├── README.md ├── daloradius ├── Dockerfile ├── README.md ├── conf │ ├── root │ │ └── config.sh │ ├── usr │ │ └── local │ │ │ └── etc │ │ │ └── php │ │ │ └── php.ini │ └── var │ │ └── www │ │ └── html │ │ └── library │ │ └── daloradius.conf.php └── radius.sql ├── dante ├── Dockerfile ├── README.md └── conf │ └── etc │ ├── pam.d │ └── sockd │ ├── pam_radius_auth.conf │ ├── raddb │ └── server │ └── sockd.conf ├── data ├── data.zip └── radius.sql ├── database.env ├── docker-compose.yml └── freeradius ├── Dockerfile ├── README.md ├── radius.sql ├── schema.sql └── setup.sql /README.md: -------------------------------------------------------------------------------- 1 | # SOCKS5 Proxy 2 | 3 | Dante socks proxy + FreeRadius + DaloRadius + MySQL + phpMyAdmin 4 | 5 | ## Usage 6 | 7 | * `docker-compose up -d` 8 | 9 | -------------------------------------------------------------------------------- /daloradius/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM php:7.0-apache 2 | MAINTAINER SFoxDev 3 | 4 | ENV DB_HOST_VALUE=mysql \ 5 | DB_PORT_VALUE=3306 \ 6 | DB_USER_VALUE=radius \ 7 | DB_PASS_VALUE=Awdfg3BVd2 \ 8 | DB_NAME_VALUE=radius 9 | 10 | RUN apt-get update && apt-get install -y \ 11 | libfreetype6-dev \ 12 | libjpeg62-turbo-dev \ 13 | libpng12-dev \ 14 | mc \ 15 | git \ 16 | && docker-php-ext-install mysqli \ 17 | && docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/ \ 18 | && docker-php-ext-install -j$(nproc) gd \ 19 | && pear install DB-1.8.0 mail \ 20 | && mkdir -p /src/daloradius \ 21 | && git clone https://github.com/lirantal/daloradius.git /var/www/html 22 | 23 | ADD conf/ / 24 | 25 | RUN chmod a+rw /proc/self/fd/0 \ 26 | && chmod a+rw /proc/self/fd/1 \ 27 | && chmod a+rw /proc/self/fd/2 \ 28 | 29 | && sed -i -e "s/host_temp/$DB_HOST_VALUE/" \ 30 | -e "s/port_temp/$DB_PORT_VALUE/" \ 31 | -e "s/user_temp/$DB_USER_VALUE/" \ 32 | -e "s/pass_temp/$DB_PASS_VALUE/" \ 33 | -e "s/name_temp/$DB_NAME_VALUE/" \ 34 | /var/www/html/library/daloradius.conf.php \ 35 | && apt-get clean autoclean \ 36 | && apt-get autoremove --yes \ 37 | && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 38 | 39 | EXPOSE 80 443 40 | 41 | WORKDIR /var/www/html 42 | 43 | CMD apachectl -D FOREGROUND 44 | -------------------------------------------------------------------------------- /daloradius/README.md: -------------------------------------------------------------------------------- 1 | # DaloRadius 2 | 3 | DaloRadius - FreeRadius WebGUI Interface. It uses the MySQL database from FreeRADIUS 4 | 5 | [![Docker Build Status](https://img.shields.io/docker/build/sfoxdev/daloradius.svg?style=flat-square)]() 6 | [![Docker Build Status](https://img.shields.io/docker/automated/sfoxdev/daloradius.svg?style=flat-square)]() 7 | [![Docker Build Status](https://img.shields.io/docker/pulls/sfoxdev/daloradius.svg?style=flat-square)]() 8 | [![Docker Build Status](https://img.shields.io/docker/stars/sfoxdev/daloradius.svg?style=flat-square)]() 9 | 10 | ## Usage 11 | 12 | ### Run container 13 | ``` 14 | docker run -d -p 80:80 --name daloradius sfoxdev/daloradius 15 | ``` 16 | - `SECRET` - FreeRadius secret 17 | 18 | ### Administrator access 19 | 20 | login: administrator 21 | 22 | pass: radius 23 | 24 | ### Notes 25 | 26 | MySQL server specific configuration. 27 | 28 | ``` 29 | [mysqld] 30 | sql_mode = STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION 31 | ``` 32 | -------------------------------------------------------------------------------- /daloradius/conf/root/config.