OpenConnect VPN Client for the UniFi Dream Machine Pro (Unofficial)
Require the use of the excellent On Boot script from: https://github.com/unifi-utilities/unifios-utilities/blob/main/on-boot-script-2.x/README.md
Because of the way OpenConnect works with the particular Global Protect VPN endpoint I'm using (requires a 2FA auth based on an Okta prompt) I actually didn't put the connection script in the container image itself.
Instead I just put a generic entrypoint shell script in there that does nothing. I pre-loaded the binaries for TOTP creation and the openconnect client in the image.
Then I bind-mount a shell script from a /mnt/data sub-directory (so it persists
across upgrades).
And finally I overload the command at runtime to execute that script instead of the built-in info-message/generic entrypoint script.
Edit connect-example.sh to match your needs (or create a different
connection script, and adapt the command below), then run:
docker run -it -d --rm --net=host --name openconnect --privileged \
-v /mnt/data/openconnect/connect-example.sh:/usr/local/bin/connect-example.sh \
-v /dev/net/tun:/dev/net/tun \
ghcr.io/shuguet/openconnect-udm \
/usr/local/bin/connect-example.sh