Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Various improvements mostly related to Docker usage #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Various improvements mostly related to Docker usage #25

wants to merge 1 commit into from

Conversation

ceejatec
Copy link

@ceejatec ceejatec commented Jul 3, 2020

Main program:

  • Handle SIGINT/SITGERM better (explicitly terminate openconnect).
    Without this, stopping the Docker container wouldn't allow
    openconnect to restore /etc/resolv.conf.
  • Allow one-time code to be specified in conf file/environment

Docker wrapper scripts:

  • Use environment to pass one-time code (old approach of overriding
    the secret value in conf file didn't work)
  • Identify whether code is needed more generically (if ANY totp.xxxx
    secrets are specified, skip the code)
  • Skip commented lines in conf file when looking for secrets, username,
    etc.
  • Output appropriate Docker logfiles when stopping and starting
  • Add stop-docker.sh script to cleanly bring down VPN, with logs

Docker image:

  • Use python 3, based on python/debian-slim base image
  • Multi-stage build to keep openconnect build tools out of final image
  • Only gp-okta.conf needs to be mounted into image now
  • Update URL for retrieving vpnc-script (old git repository has
    gone away)
  • Disable buffering for cleaner output

@ceejatec
Various improvements mostly related to Docker usage
4fb202b 
Main program:
 - Handle SIGINT/SITGERM better (explicitly terminate openconnect).
   Without this, stopping the Docker container wouldn't allow
   openconnect to restore /etc/resolv.conf.
 - Allow one-time code to be specified in conf file/environment

Docker wrapper scripts:
 - Use environment to pass one-time code (old approach of overriding
   the secret value in conf file didn't work)
 - Identify whether code is needed more generically (if ANY totp.xxxx
   secrets are specified, skip the code)
 - Skip commented lines in conf file when looking for secrets, username,
   etc.
 - Output appropriate Docker logfiles when stopping and starting
 - Add stop-docker.sh script to cleanly bring down VPN, with logs

Docker image:
 - Use python 3, based on python/debian-slim base image
 - Multi-stage build to keep openconnect build tools out of final image
 - Only gp-okta.conf needs to be mounted into image now
 - Update URL for retrieving vpnc-script (old git repository has
   gone away)
 - Disable buffering for cleaner output
@ceejatec
Copy link
Author

@arthepsy do you have any questions or comments about this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ceejatec