-
Notifications
You must be signed in to change notification settings - Fork 356
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Co-authored-by: Ben White <[email protected]>
- Loading branch information
Showing
6 changed files
with
122 additions
and
97 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,3 +6,5 @@ invoice_preview.html | |
| app/common/includes/daloradius.conf.php | ||
| var/log/*.log | ||
| var/backup/*.sql | ||
| data/ | ||
| internal_data/ | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -6,15 +6,15 @@ | |
| # 2. docker build . -t lirantal/daloradius | ||
| # | ||
| # Run the container: | ||
| # 1. docker run -p 80:80 -d lirantal/daloradius | ||
| # 1. docker run -p 80:80 -p 8000:8000 -d lirantal/daloradius | ||
|
|
||
| FROM ubuntu:20.04 | ||
| FROM debian:11-slim | ||
| MAINTAINER Liran Tal <[email protected]> | ||
|
|
||
| LABEL Description="daloRADIUS Official Docker based on Ubuntu 20.04 LTS and PHP7." \ | ||
| LABEL Description="daloRADIUS Official Docker based on Debian 11 and PHP7." \ | ||
| License="GPLv2" \ | ||
| Usage="docker build . -t lirantal/daloradius && docker run -d -p 80:80 lirantal/daloradius" \ | ||
| Version="1.0" | ||
| Usage="docker build . -t lirantal/daloradius && docker run -d -p 80:80 -p 8000:8000 lirantal/daloradius" \ | ||
| Version="2.0beta" | ||
|
|
||
| ENV DEBIAN_FRONTEND noninteractive | ||
|
|
||
|
|
@@ -23,71 +23,58 @@ ENV TZ Europe/Vienna | |
|
|
||
| # PHP install | ||
| RUN apt-get update \ | ||
| && apt-get install --yes --no-install-recommends \ | ||
| ca-certificates \ | ||
| apt-utils \ | ||
| freeradius-utils \ | ||
| tzdata \ | ||
| apache2 \ | ||
| libapache2-mod-php \ | ||
| cron \ | ||
| net-tools \ | ||
| php \ | ||
| php-common \ | ||
| php-gd \ | ||
| php-curl \ | ||
| php-mail \ | ||
| php-dev \ | ||
| php-mail-mime \ | ||
| php-db \ | ||
| php-mysql \ | ||
| mariadb-client \ | ||
| libmysqlclient-dev \ | ||
| unzip \ | ||
| wget \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
|
|
||
| # PHP Pear DB library install | ||
| RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone \ | ||
| && update-ca-certificates -f \ | ||
| && mkdir -p /tmp/pear/cache \ | ||
| && wget http://pear.php.net/go-pear.phar \ | ||
| && php go-pear.phar \ | ||
| && rm go-pear.phar \ | ||
| && pear channel-update pear.php.net \ | ||
| && pear install -a -f DB \ | ||
| && pear install -a -f Mail \ | ||
| && pear install -a -f Mail_Mime | ||
|
|
||
| # Add current project directory which should be a clone of daloradius from: | ||
| # [email protected]:lirantal/daloradius.git | ||
| && apt-get install --yes --no-install-recommends \ | ||
| ca-certificates \ | ||
| apt-utils \ | ||
| freeradius-utils \ | ||
| tzdata \ | ||
| apache2 \ | ||
| libapache2-mod-php \ | ||
| cron \ | ||
| net-tools \ | ||
| php \ | ||
| php-common \ | ||
| php-gd \ | ||
| php-cli \ | ||
| php-curl \ | ||
| php-mail \ | ||
| php-dev \ | ||
| php-mail-mime \ | ||
| php-mbstring \ | ||
| php-db \ | ||
| php-mysql \ | ||
| php-zip \ | ||
| mariadb-client \ | ||
| default-libmysqlclient-dev \ | ||
| unzip \ | ||
| wget \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| ADD contrib/docker/operators.conf /etc/apache2/sites-available/operators.conf | ||
| ADD contrib/docker/users.conf /etc/apache2/sites-available/users.conf | ||
| RUN a2dissite 000-default.conf && \ | ||
| a2ensite users.conf operators.conf && \ | ||
