From 806c1ead6cc666cc46be972ae8c7f5e0e3031186 Mon Sep 17 00:00:00 2001
From: ashadebi <ashadebi@gmail.com>
Date: Tue, 15 Oct 2019 15:06:32 +0700
Subject: [PATCH] Dockerfile-freeradius + init-freeradius.sh (#129)

* Create Dockerfile-freeradius

* Create init-freeradius.sh
---
 Dockerfile-freeradius | 88 +++++++++++++++++++++++++++++++++++++++++++
 init-freeradius.sh    | 71 ++++++++++++++++++++++++++++++++++
 2 files changed, 159 insertions(+)
 create mode 100644 Dockerfile-freeradius
 create mode 100644 init-freeradius.sh

diff --git a/Dockerfile-freeradius b/Dockerfile-freeradius
new file mode 100644
index 000000000..26adb963c
--- /dev/null
+++ b/Dockerfile-freeradius
@@ -0,0 +1,88 @@
+# Official daloRADIUS Dockerfile
+# GitHub: https://github.com/lirantal/daloradius
+#
+# Build image:
+# 1. git pull git@github.com:lirantal/daloradius.git
+# 2. docker build . -t lirantal/daloradius
+#
+# Run the container:
+# 1. docker run -p 80:80 -d lirantal/daloradius
+
+FROM ubuntu:16.04
+MAINTAINER Liran Tal <liran.tal@gmail.com>
+
+LABEL Description="daloRADIUS Official Docker based on Ubuntu 16.04 LTS and PHP7." \
+	License="GPLv2" \
+	Usage="docker build . -t lirantal/daloradius && docker run -d -p 80:80 lirantal/daloradius" \
+	Version="1.0"
+
+# silence package installations to that debpkg doesn't prompt for mysql
+# passwords and other input
+ENV DEBIAN_FRONTEND "noninteractive"
+ENV mysql_pass ""
+ENV RADPASS radpass
+ENV CLIENT_NET "0.0.0.0/0"
+ENV CLIENT_SECRET 891011121314
+
+# Local Ubuntu mirror Repository
+RUN echo "deb http://foobar.turbo.net.id/ubuntu xenial main universe multiverse restricted" > /etc/apt/sources.list && \
+echo "deb http://foobar.turbo.net.id/ubuntu xenial-security main universe multiverse restricted" >> /etc/apt/sources.list && \
+echo "deb http://foobar.turbo.net.id/ubuntu xenial-updates main universe multiverse restricted" >> /etc/apt/sources.list && \
+echo "deb http://foobar.turbo.net.id/ubuntu xenial-backports main universe multiverse restricted" >> /etc/apt/sources.list
+
+
+# PHP,Apache2,MySQL and FreeRADIUS install
+RUN apt-get update && \
+	apt-get -y install php7.0 \
+  php7.0-cli \
+	php7.0-common \
+	php7.0-curl \
+  php7.0-gd \
+  php7.0-mcrypt \
+	php7.0-mysql \
+	php-mail \
+	php-mail-mime nano \
+  php-pear \
+  php-db \
+  freeradius-utils \
+  apache2 libapache2-mod-php7.0 \
+  mysql-server mysql-client \
+  freeradius freeradius-mysql \
+  cron
+
+
+# PHP Pear DB library install
+RUN pear install DB && rm -rf /var/cache/apk/*
+
+# Add current project directory which should be a clone of daloradius from:
+# git@github.com:lirantal/daloradius.git
+
+ADD . /var/www/html
+RUN chown www-data.www-data -R /var/www/html && mkdir -p /var/run/mysqld
+
+# Run MySQL server so that it initializes the database and seeds information
+#RUN chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; /usr/bin/mysqld_safe & \
+# sleep 10s && \
+# /usr/bin/mysql --host localhost --port 3306 -u root --password="" -e "CREATE DATABASE radius" && \
+# /usr/bin/mysql -u root --password="" radius < /var/www/html/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
+
+# Enable the .htaccess in /var/www/html
+RUN /bin/sed -i 's/AllowOverride\ None/AllowOverride\ All/g' /etc/apache2/apache2.conf
+
+# Enable PHP short tags
+RUN /bin/sed -i "s/short_open_tag\ \=\ Off/short_open_tag\ \=\ On/g" /etc/php/7.0/apache2/php.ini
+
+# Make init.sh script executable
+RUN chmod +x /var/www/html/init-freeradius.sh
+
+# Remove the original sample index.html file
+RUN rm -rf /var/www/html/index.html
+
+# Create daloRADIUS Log file
+RUN touch /var/log/daloradius.log && chown -R www-data:www-data /var/log/daloradius.log
+
+# Expose FreeRADIUS Ports, MySQL, and Web for daloRADIUS
+EXPOSE 1812 1813 80 443 3306