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | chmod a+rw /proc/self/fd/0 4 | chmod a+rw /proc/self/fd/1 5 | chmod a+rw /proc/self/fd/2 6 | 7 | sed -i -e "s/host_temp/$DB_HOST_VALUE/" \ 8 | -e "s/port_temp/$DB_PORT_VALUE/" \ 9 | -e "s/user_temp/$DB_USER_VALUE/" \ 10 | -e "s/pass_temp/$DB_PASS_VALUE/" \ 11 | -e "s/name_temp/$DB_NAME_VALUE/" \ 12 | /var/www/html/library/daloradius.conf.php 13 | -------------------------------------------------------------------------------- /daloradius/conf/usr/local/etc/php/php.ini: -------------------------------------------------------------------------------- 1 | date.timezone = UTC 2 | -------------------------------------------------------------------------------- /daloradius/conf/var/www/html/library/daloradius.conf.php: -------------------------------------------------------------------------------- 1 | All Rights Reserved. 6 | * 7 | * This program is free software; you can redistribute it and/or 8 | * modify it under the terms of the GNU General Public License 9 | * as published by the Free Software Foundation; either version 2 10 | * of the License, or (at your option) any later version. 11 | * 12 | * You should have received a copy of the GNU General Public License 13 | * along with this program; if not, write to the Free Software 14 | * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 15 | * 16 | ********************************************************************************************************* 17 | * Description: 18 | * daloRADIUS Configuration File 19 | * 20 | * Modification Date: 21 | * Mon Mar 28 22:55:00 EDT 2011 22 | ********************************************************************************************************* 23 | */ 24 | 25 | 26 | $configValues['DALORADIUS_VERSION'] = '0.9-9'; 27 | $configValues['FREERADIUS_VERSION'] = '3.0.10'; 28 | $configValues['CONFIG_DB_ENGINE'] = 'mysqli'; 29 | $configValues['CONFIG_DB_HOST'] = 'host_temp'; 30 | $configValues['CONFIG_DB_PORT'] = 'port_temp'; 31 | $configValues['CONFIG_DB_USER'] = 'user_temp'; 32 | $configValues['CONFIG_DB_PASS'] = 'pass_temp'; 33 | $configValues['CONFIG_DB_NAME'] = 'name_temp'; 34 | $configValues['CONFIG_DB_TBL_RADCHECK'] = 'radcheck'; 35 | $configValues['CONFIG_DB_TBL_RADREPLY'] = 'radreply'; 36 | $configValues['CONFIG_DB_TBL_RADGROUPREPLY'] = 'radgroupreply'; 37 | $configValues['CONFIG_DB_TBL_RADGROUPCHECK'] = 'radgroupcheck'; 38 | $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup'; 39 | $configValues['CONFIG_DB_TBL_RADNAS'] = 'nas'; 40 | $configValues['CONFIG_DB_TBL_RADHG'] = 'radhuntgroup'; 41 | $configValues['CONFIG_DB_TBL_RADPOSTAUTH'] = 'radpostauth'; 42 | $configValues['CONFIG_DB_TBL_RADACCT'] = 'radacct'; 43 | $configValues['CONFIG_DB_TBL_RADIPPOOL'] = 'radippool'; 44 | $configValues['CONFIG_DB_TBL_DALOOPERATORS'] = 'operators'; 45 | $configValues['CONFIG_DB_TBL_DALOOPERATORS_ACL'] = 'operators_acl'; 46 | $configValues['CONFIG_DB_TBL_DALOOPERATORS_ACL_FILES'] = 'operators_acl_files'; 47 | $configValues['CONFIG_DB_TBL_DALORATES'] = 'rates'; 48 | $configValues['CONFIG_DB_TBL_DALOHOTSPOTS'] = 'hotspots'; 49 | $configValues['CONFIG_DB_TBL_DALOUSERINFO'] = 'userinfo'; 50 | $configValues['CONFIG_DB_TBL_DALOUSERBILLINFO'] = 'userbillinfo'; 51 | $configValues['CONFIG_DB_TBL_DALODICTIONARY'] = 'dictionary'; 52 | $configValues['CONFIG_DB_TBL_DALOREALMS'] = 'realms'; 53 | $configValues['CONFIG_DB_TBL_DALOPROXYS'] = 'proxys'; 54 | $configValues['CONFIG_DB_TBL_DALOBILLINGPAYPAL'] = 'billing_paypal'; 55 | $configValues['CONFIG_DB_TBL_DALOBILLINGMERCHANT'] = 'billing_merchant'; 56 | $configValues['CONFIG_DB_TBL_DALOBILLINGPLANS'] = 