-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall_radius.sh
86 lines (76 loc) · 3.36 KB
/
install_radius.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#!/bin/bash
#
# Copyright (C) 2017 - Dorance Martinez C
# Author: Dorance Martinez - [email protected]
# SPDX-License-Identifier: Apache-2.0
#
# Descripcion: Script para instalar radius y daloradius en un server Centos 7.0
#
# Version: 0.1.0 - 10-ago-2017
#
mysql_root=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12)
myradius_user="r4dius"
myradius_passwd=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c12)
myradius_db="radius"
sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
echo 0 > /sys/fs/selinux/enforce
yum install -y epel-release
yum install -y mariadb-server mariadb freeradius freeradius-mysql freeradius-utils wget unzip mod_ssl php-mysql php php-pear php-gd php-pear-DB
systemctl enable radiusd.service
systemctl enable httpd
systemctl enable mariadb
systemctl start httpd
systemctl start mariadb
#configure mysql
cat <<EOF >radius.sql
UPDATE mysql.user SET Password=PASSWORD('${mysql_root}') WHERE User='root';
DELETE FROM mysql.user WHERE User='';
DELETE FROM mysql.user WHERE User='root' AND Host NOT IN ('localhost', '127.0.0.1', '::1');
DROP DATABASE IF EXISTS test;
DELETE FROM mysql.db WHERE Db='test' OR Db='test\\_%';
FLUSH PRIVILEGES;
CREATE DATABASE ${myradius_db};
GRANT ALL ON ${myradius_db}.* to '${myradius_user}'@'localhost' identified by '${myradius_passwd}';
flush privileges;
EOF
mysql -u root <radius.sql
#configure radius
mysql -u ${myradius_user} -p"${myradius_passwd}" ${myradius_db} </etc/raddb/mods-config/sql/main/mysql/schema.sql
ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
sed -i 's/-sql/sql/g' /etc/raddb/sites-enabled/default
grep '#.*sql$' /etc/raddb/sites-enabled/default
sed -i 's/#.*sql$/\tsql/g' /etc/raddb/sites-enabled/default
sed -i "s/dialect = \"sqlite\"/\dialect = \"mysql\"/g" /etc/raddb/mods-available/sql
sed -i 's/#.*server =/\tserver =/g' /etc/raddb/mods-available/sql
sed -i 's/#.*port =/\tport =/g' /etc/raddb/mods-available/sql
sed -i "s/#.*login = \"radius\"/\tlogin = \"${myradius_user}\"/g" /etc/raddb/mods-available/sql
sed -i "s/#.*password = \"radpass\"/\tpassword = \"${myradius_passwd}\"/g" /etc/raddb/mods-available/sql
sed -i 's/#.*read_clients =/\tread_clients =/g' /etc/raddb/mods-available/sql
#configure daloradius
wget https://github.com/lirantal/daloradius/archive/master.zip
unzip master.zip
rm -rf master.zip
rmdir /var/www/html
mv daloradius-master /var/www/html
mysql -u ${myradius_user} -p"${myradius_passwd}" ${myradius_db} </var/www/html/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
mysql -u ${myradius_user} -p"${myradius_passwd}" ${myradius_db} </var/www/html/contrib/db/mysql-daloradius.sql
sed -i "s/\$configValues\['CONFIG_DB_USER'\] = 'root'/\$configValues\['CONFIG_DB_USER'\] = '${myradius_user}'/g" /var/www/html/library/daloradius.conf.php
sed -i "s/\$configValues\['CONFIG_DB_PASS'\] = ''/\$configValues\['CONFIG_DB_PASS'\] = '${myradius_passwd}'/g" /var/www/html/library/daloradius.conf.php
chown -R apache: /var/www/html/
#restart services
systemctl restart radiusd.service
systemctl restart httpd
#firewall
firewall-cmd --zone=public --add-service=radius --permanent
firewall-cmd --zone=public --add-service=https --permanent
firewall-cmd --reload
#carcelero
cat <<EOF >>.carcelero
mysql_root_passwd=${mysql_root}
myradius_user=${myradius_user}
myradius_passwd=${myradius_passwd}
myradius_db=${myradius_db}
daloradius user = administrator
daloradius password = radius
EOF
cat .carcelero