robin.thoni
/
docker-radius-server
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

added env vars; added root user

develop
Robin Thoni 7 years ago
parent
75fd9cb597
commit
38548a747c
5 changed files with 20 additions and 43 deletions
Unified View Show Diff Stats
  1. 6
    18
      env
  2. 5
    5
      freeradius/config/clients.conf
  3. 2
    1
      freeradius/config/users
  4. 6
    18
      freeradius/vars-vars
  5. 1
    1
      update_vars.sh

+ 6
- 18
env View File

1 
-DHCP_TSIG_KEY_NAME=dhcpupdate
2 
-DHCP_TSIG_KEY_ALGO=hmac-md5
3 
-DHCP_TSIG_KEY_SECRET=Y2hhbmdlX2l0
1 
+RADIUS_SECRET=change_it
2 
+RADIUS_CLIENT_NAME=router
3 
+RADIUS_CLIENT_IP=10.15.100.3
4 
+RADIUS_CLIENT_NETMASK=32
4
5
5 
-DHCP_DNS_MASTER=10.15.100.1
6 
-DHCP_DNS_SERVER=10.15.100.1
7 
-DHCP_TFTP_SERVER=10.15.100.1
8 
-DHCP_ROUTERS=10.15.100.1
9 
-
10 
-DHCP_DOMAIN=example.com
11 
-DHCP_SITE_DOMAIN=site.example.com
12 
-DHCP_DYN_IPS_DOMAIN=dhcp.site.example.com
13 
-DHCP_REV_DOMAIN=100.15.10.in-addr.arpa.
14 
-
15 
-DHCP_SUBNET=10.15.100.0
16 
-DHCP_NETMASK=255.255.255.0
17 
-DHCP_IP_FIRST=10.15.100.50
18 
-DHCP_IP_LAST=10.15.100.250
19 
-DHCP_BROADCAST=10.15.100.255
6 
+RADIUS_ROOT_USER_NAME=root
7 
+RADIUS_ROOT_USER_PASSWD=change_it

+ 5
- 5
freeradius/config/clients.conf View File

98 
   #  The default secret below is only for testing, and should
 98 
   #  The default secret below is only for testing, and should
99 
   #  not be used in any real environment.
 99 
   #  not be used in any real environment.
100 
   #
 100 
   #
101 
-  secret    = testing123
101 
+  secret    = RADIUS_SECRET
102
102
103 
   #
 103 
   #
104 
   #  Old-style clients do not send a Message-Authenticator
 104 
   #  Old-style clients do not send a Message-Authenticator
234 
 #        }
 234 
 #        }
235 
 #}
 235 
 #}
236
236
237 
-client everyone {
238 
-  ipaddr = 0.0.0.0
239 
-  netmask = 0
240 
-  secret = testing123
237 
+client RADIUS_CLIENT_NAME {
238 
+  ipaddr = RADIUS_CLIENT_IP
239 
+  netmask = RADIUS_CLIENT_NETMASK
240 
+  secret = RADIUS_SECRET
241 
 }
 241 
 }

+ 2
- 1
freeradius/config/users View File

200 
 # DEFAULT
 200 
 # DEFAULT
201 
 #   Service-Type = Administrative-User
 201 
 #   Service-Type = Administrative-User
202
202
203 
-bob Cleartext-Password := "hello"
203 
+# MUST be cleartext
204 
+RADIUS_ROOT_USER_NAME Cleartext-Password := "RADIUS_ROOT_USER_PASSWD"
204
205
205 
 # On no match, the user is denied access.
 206 
 # On no match, the user is denied access.

+ 6
- 18
freeradius/vars-vars View File

1 
-DHCP_TSIG_KEY_NAME
2 
-DHCP_TSIG_KEY_ALGO
3 
-DHCP_TSIG_KEY_SECRET
1 
+RADIUS_SECRET
2 
+RADIUS_CLIENT_NAME
3 
+RADIUS_CLIENT_IP
4 
+RADIUS_CLIENT_NETMASK
4
5
5 
-DHCP_DNS_MASTER
6 
-DHCP_DNS_SERVER
7 
-DHCP_TFTP_SERVER
8 
-DHCP_ROUTERS
9 
-
10 
-DHCP_DOMAIN
11 
-DHCP_SITE_DOMAIN
12 
-DHCP_DYN_IPS_DOMAIN
13 
-DHCP_REV_DOMAIN
14 
-
15 
-DHCP_SUBNET
16 
-DHCP_NETMASK
17 
-DHCP_IP_FIRST
18 
-DHCP_IP_LAST
19 
-DHCP_BROADCAST
6 
+RADIUS_ROOT_USER_NAME
7 
+RADIUS_ROOT_USER_PASSWD

+ 1
- 1
update_vars.sh View File

1 
 #! /usr/bin/env sh
 1 
 #! /usr/bin/env sh
2
2
3 
 vars=$(cat env | cut -d= -f1)
 3 
 vars=$(cat env | cut -d= -f1)
4 
-for docker in isc-dhcp tftpd apache
4 
+for docker in freeradius
5 
 do
 5 
 do
6 
   echo "${vars}" > "./${docker}/vars-vars"
 6 
   echo "${vars}" > "./${docker}/vars-vars"
7 
 done
 7 
 done

Write Preview
Loading…
Cancel
Save