Ver código fonte

added env vars; added root user

develop
Robin Thoni 7 anos atrás
pai
commit
38548a747c
5 arquivos alterados com 20 adições e 43 exclusões
  1. 6
    18
      env
  2. 5
    5
      freeradius/config/clients.conf
  3. 2
    1
      freeradius/config/users
  4. 6
    18
      freeradius/vars-vars
  5. 1
    1
      update_vars.sh

+ 6
- 18
env Ver arquivo

@@ -1,19 +1,7 @@
1
-DHCP_TSIG_KEY_NAME=dhcpupdate
2
-DHCP_TSIG_KEY_ALGO=hmac-md5
3
-DHCP_TSIG_KEY_SECRET=Y2hhbmdlX2l0
1
+RADIUS_SECRET=change_it
2
+RADIUS_CLIENT_NAME=router
3
+RADIUS_CLIENT_IP=10.15.100.3
4
+RADIUS_CLIENT_NETMASK=32
4 5
 
5
-DHCP_DNS_MASTER=10.15.100.1
6
-DHCP_DNS_SERVER=10.15.100.1
7
-DHCP_TFTP_SERVER=10.15.100.1
8
-DHCP_ROUTERS=10.15.100.1
9
-
10
-DHCP_DOMAIN=example.com
11
-DHCP_SITE_DOMAIN=site.example.com
12
-DHCP_DYN_IPS_DOMAIN=dhcp.site.example.com
13
-DHCP_REV_DOMAIN=100.15.10.in-addr.arpa.
14
-
15
-DHCP_SUBNET=10.15.100.0
16
-DHCP_NETMASK=255.255.255.0
17
-DHCP_IP_FIRST=10.15.100.50
18
-DHCP_IP_LAST=10.15.100.250
19
-DHCP_BROADCAST=10.15.100.255
6
+RADIUS_ROOT_USER_NAME=root
7
+RADIUS_ROOT_USER_PASSWD=change_it

+ 5
- 5
freeradius/config/clients.conf Ver arquivo

@@ -98,7 +98,7 @@ client localhost {
98 98
   #  The default secret below is only for testing, and should
99 99
   #  not be used in any real environment.
100 100
   #
101
-  secret    = testing123
101
+  secret    = RADIUS_SECRET
102 102
 
103 103
   #
104 104
   #  Old-style clients do not send a Message-Authenticator
@@ -234,8 +234,8 @@ client localhost {
234 234
 #        }
235 235
 #}
236 236
 
237
-client everyone {
238
-  ipaddr = 0.0.0.0
239
-  netmask = 0
240
-  secret = testing123
237
+client RADIUS_CLIENT_NAME {
238
+  ipaddr = RADIUS_CLIENT_IP
239
+  netmask = RADIUS_CLIENT_NETMASK
240
+  secret = RADIUS_SECRET
241 241
 }

+ 2
- 1
freeradius/config/users Ver arquivo

@@ -200,6 +200,7 @@ DEFAULT Hint == "SLIP"
200 200
 # DEFAULT
201 201
 #   Service-Type = Administrative-User
202 202
 
203
-bob Cleartext-Password := "hello"
203
+# MUST be cleartext
204
+RADIUS_ROOT_USER_NAME Cleartext-Password := "RADIUS_ROOT_USER_PASSWD"
204 205
 
205 206
 # On no match, the user is denied access.

+ 6
- 18
freeradius/vars-vars Ver arquivo

@@ -1,19 +1,7 @@
1
-DHCP_TSIG_KEY_NAME
2
-DHCP_TSIG_KEY_ALGO
3
-DHCP_TSIG_KEY_SECRET
1
+RADIUS_SECRET
2
+RADIUS_CLIENT_NAME
3
+RADIUS_CLIENT_IP
4
+RADIUS_CLIENT_NETMASK
4 5
 
5
-DHCP_DNS_MASTER
6
-DHCP_DNS_SERVER
7
-DHCP_TFTP_SERVER
8
-DHCP_ROUTERS
9
-
10
-DHCP_DOMAIN
11
-DHCP_SITE_DOMAIN
12
-DHCP_DYN_IPS_DOMAIN
13
-DHCP_REV_DOMAIN
14
-
15
-DHCP_SUBNET
16
-DHCP_NETMASK
17
-DHCP_IP_FIRST
18
-DHCP_IP_LAST
19
-DHCP_BROADCAST
6
+RADIUS_ROOT_USER_NAME
7
+RADIUS_ROOT_USER_PASSWD

+ 1
- 1
update_vars.sh Ver arquivo

@@ -1,7 +1,7 @@
1 1
 #! /usr/bin/env sh
2 2
 
3 3
 vars=$(cat env | cut -d= -f1)
4
-for docker in isc-dhcp tftpd apache
4
+for docker in freeradius
5 5
 do
6 6
   echo "${vars}" > "./${docker}/vars-vars"
7 7
 done

Carregando…
Cancelar
Salvar