alexz
ee6cb6c90d
Some checks failed
Test / test (push) Has been cancelled
These two files cannot be overridden at runtime, so they're now baked directly into the Dockerfile using heredocs. Remaining scripts (can be overridden at runtime): - init-vpn.sh - xstartup - vpn-connect.sh Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Rego Tunnel - Build Files
This directory contains the Dockerfile and scripts to build the Cisco VPN Docker image.
Files
Dockerfile- Main Docker image definitioncisco-secure-client-full.tar.gz- Pre-extracted Cisco Secure Client installationbuild.sh- Build script to create the Docker imagescripts/- Container scripts:init-vpn.sh- Container init (unmounts DNS files for VPN, starts systemd)startup-vnc.sh- VNC/noVNC startup scriptvpn-connect.sh- VPN automation script (inside container)xstartup- VNC session startupvnc.service- Systemd service for VNC
Building
cd /etc/runtipi/repos/runtipi/apps/rego-tunnel/build
./build.sh
To push to registry:
docker push git.alexzaw.dev/alexz/cisco-vpn:latest
Architecture
- init-vpn.sh: Unmounts Docker's bind-mounted
/etc/resolv.confand/etc/hosts(required for VPN to modify DNS), then starts systemd - systemd: Manages vpnagentd (Cisco VPN agent) and vnc (VNC server) services
- xstartup: Runs when VNC session starts - by default launches vpnui, but can be overridden via volume mount
- vpn-connect.sh: Optional automation script for auto-login with TOTP
Runtime Mounts
When running as rego-tunnel app, these are mounted:
/shared- Contains thecisco-vpnscript with full automation/root/.vnc/xstartup- Custom xstartup that launches terminal with cisco-vpn script/opt/scripts/init-vpn.sh- Custom init script with network setup