| sed -i 's/Listen 80/Listen 80\nListen 8000/' /etc/apache2/ports.conf | ||
|
|
||
| # Create directories | ||
| # /data should be mounted as volume to avoid recreation of database entries | ||
| RUN mkdir /data /internal_data | ||
| ADD . /var/www/daloradius | ||
|
|
||
| ADD . /var/www/html | ||
| RUN touch /var/www/html/library/daloradius.conf.php | ||
| RUN chown -R www-data:www-data /var/www/html | ||
|
|
||
| # Enable the .htaccess in /var/www/html | ||
| RUN /bin/sed -i 's/AllowOverride\ None/AllowOverride\ All/g' /etc/apache2/apache2.conf | ||
|
|
||
| # Make init.sh script executable | ||
| RUN chmod +x /var/www/html/init.sh | ||
|
|
||
| # Remove the original sample index.html file | ||
| RUN rm -rf /var/www/html/index.html | ||
| #RUN touch /var/www/html/library/daloradius.conf.php | ||
| RUN chown -R www-data:www-data /var/www/daloradius | ||
|
|
||
| # Remove the original sample web folder | ||
| RUN rm -rf /var/www/html | ||
| # | ||
| # Create daloRADIUS Log file | ||
| RUN touch /tmp/daloradius.log && chown -R www-data:www-data /tmp/daloradius.log | ||
| RUN mkdir -p /var/log/apache2/daloradius && chown -R www-data:www-data /var/log/apache2/daloradius | ||
| RUN echo "Mutex posixsem" >> /etc/apache2/apache2.conf | ||
|
|
||
| # Create freeradius log | ||
| RUN mkdir /var/log/freeradius && touch /var/log/freeradius/radius.log | ||
|
|
||
| # Expose Web port for daloRADIUS | ||
| ## Expose Web port for daloRADIUS | ||
| EXPOSE 80 | ||
|
|
||
| # Run the script which executes Apache2 in the foreground as a running process | ||
| CMD ["/var/www/html/init.sh"] | ||
| EXPOSE 8000 | ||
| # | ||
| ## Run the script which executes Apache2 in the foreground as a running process | ||
| CMD ["/bin/bash", "/var/www/daloradius/init.sh"] | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <VirtualHost *:8000> | ||
| ServerAdmin operators@localhost | ||
| DocumentRoot /var/www/daloradius/app/operators | ||
|
|
||
| <Directory /var/www/daloradius/app/operators> | ||
| Options -Indexes +FollowSymLinks | ||
| AllowOverride None | ||
| Require all granted | ||
| </Directory> | ||
|
|
||
| <Directory /var/www/daloradius> | ||
| Require all denied | ||
| </Directory> | ||
| ErrorLog ${APACHE_LOG_DIR}/daloradius/operators-error.log | ||
| CustomLog ${APACHE_LOG_DIR}/daloradius/operators-access.log combined | ||
| </VirtualHost> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <VirtualHost *:80> | ||
| ServerAdmin users@localhost | ||
| DocumentRoot /var/www/daloradius/app/users | ||
|
|
||
| <Directory /var/www/daloradius/app/users> | ||
| Options -Indexes +FollowSymLinks | ||
| AllowOverride None | ||
| Require all granted | ||
| </Directory> | ||
|
|
||
| <Directory /var/www/daloradius> | ||
| Require all denied | ||
| </Directory> | ||
| ErrorLog ${APACHE_LOG_DIR}/daloradius/users-error.log | ||
| CustomLog ${APACHE_LOG_DIR}/daloradius/users-access.log combined | ||
| </VirtualHost> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,69 +1,71 @@ | ||
| #!/bin/bash | ||
| # Executable process script for daloRADIUS docker image: | ||
| # GitHub: [email protected]:lirantal/daloradius.git | ||
| DALORADIUS_PATH=/var/www/html | ||
| DALORADIUS_CONF_PATH=/var/www/html/library/daloradius.conf.php | ||
| DALORADIUS_PATH=/var/www/daloradius | ||
| DALORADIUS_CONF_PATH=/var/www/daloradius/app/common/includes/daloradius.conf.php | ||
