Skip to content

Instantly share code, notes, and snippets.

@enlavin
Created September 4, 2023 07:56
Show Gist options
  • Save enlavin/73acd3c84e1858f5dd7d1586ea9870fb to your computer and use it in GitHub Desktop.
Save enlavin/73acd3c84e1858f5dd7d1586ea9870fb to your computer and use it in GitHub Desktop.
openconnect-proxy with no reconnections
FROM wazum/openconnect-proxy as base
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
#!/bin/sh
sed "s/^Port .*$/Port 8888/" -i /etc/tinyproxy.conf
/usr/bin/tinyproxy -c /etc/tinyproxy.conf
/usr/local/bin/microsocks -i 0.0.0.0 -p 8889 &
run () {
# Start openconnect
if [[ -z "${OPENCONNECT_PASSWORD}" ]]; then
# Ask for password
openconnect -u "$OPENCONNECT_USER" $OPENCONNECT_OPTIONS $OPENCONNECT_URL
elif [[ ! -z "${OPENCONNECT_PASSWORD}" ]] && [[ ! -z "${OPENCONNECT_MFA_CODE}" ]]; then
# Multi factor authentication (MFA)
(echo $OPENCONNECT_PASSWORD; echo $OPENCONNECT_MFA_CODE) | openconnect -u "$OPENCONNECT_USER" $OPENCONNECT_OPTIONS --passwd-on-stdin $OPENCONNECT_URL
elif [[ ! -z "${OPENCONNECT_PASSWORD}" ]]; then
# Standard authentication
echo $OPENCONNECT_PASSWORD | openconnect -u "$OPENCONNECT_USER" $OPENCONNECT_OPTIONS --passwd-on-stdin $OPENCONNECT_URL
fi
}
# no automatic reconnect to prevent vpn lockouts
run
@enlavin
Copy link
Author

enlavin commented Sep 4, 2023

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment