Skip to content

Commit

Permalink
Dockerfile-freeradius + init-freeradius.sh (#129)
Browse files Browse the repository at this point in the history
* Create Dockerfile-freeradius

* Create init-freeradius.sh
  • Loading branch information
ashadebi authored and lirantal committed Oct 15, 2019
1 parent 3dbc964 commit 806c1ea
Showing 2 changed files with 159 additions and 0 deletions.
88 changes: 88 additions & 0 deletions Dockerfile-freeradius
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
# Official daloRADIUS Dockerfile
# GitHub: https://github.com/lirantal/daloradius
#
# Build image:
# 1. git pull git@github.com:lirantal/daloradius.git
# 2. docker build . -t lirantal/daloradius
#
# Run the container:
# 1. docker run -p 80:80 -d lirantal/daloradius

FROM ubuntu:16.04
MAINTAINER Liran Tal <liran.tal@gmail.com>

LABEL Description="daloRADIUS Official Docker based on Ubuntu 16.04 LTS and PHP7." \
License="GPLv2" \
Usage="docker build . -t lirantal/daloradius && docker run -d -p 80:80 lirantal/daloradius" \
Version="1.0"

# silence package installations to that debpkg doesn't prompt for mysql
# passwords and other input
ENV DEBIAN_FRONTEND "noninteractive"
ENV mysql_pass ""
ENV RADPASS radpass
ENV CLIENT_NET "0.0.0.0/0"
ENV CLIENT_SECRET 891011121314

# Local Ubuntu mirror Repository
RUN echo "deb http://foobar.turbo.net.id/ubuntu xenial main universe multiverse restricted" > /etc/apt/sources.list && \
echo "deb http://foobar.turbo.net.id/ubuntu xenial-security main universe multiverse restricted" >> /etc/apt/sources.list && \
echo "deb http://foobar.turbo.net.id/ubuntu xenial-updates main universe multiverse restricted" >> /etc/apt/sources.list && \
echo "deb http://foobar.turbo.net.id/ubuntu xenial-backports main universe multiverse restricted" >> /etc/apt/sources.list


# PHP,Apache2,MySQL and FreeRADIUS install
RUN apt-get update && \
apt-get -y install php7.0 \
php7.0-cli \
php7.0-common \
php7.0-curl \
php7.0-gd \
php7.0-mcrypt \
php7.0-mysql \
php-mail \
php-mail-mime nano \
php-pear \
php-db \
freeradius-utils \
apache2 libapache2-mod-php7.0 \
mysql-server mysql-client \
freeradius freeradius-mysql \
cron


# PHP Pear DB library install
RUN pear install DB && rm -rf /var/cache/apk/*

# Add current project directory which should be a clone of daloradius from:
# git@github.com:lirantal/daloradius.git

ADD . /var/www/html
RUN chown www-data.www-data -R /var/www/html && mkdir -p /var/run/mysqld

# Run MySQL server so that it initializes the database and seeds information
#RUN chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; /usr/bin/mysqld_safe & \
# sleep 10s && \
# /usr/bin/mysql --host localhost --port 3306 -u root --password="" -e "CREATE DATABASE radius" && \
# /usr/bin/mysql -u root --password="" radius < /var/www/html/contrib/db/fr2-mysql-daloradius-and-freeradius.sql

# Enable the .htaccess in /var/www/html
RUN /bin/sed -i 's/AllowOverride\ None/AllowOverride\ All/g' /etc/apache2/apache2.conf

# Enable PHP short tags
RUN /bin/sed -i "s/short_open_tag\ \=\ Off/short_open_tag\ \=\ On/g" /etc/php/7.0/apache2/php.ini

# Make init.sh script executable
RUN chmod +x /var/www/html/init-freeradius.sh

# Remove the original sample index.html file
RUN rm -rf /var/www/html/index.html

# Create daloRADIUS Log file
RUN touch /var/log/daloradius.log && chown -R www-data:www-data /var/log/daloradius.log

# Expose FreeRADIUS Ports, MySQL, and Web for daloRADIUS
EXPOSE 1812 1813 80 443 3306

# Run the script which executes Apache2 in the foreground as a running process
CMD ["/var/www/html/init-freeradius.sh"]
71 changes: 71 additions & 0 deletions init-freeradius.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
#!/bin/bash
# Executable process script for daloRADIUS docker image:
# GitHub: git@github.com:lirantal/daloradius.git
mkdir -p /var/run/mysqld && chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; /usr/bin/mysqld_safe & \
sleep 10s && \