|
|
||
|
|
||
| function init_daloradius { | ||
|
|
||
| if ! test -f "$/var/www/html/library/daloradius.conf.php"; then | ||
| cp "$DALORADIUS_PATH/library/daloradius.conf.php.sample" "$DALORADIUS_CONF_PATH" | ||
| if ! test -f "$DALORADIUS_CONF_PATH"; then | ||
| cp "$DALORADIUS_CONF_PATH.sample" "$DALORADIUS_CONF_PATH" | ||
| fi | ||
|
|
||
| sed -i "s/\$configValues\['CONFIG_DB_HOST'\] = .*;/\$configValues\['CONFIG_DB_HOST'\] = '$MYSQL_HOST';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_DB_PORT'\] = .*;/\$configValues\['CONFIG_DB_PORT'\] = '$MYSQL_PORT';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_DB_PASS'\] = .*;/\$configValues\['CONFIG_DB_PASS'\] = '$MYSQL_PASSWORD';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_DB_USER'\] = .*;/\$configValues\['CONFIG_DB_USER'\] = '$MYSQL_USER';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_DB_NAME'\] = .*;/\$configValues\['CONFIG_DB_NAME'\] = '$MYSQL_DATABASE';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['FREERADIUS_VERSION'\] = .*;/\$configValues\['FREERADIUS_VERSION'\] = '3';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s|\$configValues\['CONFIG_PATH_DALO_VARIABLE_DATA'\] = .*;|\$configValues\['CONFIG_PATH_DALO_VARIABLE_DATA'\] = '/var/www/html/var';|" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| [ -n "$MYSQL_HOST" ] && sed -i "s/\$configValues\['CONFIG_DB_HOST'\] = .*;/\$configValues\['CONFIG_DB_HOST'\] = '$MYSQL_HOST';/" $DALORADIUS_CONF_PATH || MYSQL_HOST=localhost | ||
| [ -n "$MYSQL_PORT" ] && sed -i "s/\$configValues\['CONFIG_DB_PORT'\] = .*;/\$configValues\['CONFIG_DB_PORT'\] = '$MYSQL_PORT';/" $DALORADIUS_CONF_PATH | ||
| [ -n "$MYSQL_PASSWORD" ] && sed -i "s/\$configValues\['CONFIG_DB_PASS'\] = .*;/\$configValues\['CONFIG_DB_PASS'\] = '$MYSQL_PASSWORD';/" $DALORADIUS_CONF_PATH || MYSQL_PASSWORD=radpass | ||
| [ -n "$MYSQL_USER" ] && sed -i "s/\$configValues\['CONFIG_DB_USER'\] = .*;/\$configValues\['CONFIG_DB_USER'\] = '$MYSQL_USER';/" $DALORADIUS_CONF_PATH || MYSQL_USER=raduser | ||
| [ -n "$MYSQL_DATABASE" ] && sed -i "s/\$configValues\['CONFIG_DB_NAME'\] = .*;/\$configValues\['CONFIG_DB_NAME'\] = '$MYSQL_DATABASE';/" $DALORADIUS_CONF_PATH || MYSQL_DATABASE=raddb | ||
| sed -i "s/\$configValues\['FREERADIUS_VERSION'\] = .*;/\$configValues\['FREERADIUS_VERSION'\] = '3';/" $DALORADIUS_CONF_PATH | ||
|
|
||
| if [ -n "$DEFAULT_FREERADIUS_SERVER" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = '$DEFAULT_FREERADIUS_SERVER';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = '$DEFAULT_FREERADIUS_SERVER';/" $DALORADIUS_CONF_PATH | ||
| else | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = 'radius';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSERVER'\] = 'radius';/" $DALORADIUS_CONF_PATH | ||
| fi | ||
| if [ -n "$DEFAULT_CLIENT_SECRET" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSECRET'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSECRET'\] = '$DEFAULT_CLIENT_SECRET';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| sed -i "s/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSECRET'\] = .*;/\$configValues\['CONFIG_MAINT_TEST_USER_RADIUSSECRET'\] = '$DEFAULT_CLIENT_SECRET';/" $DALORADIUS_CONF_PATH | ||
| fi | ||
|
|
||
| if [ -n "$MAIL_SMTPADDR" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAIL_SMTPADDR'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPADDR'\] = '$MAIL_SMTPADDR';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| fi | ||