+
+# Run the script which executes Apache2 in the foreground as a running process
+CMD ["/var/www/html/init-freeradius.sh"]
diff --git a/init-freeradius.sh b/init-freeradius.sh
new file mode 100644
index 000000000..601e28655
--- /dev/null
+++ b/init-freeradius.sh
@@ -0,0 +1,71 @@
+#!/bin/bash
+# Executable process script for daloRADIUS docker image:
+# GitHub: git@github.com:lirantal/daloradius.git
+mkdir -p /var/run/mysqld && chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; /usr/bin/mysqld_safe & \
+ sleep 10s && \
+
+mysql -u root --password=$MYSQLTMPROOT -e \
+"CREATE DATABASE radius; GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY '$RADPASS'; \
+flush privileges;"
+mysql -uradius --password=$RADPASS radius < /etc/freeradius/sql/mysql/schema.sql
+mysql -uradius --password=$RADPASS radius < /etc/freeradius/sql/mysql/nas.sql
+mysql -uradius --password=$RADPASS radius < /var/www/html/contrib/db/mysql-daloradius.sql
+
+sed -i 's/password = "radpass"/password = "'$RADPASS'"/' /etc/freeradius/sql.conf
+sed -i 's/#port = 3306/port = 3306/' /etc/freeradius/sql.conf
+sed -i -e 's/$INCLUDE sql.conf/\n$INCLUDE sql.conf/g' /etc/freeradius/radiusd.conf
+sed -i -e 's|$INCLUDE sql/mysql/counter.conf|\n$INCLUDE sql/mysql/counter.conf|g' /etc/freeradius/radiusd.conf
+sed -i -e 's|authorize {|authorize {\nsql|' /etc/freeradius/sites-available/inner-tunnel
+sed -i -e 's|session {|session {\nsql|' /etc/freeradius/sites-available/inner-tunnel 
+sed -i -e 's|authorize {|authorize {\nsql|' /etc/freeradius/sites-available/default
+sed -i -e 's|session {|session {\nsql|' /etc/freeradius/sites-available/default
+sed -i -e 's|accounting {|accounting {\nsql|' /etc/freeradius/sites-available/default
+
+sed -i -e 's|auth_badpass = no|auth_badpass = yes|g' /etc/freeradius/radiusd.conf
+sed -i -e 's|auth_goodpass = no|auth_goodpass = yes|g' /etc/freeradius/radiusd.conf
+sed -i -e 's|auth = no|auth = yes|g' /etc/freeradius/radiusd.conf
+
+sed -i -e 's|\t#  See "Authentication Logging Queries" in sql.conf\n\t#sql|#See "Authentication Logging Queries" in sql.conf\n\tsql|g' /etc/freeradius/sites-available/inner-tunnel 
+sed -i -e 's|\t#  See "Authentication Logging Queries" in sql.conf\n\t#sql|#See "Authentication Logging Queries" in sql.conf\n\tsql|g' /etc/freeradius/sites-available/default
+
+sed -i -e 's|sqltrace = no|sqltrace = yes|g' /etc/freeradius/sql.conf
+
+sed -i -e "s/readclients = yes/nreadclients = yes/" /etc/freeradius/sql.conf
+echo -e "\nATTRIBUTE Usage-Limit 3000 string\nATTRIBUTE Rate-Limit 3001 string" >> /etc/freeradius/dictionary
+
+sed -i "s/$configValues\['CONFIG_DB_PASS'\] = '';/$configValues\['CONFIG_DB_PASS'\] = '"$RADPASS"';/" /var/www/html/library/daloradius.conf.php
+sed -i "s/$configValues\['CONFIG_DB_USER'\] = 'root';/$configValues\['CONFIG_DB_USER'\] = 'radius';/" /var/www/html/library/daloradius.conf.php
+
+if [ -n "$CLIENT_NET" ]; then
+echo "client $CLIENT_NET { 
+    	secret          = $CLIENT_SECRET 
+    	shortname       = clients 
+}" >> /etc/freeradius/clients.conf
+fi 
+
+
+#======== DELETE INIT CODE ==
+echo "#!/bin/bash
+#(while :
+#do
+#  mysqld_safe >/dev/null
+#done) & 
+chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
+/etc/init.d/mysql start
+sleep 3
+# Start Apache2 in the foreground and in debug mode
+/usr/sbin/apachectl -DFOREGROUND -k start -e debug &
+
+/usr/sbin/freeradius -X" > /init-freeradius.sh
+
+
+# Start the MySQL service
+chown -R mysql:mysql /var/lib/mysql /var/run/mysqld
+/etc/init.d/mysql start
+sleep 3
+
+# Start Apache2 in the foreground and in debug mode
+/usr/sbin/apachectl -DFOREGROUND -k start  &
+/usr/sbin/freeradius -X
+# Or with the local httpd.conf use
+#&>/dev/null /usr/sbin/apachectl -DFOREGROUND -k start -e debug -d . -f httpd.conf