alexz
6a5ccd5c02
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
21 lines
871 B
Markdown
Executable File
21 lines
871 B
Markdown
Executable File
# Dockerized OpenConnect-SSO with noVNC and Cloudflared
|
|
|
|
## Setup
|
|
1) Copy `.env.example` to `.env` and fill values (URLs, servercert pins, VNC passwords, cloudflared tokens).
|
|
|
|
2) First-time SSO: leave `OC_SSO_ARGS_*=--browser-display-mode visible`.
|
|
|
|
3) Build and start:
|
|
docker compose build
|
|
docker compose up -d vpn_a
|
|
# Open http://localhost:6901, complete SSO.
|
|
# After success, attach app containers or start cloudflared_a.
|
|
|
|
4) Optional: switch to headless after first login:
|
|
Set `OC_SSO_ARGS_*=--browser-display-mode hidden` (or `headless`) and restart the vpn service.
|
|
|
|
## Notes
|
|
- Each VPN runs in its own net namespace; routes from one cannot affect the other or the host.
|
|
- DNS from the VPN applies within its container namespace and attached services only.
|
|
- Persisted state lives in the named volumes mounted at `/root` (Playwright cache, configs).
|