| if [ -n "$MAIL_PORT" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAIL_SMTPPORT'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPPORT'\] = '$MAIL_PORT';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| fi | ||
| if [ -n "$MAIL_FROM" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAIL_SMTPFROM'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPFROM'\] = '$MAIL_FROM';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| fi | ||
| if [ -n "$MAIL_AUTH" ]; then | ||
| sed -i "s/\$configValues\['CONFIG_MAIL_SMTPAUTH'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPAUTH'\] = '$MAIL_AUTH';/" $DALORADIUS_PATH/library/daloradius.conf.php | ||
| fi | ||
| [ -n "$MAIL_SMTPADDR" ] && sed -i "s/\$configValues\['CONFIG_MAIL_SMTPADDR'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPADDR'\] = '$MAIL_SMTPADDR';/" $DALORADIUS_CONF_PATH | ||
| [ -n "$MAIL_PORT" ] && sed -i "s/\$configValues\['CONFIG_MAIL_SMTPPORT'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPPORT'\] = '$MAIL_PORT';/" $DALORADIUS_CONF_PATH | ||
| [ -n "$MAIL_FROM" ] && sed -i "s/\$configValues\['CONFIG_MAIL_SMTPFROM'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPFROM'\] = '$MAIL_FROM';/" $DALORADIUS_CONF_PATH | ||
| [ -n "$MAIL_AUTH" ] && sed -i "s/\$configValues\['CONFIG_MAIL_SMTPAUTH'\] = .*;/\$configValues\['CONFIG_MAIL_SMTPAUTH'\] = '$MAIL_AUTH';/" $DALORADIUS_CONF_PATH | ||
| sed -i "s/\$configValues\['CONFIG_LOG_FILE'\] = .*;/\$configValues\['CONFIG_LOG_FILE'\] = '\/tmp\/daloradius.log';/" $DALORADIUS_CONF_PATH | ||
|
|
||
| echo "daloRADIUS initialization completed." | ||
| } | ||
|
|
||
| function init_database { | ||
| mysql -u root -p"$MYSQL_ROOT_PASSWORD" -e "CREATE DATABASE $MYSQL_DATABASE;" | ||
| mysql -u root -p"$MYSQL_ROOT_PASSWORD" -e "CREATE USER '$MYSQL_USER'@'localhost' IDENTIFIED BY '$MYSQL_PASSWORD';" | ||
| mysql -u root -p"$MYSQL_ROOT_PASSWORD" -e "GRANT ALL PRIVILEGES ON $MYSQL_DATABASE.* TO '$MYSQL_USER'@'localhost'"; | ||
| mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" < $DALORADIUS_PATH/contrib/db/mysql-daloradius.sql | ||
| echo "Database initialization for daloRADIUS completed." | ||
| } | ||
|
|
||
| echo "Starting daloRADIUS..." | ||
|
|
||
| # wait for MySQL-Server to be ready | ||
| while ! mysqladmin ping -h"$MYSQL_HOST" --silent; do | ||
| echo "Waiting for mysql ($MYSQL_HOST)..." | ||
| sleep 20 | ||
| done | ||
|
|
||
| INIT_LOCK=/internal_data/.init_done | ||
| if test -f "$INIT_LOCK"; then | ||
| echo "Init lock file exists, skipping initial setup of daloRADIUS." | ||
| # | ||
| if ! test -f "$DALORADIUS_CONF_PATH"; then | ||
| echo "Init lock file exists but config file does not exist, performing initial setup of daloRADIUS." | ||
| init_daloradius | ||
| fi | ||
| echo "Init lock file exists and config file exists, skipping initial setup of daloRADIUS." | ||
| else | ||
| init_daloradius | ||
| date > $INIT_LOCK | ||
| fi | ||
|
|
||
| # wait for MySQL-Server to be ready | ||
| echo -n"Waiting for mysql ($MYSQL_HOST)..." | ||
| while ! mysqladmin ping -h"$MYSQL_HOST" -p"$MYSQL_PASS" --silent; do | ||
| sleep 20 | ||
| done | ||
| echo "ok" | ||
|
|
||
| DB_LOCK=/data/.db_init_done | ||
| if test -f "$DB_LOCK"; then | ||
| echo "Database lock file exists, skipping initial setup of mysql database." | ||
|
|
||