Public | Automated Build

Last pushed: 4 days ago
Short Description
Lightweight and fast Freeradius3 server based on Alpine Linux (19.2 MB in size)
Full Description

Freeradius Docker image

Lightweight and fast Freeradius3 v3.0.11-r0 server. This image is based on the minimalistic Alpine Linux and is currently 62MB.

How to use

I have made a simple example setup in https://github.com/marcelmaatkamp/docker-compose-applications/tree/master/freeradius. Set the ip-range which will connect to the server and the server-secret in clients.conf, set the user/password combination in users.

Installation

$ git clone https://github.com/marcelmaatkamp/docker-compose-applications.git &&\
  cd docker-compose-applications/freeradius

Start the server

$ docker-compose up -d freeradius

Start a test radius connection

$ docker-compose up freeradius-test

The docker-compose.yml contains a container called 'freeradius-test' which will send a auth-request to the server which after succes will print

freeradius-test_1  | Sending Access-Request of id 95 to 172.25.0.100 port 1812
freeradius-test_1  |     User-Name = "testing"
freeradius-test_1  |     User-Password = "password"
freeradius-test_1  |     NAS-IP-Address = 172.25.0.101
freeradius-test_1  |     NAS-Port = 0
freeradius-test_1  |     Message-Authenticator = 0x00000000000000000000000000000000
freeradius-test_1  | rad_recv: Access-Accept packet from host 172.25.0.100 port 1812, id=95, length=20
Docker Pull Command
Owner
marcelmaatkamp

Comments (7)
marcelmaatkamp
10 months ago

Why on earth freeradius will only generate certificates when you set the logging more verbose (radiusd -xx) is beyond me, but I put the switch in the Dockerfile and made a example setup in https://github.com/marcelmaatkamp/docker-compose-applications/tree/master/freeradius

rangerdude
a year ago

As of 10/31 default image does not run.
no changes to default commands.

tkeeler
a year ago

I dont see where/how the environment variables are being used. It's not used internally by freeradius, right? I dont' see these variables being populated anywhere, including clients.conf. When I attempt to authenticate I get - "Ignoring request to authentication address * port 1812 from unknown client"

marcelmaatkamp
a year ago

Looks like alpine:edge includes freeraduis with eap but doen't a valid config file. I have switched this build to alpine:3.1 (the most stable version pf alipne as of date) and that seems to be running fine. I am sorry I didn't read your comment earlier!

halbritt
a year ago

As of freeradius 3.0.11, radiusd complains and exits if eap exists as a module but isn't configured. Added the following to the dockerfile RUN section:

rm /etc/raddb/mods-enabled/*eap

I don't need eap.

Going through the alpine package, it looks as though the eap config directives are commented out in the patch.

http://git.alpinelinux.org/cgit/aports/tree/main/freeradius/freeradius-305-default-config.patch

Thus the errors.

deeje2
a year ago

Radius won't start

From /var/log/radius/radius.log:

Error: /etc/raddb/mods-enabled/eap[14]: Failed to find 'Auth-Type EAP' section. Cannot authenticate users.
Error: /etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap"

marcelmaatkamp
2 years ago

It seems that alpine switched to freeradius3 as the default version causing the build tot fail. The image is now working again.