'billing_plans'; 57 | $configValues['CONFIG_DB_TBL_DALOBILLINGRATES'] = 'billing_rates'; 58 | $configValues['CONFIG_DB_TBL_DALOBILLINGHISTORY'] = 'billing_history'; 59 | $configValues['CONFIG_DB_TBL_DALOBATCHHISTORY'] = 'batch_history'; 60 | $configValues['CONFIG_DB_TBL_DALOBILLINGPLANSPROFILES'] = 'billing_plans_profiles'; 61 | $configValues['CONFIG_DB_TBL_DALOBILLINGINVOICE'] = 'invoice'; 62 | $configValues['CONFIG_DB_TBL_DALOBILLINGINVOICEITEMS'] = 'invoice_items'; 63 | $configValues['CONFIG_DB_TBL_DALOBILLINGINVOICESTATUS'] = 'invoice_status'; 64 | $configValues['CONFIG_DB_TBL_DALOBILLINGINVOICETYPE'] = 'invoice_type'; 65 | $configValues['CONFIG_DB_TBL_DALOPAYMENTS'] = 'payment'; 66 | $configValues['CONFIG_DB_TBL_DALOPAYMENTTYPES'] = 'payment_type'; 67 | $configValues['CONFIG_DB_TBL_DALONODE'] = 'node'; 68 | $configValues['CONFIG_FILE_RADIUS_PROXY'] = '/etc/freeradius/proxy.conf'; 69 | $configValues['CONFIG_PATH_RADIUS_DICT'] = ''; 70 | $configValues['CONFIG_PATH_DALO_VARIABLE_DATA'] = '/var/www/daloradius/var'; 71 | $configValues['CONFIG_DB_PASSWORD_ENCRYPTION'] = 'cleartext'; 72 | $configValues['CONFIG_LANG'] = 'en'; 73 | $configValues['CONFIG_LOG_PAGES'] = 'no'; 74 | $configValues['CONFIG_LOG_ACTIONS'] = 'no'; 75 | $configValues['CONFIG_LOG_QUERIES'] = 'no'; 76 | $configValues['CONFIG_DEBUG_SQL'] = 'no'; 77 | $configValues['CONFIG_DEBUG_SQL_ONPAGE'] = 'no'; 78 | $configValues['CONFIG_LOG_FILE'] = '/tmp/daloradius.log'; 79 | $configValues['CONFIG_IFACE_PASSWORD_HIDDEN'] = 'no'; 80 | $configValues['CONFIG_IFACE_TABLES_LISTING'] = '25'; 81 | $configValues['CONFIG_IFACE_TABLES_LISTING_NUM'] = 'yes'; 82 | $configValues['CONFIG_IFACE_AUTO_COMPLETE'] = 'yes'; 83 | $configValues['CONFIG_MAINT_TEST_USER_RADIUSSERVER'] = '127.0.0.1'; 84 | $configValues['CONFIG_MAINT_TEST_USER_RADIUSPORT'] = '1812'; 85 | $configValues['CONFIG_MAINT_TEST_USER_NASPORT'] = '0'; 86 | $configValues['CONFIG_MAINT_TEST_USER_RADIUSSECRET'] = 'testing123'; 87 | $configValues['CONFIG_USER_ALLOWEDRANDOMCHARS'] = 'abcdefghijkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ23456789'; 88 | $configValues['CONFIG_MAIL_SMTPADDR'] = '127.0.0.1'; 89 | $configValues['CONFIG_MAIL_SMTPPORT'] = '25'; 90 | $configValues['CONFIG_MAIL_SMTPAUTH'] = ''; 91 | $configValues['CONFIG_MAIL_SMTPFROM'] = 'root@daloradius.xdsl.by'; 92 | $configValues['CONFIG_DASHBOARD_DALO_SECRETKEY'] = 'sillykey'; 93 | $configValues['CONFIG_DASHBOARD_DALO_DEBUG'] = '1'; 94 | $configValues['CONFIG_DASHBOARD_DALO_DELAYSOFT'] = '5'; 95 | $configValues['CONFIG_DASHBOARD_DALO_DELAYHARD'] = '15'; 96 | 97 | /* 98 | // Locations Configuration directives 99 | // Locations directives are support for accessing different databases from the daloRADIUS Login console 100 | // adjust the locations below for databases you are running (if you are running more than one. 101 | $configValues['CONFIG_LOCATIONS'] = array( 102 | 103 | "Location Example 1" => array( 104 | "Engine" => "mysql", 105 | "Username" => "root", 106 | "Password" => "", 107 | "Database" => "radius", 108 | "Hostname" => "127.0.0.1" 109 | ), 110 | 111 | "Location Example 2" => array( 112 | "Engine" => "mysql", 113 | "Username" => "db_usertest", 114 | "Password" => "db_passtest", 115 | "Database" => "test_db1", 116 | "Hostname" => "localhost" 117 | ) 118 | ); 119 | */ 120 | -------------------------------------------------------------------------------- /dante/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:edge 2 | MAINTAINER SFoxDev 3 | 4 | ENV DANTE_VERSION="1.4.2" \ 5 | CFGFILE="/etc/sockd.conf" \ 