mysql -u root --password=$MYSQLTMPROOT -e \
"CREATE DATABASE radius; GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY '$RADPASS'; \
flush privileges;"
mysql -uradius --password=$RADPASS radius < /etc/freeradius/sql/mysql/schema.sql
mysql -uradius --password=$RADPASS radius < /etc/freeradius/sql/mysql/nas.sql
mysql -uradius --password=$RADPASS radius < /var/www/html/contrib/db/mysql-daloradius.sql

sed -i 's/password = "radpass"/password = "'$RADPASS'"/' /etc/freeradius/sql.conf
sed -i 's/#port = 3306/port = 3306/' /etc/freeradius/sql.conf
sed -i -e 's/$INCLUDE sql.conf/\n$INCLUDE sql.conf/g' /etc/freeradius/radiusd.conf
sed -i -e 's|$INCLUDE sql/mysql/counter.conf|\n$INCLUDE sql/mysql/counter.conf|g' /etc/freeradius/radiusd.conf
sed -i -e 's|authorize {|authorize {\nsql|' /etc/freeradius/sites-available/inner-tunnel
sed -i -e 's|session {|session {\nsql|' /etc/freeradius/sites-available/inner-tunnel
sed -i -e 's|authorize {|authorize {\nsql|' /etc/freeradius/sites-available/default
sed -i -e 's|session {|session {\nsql|' /etc/freeradius/sites-available/default
sed -i -e 's|accounting {|accounting {\nsql|' /etc/freeradius/sites-available/default

sed -i -e 's|auth_badpass = no|auth_badpass = yes|g' /etc/freeradius/radiusd.conf
sed -i -e 's|auth_goodpass = no|auth_goodpass = yes|g' /etc/freeradius/radiusd.conf
sed -i -e 's|auth = no|auth = yes|g' /etc/freeradius/radiusd.conf

sed -i -e 's|\t# See "Authentication Logging Queries" in sql.conf\n\t#sql|#See "Authentication Logging Queries" in sql.conf\n\tsql|g' /etc/freeradius/sites-available/inner-tunnel
sed -i -e 's|\t# See "Authentication Logging Queries" in sql.conf\n\t#sql|#See "Authentication Logging Queries" in sql.conf\n\tsql|g' /etc/freeradius/sites-available/default

sed -i -e 's|sqltrace = no|sqltrace = yes|g' /etc/freeradius/sql.conf

sed -i -e "s/readclients = yes/nreadclients = yes/" /etc/freeradius/sql.conf
echo -e "\nATTRIBUTE Usage-Limit 3000 string\nATTRIBUTE Rate-Limit 3001 string" >> /etc/freeradius/dictionary

sed -i "s/$configValues\['CONFIG_DB_PASS'\] = '';/$configValues\['CONFIG_DB_PASS'\] = '"$RADPASS"';/" /var/www/html/library/daloradius.conf.php
sed -i "s/$configValues\['CONFIG_DB_USER'\] = 'root';/$configValues\['CONFIG_DB_USER'\] = 'radius';/" /var/www/html/library/daloradius.conf.php

if [ -n "$CLIENT_NET" ]; then
echo "client $CLIENT_NET {
secret = $CLIENT_SECRET
shortname = clients
}" >> /etc/freeradius/clients.conf
fi


#======== DELETE INIT CODE ==
echo "#!/bin/bash
#(while :
#do
# mysqld_safe >/dev/null
#done) &
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
/etc/init.d/mysql start
sleep 3
# Start Apache2 in the foreground and in debug mode
/usr/sbin/apachectl -DFOREGROUND -k start -e debug &
/usr/sbin/freeradius -X" > /init-freeradius.sh


# Start the MySQL service
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
/etc/init.d/mysql start
sleep 3

# Start Apache2 in the foreground and in debug mode
/usr/sbin/apachectl -DFOREGROUND -k start &
/usr/sbin/freeradius -X
# Or with the local httpd.conf use
#&>/dev/null /usr/sbin/apachectl -DFOREGROUND -k start -e debug -d . -f httpd.conf

0 comments on commit 806c1ea

Please sign in to comment.