-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile
52 lines (41 loc) · 1.36 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
FROM ubuntu:bionic
# Add support for :i386 packages
RUN dpkg --add-architecture i386 && apt-get -qq update
RUN apt-get install -y \
# snxvpn gets installed with pip
python3-pip \
# snx dependencies
libpam0g:i386 \
libx11-6:i386 \
libstdc++5:i386 \
# Port forwarding
socat \
# Socks proxy
dante-server \
# Debug tools
curl iproute2 iputils-ping net-tools
# snx tries to do `modprobe tun` during connection initialization
# Since this image should be run with --privileged that module is already loaded.
# So we just trick snx into thinking it loaded it.
RUN echo "#/bin/sh\ntrue" >> /sbin/modprobe && chmod +x /sbin/modprobe
WORKDIR /workspace
# Install snx
ADD https://access.svea.com/SNX/INSTALL/snx_install.sh .
RUN chmod +x ./snx_install.sh && ./snx_install.sh
# When connecting with snx to a server for the first time
# snx asks if you trust the certificate by showing an X dialog
# that displays a plain text fingerprint of the certificate.
# When pressing yes in that dialog, this file gets written.
# By supplying this file beforehand we can skip setting up X.
COPY root.db /etc/snx/root.db
# Install snxvpn (provides snxconnect)
WORKDIR /snxvpn
COPY snxvpn .
COPY snxvpnversion.py .
RUN pip3 install .
# Socks proxy config
ADD ./danted.conf /etc/danted.conf
EXPOSE 3389 1080
COPY entrypoint.sh /
RUN chmod +x /entrypoint.sh
CMD ["/entrypoint.sh"]