6 | PIDFILE="/tmp/sockd.pid" \ 7 | WORKERS="1" \ 8 | SECRET="Ptdn64Hsk3" 9 | 10 | RUN set -x \ 11 | # Runtime dependencies 12 | && apk --no-cache add \ 13 | bash mc linux-pam freeradius-pam \ 14 | # Build dependencies 15 | && apk add --no-cache -t .build-deps \ 16 | linux-pam-dev curl gcc g++ make \ 17 | && mkdir -p /usr/src/dante \ 18 | && cd /usr/src/dante \ 19 | && curl -O http://www.inet.no/dante/files/dante-$DANTE_VERSION.tar.gz \ 20 | && tar xzf dante-$DANTE_VERSION.tar.gz --strip 1 \ 21 | && ac_cv_func_sched_setscheduler=no ./configure \ 22 | --prefix=/usr \ 23 | --sysconfdir=/etc \ 24 | --localstatedir=/var \ 25 | --disable-client \ 26 | --without-libwrap \ 27 | --without-bsdauth \ 28 | --without-gssapi \ 29 | --without-krb5 \ 30 | --without-upnp \ 31 | && make && make install \ 32 | # Add an unprivileged user 33 | && adduser -S -D -u 8062 -H sockd \ 34 | 35 | && mkdir -p /usr/src/pam_radius \ 36 | && cd /usr/src/pam_radius \ 37 | && curl -O ftp://ftp.freeradius.org/pub/radius/pam_radius-1.4.0.tar.gz \ 38 | && tar xzf pam_radius-1.4.0.tar.gz --strip 1 \ 39 | && ./configure \ 40 | && make \ 41 | && cp pam_radius_auth.so /lib/security/ \ 42 | 43 | # Clean up 44 | && cd /usr/src \ 45 | && rm -rf dante pam_radius \ 46 | && ls -la \ 47 | && apk del --purge .build-deps \ 48 | && rm -rf /var/cache/apk/* /tmp/* 49 | 50 | ADD conf/ / 51 | 52 | RUN sed -i -e "s/SECRET/$SECRET/" /etc/pam_radius_auth.conf \ 53 | && sed -i -e "s/SECRET/$SECRET/" /etc/raddb/server 54 | 55 | EXPOSE 1080 56 | 57 | CMD sockd -f $CFGFILE -p $PIDFILE -N $WORKERS 58 | -------------------------------------------------------------------------------- /dante/README.md: -------------------------------------------------------------------------------- 1 | # Dante - A free SOCKS server with authentication 2 | 3 | Dante is a product developed by Inferno Nettverk A/S. It consists of a 4 | SOCKS server and a SOCKS client, implementing RFC 1928 and related standards. 5 | It is a flexible product that can be used to provide convenient and secure 6 | network connectivity. 7 | 8 | [![Docker Build Status](https://img.shields.io/docker/build/sfoxdev/dante.svg?style=flat-square)]() 9 | [![Docker Build Status](https://img.shields.io/docker/automated/sfoxdev/dante.svg?style=flat-square)]() 10 | [![Docker Build Status](https://img.shields.io/docker/pulls/sfoxdev/dante.svg?style=flat-square)]() 11 | [![Docker Build Status](https://img.shields.io/docker/stars/sfoxdev/dante.svg?style=flat-square)]() 12 | 13 | ## Usage 14 | 15 | ### Run container 16 | ``` 17 | docker run -d -e SECRET=Ptdn64Hsk3 -p 1080:1080 --name dante sfoxdev/dante 18 | ``` 19 | - `SECRET` - FreeRadius secret 20 | 21 | ### Test user in DB 22 | 23 | login: test 24 | 25 | pass: test1234 26 | -------------------------------------------------------------------------------- /dante/conf/etc/pam.d/sockd: -------------------------------------------------------------------------------- 1 | auth sufficient /lib/security/pam_radius_auth.so 2 | account sufficient /lib/security/pam_radius_auth.so 3 | -------------------------------------------------------------------------------- /dante/conf/etc/pam_radius_auth.conf: -------------------------------------------------------------------------------- 1 | # pam_radius_auth configuration file. Copy to: /etc/raddb/server 2 | # 3 | # For proper security, this file SHOULD have permissions 0600, 4 | # that is readable by root, and NO ONE else. If anyone other than 5 | # root can read this file, then they can spoof responses from the server! 