
: "${OC_URL:?OC_URL is required}"
|
|
: "${OC_SERVERCERT:?OC_SERVERCERT is required}"
|
|
|
|
NOVNC_PORT="${NOVNC_PORT:-6901}"
|
|
VNC_PASSWORD="${VNC_PASSWORD:-changeme}"
|
|
DISPLAY_ADDR="${DISPLAY:-:1}"
|
|
OC_INTERFACE="${OC_INTERFACE:-tun0}"
|
|
OC_SSO_ARGS_DEFAULT="--browser-display-mode shown"
|
|
|
|
if [[ "${OC_SSO_ARGS:-$OC_SSO_ARGS_DEFAULT}" == *"shown"* ]]; then
|
|
mkdir -p /root/.vnc
|
|
x11vnc -storepasswd "$VNC_PASSWORD" /root/.vnc/pass >/dev/null 2>&1 || true
|
|
rm -f /tmp/.X1-lock /tmp/.X11-unix/X1 2>/dev/null || true
|
|
Xvfb "$DISPLAY_ADDR" -screen 0 ${XVFB_WxHxD:-1280x800x24} +extension RANDR &
|
|
sleep 0.5
|
|
export DISPLAY="$DISPLAY_ADDR"
|
|
fluxbox >/tmp/fluxbox.log 2>&1 &
|
|
x11vnc -display "$DISPLAY_ADDR" -rfbauth /root/.vnc/pass -forever -shared -rfbport 5900 -quiet &
|
|
websockify --web=/usr/share/novnc/ 0.0.0.0:"$NOVNC_PORT" localhost:5900 >/tmp/websockify.log 2>&1 &
|
|
fi
|
|
|
|
OPENCONNECT_CMD=(
|
|
/usr/sbin/openconnect
|
|
--protocol=anyconnect
|
|
--servercert "$OC_SERVERCERT"
|
|
--interface "$OC_INTERFACE"
|
|
--script /usr/share/vpnc-scripts/vpnc-script
|
|
)
|
|
[[ -n "${OC_AUTHGROUP:-}" ]] && OPENCONNECT_CMD+=(--authgroup "$OC_AUTHGROUP")
|
|
[[ -n "${OC_USERAGENT:-}" ]] && OPENCONNECT_CMD+=(--useragent "$OC_USERAGENT")
|
|
[[ -n "${OC_EXTRA_ARGS:-}" ]] && OPENCONNECT_CMD+=(${OC_EXTRA_ARGS})
|
|
|
|
exec openconnect-sso -s "$OC_URL" ${OC_SSO_ARGS:-$OC_SSO_ARGS_DEFAULT} -- "${OPENCONNECT_CMD[@]}"
|