alexz/runtipi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a16b5a232e882ec941dd9c6d469a3f770849f8e2
runtipi/apps/rego-tunnel/build/Dockerfile
alexz efc3ad00af rego-tunnel: move all scripts to dynamic mounts 
- Move entrypoint.sh from build/scripts/ to shared/
- Create startup-vnc.sh in shared/ (was base64-encoded in Dockerfile)
- Remove baked-in scripts and CMD from Dockerfile (keep vnc.service unit only)
- Entrypoint now: chmod +x all shared scripts, symlinks startup-vnc.sh
  to /opt/scripts/ so systemd vnc.service still finds it
- Fix host watcher: use /bin/bash in ExecStart for permission resilience
- Bump tipi_version to 7

All scripts are now dynamically controlled via volume mounts.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-04 21:05:14 +00:00

81 lines
2.3 KiB
Docker
Executable File
Raw Blame History

FROM ubuntu:22.04
LABEL maintainer="alexz"
LABEL description="Cisco Secure Client VPN in Docker with noVNC"
LABEL version="5.1.14.145"
ENV DEBIAN_FRONTEND=noninteractive
ENV container=docker
# VNC/noVNC settings
ENV DISPLAY=:1
ENV VNC_PORT=5901
ENV NOVNC_PORT=6080
# Install systemd and dependencies
RUN apt-get update && apt-get install -y \
systemd \
systemd-sysv \
dbus \
dbus-x11 \
libgtk-3-0 \
libglib2.0-0 \
libstdc++6 \
iptables \
libxml2 \
network-manager \
zlib1g \
policykit-1 \
xdg-utils \
libwebkit2gtk-4.0-37 \
tigervnc-standalone-server \
tigervnc-common \
novnc \
websockify \
openbox \
xterm \
procps \
net-tools \
curl \
iproute2 \
iputils-ping \
nano \
x11vnc \
xvfb \
fluxbox \
xdotool \
oathtool \
xclip \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Remove unnecessary systemd services that cause issues in containers
RUN rm -f /lib/systemd/system/multi-user.target.wants/* \
/etc/systemd/system/*.wants/* \
/lib/systemd/system/local-fs.target.wants/* \
/lib/systemd/system/sockets.target.wants/*udev* \
/lib/systemd/system/sockets.target.wants/*initctl* \
/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup* \
/lib/systemd/system/systemd-update-utmp*
# Copy and extract Cisco Secure Client
COPY cisco-secure-client-full.tar.gz /tmp/
RUN tar -xzf /tmp/cisco-secure-client-full.tar.gz -C / && rm /tmp/cisco-secure-client-full.tar.gz
# Enable vpnagentd service
RUN systemctl enable vpnagentd.service
# vnc.service - started by systemd, calls /opt/scripts/startup-vnc.sh
# The entrypoint symlinks /shared/startup-vnc.sh -> /opt/scripts/startup-vnc.sh at runtime
RUN mkdir -p /opt/scripts && \
echo 'W1VuaXRdCkRlc2NyaXB0aW9uPVZOQyBhbmQgbm9WTkMgU2VydmVyCkFmdGVyPW5ldHdvcmsudGFyZ2V0IHZwbmFnZW50ZC5zZXJ2aWNlCgpbU2VydmljZV0KVHlwZT1zaW1wbGUKRXhlY1N0YXJ0PS9vcHQvc2NyaXB0cy9zdGFydHVwLXZuYy5zaApSZXN0YXJ0PWFsd2F5cwpSZXN0YXJ0U2VjPTUKRW52aXJvbm1lbnQ9SE9NRT0vcm9vdApFbnZpcm9ubWVudD1VU0VSPXJvb3QKCltJbnN0YWxsXQpXYW50ZWRCeT1tdWx0aS11c2VyLnRhcmdldAo=' \
| base64 -d > /lib/systemd/system/vnc.service && \
chmod 644 /lib/systemd/system/vnc.service && \
systemctl enable vnc.service
VOLUME ["/sys/fs/cgroup"]
EXPOSE 5901 6080
STOPSIGNAL SIGRTMIN+3
Reference in New Issue View Git Blame Copy Permalink