6 | # 7 | # There are 3 fields per line in this file. There may be multiple 8 | # lines. Blank lines or lines beginning with '#' are treated as 9 | # comments, and are ignored. The fields are: 10 | # 11 | # server[:port] secret [timeout] 12 | # 13 | # the port name or number is optional. The default port name is 14 | # "radius", and is looked up from /etc/services The timeout field is 15 | # optional. The default timeout is 3 seconds. 16 | # 17 | # If multiple RADIUS server lines exist, they are tried in order. The 18 | # first server to return success or failure causes the module to return 19 | # success or failure. Only if a server fails to response is it skipped, 20 | # and the next server in turn is used. 21 | # 22 | # The timeout field controls how many seconds the module waits before 23 | # deciding that the server has failed to respond. 24 | # 25 | # server[:port] shared_secret timeout (s) 26 | freeradius SECRET 60 27 | 28 | # 29 | # having localhost in your radius configuration is a Good Thing. 30 | # 31 | # See the INSTALL file for pam.conf hints. 32 | -------------------------------------------------------------------------------- /dante/conf/etc/raddb/server: -------------------------------------------------------------------------------- 1 | # pam_radius_auth configuration file. Copy to: /etc/raddb/server 2 | # 3 | # For proper security, this file SHOULD have permissions 0600, 4 | # that is readable by root, and NO ONE else. If anyone other than 5 | # root can read this file, then they can spoof responses from the server! 6 | # 7 | # There are 3 fields per line in this file. There may be multiple 8 | # lines. Blank lines or lines beginning with '#' are treated as 9 | # comments, and are ignored. The fields are: 10 | # 11 | # server[:port] secret [timeout] 12 | # 13 | # the port name or number is optional. The default port name is 14 | # "radius", and is looked up from /etc/services The timeout field is 15 | # optional. The default timeout is 3 seconds. 16 | # 17 | # If multiple RADIUS server lines exist, they are tried in order. The 18 | # first server to return success or failure causes the module to return 19 | # success or failure. Only if a server fails to response is it skipped, 20 | # and the next server in turn is used. 21 | # 22 | # The timeout field controls how many seconds the module waits before 23 | # deciding that the server has failed to respond. 24 | # 25 | # server[:port] shared_secret timeout (s) 26 | freeradius SECRET 60 27 | 28 | # 29 | # having localhost in your radius configuration is a Good Thing. 30 | # 31 | # See the INSTALL file for pam.conf hints. 32 | -------------------------------------------------------------------------------- /dante/conf/etc/sockd.conf: -------------------------------------------------------------------------------- 1 | debug: 0 2 | logoutput: stderr 3 | internal: 0.0.0.0 port = 1080 4 | external: eth0 5 | 6 | #socksmethod: username none 7 | socksmethod: pam.username 8 | clientmethod: none 9 | 10 | #method: pam 11 | user.privileged : root 12 | user.notprivileged : sockd 13 | 14 | client pass { 15 | from: 0.0.0.0/0 port 1-65535 to: 0.0.0.0/0 16 | log: error connect disconnect 17 | } 18 | 19 | #client block { 20 | # from: 0.0.0.0/0 to: 0.0.0.0/0 21 | # log: connect error 22 | #} 23 | 24 | socks pass { 25 | from: 0.0.0.0/0 to: 0.0.0.0/0 26 | protocol: tcp udp 27 | log: error connect disconnect 28 | } 29 | 30 | #socks block { 31 | # from: 0.0.0.0/0 to: 0.0.0.0/0 32 | # log: connect error 33 | #} 34 | -------------------------------------------------------------------------------- /data/data.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sfoxdev/docker-socksproxy/1c464985cbd6b85d9d5311c3485b50723172cbfb/data/data.zip -------------------------------------------------------------------------------- /database.env: -------------------------------------------------------------------------------- 1 | DB_HOST_VALUE=mysql 2 | DB_PORT_VALUE=3306 3 | DB_USER_VALUE=radius 4 | DB_PASS_VALUE=Awdfg3BVd2 5 | DB_NAME_VALUE=radius 6 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | 3 | services: 4 | 5 | phpmyadmin: 6 | container_name: phpmyadmin 7 | image: phpmyadmin/phpmyadmin 8 | restart: always 9 | ports: 10 | - "8080:80" 11 | environment: 12 | - PMA_ARBITRARY=1 13 | - PMA_HOST=mysql 14 | - MYSQL_USERNAME=root 15 | - MYSQL_ROOT_PASSWORD=Gt3ds59Mdsm-d 16 | networks: 17 | - dante-net 18 | 19 | mysql: 20 | container_name: mysql 21 | image: mysql 22 | restart: always 23 | user: "1000" 24 | volumes: 25 | - /srv/socks/mysql:/var/lib/mysql 26 | - /srv/socks/etc/mysql:/etc/mysql/conf.d 27 | environment: 28 | - MYSQL_USER=root 29 | - MYSQL_ROOT_PASSWORD=Gt3ds59Mdsm-d 30 | networks: 31 | - dante-net 32 | 33 | freeradius: 34 | container_name: freeradius 35 | build: freeradius 36 | image: sfoxdev/freeradius 37 | restart: always 38 | env_file: 39 | - database.env 40 | environment: 41 | - SECRET=Ptdn64Hsk3 42 | # volumes: 43 | # - /var/lib/mysql/mysql.sock:/var/run/mysqld/mysqld.sock 44 | networks: 45 | - dante-net 46 | 47 | dante: 48 | container_name: dante 49 | build: dante 50 | image: sfoxdev/dante 51 | restart: always 52 | ports: 53 | - "1080:1080" 54 | environment: 55 | - SECRET=Ptdn64Hsk3 56 | networks: 57 | - dante-net 58 | 59 | daloradius: 60 | container_name: daloradius 61 | build: daloradius 62 | image: sfoxdev/daloradius 63 | restart: always 64 | ports: 65 | - "80:80" 66 | env_file: 67 | - database.env 68 | networks: 69 | - dante-net 70 | 71 | networks: 72 | dante-net: 73 | driver: bridge 74 | -------------------------------------------------------------------------------- /freeradius/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:edge 2 | MAINTAINER SFoxDev 3 | 4 | ENV DB_HOST_VALUE=mysql \ 5 | DB_PORT_VALUE=3306 \ 6 | DB_USER_VALUE=radius \ 7 | DB_PASS_VALUE=Awdfg3BVd2 \ 8 | DB_NAME_VALUE=radius \ 9 | SECRET=Ptdn64Hsk3 10 | 11 | RUN apk update && apk upgrade \ 12 | && apk add --update \ 13 | freeradius freeradius-mysql freeradius-radclient bash mc \ 14 | && rm /var/cache/apk/* \ 15 | 16 | # Configure FreeRADIUS 17 | && set -x \ 18 | # && sed -i "s/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/" /etc/raddb/radiusd.conf \ 19 | && sed -i "s/ipaddr = 127.0.0.1/ipaddr = 0.0.0.0\/0/" /etc/raddb/clients.conf \ 20 | && sed -i -e "s/testing123/$SECRET/" /etc/raddb/clients.conf \ 21 | # && sed -i 's/# read_clients/ readclients/' /etc/raddb/clients.conf \ 22 | 23 | && ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/sql \ 24 | && chmod 777 /var/log/radius/ \ 25 | && chown -R root:radius /etc/raddb \ 26 | 27 | && sed -i -e 's@driver =.*@driver = "rlm_sql_mysql"@' \ 28 | -e 's@dialect =.*@dialect = "mysql"@' \ 29 | -e '/read_clients = yes/s@^#@@' \ 30 | -e "s/# server = \"localhost\"/ server = "$DB_HOST_VALUE"/" \ 31 | -e "s/# port = 3306/ port = $DB_PORT_VALUE/" \ 32 | -e "s/# login = \"radius\"/ login = \"$DB_USER_VALUE\"/" \ 33 | -e "s/# password = \"radpass\"/ password = \"$DB_PASS_VALUE\"/" \ 34 | -e "s/ radius_db = \"radius\"/ radius_db = \"$DB_NAME_VALUE\"/" \ 35 | /etc/raddb/mods-available/sql 36 | 37 | VOLUME /etc/raddb 38 | 39 | EXPOSE 1812/udp 1813/udp 40 | 41 | CMD ["radiusd", "-fl", "stdout"] 42 | -------------------------------------------------------------------------------- /freeradius/README.md: -------------------------------------------------------------------------------- 1 | # FreeRadius 2 | 3 | FreerRADIUS Server with MySQL storage 4 | 5 | [![Docker Build Status](https://img.shields.io/docker/build/sfoxdev/freeradius.svg?style=flat-square)]() 6 | [![Docker Build Status](https://img.shields.io/docker/automated/sfoxdev/freeradius.svg?style=flat-square)]() 7 | [![Docker Build Status](https://img.shields.io/docker/pulls/sfoxdev/freeradius.svg?style=flat-square)]() 8 | [![Docker Build Status](https://img.shields.io/docker/stars/sfoxdev/freeradius.svg?style=flat-square)]() 9 | 10 | ## Usage 11 | 12 | ### Run container 13 | ``` 14 | docker run -d -p 1812/udp:1812/udp -p 1813/udp:1813/udp --name freeradius sfoxdev/freeradius 15 | ``` 16 | -------------------------------------------------------------------------------- /freeradius/schema.sql: -------------------------------------------------------------------------------- 1 | ########################################################################### 2 | # $Id: ca5ac77aa03dbb86ef714d1a1af647f7e63fda00 $ # 3 | # # 4 | # schema.sql rlm_sql - FreeRADIUS SQL Module # 5 | # # 6 | # Database schema for MySQL rlm_sql module # 7 | # # 8 | # To load: # 9 | # mysql -uroot -prootpass radius < schema.sql # 10 | # # 11 | # Mike Machado # 12 | ########################################################################### 13 | # 14 | # Table structure for table 'radacct' 15 | # 16 | 17 | CREATE TABLE radacct ( 18 | radacctid bigint(21) NOT NULL auto_increment, 19 | acctsessionid varchar(64) NOT NULL default '', 20 | acctuniqueid varchar(32) NOT NULL default '', 21 | username varchar(64) NOT NULL default '', 22 | groupname varchar(64) NOT NULL default '', 23 | realm varchar(64) default '', 24 | nasipaddress varchar(15) NOT NULL default '', 25 | nasportid varchar(15) default NULL, 26 | nasporttype varchar(32) default NULL, 27 | acctstarttime datetime NULL default NULL, 28 | acctupdatetime datetime NULL default NULL, 29 | acctstoptime datetime NULL default NULL, 30 | acctinterval int(12) default NULL, 31 | acctsessiontime int(12) unsigned default NULL, 32 | acctauthentic varchar(32) default NULL, 33 | connectinfo_start varchar(50) default NULL, 34 | connectinfo_stop varchar(50) default NULL, 35 | acctinputoctets bigint(20) default NULL, 36 | acctoutputoctets bigint(20) default NULL, 37 | calledstationid varchar(50) NOT NULL default '', 38 | callingstationid varchar(50) NOT NULL default '', 39 | acctterminatecause varchar(32) NOT NULL default '', 40 | servicetype varchar(32) default NULL, 41 | framedprotocol varchar(32) default NULL, 42 | framedipaddress varchar(15) NOT NULL default '', 43 | PRIMARY KEY (radacctid), 44 | UNIQUE KEY acctuniqueid (acctuniqueid), 45 | KEY username (username), 46 | KEY framedipaddress (framedipaddress), 47 | KEY acctsessionid (acctsessionid), 48 | KEY acctsessiontime (acctsessiontime), 49 | KEY acctstarttime (acctstarttime), 50 | KEY acctinterval (acctinterval), 51 | KEY acctstoptime (acctstoptime), 52 | KEY nasipaddress (nasipaddress) 53 | ) ENGINE = INNODB; 54 | 55 | # 56 | # Table structure for table 'radcheck' 57 | # 58 | 59 | CREATE TABLE radcheck ( 60 | id int(11) unsigned NOT NULL auto_increment, 61 | username varchar(64) NOT NULL default '', 62 | attribute varchar(64) NOT NULL default '', 63 | op char(2) NOT NULL DEFAULT '==', 64 | value varchar(253) NOT NULL default '', 65 | PRIMARY KEY (id), 66 | KEY username (username(32)) 67 | ); 68 | 69 | # 70 | # Table structure for table 'radgroupcheck' 71 | # 72 | 73 | CREATE TABLE radgroupcheck ( 74 | id int(11) unsigned NOT NULL auto_increment, 75 | groupname varchar(64) NOT NULL default '', 76 | attribute varchar(64) NOT NULL default '', 77 | op char(2) NOT NULL DEFAULT '==', 78 | value varchar(253) NOT NULL default '', 79 | PRIMARY KEY (id), 80 | KEY groupname (groupname(32)) 81 | ); 82 | 83 | # 84 | # Table structure for table 'radgroupreply' 85 | # 86 | 87 | CREATE TABLE radgroupreply ( 88 | id int(11) unsigned NOT NULL auto_increment, 89 | groupname varchar(64) NOT NULL default '', 90 | attribute varchar(64) NOT NULL default '', 91 | op char(2) NOT NULL DEFAULT '=', 92 | value varchar(253) NOT NULL default '', 93 | PRIMARY KEY (id), 94 | KEY groupname (groupname(32)) 95 | ); 96 | 97 | # 98 | # Table structure for table 'radreply' 99 | # 100 | 101 | CREATE TABLE radreply ( 102 | id int(11) unsigned NOT NULL auto_increment, 103 | username varchar(64) NOT NULL default '', 104 | attribute varchar(64) NOT NULL default '', 105 | op char(2) NOT NULL DEFAULT '=', 106 | value varchar(253) NOT NULL default '', 107 | PRIMARY KEY (id), 108 | KEY username (username(32)) 109 | ); 110 | 111 | 112 | # 113 | # Table structure for table 'radusergroup' 114 | # 115 | 116 | CREATE TABLE radusergroup ( 117 | username varchar(64) NOT NULL default '', 118 | groupname varchar(64) NOT NULL default '', 119 | priority int(11) NOT NULL default '1', 120 | KEY username (username(32)) 121 | ); 122 | 123 | # 124 | # Table structure for table 'radpostauth' 125 | # 126 | CREATE TABLE radpostauth ( 127 | id int(11) NOT NULL auto_increment, 128 | username varchar(64) NOT NULL default '', 129 | pass varchar(64) NOT NULL default '', 130 | reply varchar(32) NOT NULL default '', 131 | authdate timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, 132 | PRIMARY KEY (id) 133 | ) ENGINE = INNODB; 134 | 135 | # 136 | # Table structure for table 'nas' 137 | # 138 | CREATE TABLE nas ( 139 | id int(10) NOT NULL auto_increment, 140 | nasname varchar(128) NOT NULL, 141 | shortname varchar(32), 142 | type varchar(30) DEFAULT 'other', 143 | ports int(5), 144 | secret varchar(60) DEFAULT 'secret' NOT NULL, 145 | server varchar(64), 146 | community varchar(50), 147 | description varchar(200) DEFAULT 'RADIUS Client', 148 | PRIMARY KEY (id), 149 | KEY nasname (nasname) 150 | ); 151 | -------------------------------------------------------------------------------- /freeradius/setup.sql: -------------------------------------------------------------------------------- 1 | # -*- text -*- 2 | ## 3 | ## admin.sql -- MySQL commands for creating the RADIUS user. 4 | ## 5 | ## WARNING: You should change 'localhost' and 'radpass' 6 | ## to something else. Also update raddb/sql.conf 7 | ## with the new RADIUS password. 8 | ## 9 | ## $Id: aff0505a473c67b65cfc19fae079454a36d4e119 $ 10 | 11 | # 12 | # Create default administrator for RADIUS 13 | # 14 | CREATE USER 'radius'@'localhost'; 15 | SET PASSWORD FOR 'radius'@'localhost' = PASSWORD('radpass'); 16 | 17 | # The server can read any table in SQL 18 | GRANT SELECT ON radius.* TO 'radius'@'localhost'; 19 | 20 | # The server can write to the accounting and post-auth logging table. 21 | # 22 | # i.e. 23 | GRANT ALL on radius.radacct TO 'radius'@'localhost'; 24 | GRANT ALL on radius.radpostauth TO 'radius'@'localhost'; 25 | --------------------------------------------------------------------------------